WO2020113401A1 - Data detection method, apparatus and device - Google Patents

Data detection method, apparatus and device Download PDF

Info

Publication number
WO2020113401A1
WO2020113401A1 PCT/CN2018/119060 CN2018119060W WO2020113401A1 WO 2020113401 A1 WO2020113401 A1 WO 2020113401A1 CN 2018119060 W CN2018119060 W CN 2018119060W WO 2020113401 A1 WO2020113401 A1 WO 2020113401A1
Authority
WO
WIPO (PCT)
Prior art keywords
data
detected
attribute information
security
preset
Prior art date
Application number
PCT/CN2018/119060
Other languages
French (fr)
Chinese (zh)
Inventor
刘奎龙
Original Assignee
北京比特大陆科技有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 北京比特大陆科技有限公司 filed Critical 北京比特大陆科技有限公司
Priority to PCT/CN2018/119060 priority Critical patent/WO2020113401A1/en
Priority to CN201880098312.7A priority patent/CN113316921A/en
Publication of WO2020113401A1 publication Critical patent/WO2020113401A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/40Network security protocols

Definitions

  • This application relates to the field of computer technology, for example, to a data detection method, device, and equipment.
  • the embodiments of the present disclosure provide a data detection method, device and equipment, which improve the efficiency and accuracy of data detection.
  • an embodiment of the present disclosure provides a data detection method, including:
  • the security of the data to be detected is detected, and the preset model is obtained by learning the sample data through a neural network.
  • the method further includes:
  • the attribute information of the data to be detected includes at least one of the following attributes: a format of the data to be detected, resources used by the data to be detected, and a frequency of data transmission.
  • the data transmission frequency is a frequency at which the device that sends the data to be detected sends data within a preset time period.
  • the detecting the security of the data to be detected according to the attribute information of the data to be detected and the preset model includes:
  • the data to be detected is safety data according to the attribute information
  • the method further includes:
  • the detecting the security of the data to be detected according to the attribute information includes:
  • the security range corresponding to the format of the data to be detected includes at least one preset security format.
  • the security range corresponding to the resource used by the data to be detected includes a preset resource range.
  • the safety range corresponding to the data transmission frequency includes a preset frequency range.
  • the performing security verification on the attribute information and/or the data to be detected through the preset model includes:
  • the type of the data to be detected includes at least one of a text type, an image type, a voice type, or a video type;
  • the sample data includes marked safety sample data and marked risk sample data.
  • an embodiment of the present disclosure provides a data detection device, including a detection module
  • the detection module is configured to detect the security of the data to be detected according to the attribute information of the data to be detected and a preset model, and the preset model is obtained by learning the sample data through a neural network.
  • the device further includes a first acquisition module
  • the first acquiring module is configured to acquire attribute information of the data to be detected.
  • the attribute information of the data to be detected includes at least one of the following attributes: a format of the data to be detected, a resource used by the data to be detected, and a frequency of data transmission.
  • the data transmission frequency is a frequency at which the device that sends the data to be detected sends data within a preset time period.
  • the detection module is configured to:
  • the data to be detected is safety data according to the attribute information
  • the device further includes a determination module, and the determination module is configured to:
  • the detection module detects that the data to be detected is risk data according to the attribute information, it is determined that the data to be detected is risk data.
  • the detection module is configured to:
  • the security range corresponding to the format of the data to be detected includes at least one preset security format.
  • the security range corresponding to the resource used by the data to be detected includes a preset resource range.
  • the safety range corresponding to the data transmission frequency includes a preset frequency range.
  • the device further includes a second acquisition module and a third acquisition module,
  • the second acquiring module is configured to acquire the type of the data to be detected, and the type of the data to be detected includes at least one of a text type, an image type, a voice type, or a video type;
  • the third obtaining module is configured to obtain the preset model according to the type of the data to be detected
  • the detection module is configured to perform security verification on the attribute information and/or the data to be detected through the preset model.
  • the sample data includes marked safety sample data and marked risk sample data.
  • an embodiment of the present disclosure provides a computer including the device according to any one of the second aspect.
  • an electronic device including:
  • At least one processor At least one processor
  • a memory communicatively connected to the at least one processor; wherein,
  • the memory stores instructions executable by the at least one processor, and when the instructions are executed by the at least one processor, causes the at least one processor to perform the method of any one of the first aspects.
  • an embodiment of the present disclosure provides a computer-readable storage medium that stores computer-executable instructions, and the computer-executable instructions are configured to perform the method according to any one of the first aspects.
  • an embodiment of the present disclosure provides a computer program product, characterized in that the computer program product includes a computer program stored on a computer-readable storage medium, and the computer program includes program instructions, when the program instructions When executed by a computer, the computer is caused to perform the method of any one of the first aspects.
  • the data detection method, device and equipment provided by the embodiments of the present disclosure can detect the security of the data to be detected according to the attribute information of the data to be detected and the preset model, because the preset model is obtained by learning the sample data through the neural network
  • the sample data includes marked safety sample data and marked risk sample data. Therefore, according to the preset model, you can accurately verify whether the data to be tested is safe. In the above process, not only save labor costs, but also improve detection efficiency and improve The accuracy of detection.
  • FIG. 1 is an architectural diagram of a data monitoring method provided by an embodiment of the present disclosure
  • FIG. 2 is a schematic flowchart of a data detection method according to an embodiment of the present disclosure
  • FIG. 3 is a schematic flowchart of a method for detecting data to be detected based on attribute information according to an embodiment of the present disclosure
  • FIG. 4 is a schematic flowchart of another data detection method provided by an embodiment of the present disclosure.
  • FIG. 5 is a schematic structural diagram of a data detection device according to an embodiment of the present disclosure.
  • FIG. 6 is a schematic structural diagram of another data detection device according to an embodiment of the present disclosure.
  • FIG. 7 is a schematic structural diagram of an electronic device provided by an embodiment of the present disclosure.
  • the scenarios used by the data detection method shown in this application will be exemplified.
  • the important interface in the network for example, the network gateway from the internal network to the external network
  • the important interface in the network detects the data passing through the important interface to determine the data Whether it is confidential data. If the data is confidential data, the data is prohibited from being sent through the important interface. In this way, leakage of important data can be avoided.
  • the second possible application scenario after receiving the data, before processing the data, you can first verify whether the data is attack data, and when the data is determined to be attack data, discard the data, so that you can avoid being affected. Network attacks.
  • the above describes the application scenarios that can be used in the present application in the form of examples, and is not a limitation of the application scenarios. In the actual application process, the application scenarios can be determined according to actual needs, which is not limited in this application.
  • FIG. 1 is an architectural diagram of a data monitoring method provided by an embodiment of the present disclosure.
  • the attribute information of the data to be detected can be obtained first, and whether the data to be detected is safe is verified according to the attribute information of the data to be detected first.
  • risk data unsafe data
  • the security information of the attribute information of the data to be tested and/or the data to be tested is verified through the preset model, and the data to be tested is verified through the preset model verification If it is risk data, it is determined that the data to be tested is risk data, and after the preset model is verified to detect that the data to be tested is safe data, then the data to be tested is determined to be safe data.
  • the attribute information of the data to be detected is firstly subjected to a rough security verification of the data to be detected.
  • the verification process is simple and convenient.
  • the data to be detected is determined to be safe data according to the attribute information
  • the Set the model to verify the security of the data to be tested Since the preset model is obtained by learning the sample data through the neural network, the sample data includes the marked safety sample data and the marked risk sample data. Therefore, according to the preset model, it can accurately verify whether the data to be tested is safe. In the above process In addition to saving labor costs, it can also improve detection efficiency and accuracy.
  • FIG. 2 is a schematic flowchart of a data detection method according to an embodiment of the present disclosure. Please refer to FIG. 2, the method may include:
  • the execution subject of the embodiments of the present disclosure may be an electronic device or a data detection device provided in the electronic device.
  • the data detection device may be implemented by software or a combination of software and hardware.
  • the electronic device may be user equipment, for example, mobile phones, computers, and other devices.
  • the electronic device may also be a device such as a gateway or a server.
  • the data to be detected may be any data transmitted in the network.
  • the attribute information of the data to be detected includes at least one of the following attributes: the format of the data to be detected, the resources used by the data to be detected, and the frequency of data transmission.
  • the format of the data to be detected may include doc format, PPT format, HTML format, JPG format, and so on.
  • the format of the data to be detected may also include other, which is not limited in the embodiments of the present disclosure.
  • the resources used by the data to be detected may include network resources, CPU resources, memory resources, and so on.
  • the network resource may be network traffic, network bandwidth, and so on.
  • the data sending frequency may be the frequency of sending data by the device sending the data to be detected.
  • the data sending frequency is the frequency at which the device sending the data to be detected sends data within a preset time period.
  • the frequency of data transmission may be the number of data transmissions per unit time.
  • the unit time may be 1 hour, 1 minute, and so on.
  • the preset time period may be a time period of a preset duration before the current time.
  • the preset duration may be 1 hour, 3 hours, one day, etc.
  • the preset duration can be set according to actual needs.
  • S202 Detect the security of the data to be detected according to the attribute information of the data to be detected and the preset model.
  • the preset model is obtained by learning the sample data through a neural network.
  • the neural network may be a deep neural network.
  • the sample data may include marked safety sample data and marked risk sample data.
  • the marked sample data refers to the sample data determined as safety data.
  • the marked risk sample data refers to the sample data determined as risk data.
  • the security of the data to be detected may be detected according to the attribute information of the data to be detected first.
  • the data to be detected is risk data according to the attribute information of the data to be detected
  • it may be determined that the data to be detected is risk data.
  • security verification may be performed on the attribute information of the data to be detected and/or the data to be detected through a preset model.
  • the data to be detected When detecting that the data to be detected is safe data based on the attribute information of the data to be detected and/or the data to be detected through the preset model, it can be determined that the data to be detected is safe data; /Or when the data to be detected detects that the data to be detected is risk data, it may be determined that the data to be detected is risk data.
  • the security of the data to be detected can be detected based on the attribute information in the following feasible implementation manners:
  • the security range corresponding to the format of the data to be detected includes at least one preset security format.
  • the preset security format included in the security range may be preset.
  • the security range corresponding to the resource used by the data to be detected includes a preset resource range.
  • the preset resource range may include a CPU occupancy range, a memory occupancy range, and a traffic occupancy range.
  • the safety range corresponding to the data transmission frequency includes a preset frequency range.
  • the preset frequency range includes the maximum frequency and the minimum frequency.
  • the type of the data to be detected may be obtained, and a preset model may be obtained according to the type of the data to be detected; the preset model may be used to perform security verification on the attribute information and/or the data to be detected.
  • the type of data to be detected includes at least one of a text type, an image type, a voice type, or a video type.
  • a preset model corresponding to a data type can perform security verification on the data of the data type.
  • the preset models corresponding to different data types are learned according to the sample data corresponding to the data types.
  • the preset model corresponding to the text type is obtained by learning based on the sample data of the text type.
  • the text-type sample data includes text-type sample data marked as safety data, and text-type sample data marked as risk data.
  • the preset model corresponding to the image type is learned based on the sample data of the image type.
  • the sample data of the image type includes sample data marked as safety data of the text type and sample data marked as risk data of the image type.
  • the data detection method provided by the embodiment of the present disclosure can detect the security of the data to be detected according to the attribute information of the data to be detected and the preset model. Since the preset model is obtained by learning the sample data through the neural network, the sample data includes Marked safety sample data and marked risk sample data, therefore, it can accurately verify whether the data to be tested is safe according to the preset model. In the above process, not only save labor costs, but also improve the detection efficiency and improve the accuracy of detection .
  • FIG. 3 is a schematic flowchart of a method for detecting data to be detected according to attribute information according to an embodiment of the present disclosure. Please refer to FIG. 3, the method may include:
  • the security range corresponding to the format of the data to be detected is acquired, and the security range corresponding to the format of the data to be detected includes at least one preset security format.
  • the preset security format may include doc format, HTML format, and so on.
  • the security range corresponding to the resource used by the data to be detected is acquired, and the security range corresponding to the resource used by the data to be detected includes the preset resource range.
  • the preset resource range may include 1%-30% of CPU occupancy.
  • the preset resource range may include 1%-50% of memory resource occupancy.
  • the preset resource range may include traffic resource occupancy: 1M/s-300M/s.
  • the safety range corresponding to the data transmission frequency is acquired, and the safety range corresponding to the data transmission frequency includes the preset frequency range.
  • the preset frequency range can be 1 time/hour-50 times/decimal.
  • the risk data may be confidential data.
  • the risk data may be attack data.
  • the security data may be non-confidential data.
  • the security data may be non-attack data.
  • the risk range corresponding to each attribute may also be set in advance, and it is determined whether each attribute in the attribute information is within the corresponding risk range.
  • the data to be detected is risk data.
  • the data to be detected is safe data.
  • the attribute information corresponding to the data to be detected and the security range corresponding to each attribute in the attribute information can quickly determine whether the data to be detected is safe data or risk data.
  • FIG. 4 is a schematic flowchart of another data detection method provided by an embodiment of the present disclosure. Please refer to FIG. 4, the method may include:
  • the execution process of S401 can refer to the execution process of S201, and no more details are provided here.
  • S402. Determine whether the data to be detected is safe data according to the attribute information of the data to be detected.
  • the type of data to be detected includes at least one of text type, image type, voice type, or video type.
  • the type of data to be detected may also include other types, which is not limited in the embodiments of the present disclosure.
  • the preset models corresponding to multiple data types can be learned in advance, and the preset models corresponding to multiple data types can be stored.
  • the preset model is obtained according to the type of data to be detected.
  • S405. Perform security verification on the attribute information and/or the data to be detected through a preset model, and determine whether the data to be detected is safe data.
  • the preset model is learned based on the first sample (attribute information of the detected data)
  • the preset model is used to perform security verification on the attribute information of the detected data to determine whether the data to be tested is Safety data.
  • the attribute sample data includes known security data attributes and known risk data attributes.
  • the preset model is learned based on the second sample (the detected data)
  • the preset model is used to perform security verification on the detected data to determine whether the data to be detected is safe data.
  • Attribute sample data includes known safety data and known risk data.
  • the preset model when the preset model is learned based on the first sample (attribute information of the detected data) and the second sample (detected data), the preset model
  • the attribute information is used for security verification to determine whether the data to be detected is safe data.
  • the attribute sample data includes known safety data, known safety data attribute information, known risk data, and known risk data attribute information.
  • the attribute information of the data to be detected is firstly subjected to a rough security verification of the data to be detected.
  • the verification process is simple and convenient.
  • the security of the data to be tested is verified through a preset model. Since the preset model is obtained by learning the sample data through the neural network, the sample data includes the marked safety sample data and the marked risk sample data, therefore, according to the preset model, it can accurately verify whether the data to be tested is safe. In the above process In addition to saving labor costs, it can also improve detection efficiency and accuracy.
  • the data detection device 10 may include a detection module 11;
  • the detection module 11 is configured to detect the security of the data to be detected according to the attribute information of the data to be detected and a preset model, and the preset model is obtained by learning the sample data through a neural network.
  • the data detection apparatus provided by the embodiments of the present disclosure may execute the technical solutions shown in the foregoing method embodiments.
  • the implementation principles and beneficial effects are similar, and details are not described herein again.
  • the data detection device 10 further includes a first acquisition module 12;
  • the first acquiring module 12 is configured to acquire attribute information of the data to be detected.
  • the attribute information of the data to be detected includes at least one of the following attributes: a format of the data to be detected, a resource used by the data to be detected, and a frequency of data transmission.
  • the data transmission frequency is a frequency at which the device that sends the data to be detected sends data within a preset time period.
  • the detection module 11 is configured to:
  • the data to be detected is safety data according to the attribute information
  • the device further comprises a determination module 13, and the determination module configuration 13 is:
  • the detection module 11 detects that the data to be detected is risk data according to the attribute information, it is determined that the data to be detected is risk data.
  • the detection module 11 is configured to:
  • the security range corresponding to the format of the data to be detected includes at least one preset security format.
  • the security range corresponding to the resource used by the data to be detected includes a preset resource range.
  • the safety range corresponding to the data transmission frequency includes a preset frequency range.
  • the data detection device 10 further includes a second acquisition module 14 and a third acquisition module 15,
  • the second acquiring module 14 is configured to acquire the type of the data to be detected, and the type of the data to be detected includes at least one of a text type, an image type, a voice type, or a video type;
  • the third obtaining module 15 is configured to obtain the preset model according to the type of the data to be detected
  • the detection module configuration 11 is to perform security verification on the attribute information and/or the data to be detected through the preset model.
  • the sample data includes marked safety sample data and marked risk sample data.
  • the data detection apparatus provided by the embodiments of the present disclosure can execute the technical solutions shown in the foregoing method embodiments, and the implementation principles and beneficial effects are similar, and details are not described herein again.
  • An embodiment of the present disclosure also provides a computer including the above-mentioned data detection device.
  • An embodiment of the present disclosure also provides a computer-readable storage medium that stores computer-executable instructions that are configured to perform the above-described data detection method.
  • An embodiment of the present disclosure also provides a computer program product.
  • the computer program product includes a computer program stored on a computer-readable storage medium.
  • the computer program includes program instructions. When the program instructions are executed by a computer, the The computer executes the above data detection method.
  • the aforementioned computer-readable storage medium may be a transient computer-readable storage medium or a non-transitory computer-readable storage medium.
  • the electronic device 20 includes:
  • At least one processor 21, one processor 21 is taken as an example in FIG. 7; and the memory 22 may further include a communication interface 23 and a bus 24. Among them, the processor 21, the communication interface 23, and the memory 22 can communicate with each other through the bus 24. The communication interface 24 can be used for information transmission.
  • the processor 21 may call logic instructions in the memory 22 to execute the data detection method of the above embodiment.
  • logic instructions in the above-mentioned memory 22 may be implemented in the form of software functional units and sold or used as an independent product, and may be stored in a computer-readable storage medium.
  • the memory 22 is a computer-readable storage medium and can be used to store software programs and computer-executable programs, such as program instructions/modules corresponding to the methods in the embodiments of the present disclosure.
  • the processor 21 executes functional applications and data processing by running software programs, instructions, and modules stored in the memory 22, that is, implementing the data detection method in the foregoing method embodiments.
  • the memory 22 may include a storage program area and a storage data area, where the storage program area may store an operating system and application programs required for at least one function; the storage data area may store data created according to the use of a terminal device and the like.
  • the memory 22 may include a high-speed random access memory, and may also include a non-volatile memory.
  • the technical solutions of the embodiments of the present disclosure may be embodied in the form of software products, which are stored in a storage medium and include one or more instructions to make a computer device (which may be a personal computer, server, or network) Equipment, etc.) to perform all or part of the steps of the method described in the embodiments of the present disclosure.
  • the aforementioned storage medium may be a non-transitory storage medium, including: U disk, mobile hard disk, read-only memory (ROM, Read-Only Memory), random access memory (RAM, Random Access Memory), magnetic disk or optical disk, etc.
  • a medium that can store program codes may also be a transient storage medium.
  • first, second, etc. may be used in this application to describe various elements, these elements should not be limited by these terms. These terms are only used to distinguish one element from another.
  • the first element can be called the second element, and likewise, the second element can be called the first element, as long as all occurrences of the "first element” are consistently renamed and all occurrences of The “second component” can be renamed consistently.
  • the first element and the second element are both elements, but they may not be the same element.
  • the various aspects, implementations, implementations or features in the described embodiments can be used alone or in any combination.
  • Various aspects in the described embodiments may be implemented by software, hardware, or a combination of software and hardware.
  • the described embodiments may also be embodied by a computer-readable medium that stores computer-readable code including instructions executable by at least one computing device.
  • the computer-readable medium can be associated with any data storage device capable of storing data, which can be read by a computer system.
  • Computer-readable media used for examples may include read-only memory, random access memory, CD-ROM, HDD, DVD, magnetic tape, optical data storage devices, and the like.
  • the computer-readable medium may also be distributed in computer systems connected through a network, so that computer-readable codes can be stored and executed in a distributed manner.

Abstract

A data detection method, apparatus and device. The method comprises: detecting the security of data to be detected according to attribute information of the data to be detected and a preset model (S202), the preset model being obtained by learning sample data by means of a neural network. The data detection efficiency and accuracy are improved.

Description

数据检测方法、装置及设备Data detection method, device and equipment 技术领域Technical field
本申请涉及计算机技术领域,例如涉及一种数据检测方法、装置及设备。This application relates to the field of computer technology, for example, to a data detection method, device, and equipment.
背景技术Background technique
随着网络技术的不断发展,网络的应用越来越广泛,很多重要信息均通常网络进行传输。With the continuous development of network technology, the application of the network is more and more extensive, and many important information is usually transmitted over the network.
在相关技术中,在数据在网络传输的过程中,为了防止重要信息的泄露、或者受到非法数据对网络进行攻击,在网络的重要接口(例如,内网至外网的网络关口)中,通常由工作人员对经过重要节点的数据进行人工检测,在确定数据安全时,再允许数据通过,然而,工作人员对很多经过处理的数据无法准确的进行识别,不但导致数据检测的效率低下,还导致数据检测的可靠性低下。In the related art, in the process of data transmission on the network, in order to prevent the leakage of important information or attack the network by illegal data, in the important interfaces of the network (for example, the network gateway from the internal network to the external network), usually The staff will manually detect the data passing through important nodes, and then allow the data to pass when it is determined that the data is safe. However, the staff cannot accurately identify many processed data, which not only leads to inefficient data detection, but also leads to The reliability of data detection is low.
发明内容Summary of the invention
本公开实施例提供一种数据检测方法、装置及设备,提高了数据检测效率和准确性。The embodiments of the present disclosure provide a data detection method, device and equipment, which improve the efficiency and accuracy of data detection.
第一方面,本公开实施例提供一种数据检测方法,包括:In a first aspect, an embodiment of the present disclosure provides a data detection method, including:
根据待检测数据的属性信息和预设模型,检测所述待检测数据的安全性,所述预设模型为通过神经网络对样本数据进行学习得到的。According to the attribute information of the data to be detected and a preset model, the security of the data to be detected is detected, and the preset model is obtained by learning the sample data through a neural network.
在一种可能的实施方式中,所述方法还包括:In a possible implementation manner, the method further includes:
获取所述待检测数据的属性信息。Obtain the attribute information of the data to be detected.
在一种可能的实施方式中,所述待检测数据的属性信息包括如下属性中的至少一种:所述待检测数据的格式、所述待检测数据使用的资源、数据发送频率。In a possible implementation manner, the attribute information of the data to be detected includes at least one of the following attributes: a format of the data to be detected, resources used by the data to be detected, and a frequency of data transmission.
在一种可能的实施方式中,所述数据发送频率为发送所述待检测数据的设备在预设时段内发送数据的频率。In a possible implementation manner, the data transmission frequency is a frequency at which the device that sends the data to be detected sends data within a preset time period.
在一种可能的实施方式中,所述根据待检测数据的属性信息和预设模型,检测所述待检测数据的安全性,包括:In a possible implementation manner, the detecting the security of the data to be detected according to the attribute information of the data to be detected and the preset model includes:
根据所述属性信息检测所述待检测数据的安全性;Detecting the security of the data to be detected according to the attribute information;
在根据所述属性信息检测所述待检测数据为安全数据时,通过所述预设模型对所述属性信息和/或所述待检测数据进行安全性验证。When detecting that the data to be detected is safety data according to the attribute information, perform security verification on the attribute information and/or the data to be detected through the preset model.
在一种可能的实施方式中,所述方法还包括:In a possible implementation manner, the method further includes:
在根据所述属性信息检测所述待检测数据为风险数据时,确定所述待检测数据为风险数据。When detecting that the data to be detected is risk data according to the attribute information, it is determined that the data to be detected is risk data.
在一种可能的实施方式中,所述根据所述属性信息检测所述待检测数据的安全性,包括:In a possible implementation manner, the detecting the security of the data to be detected according to the attribute information includes:
获取所述属性信息中每个属性对应的安全范围;Obtain the security range corresponding to each attribute in the attribute information;
在所述属性信息中存在至少一个属性在所述至少一个属性对应的安全范围之外时,确定所述待检测数据为风险数据;When there is at least one attribute in the attribute information outside the safety range corresponding to the at least one attribute, it is determined that the data to be detected is risk data;
在所述属性信息中属性均在所述属性对应的安全范围之内时,确定所述待检测数据为安全数据。When the attributes in the attribute information are all within the security range corresponding to the attributes, it is determined that the data to be detected is security data.
在一种可能的实施方式中,所述待检测数据的格式对应的安全范围中包括至少一个预设安全格式。In a possible implementation manner, the security range corresponding to the format of the data to be detected includes at least one preset security format.
在一种可能的实施方式中,所述待检测数据使用的资源对应的安全范围中包括预设资源范围。In a possible implementation manner, the security range corresponding to the resource used by the data to be detected includes a preset resource range.
在一种可能的实施方式中,数据发送频率对应的安全范围中包括预设频率范围。In a possible implementation manner, the safety range corresponding to the data transmission frequency includes a preset frequency range.
在一种可能的实施方式中,所述通过所述预设模型对所述属性信息和/或所述待检测数据进行安全性验证,包括:In a possible implementation manner, the performing security verification on the attribute information and/or the data to be detected through the preset model includes:
获取所述待检测数据的类型,所述待检测数据的类型包括文本类型、图像类型、语音类型或视频类型中的至少一种;Acquiring the type of the data to be detected, the type of the data to be detected includes at least one of a text type, an image type, a voice type, or a video type;
根据所述待检测数据的类型,获取所述预设模型;Acquiring the preset model according to the type of the data to be detected;
通过所述预设模型对所述属性信息和/或所述待检测数据进行安全性验证。Perform security verification on the attribute information and/or the data to be detected through the preset model.
在一种可能的实施方式中,所述样本数据包括标记的安全样本数据和标记的风险样本数据。In a possible implementation manner, the sample data includes marked safety sample data and marked risk sample data.
第二方面,本公开实施例提供一种数据检测装置,包括检测模块;In a second aspect, an embodiment of the present disclosure provides a data detection device, including a detection module;
所述检测模块配置为,根据待检测数据的属性信息和预设模型,检测所述待检测数据的安全性,所述预设模型为通过神经网络对样本数据进行学习得到的。The detection module is configured to detect the security of the data to be detected according to the attribute information of the data to be detected and a preset model, and the preset model is obtained by learning the sample data through a neural network.
在一种可能的实施方式中,所述装置还包括第一获取模块;In a possible implementation manner, the device further includes a first acquisition module;
所述第一获取模块配置为,获取所述待检测数据的属性信息。The first acquiring module is configured to acquire attribute information of the data to be detected.
在一种可能的实施方式中,所述待检测数据的属性信息包括如下属性中的至少一种:所述待检测数据的格式、所述待检测数据使用的资源、数据发送频率。In a possible implementation manner, the attribute information of the data to be detected includes at least one of the following attributes: a format of the data to be detected, a resource used by the data to be detected, and a frequency of data transmission.
在一种可能的实施方式中,所述数据发送频率为发送所述待检测数据的设备在预设时段内发送数据的频率。In a possible implementation manner, the data transmission frequency is a frequency at which the device that sends the data to be detected sends data within a preset time period.
在一种可能的实施方式中,所述检测模块配置为:In a possible implementation manner, the detection module is configured to:
根据所述属性信息检测所述待检测数据的安全性;Detecting the security of the data to be detected according to the attribute information;
在根据所述属性信息检测所述待检测数据为安全数据时,通过所述预设模型对所述属性信息和/或所述待检测数据进行安全性验证。When detecting that the data to be detected is safety data according to the attribute information, perform security verification on the attribute information and/or the data to be detected through the preset model.
在一种可能的实施方式中,所述装置还包括确定模块,所述确定模块配置为:In a possible implementation manner, the device further includes a determination module, and the determination module is configured to:
在所述检测模块根据所述属性信息检测所述待检测数据为风险数据时,确定所述待检测数据为风险数据。When the detection module detects that the data to be detected is risk data according to the attribute information, it is determined that the data to be detected is risk data.
在一种可能的实施方式中,所述检测模块配置为:In a possible implementation manner, the detection module is configured to:
获取所述属性信息中每个属性对应的安全范围;Obtain the security range corresponding to each attribute in the attribute information;
在所述属性信息中存在至少一个属性在所述至少一个属性对应的安全范围之外时,确定所述待检测数据为风险数据;When there is at least one attribute in the attribute information outside the safety range corresponding to the at least one attribute, it is determined that the data to be detected is risk data;
在所述属性信息中属性均在所述属性对应的安全范围之内时,确定所述待检测数据为安全数据。When the attributes in the attribute information are all within the security range corresponding to the attributes, it is determined that the data to be detected is security data.
在一种可能的实施方式中,所述待检测数据的格式对应的安全范围中包括至少一个预设安全格式。In a possible implementation manner, the security range corresponding to the format of the data to be detected includes at least one preset security format.
在一种可能的实施方式中,所述待检测数据使用的资源对应的安全范围中包括预设资源范围。In a possible implementation manner, the security range corresponding to the resource used by the data to be detected includes a preset resource range.
在一种可能的实施方式中,数据发送频率对应的安全范围中包括预设频 率范围。In a possible implementation manner, the safety range corresponding to the data transmission frequency includes a preset frequency range.
在一种可能的实施方式中,所述装置还包括第二获取模块和第三获取模块,In a possible implementation manner, the device further includes a second acquisition module and a third acquisition module,
所述第二获取模块配置为,获取所述待检测数据的类型,所述待检测数据的类型包括文本类型、图像类型、语音类型或视频类型中的至少一种;The second acquiring module is configured to acquire the type of the data to be detected, and the type of the data to be detected includes at least one of a text type, an image type, a voice type, or a video type;
所述第三获取模块配置为,根据所述待检测数据的类型,获取所述预设模型;The third obtaining module is configured to obtain the preset model according to the type of the data to be detected;
所述检测模块配置为,通过所述预设模型对所述属性信息和/或所述待检测数据进行安全性验证。The detection module is configured to perform security verification on the attribute information and/or the data to be detected through the preset model.
在一种可能的实施方式中,所述样本数据包括标记的安全样本数据和标记的风险样本数据。In a possible implementation manner, the sample data includes marked safety sample data and marked risk sample data.
第三方面,本公开实施例提供一种计算机,包含第二方面任一项所述的装置。In a third aspect, an embodiment of the present disclosure provides a computer including the device according to any one of the second aspect.
第四方面,本公开实施例提供一种电子设备,包括:According to a fourth aspect, an embodiment of the present disclosure provides an electronic device, including:
至少一个处理器;以及At least one processor; and
与所述至少一个处理器通信连接的存储器;其中,A memory communicatively connected to the at least one processor; wherein,
所述存储器存储有可被所述至少一个处理器执行的指令,所述指令被所述至少一个处理器执行时,使所述至少一个处理器执行第一方面任一项所述的方法。The memory stores instructions executable by the at least one processor, and when the instructions are executed by the at least one processor, causes the at least one processor to perform the method of any one of the first aspects.
第五方面,本公开实施例提供一种计算机可读存储介质,存储有计算机可执行指令,所述计算机可执行指令设置为执行第一方面任一项所述的方法。According to a fifth aspect, an embodiment of the present disclosure provides a computer-readable storage medium that stores computer-executable instructions, and the computer-executable instructions are configured to perform the method according to any one of the first aspects.
第六方面,本公开实施例提供一种计算机程序产品,其特征在于,所述计算机程序产品包括存储在计算机可读存储介质上的计算机程序,所述计算机程序包括程序指令,当所述程序指令被计算机执行时,使所述计算机执行第一方面任一项所述的方法。According to a sixth aspect, an embodiment of the present disclosure provides a computer program product, characterized in that the computer program product includes a computer program stored on a computer-readable storage medium, and the computer program includes program instructions, when the program instructions When executed by a computer, the computer is caused to perform the method of any one of the first aspects.
本公开实施例提供的数据检测方法、装置及设备,可以根据待检测数据的属性信息和预设模型,检测待检测数据的安全性,由于预设模型为通过神经网络对样本数据进行学习得到的,样本数据包括标记的安全样本数据和标记的风险样本数据,因此,根据预设模型可以准确的验证待检测数据是否安全,在上述过程中,不但节省人力成本,还可以提高检测效率、以及提高检 测的准确性。The data detection method, device and equipment provided by the embodiments of the present disclosure can detect the security of the data to be detected according to the attribute information of the data to be detected and the preset model, because the preset model is obtained by learning the sample data through the neural network The sample data includes marked safety sample data and marked risk sample data. Therefore, according to the preset model, you can accurately verify whether the data to be tested is safe. In the above process, not only save labor costs, but also improve detection efficiency and improve The accuracy of detection.
附图说明BRIEF DESCRIPTION
一个或多个实施例通过与之对应的附图进行示例性说明,这些示例性说明和附图并不构成对实施例的限定,附图中具有相同参考数字标号的元件示为类似的元件,附图不构成比例限制,并且其中:One or more embodiments are exemplified by the corresponding drawings. These exemplary descriptions and the drawings do not constitute a limitation on the embodiments. Elements with the same reference numerals in the drawings are shown as similar elements. The drawings do not constitute a proportional limitation, and among them:
图1为本公开实施例提供的数据监测方法的架构图;FIG. 1 is an architectural diagram of a data monitoring method provided by an embodiment of the present disclosure;
图2为本公开实施例提供的一种数据检测方法的流程示意图;2 is a schematic flowchart of a data detection method according to an embodiment of the present disclosure;
图3为本公开实施例提供的根据属性信息检测待检测数据方法的流程示意图;3 is a schematic flowchart of a method for detecting data to be detected based on attribute information according to an embodiment of the present disclosure;
图4为本公开实施例提供的另一种数据检测方法的流程示意图;4 is a schematic flowchart of another data detection method provided by an embodiment of the present disclosure;
图5为本公开实施例提供的一种数据检测装置的结构示意图;5 is a schematic structural diagram of a data detection device according to an embodiment of the present disclosure;
图6为本公开实施例提供的另一种数据检测装置的结构示意图;6 is a schematic structural diagram of another data detection device according to an embodiment of the present disclosure;
图7为本公开实施例提供的电子设备的结构示意图。7 is a schematic structural diagram of an electronic device provided by an embodiment of the present disclosure.
具体实施方式detailed description
为了能够更加详尽地了解本公开实施例的特点与技术内容,下面结合附图对本公开实施例的实现进行详细阐述,所附附图仅供参考说明之用,并非用来限定本公开实施例。在以下的技术描述中,为方便解释起见,通过多个细节以提供对所披露实施例的充分理解。然而,在没有这些细节的情况下,一个或多个实施例仍然可以实施。在其它情况下,为简化附图,熟知的结构和装置可以简化展示。In order to understand the features and technical contents of the embodiments of the present disclosure in more detail, the following describes the implementation of the embodiments of the present disclosure in detail with reference to the drawings. The accompanying drawings are for reference only and are not intended to limit the embodiments of the present disclosure. In the following technical description, for convenience of explanation, various details are provided to provide a sufficient understanding of the disclosed embodiments. However, without these details, one or more embodiments can still be implemented. In other cases, to simplify the drawings, well-known structures and devices can be simplified.
为了便于对本申请的理解,首先本申请所示的数据检测方法所使用的场景进行举例说明。在第一种可能的应用场景中,在网络中进行数据发送时,在网络中的重要接口(例如,内网至外网的网络关口),对经过该重要接口的数据进行检测,以判断数据是否为保密数据,若数据为保密数据,则禁止该数据通过该重要接口进行发送,这样,可以避免重要数据的泄露。在第二种可能的应用场景中,在接收数据之后,在对数据进行处理之前,可以先验证该数据是否为攻击数据,在确定数据为攻击数据时,则丢弃该数据,这样,可以避免受到网络攻击。上述是以示例的形式示意本申请可使用的应用场景, 并非对应用场景的限定,在实际应用过程中,可以根据实际需求确定应用场景,本申请对此不作限定。In order to facilitate the understanding of this application, first, the scenarios used by the data detection method shown in this application will be exemplified. In the first possible application scenario, when data is sent over the network, the important interface in the network (for example, the network gateway from the internal network to the external network) detects the data passing through the important interface to determine the data Whether it is confidential data. If the data is confidential data, the data is prohibited from being sent through the important interface. In this way, leakage of important data can be avoided. In the second possible application scenario, after receiving the data, before processing the data, you can first verify whether the data is attack data, and when the data is determined to be attack data, discard the data, so that you can avoid being affected. Network attacks. The above describes the application scenarios that can be used in the present application in the form of examples, and is not a limitation of the application scenarios. In the actual application process, the application scenarios can be determined according to actual needs, which is not limited in this application.
图1为本公开实施例提供的数据监测方法的架构图。请参见图1,对待检测数据进行检测时,可以先获取待检测数据的属性信息,先根据待检测数据的属性信息验证待检测数据是否安全。在根据待检测数据的属性信息验证待检测数据为风险数据(不安全数据)时,则确定该待检测数据为风险数据。在根据待检测数据的属性信息验证待检测数据为安全数据时,则再通过预设模型对待检测数据的属性信息和/或待检测数据进行安全性验证,在通过预设模型验证检测待检测数据为风险数据,则确定待检测数据为风险数据,在通过预设模型验证检测待检测数据为安全数据,则确定待检测数据为安全数据。FIG. 1 is an architectural diagram of a data monitoring method provided by an embodiment of the present disclosure. Referring to FIG. 1, when the data to be detected is detected, the attribute information of the data to be detected can be obtained first, and whether the data to be detected is safe is verified according to the attribute information of the data to be detected first. When verifying that the data to be tested is risk data (unsafe data) according to the attribute information of the data to be tested, it is determined that the data to be tested is risk data. When verifying that the data to be tested is safe data based on the attribute information of the data to be tested, then the security information of the attribute information of the data to be tested and/or the data to be tested is verified through the preset model, and the data to be tested is verified through the preset model verification If it is risk data, it is determined that the data to be tested is risk data, and after the preset model is verified to detect that the data to be tested is safe data, then the data to be tested is determined to be safe data.
在本公开实施例中,先通过待检测数据的属性信息,对待检测数据进行较为粗略的安全性验证,该验证过程简单方便,在根据属性信息确定待检测数据为安全数据时,则再通过预设模型对待检测数据进行安全性验证。由于预设模型为通过神经网络对样本数据进行学习得到的,样本数据包括标记的安全样本数据和标记的风险样本数据,因此,根据预设模型可以准确的验证待检测数据是否安全,在上述过程中,不但节省人力成本,还可以提高检测效率、以及提高检测的准确性。In the embodiment of the present disclosure, the attribute information of the data to be detected is firstly subjected to a rough security verification of the data to be detected. The verification process is simple and convenient. When the data to be detected is determined to be safe data according to the attribute information, the Set the model to verify the security of the data to be tested. Since the preset model is obtained by learning the sample data through the neural network, the sample data includes the marked safety sample data and the marked risk sample data. Therefore, according to the preset model, it can accurately verify whether the data to be tested is safe. In the above process In addition to saving labor costs, it can also improve detection efficiency and accuracy.
下面,通过实施例对本申请所示的技术方案进行详细说明。下面几个公开实施例可以为单独的实施例,也可以为相互结合。对于相同或相似的内容,在不同的实施例中不再进行重复说明。The technical solutions shown in the present application will be described in detail below through examples. The following disclosed embodiments may be separate embodiments or may be combined with each other. The same or similar content will not be repeated in different embodiments.
图2为本公开实施例提供的一种数据检测方法的流程示意图。请参见图2,该方法可以包括:FIG. 2 is a schematic flowchart of a data detection method according to an embodiment of the present disclosure. Please refer to FIG. 2, the method may include:
S201、获取待检测数据的属性信息。S201. Acquire attribute information of data to be detected.
本公开实施例的执行主体可以为电子设备,也可以为设置在电子设备中的数据检测装置。可选的,数据检测装置可以通过软件实现,也可以通过软件和硬件的结合实现。The execution subject of the embodiments of the present disclosure may be an electronic device or a data detection device provided in the electronic device. Optionally, the data detection device may be implemented by software or a combination of software and hardware.
可选的,电子设备可以为用户设备,例如,手机、电脑等设备。电子设备还可以为网关、服务器等设备。Optionally, the electronic device may be user equipment, for example, mobile phones, computers, and other devices. The electronic device may also be a device such as a gateway or a server.
可选的,待检测数据可以为网络中传输的任何数据。Optionally, the data to be detected may be any data transmitted in the network.
可选的,待检测数据的属性信息包括如下属性中的至少一种:待检测数 据的格式、待检测数据使用的资源、数据发送频率。Optionally, the attribute information of the data to be detected includes at least one of the following attributes: the format of the data to be detected, the resources used by the data to be detected, and the frequency of data transmission.
可选的,待检测数据的格式可以包括doc格式、PPT格式、HTML格式、JPG格式等。Optionally, the format of the data to be detected may include doc format, PPT format, HTML format, JPG format, and so on.
待检测数据的格式还可以包括其它,本公开实施例对此不作限定。The format of the data to be detected may also include other, which is not limited in the embodiments of the present disclosure.
可选的,待检测数据使用的资源可以包括网络资源、CPU资源、内存资源等。例如,网络资源可以为网络流量、网络带宽等。Optionally, the resources used by the data to be detected may include network resources, CPU resources, memory resources, and so on. For example, the network resource may be network traffic, network bandwidth, and so on.
可选的,数据发送频率可以为发送待检测数据的设备发送数据的频率。Optionally, the data sending frequency may be the frequency of sending data by the device sending the data to be detected.
可选的,数据发送频率为发送待检测数据的设备在预设时段内发送数据的频率。Optionally, the data sending frequency is the frequency at which the device sending the data to be detected sends data within a preset time period.
可选的,数据发送频频可以为单位时间内发送数据的次数。例如,单位时间可以为1小时、1分钟等。Optionally, the frequency of data transmission may be the number of data transmissions per unit time. For example, the unit time may be 1 hour, 1 minute, and so on.
可选的,预设时段可以为当前时刻之前预设时长的一个时段。例如,预设时长可以为1小时、3小时、一天等。可以根据实际需求设置该预设时长。Optionally, the preset time period may be a time period of a preset duration before the current time. For example, the preset duration may be 1 hour, 3 hours, one day, etc. The preset duration can be set according to actual needs.
S202、根据待检测数据的属性信息和预设模型,检测待检测数据的安全性。S202: Detect the security of the data to be detected according to the attribute information of the data to be detected and the preset model.
在本公开实施例中,预设模型为通过神经网络对样本数据进行学习得到的。In the embodiment of the present disclosure, the preset model is obtained by learning the sample data through a neural network.
可选的,神经网络可以为深度神经网络。Alternatively, the neural network may be a deep neural network.
可选的,样本数据可以包括标记的安全样本数据和标记的风险样本数据。Optionally, the sample data may include marked safety sample data and marked risk sample data.
标记的样本数据是指确定为安全数据的样本数据。标记的风险样本数据是指确定为风险数据的样本数据。The marked sample data refers to the sample data determined as safety data. The marked risk sample data refers to the sample data determined as risk data.
可选的,可以先根据待检测数据的属性信息检测待检测数据的安全性。在根据待检测数据的属性信息检测待检测数据为风险数据时,则可以确定待检测数据为风险数据。在根据待检测数据的属性信息检测待检测数据为安全数据时,则可以在通过预设模型对待检测数据的属性信息和/或待检测数据进行安全性验证。在通过预设模型根据待检测数据的属性信息和/或待检测数据检测待检测数据为安全数据时,则可以确定待检测数据为安全数据;在通过预设模型根据待检测数据的属性信息和/或待检测数据检测待检测数据为风险数据时,则可以确定待检测数据为风险数据。Optionally, the security of the data to be detected may be detected according to the attribute information of the data to be detected first. When detecting that the data to be detected is risk data according to the attribute information of the data to be detected, it may be determined that the data to be detected is risk data. When detecting that the data to be detected is safe data according to the attribute information of the data to be detected, security verification may be performed on the attribute information of the data to be detected and/or the data to be detected through a preset model. When detecting that the data to be detected is safe data based on the attribute information of the data to be detected and/or the data to be detected through the preset model, it can be determined that the data to be detected is safe data; /Or when the data to be detected detects that the data to be detected is risk data, it may be determined that the data to be detected is risk data.
可选的,可以通过如下可行的实现方式根据属性信息检测待检测数据的 安全性:Optionally, the security of the data to be detected can be detected based on the attribute information in the following feasible implementation manners:
获取属性信息中每个属性对应的安全范围;在属性信息中存在至少一个属性在至少一个属性对应的安全范围之外时,确定待检测数据为风险数据;在属性信息中属性均在属性对应的安全范围之内时,确定待检测数据为安全数据。Obtain the security range corresponding to each attribute in the attribute information; when there is at least one attribute in the attribute information that is outside the security range corresponding to at least one attribute, determine that the data to be detected is risk data; in the attribute information, the attributes are all When it is within the safe range, the data to be tested is determined to be safe data.
可选的,待检测数据的格式对应的安全范围中包括至少一个预设安全格式。Optionally, the security range corresponding to the format of the data to be detected includes at least one preset security format.
例如,安全范围中包括的预设安全格式可以为预先设置的。For example, the preset security format included in the security range may be preset.
可选的,待检测数据使用的资源对应的安全范围中包括预设资源范围。Optionally, the security range corresponding to the resource used by the data to be detected includes a preset resource range.
例如,预设资源范围可以包括CPU占用量范围、内存占用量范围、流量占用量范围等。For example, the preset resource range may include a CPU occupancy range, a memory occupancy range, and a traffic occupancy range.
可选的,数据发送频率对应的安全范围中包括预设频率范围。Optionally, the safety range corresponding to the data transmission frequency includes a preset frequency range.
例如,预设频率范围包括最大频率和最小频率。For example, the preset frequency range includes the maximum frequency and the minimum frequency.
在图3所示的实施例中对根据属性信息检测待检测数据的安全性的过程进行详细说明,此处不再进行赘述。In the embodiment shown in FIG. 3, the process of detecting the security of the data to be detected according to the attribute information is described in detail, and details are not repeated here.
可选的,可以获取待检测数据的类型,根据待检测数据的类型,获取预设模型;通过预设模型对属性信息和/或待检测数据进行安全性验证。Optionally, the type of the data to be detected may be obtained, and a preset model may be obtained according to the type of the data to be detected; the preset model may be used to perform security verification on the attribute information and/or the data to be detected.
可选的,待检测数据的类型包括文本类型、图像类型、语音类型或视频类型中的至少一种。Optionally, the type of data to be detected includes at least one of a text type, an image type, a voice type, or a video type.
可选的,不同数据类型对应的预设模型不同。一种数据类型对应的预设模型可以对该数据类型数据的数据进行安全性验证。Optionally, different data types correspond to different preset models. A preset model corresponding to a data type can perform security verification on the data of the data type.
可选的,不同数据类型对应的预设模型为根据该数据类型对应的样本数据进行学习得到的。Optionally, the preset models corresponding to different data types are learned according to the sample data corresponding to the data types.
例如,文本类型对应的预设模型为根据文本类型的样本数据进行学习得到的。文本类型的样本数据包括文本类型的标记为安全数据的样本数据、以及文本类型的标记为风险数据的样本数据。For example, the preset model corresponding to the text type is obtained by learning based on the sample data of the text type. The text-type sample data includes text-type sample data marked as safety data, and text-type sample data marked as risk data.
例如,图像类型对应的预设模型为根据图像类型的样本数据进行学习得到的,图像类型的样本数据包括文本类型的标记为安全数据的样本数据、以及图像类型的标记为风险数据的样本数据。For example, the preset model corresponding to the image type is learned based on the sample data of the image type. The sample data of the image type includes sample data marked as safety data of the text type and sample data marked as risk data of the image type.
本公开实施例提供的数据检测方法,可以根据待检测数据的属性信息和 预设模型,检测待检测数据的安全性,由于预设模型为通过神经网络对样本数据进行学习得到的,样本数据包括标记的安全样本数据和标记的风险样本数据,因此,根据预设模型可以准确的验证待检测数据是否安全,在上述过程中,不但节省人力成本,还可以提高检测效率、以及提高检测的准确性。The data detection method provided by the embodiment of the present disclosure can detect the security of the data to be detected according to the attribute information of the data to be detected and the preset model. Since the preset model is obtained by learning the sample data through the neural network, the sample data includes Marked safety sample data and marked risk sample data, therefore, it can accurately verify whether the data to be tested is safe according to the preset model. In the above process, not only save labor costs, but also improve the detection efficiency and improve the accuracy of detection .
在上述任意一个实施例的基础上,下面,通过图3所示的实施例,对数据检测方法进行详细说明。On the basis of any of the above embodiments, the data detection method will be described in detail below through the embodiment shown in FIG. 3.
图3为本公开实施例提供的根据属性信息检测待检测数据方法的流程示意图。请参见图3,该方法可以包括:FIG. 3 is a schematic flowchart of a method for detecting data to be detected according to attribute information according to an embodiment of the present disclosure. Please refer to FIG. 3, the method may include:
S301、获取属性信息中每个属性对应的安全范围。S301. Acquire a security range corresponding to each attribute in the attribute information.
在属性信息中包括待检测数据的格式时,则获取待检测数据的格式对应的安全范围,待检测数据的格式对应的安全范围中包括至少一个预设安全格式。When the format of the data to be detected is included in the attribute information, the security range corresponding to the format of the data to be detected is acquired, and the security range corresponding to the format of the data to be detected includes at least one preset security format.
例如,预设安全格式可以包括doc格式、HTML格式等。For example, the preset security format may include doc format, HTML format, and so on.
在属性信息中包括待检测数据使用的资源时,则获取待检测数据使用的资源对应的安全范围,待检测数据使用的资源对应的安全范围中包括预设资源范围。When the attribute information includes the resource used by the data to be detected, the security range corresponding to the resource used by the data to be detected is acquired, and the security range corresponding to the resource used by the data to be detected includes the preset resource range.
例如,在资源包括CPU资源时,预设资源范围可以包括CPU占用量1%-30%。For example, when the resources include CPU resources, the preset resource range may include 1%-30% of CPU occupancy.
例如,在资源包括内存资源时,预设资源范围可以包括内存资源占用量1%-50%。For example, when the resources include memory resources, the preset resource range may include 1%-50% of memory resource occupancy.
例如,在资源包括流量资源时,预设资源范围可以包括流量资源占用量:1M/s-300M/s。For example, when the resource includes traffic resources, the preset resource range may include traffic resource occupancy: 1M/s-300M/s.
在属性信息中包括待检测数据对应的数据发送频率时,则获取数据发送频率对应的安全范围,数据发送频率对应的安全范围中包括预设频率范围。When the attribute information includes the data transmission frequency corresponding to the data to be detected, the safety range corresponding to the data transmission frequency is acquired, and the safety range corresponding to the data transmission frequency includes the preset frequency range.
例如,预设频率范围可以1次/小时-50次/小数。For example, the preset frequency range can be 1 time/hour-50 times/decimal.
S302、判断属性信息中的每个属性是否均在对应的安全范围中。S302. Determine whether each attribute in the attribute information is within a corresponding security range.
若是,则执行S303。If yes, execute S303.
若否,则执行S304。If not, S304 is executed.
S303、确定待检测数据为风险数据。S303. Determine that the data to be detected is risk data.
可选的,在本公开实施例所示的第一种可能的应用场景中,风险数据可 以为保密数据。Optionally, in the first possible application scenario shown in the embodiment of the present disclosure, the risk data may be confidential data.
可选的,在本公开实施例所示的第二种可能的应用场景中,风险数据可以为攻击数据。Optionally, in the second possible application scenario shown in the embodiment of the present disclosure, the risk data may be attack data.
S304、确定待检测数据为安全数据。S304. Determine that the data to be detected is safety data.
可选的,在本公开实施例所示的第一种可能的应用场景中,安全数据可以为非保密数据。Optionally, in the first possible application scenario shown in the embodiment of the present disclosure, the security data may be non-confidential data.
可选的,在本公开实施例所示的第二种可能的应用场景中,安全数据可以为非攻击数据。Optionally, in the second possible application scenario shown in the embodiment of the present disclosure, the security data may be non-attack data.
可选的,在图3所示的实施例中,还可以预先设置每个属性对应的风险范围,并判断属性信息中的每个属性是否均在对应的风险范围中。在待检测数据的属性信息中存在一个属性在对应的风险范围时,则可以确定待检测数据为风险数据。在待检测数据的属性信息中所有的数据信息均不在对应的风险范围时,则可以确定待检测数据为安全数据。Optionally, in the embodiment shown in FIG. 3, the risk range corresponding to each attribute may also be set in advance, and it is determined whether each attribute in the attribute information is within the corresponding risk range. When there is an attribute in the attribute information of the data to be detected in the corresponding risk range, it can be determined that the data to be detected is risk data. When all the data information in the attribute information of the data to be detected is not within the corresponding risk range, it can be determined that the data to be detected is safe data.
在图3所示的实施例中,通过待检测数据对应的属性信息和属性信息中每个属性对应的安全范围,可以快速的判断待检测数据为安全数据还是风险数据。In the embodiment shown in FIG. 3, the attribute information corresponding to the data to be detected and the security range corresponding to each attribute in the attribute information can quickly determine whether the data to be detected is safe data or risk data.
在上述任意一个实施例的基础上,下面,通过图4所示的实施例对数据检测方法进行详细说明。Based on any one of the above embodiments, the data detection method will be described in detail through the embodiment shown in FIG. 4 below.
图4为本公开实施例提供的另一种数据检测方法的流程示意图。请参见图4,该方法可以包括:4 is a schematic flowchart of another data detection method provided by an embodiment of the present disclosure. Please refer to FIG. 4, the method may include:
S401、获取待检测数据的属性信息。S401. Acquire attribute information of data to be detected.
可选的,S401的执行过程可以参见S201的执行过程,此处不再进行赘述。Optionally, the execution process of S401 can refer to the execution process of S201, and no more details are provided here.
S402、根据待检测数据的属性信息判断待检测数据是否为安全数据。S402. Determine whether the data to be detected is safe data according to the attribute information of the data to be detected.
若是,则执行S403。If yes, execute S403.
若否,则执行S407。If not, S407 is executed.
可选的,S402的执行过程可以参见图3所示的实施例,此处不再进行赘述。Optionally, for the execution process of S402, refer to the embodiment shown in FIG. 3, and details are not described herein again.
S403、获取待检测数据的类型。S403. Acquire the type of data to be detected.
待检测数据的类型包括文本类型、图像类型、语音类型或视频类型中的 至少一种。The type of data to be detected includes at least one of text type, image type, voice type, or video type.
待检测数据的类型还可以包括其它,本公开实施例对此不作限定。The type of data to be detected may also include other types, which is not limited in the embodiments of the present disclosure.
S404、根据待检测数据的类型,获取预设模型。S404. Acquire a preset model according to the type of data to be detected.
可选的,可以预先学习得到多种数据类型对应的预设模型,并存储多种数据类型对应的预设模型。当使用预设模型时,根据待检测数据的类型获取预设模型。Optionally, the preset models corresponding to multiple data types can be learned in advance, and the preset models corresponding to multiple data types can be stored. When the preset model is used, the preset model is obtained according to the type of data to be detected.
S405、通过预设模型对属性信息和/或待检测数据进行安全性验证,判断待检测数据是否为安全数据。S405. Perform security verification on the attribute information and/or the data to be detected through a preset model, and determine whether the data to be detected is safe data.
若是,则执行S406。If yes, execute S406.
若否,则执行S407。If not, S407 is executed.
可选的,在预设模型为根据第一样本(被检测数据的属性信息)进行学习得到的时,则通过预设模型对待检测数据的属性信息进行安全性验证,判断待检测数据是否为安全数据。属性样本数据包括已知的安全数据的属性、以及已知的风险数据的属性。Optionally, when the preset model is learned based on the first sample (attribute information of the detected data), the preset model is used to perform security verification on the attribute information of the detected data to determine whether the data to be tested is Safety data. The attribute sample data includes known security data attributes and known risk data attributes.
可选的,在预设模型为根据第二样本(被检测数据)进行学习得到的时,则通过预设模型对待检测数据进行安全性验证,判断待检测数据是否为安全数据。属性样本数据包括已知的安全数据、以及已知的风险数据。Optionally, when the preset model is learned based on the second sample (the detected data), the preset model is used to perform security verification on the detected data to determine whether the data to be detected is safe data. Attribute sample data includes known safety data and known risk data.
可选的,在预设模型为根据第一样本(被检测数据的属性信息)和第二样本(被检测数据)进行学习得到的时,则通过预设模型对待检测数据和待检测数据的属性信息进行安全性验证,判断待检测数据是否为安全数据。属性样本数据包括已知的安全数据、已知的安全数据的属性信息、已知的风险数据、已知的风险数据的属性信息。Optionally, when the preset model is learned based on the first sample (attribute information of the detected data) and the second sample (detected data), the preset model The attribute information is used for security verification to determine whether the data to be detected is safe data. The attribute sample data includes known safety data, known safety data attribute information, known risk data, and known risk data attribute information.
S406、确定待检测数据为安全数据。S406. Determine that the data to be detected is safety data.
S407、确定待检测数据为风险数据。S407. Determine that the data to be detected is risk data.
在图4所示的实施例中,先通过待检测数据的属性信息,对待检测数据进行较为粗略的安全性验证,该验证过程简单方便,在根据属性信息确定待检测数据为安全数据时,则再通过预设模型对待检测数据进行安全性验证。由于预设模型为通过神经网络对样本数据进行学习得到的,样本数据包括标记的安全样本数据和标记的风险样本数据,因此,根据预设模型可以准确的验证待检测数据是否安全,在上述过程中,不但节省人力成本,还可以提高 检测效率、以及提高检测的准确性。In the embodiment shown in FIG. 4, the attribute information of the data to be detected is firstly subjected to a rough security verification of the data to be detected. The verification process is simple and convenient. Then, the security of the data to be tested is verified through a preset model. Since the preset model is obtained by learning the sample data through the neural network, the sample data includes the marked safety sample data and the marked risk sample data, therefore, according to the preset model, it can accurately verify whether the data to be tested is safe. In the above process In addition to saving labor costs, it can also improve detection efficiency and accuracy.
图5为本公开实施例提供的一种数据检测装置的结构示意图。请参见图5,该数据检测装置10可以包括检测模块11;5 is a schematic structural diagram of a data detection device according to an embodiment of the present disclosure. Referring to FIG. 5, the data detection device 10 may include a detection module 11;
所述检测模块11配置为,根据待检测数据的属性信息和预设模型,检测所述待检测数据的安全性,所述预设模型为通过神经网络对样本数据进行学习得到的。The detection module 11 is configured to detect the security of the data to be detected according to the attribute information of the data to be detected and a preset model, and the preset model is obtained by learning the sample data through a neural network.
本公开实施例提供的数据检测装置可以执行上述方法实施例所示的技术方案,其实现原理以及有益效果类似,此处不再进行赘述。The data detection apparatus provided by the embodiments of the present disclosure may execute the technical solutions shown in the foregoing method embodiments. The implementation principles and beneficial effects are similar, and details are not described herein again.
图6为本公开实施例提供的另一种数据检测装置的结构示意图。在图5所示实施例的基础上,数据检测装置10还包括第一获取模块12;6 is a schematic structural diagram of another data detection device according to an embodiment of the present disclosure. On the basis of the embodiment shown in FIG. 5, the data detection device 10 further includes a first acquisition module 12;
所述第一获取模块12配置为,获取所述待检测数据的属性信息。The first acquiring module 12 is configured to acquire attribute information of the data to be detected.
在一种可能的实施方式中,所述待检测数据的属性信息包括如下属性中的至少一种:所述待检测数据的格式、所述待检测数据使用的资源、数据发送频率。In a possible implementation manner, the attribute information of the data to be detected includes at least one of the following attributes: a format of the data to be detected, a resource used by the data to be detected, and a frequency of data transmission.
在一种可能的实施方式中,所述数据发送频率为发送所述待检测数据的设备在预设时段内发送数据的频率。In a possible implementation manner, the data transmission frequency is a frequency at which the device that sends the data to be detected sends data within a preset time period.
在一种可能的实施方式中,所述检测模块11配置为:In a possible implementation manner, the detection module 11 is configured to:
根据所述属性信息检测所述待检测数据的安全性;Detecting the security of the data to be detected according to the attribute information;
在根据所述属性信息检测所述待检测数据为安全数据时,通过所述预设模型对所述属性信息和/或所述待检测数据进行安全性验证。When detecting that the data to be detected is safety data according to the attribute information, perform security verification on the attribute information and/or the data to be detected through the preset model.
在一种可能的实施方式中,18、根据权利要求1所述的,其特征在于,所述装置还包括确定模块13,所述确定模块配置13为:In a possible implementation manner, according to claim 1, characterized in that the device further comprises a determination module 13, and the determination module configuration 13 is:
在所述检测模块11根据所述属性信息检测所述待检测数据为风险数据时,确定所述待检测数据为风险数据。When the detection module 11 detects that the data to be detected is risk data according to the attribute information, it is determined that the data to be detected is risk data.
在一种可能的实施方式中,所述检测模块11配置为:In a possible implementation manner, the detection module 11 is configured to:
获取所述属性信息中每个属性对应的安全范围;Obtain the security range corresponding to each attribute in the attribute information;
在所述属性信息中存在至少一个属性在所述至少一个属性对应的安全范围之外时,确定所述待检测数据为风险数据;When there is at least one attribute in the attribute information outside the safety range corresponding to the at least one attribute, it is determined that the data to be detected is risk data;
在所述属性信息中属性均在所述属性对应的安全范围之内时,确定所述待检测数据为安全数据。When the attributes in the attribute information are all within the security range corresponding to the attributes, it is determined that the data to be detected is security data.
在一种可能的实施方式中,所述待检测数据的格式对应的安全范围中包括至少一个预设安全格式。In a possible implementation manner, the security range corresponding to the format of the data to be detected includes at least one preset security format.
在一种可能的实施方式中,所述待检测数据使用的资源对应的安全范围中包括预设资源范围。In a possible implementation manner, the security range corresponding to the resource used by the data to be detected includes a preset resource range.
在一种可能的实施方式中,数据发送频率对应的安全范围中包括预设频率范围。In a possible implementation manner, the safety range corresponding to the data transmission frequency includes a preset frequency range.
在一种可能的实施方式中,所述数据检测装置10还包括第二获取模块14和第三获取模块15,In a possible implementation manner, the data detection device 10 further includes a second acquisition module 14 and a third acquisition module 15,
所述第二获取模块14配置为,获取所述待检测数据的类型,所述待检测数据的类型包括文本类型、图像类型、语音类型或视频类型中的至少一种;The second acquiring module 14 is configured to acquire the type of the data to be detected, and the type of the data to be detected includes at least one of a text type, an image type, a voice type, or a video type;
所述第三获取模块15配置为,根据所述待检测数据的类型,获取所述预设模型;The third obtaining module 15 is configured to obtain the preset model according to the type of the data to be detected;
所述检测模块配置11为,通过所述预设模型对所述属性信息和/或所述待检测数据进行安全性验证。The detection module configuration 11 is to perform security verification on the attribute information and/or the data to be detected through the preset model.
在一种可能的实施方式中,所述样本数据包括标记的安全样本数据和标记的风险样本数据。In a possible implementation manner, the sample data includes marked safety sample data and marked risk sample data.
本公开实施例提供的数据检测装置可以执行上述方法实施例所示的技术方案,其实现原理以及有益效果类似,此处不再进行赘述。The data detection apparatus provided by the embodiments of the present disclosure can execute the technical solutions shown in the foregoing method embodiments, and the implementation principles and beneficial effects are similar, and details are not described herein again.
本公开实施例还提供了一种计算机,包含上述的数据检测装置。An embodiment of the present disclosure also provides a computer including the above-mentioned data detection device.
本公开实施例还提供了一种计算机可读存储介质,存储有计算机可执行指令,所述计算机可执行指令设置为执行上述数据检测方法。An embodiment of the present disclosure also provides a computer-readable storage medium that stores computer-executable instructions that are configured to perform the above-described data detection method.
本公开实施例还提供了一种计算机程序产品,所述计算机程序产品包括存储在计算机可读存储介质上的计算机程序,所述计算机程序包括程序指令,当所述程序指令被计算机执行时,使所述计算机执行上述数据检测方法。An embodiment of the present disclosure also provides a computer program product. The computer program product includes a computer program stored on a computer-readable storage medium. The computer program includes program instructions. When the program instructions are executed by a computer, the The computer executes the above data detection method.
上述的计算机可读存储介质可以是暂态计算机可读存储介质,也可以是非暂态计算机可读存储介质。The aforementioned computer-readable storage medium may be a transient computer-readable storage medium or a non-transitory computer-readable storage medium.
图7为本公开实施例提供的电子设备的结构示意图。请参见图7,该电子设备20包括:7 is a schematic structural diagram of an electronic device provided by an embodiment of the present disclosure. Referring to FIG. 7, the electronic device 20 includes:
至少一个处理器(processor)21,图7中以一个处理器21为例;和存储器(memory)22,还可以包括通信接口(Communication Interface)23和总 线24。其中,处理器21、通信接口23、存储器22可以通过总线24完成相互间的通信。通信接口24可以用于信息传输。处理器21可以调用存储器22中的逻辑指令,以执行上述实施例的数据检测方法。At least one processor 21, one processor 21 is taken as an example in FIG. 7; and the memory 22 may further include a communication interface 23 and a bus 24. Among them, the processor 21, the communication interface 23, and the memory 22 can communicate with each other through the bus 24. The communication interface 24 can be used for information transmission. The processor 21 may call logic instructions in the memory 22 to execute the data detection method of the above embodiment.
此外,上述的存储器22中的逻辑指令可以通过软件功能单元的形式实现并作为独立的产品销售或使用时,可以存储在一个计算机可读取存储介质中。In addition, the logic instructions in the above-mentioned memory 22 may be implemented in the form of software functional units and sold or used as an independent product, and may be stored in a computer-readable storage medium.
存储器22作为一种计算机可读存储介质,可用于存储软件程序、计算机可执行程序,如本公开实施例中的方法对应的程序指令/模块。处理器21通过运行存储在存储器22中的软件程序、指令以及模块,从而执行功能应用以及数据处理,即实现上述方法实施例中的数据检测方法。The memory 22 is a computer-readable storage medium and can be used to store software programs and computer-executable programs, such as program instructions/modules corresponding to the methods in the embodiments of the present disclosure. The processor 21 executes functional applications and data processing by running software programs, instructions, and modules stored in the memory 22, that is, implementing the data detection method in the foregoing method embodiments.
存储器22可包括存储程序区和存储数据区,其中,存储程序区可存储操作系统、至少一个功能所需的应用程序;存储数据区可存储根据终端设备的使用所创建的数据等。此外,存储器22可以包括高速随机存取存储器,还可以包括非易失性存储器。The memory 22 may include a storage program area and a storage data area, where the storage program area may store an operating system and application programs required for at least one function; the storage data area may store data created according to the use of a terminal device and the like. In addition, the memory 22 may include a high-speed random access memory, and may also include a non-volatile memory.
本公开实施例的技术方案可以以软件产品的形式体现出来,该计算机软件产品存储在一个存储介质中,包括一个或多个指令用以使得一台计算机设备(可以是个人计算机,服务器,或者网络设备等)执行本公开实施例所述方法的全部或部分步骤。而前述的存储介质可以是非暂态存储介质,包括:U盘、移动硬盘、只读存储器(ROM,Read-Only Memory)、随机存取存储器(RAM,Random Access Memory)、磁碟或者光盘等多种可以存储程序代码的介质,也可以是暂态存储介质。The technical solutions of the embodiments of the present disclosure may be embodied in the form of software products, which are stored in a storage medium and include one or more instructions to make a computer device (which may be a personal computer, server, or network) Equipment, etc.) to perform all or part of the steps of the method described in the embodiments of the present disclosure. The aforementioned storage medium may be a non-transitory storage medium, including: U disk, mobile hard disk, read-only memory (ROM, Read-Only Memory), random access memory (RAM, Random Access Memory), magnetic disk or optical disk, etc. A medium that can store program codes may also be a transient storage medium.
当用于本申请中时,虽然术语“第一”、“第二”等可能会在本申请中使用以描述各元件,但这些元件不应受到这些术语的限制。这些术语仅用于将一个元件与另一个元件区别开。比如,在不改变描述的含义的情况下,第一元件可以叫做第二元件,并且同样第,第二元件可以叫做第一元件,只要所有出现的“第一元件”一致重命名并且所有出现的“第二元件”一致重命名即可。第一元件和第二元件都是元件,但可以不是相同的元件。When used in this application, although the terms "first", "second", etc. may be used in this application to describe various elements, these elements should not be limited by these terms. These terms are only used to distinguish one element from another. For example, without changing the meaning of the description, the first element can be called the second element, and likewise, the second element can be called the first element, as long as all occurrences of the "first element" are consistently renamed and all occurrences of The "second component" can be renamed consistently. The first element and the second element are both elements, but they may not be the same element.
本申请中使用的用词仅用于描述实施例并且不用于限制权利要求。如在实施例以及权利要求的描述中使用的,除非上下文清楚地表明,否则单数形式的“一个”(a)、“一个”(an)和“所述”(the)旨在同样包括复数形式。类似地,如在本申请中所使用的术语“和/或”是指包含一个或一个以上 相关联的列出的任何以及所有可能的组合。另外,当用于本申请中时,术语“包括”(comprise)及其变型“包括”(comprises)和/或包括(comprising)等指陈述的特征、整体、步骤、操作、元素,和/或组件的存在,但不排除一个或一个以上其它特征、整体、步骤、操作、元素、组件和/或这些的分组的存在或添加。The terms used in this application are only used to describe the embodiments and are not used to limit the claims. As used in the description of the embodiments and claims, unless the context clearly indicates otherwise, the singular forms "a", "an" and "said" are intended to include plural forms as well . Similarly, the term "and/or" as used in this application is meant to include any and all possible combinations of one or more associated lists. In addition, when used in this application, the term "comprise" and its variations "comprises" and/or includes etc. refer to the stated features, wholes, steps, operations, elements, and/or The presence of components does not exclude the presence or addition of one or more other features, wholes, steps, operations, elements, components, and/or groups of these.
所描述的实施例中的各方面、实施方式、实现或特征能够单独使用或以任意组合的方式使用。所描述的实施例中的各方面可由软件、硬件或软硬件的结合实现。所描述的实施例也可以由存储有计算机可读代码的计算机可读介质体现,该计算机可读代码包括可由至少一个计算装置执行的指令。所述计算机可读介质可与任何能够存储数据的数据存储装置相关联,该数据可由计算机系统读取。用于举例的计算机可读介质可以包括只读存储器、随机存取存储器、CD-ROM、HDD、DVD、磁带以及光数据存储装置等。所述计算机可读介质还可以分布于通过网络联接的计算机系统中,这样计算机可读代码就可以分布式存储并执行。The various aspects, implementations, implementations or features in the described embodiments can be used alone or in any combination. Various aspects in the described embodiments may be implemented by software, hardware, or a combination of software and hardware. The described embodiments may also be embodied by a computer-readable medium that stores computer-readable code including instructions executable by at least one computing device. The computer-readable medium can be associated with any data storage device capable of storing data, which can be read by a computer system. Computer-readable media used for examples may include read-only memory, random access memory, CD-ROM, HDD, DVD, magnetic tape, optical data storage devices, and the like. The computer-readable medium may also be distributed in computer systems connected through a network, so that computer-readable codes can be stored and executed in a distributed manner.
上述技术描述可参照附图,这些附图形成了本申请的一部分,并且通过描述在附图中示出了依照所描述的实施例的实施方式。虽然这些实施例描述的足够详细以使本领域技术人员能够实现这些实施例,但这些实施例是非限制性的;这样就可以使用其它的实施例,并且在不脱离所描述的实施例的范围的情况下还可以做出变化。比如,流程图中所描述的操作顺序是非限制性的,因此在流程图中阐释并且根据流程图描述的两个或两个以上操作的顺序可以根据若干实施例进行改变。作为另一个例子,在若干实施例中,在流程图中阐释并且根据流程图描述的一个或一个以上操作是可选的,或是可删除的。另外,某些步骤或功能可以添加到所公开的实施例中,或两个以上的步骤顺序被置换。所有这些变化被认为包含在所公开的实施例以及权利要求中。The above technical description may refer to the accompanying drawings, which form a part of the present application, and the description shows an implementation according to the described embodiments in the drawings. Although these embodiments are described in sufficient detail to enable those skilled in the art to implement these embodiments, these embodiments are non-limiting; so that other embodiments can be used without departing from the scope of the described embodiments Changes can also be made under circumstances. For example, the sequence of operations described in the flowchart is non-limiting, so the sequence of two or more operations explained in the flowchart and described according to the flowchart may be changed according to several embodiments. As another example, in several embodiments, one or more operations illustrated in the flowchart and described in accordance with the flowchart are optional or may be deleted. In addition, certain steps or functions may be added to the disclosed embodiments, or two or more steps may be replaced in sequence. All these changes are considered to be included in the disclosed embodiments and claims.
另外,上述技术描述中使用术语以提供所描述的实施例的透彻理解。然而,并不需要过于详细的细节以实现所描述的实施例。因此,实施例的上述描述是为了阐释和描述而呈现的。上述描述中所呈现的实施例以及根据这些实施例所公开的例子是单独提供的,以添加上下文并有助于理解所描述的实施例。上述说明书不用于做到无遗漏或将所描述的实施例限制到本公开的精确形式。根据上述教导,若干修改、选择适用以及变化是可行的。在某些情 况下,没有详细描述为人所熟知的处理步骤以避免不必要地影响所描述的实施例。In addition, terminology is used in the above technical description to provide a thorough understanding of the described embodiments. However, no excessively detailed details are required to implement the described embodiments. Therefore, the above description of the embodiments is presented for explanation and description. The embodiments presented in the above description and the examples disclosed according to these embodiments are provided separately to add context and help to understand the described embodiments. The above description is not intended to be without omission or to limit the described embodiments to the precise form of this disclosure. Based on the above teachings, several modifications, choices and changes are possible. In some cases, well-known processing steps are not described in detail to avoid unnecessarily affecting the described embodiments.

Claims (28)

  1. 一种数据检测方法,其特征在于,包括:A data detection method, which includes:
    根据待检测数据的属性信息和预设模型,检测所述待检测数据的安全性,所述预设模型为通过神经网络对样本数据进行学习得到的。According to the attribute information of the data to be detected and a preset model, the security of the data to be detected is detected, and the preset model is obtained by learning the sample data through a neural network.
  2. 根据权利要求1所述的方法,其特征在于,所述方法还包括:The method according to claim 1, wherein the method further comprises:
    获取所述待检测数据的属性信息。Obtain the attribute information of the data to be detected.
  3. 根据权利要求1或2所述的方法,其特征在于,The method according to claim 1 or 2, wherein
    所述待检测数据的属性信息包括如下属性中的至少一种:所述待检测数据的格式、所述待检测数据使用的资源、数据发送频率。The attribute information of the data to be detected includes at least one of the following attributes: the format of the data to be detected, the resources used by the data to be detected, and the frequency of data transmission.
  4. 根据权利要求3所述的方法,其特征在于,所述数据发送频率为发送所述待检测数据的设备在预设时段内发送数据的频率。The method according to claim 3, wherein the data transmission frequency is a frequency at which the device that sends the data to be detected sends data within a preset time period.
  5. 根据权利要求1-4任一项所述的方法,其特征在于,所述根据待检测数据的属性信息和预设模型,检测所述待检测数据的安全性,包括:The method according to any one of claims 1 to 4, wherein the detecting the security of the data to be detected according to the attribute information of the data to be detected and a preset model includes:
    根据所述属性信息检测所述待检测数据的安全性;Detecting the security of the data to be detected according to the attribute information;
    在根据所述属性信息检测所述待检测数据为安全数据时,通过所述预设模型对所述属性信息和/或所述待检测数据进行安全性验证。When detecting that the data to be detected is safety data according to the attribute information, perform security verification on the attribute information and/or the data to be detected through the preset model.
  6. 根据权利要求5所述的方法,其特征在于,所述方法还包括:The method according to claim 5, wherein the method further comprises:
    在根据所述属性信息检测所述待检测数据为风险数据时,确定所述待检测数据为风险数据。When detecting that the data to be detected is risk data according to the attribute information, it is determined that the data to be detected is risk data.
  7. 根据权利要求5所述的方法,其特征在于,所述根据所述属性信息检测所述待检测数据的安全性,包括:The method according to claim 5, wherein the detecting the security of the data to be detected according to the attribute information comprises:
    获取所述属性信息中每个属性对应的安全范围;Obtain the security range corresponding to each attribute in the attribute information;
    在所述属性信息中存在至少一个属性在所述至少一个属性对应的安全范围之外时,确定所述待检测数据为风险数据;When there is at least one attribute in the attribute information outside the safety range corresponding to the at least one attribute, it is determined that the data to be detected is risk data;
    在所述属性信息中属性均在所述属性对应的安全范围之内时,确定所述待检测数据为安全数据。When the attributes in the attribute information are all within the security range corresponding to the attributes, it is determined that the data to be detected is security data.
  8. 根据权利要求7所述的方法,其特征在于,所述待检测数据的格式对应的安全范围中包括至少一个预设安全格式。The method according to claim 7, wherein the security range corresponding to the format of the data to be detected includes at least one preset security format.
  9. 根据权利要求7所述的方法,其特征在于,所述待检测数据使用的资源对应的安全范围中包括预设资源范围。The method according to claim 7, wherein the security range corresponding to the resource used by the data to be detected includes a preset resource range.
  10. 根据权利要求7所述的方法,其特征在于,数据发送频率对应的安全范围中包括预设频率范围。The method according to claim 7, wherein the safety range corresponding to the data transmission frequency includes a preset frequency range.
  11. 根据权利要求5所述的方法,其特征在于,所述通过所述预设模型对所述属性信息和/或所述待检测数据进行安全性验证,包括:The method according to claim 5, wherein the performing security verification on the attribute information and/or the data to be detected through the preset model includes:
    获取所述待检测数据的类型,所述待检测数据的类型包括文本类型、图像类型、语音类型或视频类型中的至少一种;Acquiring the type of the data to be detected, the type of the data to be detected includes at least one of a text type, an image type, a voice type, or a video type;
    根据所述待检测数据的类型,获取所述预设模型;Acquiring the preset model according to the type of the data to be detected;
    通过所述预设模型对所述属性信息和/或所述待检测数据进行安全性验证。Perform security verification on the attribute information and/or the data to be detected through the preset model.
  12. 根据权利要求1-11任一项所述的方法,其特征在于,所述样本数据包括标记的安全样本数据和标记的风险样本数据。The method according to any one of claims 1-11, wherein the sample data includes marked safety sample data and marked risk sample data.
  13. 一种数据检测装置,其特征在于,包括检测模块;A data detection device, characterized in that it includes a detection module;
    所述检测模块配置为,根据待检测数据的属性信息和预设模型,检测所述待检测数据的安全性,所述预设模型为通过神经网络对样本数据进行学习得到的。The detection module is configured to detect the security of the data to be detected according to the attribute information of the data to be detected and a preset model, and the preset model is obtained by learning the sample data through a neural network.
  14. 根据权利要求13所述的装置,其特征在于,所述装置还包括第一获取模块;The apparatus according to claim 13, wherein the apparatus further comprises a first acquisition module;
    所述第一获取模块配置为,获取所述待检测数据的属性信息。The first acquiring module is configured to acquire attribute information of the data to be detected.
  15. 根据权利要求13或14所述的装置,其特征在于,The device according to claim 13 or 14, wherein
    所述待检测数据的属性信息包括如下属性中的至少一种:所述待检测数据的格式、所述待检测数据使用的资源、数据发送频率。The attribute information of the data to be detected includes at least one of the following attributes: the format of the data to be detected, the resources used by the data to be detected, and the frequency of data transmission.
  16. 根据权利要求15所述的装置,其特征在于,所述数据发送频率为发送所述待检测数据的设备在预设时段内发送数据的频率。The apparatus according to claim 15, wherein the data transmission frequency is a frequency at which a device that transmits the data to be detected transmits data within a preset time period.
  17. 根据权利要求13-16任一项所述的装置,其特征在于,所述检测模块配置为:The device according to any one of claims 13-16, wherein the detection module is configured to:
    根据所述属性信息检测所述待检测数据的安全性;Detecting the security of the data to be detected according to the attribute information;
    在根据所述属性信息检测所述待检测数据为安全数据时,通过所述预设模型对所述属性信息和/或所述待检测数据进行安全性验证。When detecting that the data to be detected is safety data according to the attribute information, perform security verification on the attribute information and/or the data to be detected through the preset model.
  18. 根据权利要求17所述的装置,其特征在于,所述装置还包括确定模块,所述确定模块配置为:The apparatus according to claim 17, wherein the apparatus further comprises a determination module, and the determination module is configured to:
    在所述检测模块根据所述属性信息检测所述待检测数据为风险数据时,确定所述待检测数据为风险数据。When the detection module detects that the data to be detected is risk data according to the attribute information, it is determined that the data to be detected is risk data.
  19. 根据权利要求17所述的装置,其特征在于,所述检测模块配置为:The apparatus according to claim 17, wherein the detection module is configured to:
    获取所述属性信息中每个属性对应的安全范围;Obtain the security range corresponding to each attribute in the attribute information;
    在所述属性信息中存在至少一个属性在所述至少一个属性对应的安全范围之外时,确定所述待检测数据为风险数据;When there is at least one attribute in the attribute information outside the safety range corresponding to the at least one attribute, it is determined that the data to be detected is risk data;
    在所述属性信息中属性均在所述属性对应的安全范围之内时,确定所述待检测数据为安全数据。When the attributes in the attribute information are all within the security range corresponding to the attributes, it is determined that the data to be detected is security data.
  20. 根据权利要求19所述的装置,其特征在于,所述待检测数据的格式对应的安全范围中包括至少一个预设安全格式。The apparatus according to claim 19, wherein the security range corresponding to the format of the data to be detected includes at least one preset security format.
  21. 根据权利要求19所述的装置,其特征在于,所述待检测数据使用的资源对应的安全范围中包括预设资源范围。The apparatus according to claim 19, wherein the security range corresponding to the resource used by the data to be detected includes a preset resource range.
  22. 根据权利要求19所述的装置,其特征在于,数据发送频率对应的安全范围中包括预设频率范围。The apparatus according to claim 19, wherein the safety range corresponding to the data transmission frequency includes a preset frequency range.
  23. 根据权利要求17所述的装置,其特征在于,所述装置还包括第二获取模块和第三获取模块,The apparatus according to claim 17, wherein the apparatus further comprises a second acquisition module and a third acquisition module,
    所述第二获取模块配置为,获取所述待检测数据的类型,所述待检测数据的类型包括文本类型、图像类型、语音类型或视频类型中的至少一种;The second acquiring module is configured to acquire the type of the data to be detected, and the type of the data to be detected includes at least one of a text type, an image type, a voice type, or a video type;
    所述第三获取模块配置为,根据所述待检测数据的类型,获取所述预设模型;The third obtaining module is configured to obtain the preset model according to the type of the data to be detected;
    所述检测模块配置为,通过所述预设模型对所述属性信息和/或所述待检测数据进行安全性验证。The detection module is configured to perform security verification on the attribute information and/or the data to be detected through the preset model.
  24. 根据权利要求13-23任一项所述的装置,其特征在于,所述样本数据包括标记的安全样本数据和标记的风险样本数据。The device according to any one of claims 13 to 23, wherein the sample data includes marked safety sample data and marked risk sample data.
  25. 一种计算机,其特征在于,包含权利要求13-24任一项所述的装置。A computer, characterized by comprising the device according to any one of claims 13-24.
  26. 一种电子设备,其特征在于,包括:An electronic device, characterized in that it includes:
    至少一个处理器;以及At least one processor; and
    与所述至少一个处理器通信连接的存储器;其中,A memory communicatively connected to the at least one processor; wherein,
    所述存储器存储有可被所述至少一个处理器执行的指令,所述指令被所述至少一个处理器执行时,使所述至少一个处理器执行权利要求1-12任一项 所述的方法。The memory stores instructions executable by the at least one processor, and when the instructions are executed by the at least one processor, causes the at least one processor to perform the method of any one of claims 1-12 .
  27. 一种计算机可读存储介质,其特征在于,存储有计算机可执行指令,所述计算机可执行指令设置为执行权利要求1-12任一项所述的方法。A computer-readable storage medium, characterized in that computer-executable instructions are stored, and the computer-executable instructions are configured to perform the method of any one of claims 1-12.
  28. 一种计算机程序产品,其特征在于,所述计算机程序产品包括存储在计算机可读存储介质上的计算机程序,所述计算机程序包括程序指令,当所述程序指令被计算机执行时,使所述计算机执行权利要求1-12任一项所述的方法。A computer program product, characterized in that the computer program product includes a computer program stored on a computer-readable storage medium, the computer program includes program instructions, and when the program instructions are executed by a computer, the computer Performing the method of any one of claims 1-12.
PCT/CN2018/119060 2018-12-04 2018-12-04 Data detection method, apparatus and device WO2020113401A1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
PCT/CN2018/119060 WO2020113401A1 (en) 2018-12-04 2018-12-04 Data detection method, apparatus and device
CN201880098312.7A CN113316921A (en) 2018-12-04 2018-12-04 Data detection method, device and equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2018/119060 WO2020113401A1 (en) 2018-12-04 2018-12-04 Data detection method, apparatus and device

Publications (1)

Publication Number Publication Date
WO2020113401A1 true WO2020113401A1 (en) 2020-06-11

Family

ID=70974826

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2018/119060 WO2020113401A1 (en) 2018-12-04 2018-12-04 Data detection method, apparatus and device

Country Status (2)

Country Link
CN (1) CN113316921A (en)
WO (1) WO2020113401A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111914543A (en) * 2020-06-20 2020-11-10 中国建设银行股份有限公司 Report validity detection method and device, electronic equipment and readable storage medium

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102195975A (en) * 2011-04-08 2011-09-21 上海电机学院 Intelligent NIPS (Network Intrusion Prevention System) framework for quantifying neural network based on mobile agent (MA) and learning vector
CN107454097A (en) * 2017-08-24 2017-12-08 深圳中兴网信科技有限公司 The detection method of abnormal access, system, computer equipment, readable storage medium storing program for executing
CN107888571A (en) * 2017-10-26 2018-04-06 江苏省互联网行业管理服务中心 A kind of various dimensions webshell intrusion detection methods and detecting system based on HTTP daily records

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102195975A (en) * 2011-04-08 2011-09-21 上海电机学院 Intelligent NIPS (Network Intrusion Prevention System) framework for quantifying neural network based on mobile agent (MA) and learning vector
CN107454097A (en) * 2017-08-24 2017-12-08 深圳中兴网信科技有限公司 The detection method of abnormal access, system, computer equipment, readable storage medium storing program for executing
CN107888571A (en) * 2017-10-26 2018-04-06 江苏省互联网行业管理服务中心 A kind of various dimensions webshell intrusion detection methods and detecting system based on HTTP daily records

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111914543A (en) * 2020-06-20 2020-11-10 中国建设银行股份有限公司 Report validity detection method and device, electronic equipment and readable storage medium

Also Published As

Publication number Publication date
CN113316921A (en) 2021-08-27

Similar Documents

Publication Publication Date Title
US10560261B1 (en) Systems and techniques for capture of trusted media data
US10255370B2 (en) Automated compliance checking through analysis of cloud infrastructure templates
RU2622876C2 (en) Method, device and electronic device for connection control
US9231972B2 (en) Malicious website identifying method and system
US20110083190A1 (en) System and method for data leakage prevention
CN110417778B (en) Access request processing method and device
US10956383B2 (en) Device backup and wipe
CN108134816B (en) Access to data on remote device
JP6470597B2 (en) VPN communication terminal compatible with captive portal, communication control method thereof and program thereof
WO2014075537A1 (en) Malicious website identifying method and system
US20150067772A1 (en) Apparatus, method and computer-readable storage medium for providing notification of login from new device
CN112134893A (en) Internet of things safety protection method and device, electronic equipment and storage medium
WO2017054307A1 (en) Recognition method and apparatus for user information
US11489746B2 (en) Detection device, detection method, and detection program
WO2019037521A1 (en) Security detection method, device, system, and server
WO2020113401A1 (en) Data detection method, apparatus and device
TW201822054A (en) Network attack pattern determination apparatus, determination method, and computer program product thereof
CN104660480B (en) A kind of method, apparatus and system of account number abnormality processing
CN112543186B (en) Network behavior detection method and device, storage medium and electronic equipment
CN104205163A (en) Method and apparatus for controlling content capture of prohibited content
KR101885615B1 (en) Method for generating attack character string and apparatus for the same
WO2020228564A1 (en) Application service method and device
WO2018014555A1 (en) Data transmission control method and apparatus
CN110768978B (en) Communication encryption verification method and device, computer equipment and storage medium
CN112468358B (en) Protocol detection method, system, equipment and computer readable storage medium

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 18942159

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 18942159

Country of ref document: EP

Kind code of ref document: A1