[go: up one dir, main page]

CN114116789A - A method of WIFI aggregation analysis - Google Patents

A method of WIFI aggregation analysis Download PDF

Info

Publication number
CN114116789A
CN114116789A CN202010866723.5A CN202010866723A CN114116789A CN 114116789 A CN114116789 A CN 114116789A CN 202010866723 A CN202010866723 A CN 202010866723A CN 114116789 A CN114116789 A CN 114116789A
Authority
CN
China
Prior art keywords
wifi
data
same
mobile phone
information
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202010866723.5A
Other languages
Chinese (zh)
Inventor
戚鹏飞
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Nanjing Stratus Intelligent Technology Co ltd
Original Assignee
Nanjing Stratus Intelligent Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nanjing Stratus Intelligent Technology Co ltd filed Critical Nanjing Stratus Intelligent Technology Co ltd
Priority to CN202010866723.5A priority Critical patent/CN114116789A/en
Publication of CN114116789A publication Critical patent/CN114116789A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/24Querying
    • G06F16/245Query processing
    • G06F16/2455Query execution
    • G06F16/24553Query execution of query operations
    • G06F16/24554Unary operations; Data partitioning operations
    • G06F16/24556Aggregation; Duplicate elimination
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W24/00Supervisory, monitoring or testing arrangements
    • H04W24/08Testing, supervising or monitoring using real traffic

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computational Linguistics (AREA)
  • Data Mining & Analysis (AREA)
  • Databases & Information Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)

Abstract

本发明公开了一种WIFI聚合分析的方法,包括以下步骤:S1、将手机连接电脑,从手机内获取所有连接过的WIFI详细信息;S2、将获取到的WIFI信息进行过滤;S3、将手机中提取到的详细信息,进行对应分类后存入Neo4j数据库,并以节点形式进行保存;S4、对分类后的数据进行数据分析,分析排查出确定关系的、疑似关系的以及无关系的数据;S5、将上传得到的数据进行进一步的整理,以知识图谱的形式进行展示结果。本发明通过采用软件进行分析,对无法直观的数据进行分析,可以节约工作人员的时间,从而提高效率;通过对不易发现的WIFI连接数据进行分析,在容易被人忽略的数据中搜寻重要线索,在刑侦分析中,可以间接得到他人之间的联系。

Figure 202010866723

The invention discloses a method for WIFI aggregation analysis, comprising the following steps: S1, connecting a mobile phone to a computer, and acquiring all the connected WIFI detailed information from the mobile phone; S2, filtering the acquired WIFI information; S3, connecting the mobile phone to The detailed information extracted from the data is stored in the Neo4j database after corresponding classification, and stored in the form of nodes; S4, data analysis is carried out on the classified data, and the data with definite relationship, suspected relationship and no relationship is analyzed and checked out; S5. Further organize the uploaded data, and display the results in the form of a knowledge graph. By using software for analysis, the present invention analyzes the data that cannot be intuitive, which can save the time of the staff, thereby improving the efficiency; by analyzing the WIFI connection data that is not easy to find, it can search for important clues in the data that is easy to be ignored, In the criminal investigation analysis, the connection between others can be obtained indirectly.

Figure 202010866723

Description

WIFI aggregation analysis method
Technical Field
The invention relates to the field of electronic material evidence analysis, in particular to a WIFI aggregation analysis method.
Background
Along with the continuous development of scientific technology, the effect of electron material evidence as the evidence is more and more obvious in the criminal case, however, after solving a case personnel and obtaining electron material evidence, will investigate personnel in the electron material evidence, carry out the analysis to its WIFI information, WIFI information analysis has following difficult point however:
1. WIFI information cannot be obtained visually;
after the WIFI is disconnected, the WIFI data are stored in a memory of the mobile phone and cannot be simply acquired;
3. the comparison with others cannot be carried out;
4. different mobile phone models, the WIFI information is not extracted.
Disclosure of Invention
The technical problem to be solved by the invention is to overcome the defects of the prior art and provide a WIFI aggregation analysis method.
In order to solve the technical problems, the invention provides the following technical scheme:
the invention provides a WIFI aggregation analysis method, which comprises the following steps:
s1, connecting the mobile phone with a computer, and acquiring all connected WIFI detailed information from the mobile phone;
s2, filtering the acquired WIFI information;
s3, storing the detailed information extracted from the mobile phone into a Neo4j database after corresponding classification, and storing the detailed information in a node form;
s4, carrying out data analysis on the classified data, and analyzing and checking the data with determined relation, suspected relation and irrelevant relation;
and S5, further sorting the uploaded data, and displaying the result in a knowledge graph form.
As a preferred technical solution of the present invention, in step S2, filtering is performed after public WIFI is divided into blacklists, so as to avoid interference of irrelevant data.
As a preferred technical solution of the present invention, in step S3, the owner NAME, WIFI _ MAC, WIFI _ PASSWORD, and WIFI _ connection are classified correspondingly and stored in the Neo4j database;
the Neo4j above follows the attribute graph data model, supports UNIQUE constraints by using apache lucence support indexes, supports complete ACID rules, supports query-enabled data exports to JSON and XLS formats, contains a UI for executing CQL commands: neo4j data browser, using native graphics libraries and native GPEs, provides RESTAPI accessible by any programming language, provides Java scripts accessible through any UIMVC framework, supports two javaapis: CypherAPI and native Java api to develop Java applications.
As a preferred embodiment of the present invention, in step S4, there are only the following three possibilities for the collision result:
1. the two people determine that the same WIFI is connected;
2. two persons are suspected to be connected with the same WIFI;
3. two people are not connected with the same WIFI;
when the WIFI _ MACs of the data extracted by the two persons are the same, the other information does not need to be compared, and the two persons need to be connected with the same WIFI to store and upload the information of the two persons; and when the extracted data cannot obtain the WIFI _ MAC, comparing the WIFI _ NAME with the WIFI _ PASSWORD, if the data results are the same, storing and uploading the information of the two persons, and if the data results are different, enabling the two persons to have no relationship.
As a preferred technical solution of the present invention, in step S5, it is only necessary to analyze the WIFI _ connection time of the display result as to whether the same WIFI is connected in the same time period.
Compared with the prior art, the invention has the following beneficial effects:
1: according to the invention, software is adopted for analysis, and data which cannot be visualized is analyzed, so that the time of workers can be saved, and the efficiency is improved.
2: according to the method and the device, the WIFI connection data which are not easy to find are analyzed, important clues are searched in the data which are easy to be ignored by people, and the contact among other people can be indirectly obtained in criminal investigation analysis.
3: the invention can gradually obtain more detailed relational network by storing the acquired data in the database, thereby being beneficial to subsequent case handling.
Drawings
The accompanying drawings, which are included to provide a further understanding of the invention and are incorporated in and constitute a part of this specification, illustrate embodiments of the invention and together with the description serve to explain the principles of the invention and not to limit the invention. In the drawings:
FIG. 1 is a flow chart of an analytical method of the present invention;
fig. 2 is a schematic diagram illustrating filtering of WIFI information in step S2 according to the present invention;
FIG. 3 is a schematic diagram of data analysis in the present invention.
Detailed Description
The preferred embodiments of the present invention will be described in conjunction with the accompanying drawings, and it will be understood that they are described herein for the purpose of illustration and explanation and not limitation.
Example 1
The invention provides a WIFI aggregation analysis method, which comprises the following steps:
s1, connecting the mobile phone with a computer, and acquiring all connected WIFI detailed information from the mobile phone, wherein once the mobile phone is connected with a certain WIFI, the detailed WIFI information is stored in a file format in a mobile phone file, and due to the limitation of mobile phone specification, the form and address of the WIFI information file are not influenced no matter the mobile phone system, the brand and the model are different, so that the detailed WIFI information of the mobile phone can be directly acquired;
s2, filtering the acquired WIFI information, and finding out that a large amount of public WIFI appears in the mobile phone of the mobile phone owner during actual operation, for example: the large amount of redundant data not only can cause interference on a WIFI collision result, but also can occupy a large amount of invalid information;
s3, storing the detailed information extracted from the mobile phone into a Neo4j database after corresponding classification, and storing the detailed information in a node form;
s4, carrying out data analysis on the classified data, and analyzing and checking the data with determined relation, suspected relation and irrelevant relation;
and S5, further sorting the uploaded data, and displaying the result in a knowledge graph form.
Further, in step S2, filtering public WIFI after being divided into blacklists to avoid interference of irrelevant data, before importing data into the database, filtering data of the public WIFI for one time to filter the public WIFI in a form of a blacklist, for example: CMCC, Chinanet, etc., so that interference of invalid data can be avoided, and then processing is performed in the form of blacklist, and both adding and maintaining new filter lists at a later stage can be more convenient and have higher extensibility.
In step S3, performing corresponding classification according to the owner NAME, WIFI _ MAC, WIFI _ PASSWORD, and WIFI _ connection, and storing the classification into a Neo4j database;
the Neo4j above follows the attribute graph data model, supports UNIQUE constraints by using apache lucence support indexes, supports complete ACID rules, supports query-enabled data exports to JSON and XLS formats, contains a UI for executing CQL commands: neo4j data browser, using native graphics libraries and native GPEs, provides RESTAPI accessible by any programming language, provides Java scripts accessible through any UIMVC framework, supports two javaapis: CypherAPI and native JavaAPI to develop Java application programs;
the advantages of Neo4j are that it is easy to represent concatenated data and to represent semi-structured data, more data can be quickly and easily concatenated, retrieved/traversed/navigated, Neo4jCQL query language commands are in a readable format, it is very easy to learn, use a simple and powerful data model, it does not require complex concatenations to retrieve concatenated/related data, it is easy to retrieve neighboring nodes or relationship details without concatenations or indexes.
In step S4, there are only three possibilities for its collision result:
1. the two people determine that the same WIFI is connected;
2. two persons are suspected to be connected with the same WIFI;
3. two people are not connected with the same WIFI;
when the WIFI _ MACs of the data extracted by the two persons are the same, the other information does not need to be compared, and the two persons need to be connected with the same WIFI to store and upload the information of the two persons; and when the extracted data cannot obtain the WIFI _ MAC, comparing the WIFI _ NAME with the WIFI _ PASSWORD, if the data results are the same, storing and uploading the information of the two persons, and if the data results are different, enabling the two persons to have no relationship.
In step S5, as to whether the same WIFI is connected in the same time period, it is only necessary to analyze the WIFI _ connection time of the display result, further sort the uploaded data, and display the result in the form of a knowledge graph, thereby finding whether the owner and the other person are connected to the same WIFI or suspected to be connected to the same WIFI.
According to the invention, software is adopted for analysis, and data which cannot be visualized is analyzed, so that the time of workers can be saved, and the efficiency is improved; by analyzing the WIFI connection data which are not easy to find, important clues are searched in the data which are easy to be ignored by people, and the contact among other people can be indirectly obtained in criminal investigation analysis; by storing the acquired data in the database, more detailed relational networks can be gradually acquired, which is beneficial to subsequent case handling.
Finally, it should be noted that: although the present invention has been described in detail with reference to the foregoing embodiments, it will be apparent to those skilled in the art that changes may be made in the embodiments and/or equivalents thereof without departing from the spirit and scope of the invention. Any modification, equivalent replacement, or improvement made within the spirit and principle of the present invention should be included in the protection scope of the present invention.

Claims (5)

1.一种WIFI聚合分析的方法,其特征在于,包括以下步骤:1. a method for WIFI aggregation analysis, is characterized in that, comprises the following steps: S1、将手机连接电脑,从手机内获取所有连接过的WIFI详细信息;S1. Connect the mobile phone to the computer, and obtain all the connected WIFI details from the mobile phone; S2、将获取到的WIFI信息进行过滤;S2. Filter the acquired WIFI information; S3、将手机中提取到的详细信息,进行对应分类后存入Neo4j数据库,并以节点形式进行保存;S3. The detailed information extracted from the mobile phone is stored in the Neo4j database after corresponding classification, and saved in the form of nodes; S4、对分类后的数据进行数据分析,分析排查出确定关系的、疑似关系的以及无关系的数据;S4. Perform data analysis on the classified data, and analyze and check out the data with definite relationship, suspected relationship and no relationship; S5、将上传得到的数据进行进一步的整理,以知识图谱的形式进行展示结果。S5. Further organize the uploaded data, and display the results in the form of a knowledge graph. 2.根据权利要求1所述的一种WIFI聚合分析的方法,其特征在于,在步骤S2中,将公共WIFI均划分至黑名单后进行过滤处理,避免无关数据的干扰。2 . The method for WIFI aggregation analysis according to claim 1 , wherein in step S2 , all public WIFIs are divided into a blacklist and then filtered to avoid interference of irrelevant data. 3 . 3.根据权利要求1所述的一种WIFI聚合分析的方法,其特征在于,在步骤S3中,按照机主姓名、WIFI_NAME、WIFI_MAC、WIFI_PASSWORD和WIFI_CONNECTTIME进行对应分类,存入Neo4j数据库;3. The method for WIFI aggregation analysis according to claim 1, wherein in step S3, corresponding classification is performed according to the host name, WIFI_NAME, WIFI_MAC, WIFI_PASSWORD and WIFI_CONNECTTIME, and stored in the Neo4j database; 上述Neo4j遵循属性图数据模型,通过使用ApacheLucence支持索引,支持UNIQUE约束,支持完整的ACID规则,支持查询的数据导出到JSON和XLS格式,包含一个用于执行CQL命令的UI:Neo4j数据浏览器,采用原生图形库与本地GPE,提供了RESTAPI可以被任何编程语言访问,提供可以通过任何UIMVC框架访问的Java脚本,支持两种JavaAPI:CypherAPI和NativeJavaAPI来开发Java应用程序。The above Neo4j follows the property graph data model, supports indexes by using Apache Lucence, supports UNIQUE constraints, supports full ACID rules, supports query data export to JSON and XLS formats, includes a UI for executing CQL commands: Neo4j Data Browser, Using native graphics library and native GPE, it provides RESTAPI that can be accessed by any programming language, provides Java scripts that can be accessed through any UIMVC framework, and supports two JavaAPIs: CypherAPI and NativeJavaAPI to develop Java applications. 4.根据权利要求1所述的一种WIFI聚合分析的方法,其特征在于,在步骤S4中,对于其碰撞结果只会存在以下三种可能:4. The method for WIFI aggregation analysis according to claim 1, wherein in step S4, there are only the following three possibilities for the collision result: 1、二人确定连接过同一WIFI;1. Make sure that the two have connected to the same WIFI; 2、二人疑似连接过同一WIFI;2. The two are suspected to have connected to the same WIFI; 3、二人未连接过同一WIFI;3. The two have never been connected to the same WIFI; 当二人提取数据的WIFI_MAC相同时,无需比对其余信息,二人必连过相同WIFI,将其二人信息进行保存上传;当提取数据无法获取到WIFI_MAC时,将其WIFI_NAME和WIFI_PASSWORD进行比对,若数据结果相同,则存在疑似关系,将二人信息进行保存上传,若不同,则二人无关系。When the WIFI_MAC of the extracted data is the same, there is no need to compare the rest of the information. The two must be connected to the same WIFI and save and upload their information; when the extracted data cannot be obtained by WIFI_MAC, compare their WIFI_NAME and WIFI_PASSWORD , if the data results are the same, there is a suspected relationship, and the information of the two is saved and uploaded. If they are different, the two are not related. 5.根据权利要求1所述的一种WIFI聚合分析的方法,其特征在于,在步骤S5中,对于是否在相同时间段连接过同一WIFI,只需对展示结果的WIFI_CONNECTTIME进行分析。5 . The method for WIFI aggregation analysis according to claim 1 , wherein, in step S5 , as to whether the same WIFI has been connected in the same time period, only the WIFI_CONNECTTIME of the displayed result needs to be analyzed. 6 .
CN202010866723.5A 2020-08-26 2020-08-26 A method of WIFI aggregation analysis Pending CN114116789A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010866723.5A CN114116789A (en) 2020-08-26 2020-08-26 A method of WIFI aggregation analysis

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010866723.5A CN114116789A (en) 2020-08-26 2020-08-26 A method of WIFI aggregation analysis

Publications (1)

Publication Number Publication Date
CN114116789A true CN114116789A (en) 2022-03-01

Family

ID=80373880

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010866723.5A Pending CN114116789A (en) 2020-08-26 2020-08-26 A method of WIFI aggregation analysis

Country Status (1)

Country Link
CN (1) CN114116789A (en)

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101989268A (en) * 2009-07-30 2011-03-23 上海汉光知识产权数据科技有限公司 System and method for analyzing development trend of patent technology
WO2011100076A1 (en) * 2010-02-11 2011-08-18 Alibaba Group Holding Limited Method and system for e-commerce transaction data accounting
CN103366020A (en) * 2013-08-06 2013-10-23 刘临 System and method for analyzing user behaviors
CN107016086A (en) * 2017-04-01 2017-08-04 四川艾特赢泰智能科技有限责任公司 A kind of method for extracting behavior and position data in Android system GooglePlay
CN110148043A (en) * 2019-03-01 2019-08-20 安徽省优质采科技发展有限责任公司 The bid and purchase information recommendation system and recommended method of knowledge based map
CN110633364A (en) * 2019-09-23 2019-12-31 中国农业大学 Construction method and display mode of food safety knowledge graph based on graph database

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101989268A (en) * 2009-07-30 2011-03-23 上海汉光知识产权数据科技有限公司 System and method for analyzing development trend of patent technology
WO2011100076A1 (en) * 2010-02-11 2011-08-18 Alibaba Group Holding Limited Method and system for e-commerce transaction data accounting
CN103366020A (en) * 2013-08-06 2013-10-23 刘临 System and method for analyzing user behaviors
CN107016086A (en) * 2017-04-01 2017-08-04 四川艾特赢泰智能科技有限责任公司 A kind of method for extracting behavior and position data in Android system GooglePlay
CN110148043A (en) * 2019-03-01 2019-08-20 安徽省优质采科技发展有限责任公司 The bid and purchase information recommendation system and recommended method of knowledge based map
CN110633364A (en) * 2019-09-23 2019-12-31 中国农业大学 Construction method and display mode of food safety knowledge graph based on graph database

Similar Documents

Publication Publication Date Title
WO2018236732A1 (en) AUTOMATIC LEARNING SYSTEM FOR PROCESSING QUERIES FOR DIGITAL CONTENT
CN109739725A (en) Monitoring method, device and system based on browser and storage medium
JP2013502653A5 (en)
JP5377534B2 (en) Method, apparatus and system for identifying GUI elements
CN112613569B (en) Image recognition method, image classification model training method and device
WO2014167647A1 (en) Data management device, date management method, and permanent storage medium
CN107480268A (en) Data query method and device
CN114356631A (en) Fault positioning method and device, computer equipment and storage medium
CN116756330A (en) Knowledge graph construction method and device, electronic equipment and storage medium
CN115576834A (en) Software test multiplexing method, system, terminal and medium for supporting fault recovery
CN120123130A (en) Fault diagnosis method, fault knowledge graph construction method, device and storage medium
CN114546360A (en) Code program recommendation method and device, electronic equipment and storage medium
CN114116789A (en) A method of WIFI aggregation analysis
CN113536048A (en) Graph display method, system, storage medium and electronic device
CN113127471A (en) Method, device, equipment and storage medium for automatic data quality inspection
CN105786929A (en) Information monitoring method and device
CN108629012B (en) Intelligent verification method and system for forensic data analysis accuracy
CN117575995A (en) Device defect detection method, device, computer equipment and storage medium
CN116955186A (en) A software testing knowledge base construction method, device, electronic equipment and medium
CN116414102A (en) Fault diagnosis method of vehicle-mounted online service system
CN104050273A (en) Devices and methods for recording latest network file and modifying search result
CN112131215B (en) Bottom-up database information acquisition method and device
CN115292566A (en) Routing inspection fault processing method and device, computer and medium
CN114138666A (en) Abnormal data detection method, device, electronic device and storage medium
CN110046163A (en) A kind of data retrieval method and system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination