CN111865974A - Network security defense system and method - Google Patents
Network security defense system and method Download PDFInfo
- Publication number
- CN111865974A CN111865974A CN202010694677.5A CN202010694677A CN111865974A CN 111865974 A CN111865974 A CN 111865974A CN 202010694677 A CN202010694677 A CN 202010694677A CN 111865974 A CN111865974 A CN 111865974A
- Authority
- CN
- China
- Prior art keywords
- network
- module
- virus
- authentication
- flow
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 230000007123 defense Effects 0.000 title claims abstract description 44
- 238000000034 method Methods 0.000 title claims abstract description 19
- 241000700605 Viruses Species 0.000 claims abstract description 118
- 238000012544 monitoring process Methods 0.000 claims abstract description 38
- 238000001514 detection method Methods 0.000 claims abstract description 30
- 238000012795 verification Methods 0.000 claims abstract description 27
- 230000002155 anti-virotic effect Effects 0.000 claims description 48
- 208000015181 infectious disease Diseases 0.000 claims description 21
- 230000002265 prevention Effects 0.000 claims description 18
- 230000002159 abnormal effect Effects 0.000 claims description 7
- 238000012545 processing Methods 0.000 claims description 7
- 238000004364 calculation method Methods 0.000 claims description 6
- 238000007405 data analysis Methods 0.000 claims description 6
- 230000008929 regeneration Effects 0.000 claims description 6
- 238000011069 regeneration method Methods 0.000 claims description 6
- 238000004891 communication Methods 0.000 claims description 5
- 230000008569 process Effects 0.000 claims description 5
- 230000002068 genetic effect Effects 0.000 claims description 3
- 230000009385 viral infection Effects 0.000 claims description 3
- 230000000694 effects Effects 0.000 abstract description 9
- 230000005540 biological transmission Effects 0.000 description 3
- 208000035415 Reinfection Diseases 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- ZXQYGBMAQZUVMI-GCMPRSNUSA-N gamma-cyhalothrin Chemical compound CC1(C)[C@@H](\C=C(/Cl)C(F)(F)F)[C@H]1C(=O)O[C@H](C#N)C1=CC=CC(OC=2C=CC=CC=2)=C1 ZXQYGBMAQZUVMI-GCMPRSNUSA-N 0.000 description 2
- 230000006872 improvement Effects 0.000 description 2
- 230000009545 invasion Effects 0.000 description 2
- 238000004659 sterilization and disinfection Methods 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000018109 developmental process Effects 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 238000005265 energy consumption Methods 0.000 description 1
- 239000000835 fiber Substances 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000001737 promoting effect Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0861—Network architectures or network communication protocols for network security for authentication of entities using biometrical features, e.g. fingerprint, retina-scan
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/145—Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Virology (AREA)
- Biomedical Technology (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention discloses a network security defense system and a method, and the scheme comprises the following steps: the system comprises a network intrusion detection and defense unit, a network login verification unit, a network flow monitoring unit, a controller, a flow management server and a network state monitoring server, wherein the controller is respectively in data connection with the network intrusion detection and defense unit, the network login verification unit, the network flow monitoring unit, the flow management server and the network state monitoring server; the defense system adopted by the invention can realize real-time monitoring of network viruses, network flow, network running states and user identities, can perform multi-aspect defense, and improves the defense effect.
Description
Technical Field
The invention relates to the technical field of network security, in particular to a network security defense scheme.
Background
Nowadays, computer networks are an indispensable part of various industries, and one of the important means for promoting social development is to provide communication transmission services for electronic commerce, electronic government affairs, financial banking and mechanical production.
The computer network has become a main object of hacker, Trojan horse and virus attack, and the threat is that along with the improvement of computer technology, the Trojan horse and virus attack has stronger capability, longer hiding time and wider destructiveness, so that the improvement of the defense of network management is really the key of the problem.
However, the existing network security defense systems are passive security defense systems, and have poor defense effects, so how to effectively improve the security protection effect of the network security defense system is a problem which needs to be solved in the field.
Disclosure of Invention
Aiming at the problem of poor defense effect of the existing network security defense scheme, a new network security defense scheme is needed.
Therefore, the invention aims to provide a network security defense system and a method, and the scheme adopts an active security defense technology to substantially and effectively improve the defense effect of the defense system.
In order to achieve the above object, the present invention provides a network security defense system, comprising:
the system comprises a network intrusion detection and defense unit, a network login verification unit, a network flow monitoring unit, a controller, a flow management server and a network state monitoring server, wherein the controller is respectively in data connection with the network intrusion detection and defense unit, the network login verification unit, the network flow monitoring unit, the flow management server and the network state monitoring server;
the network intrusion prevention unit actively detects virus intrusion in the network in real time and performs antivirus processing on the detected network virus;
The network flow monitoring unit actively monitors the network flow in real time and controls the disconnection and communication of the network through the controller according to the network flow state;
the network login authentication unit authenticates the identity of a network system user;
the flow management server is used for managing flow data used in a network; the network state monitoring unit is used for monitoring the use state of the network in real time.
Furthermore, the network intrusion prevention unit comprises a network intrusion detection module, a virus database module, a virus killing module and a virus prevention repeated infection module, wherein the network intrusion detection module is connected with the virus database module, the virus database module is connected with the virus killing module, the virus killing module is connected with the virus prevention repeated infection module, the virus prevention repeated infection module is connected with a controller, the network intrusion detection module is used for detecting whether virus invades in a network, the virus database module stores characteristic information of the network virus and is used for matching the collected network virus, the virus killing module is used for killing the virus, and the virus prevention repeated infection module is used for preventing the virus from being released again after the virus is cleared and realizing the regeneration capability after the virus is searched and killed.
Furthermore, the network intrusion detection module comprises a virus scanning module, the virus scanning module comprises a data analysis module, a characteristic value calculation module and a characteristic value comparison module, the data analysis module is used for analyzing the collected virus data, the characteristic value calculation module is used for calculating the characteristic value of the virus data, and the characteristic value comparison module is used for comparing the characteristic value with the virus data in the virus database module.
Further, the network traffic monitoring unit comprises a network traffic acquisition module, a secure routing module and a secure node, wherein the network traffic acquisition module is connected with the secure routing module, the secure routing module is connected with the controller through the secure node, and the network traffic acquisition module is used for acquiring whether the network traffic is abnormally increased; the safety routing module is matched with the safety nodes to improve the routing path discovery efficiency.
Furthermore, the network login verification unit comprises a login module and an identity verification module, the login module is connected with the identity verification module, the identity verification module is connected with the controller, the login module is used for a user to log in a system, and the identity verification module is used for verifying the identity of a login person.
Furthermore, the identity verification module comprises an eye iris verification module, a fingerprint verification module, a face feature verification module and a password verification module, and the identity verification module simultaneously adopts at least three of the eye iris verification module, the fingerprint verification module, the face feature verification module and the password verification module to jointly verify.
In order to achieve the above object, the network security defense method provided by the present invention comprises:
A. firstly, a user enters an identity authentication system through a login module, the authentication is carried out in an authentication prompting mode through the identity authentication system, and the user enters a network system after the authentication is passed;
B. detecting whether a network is invaded by virus in real time, if the network virus is not detected, automatically starting a firewall system to defend, if the network virus is detected, acquiring network virus data, transmitting the network virus data to a virus database to perform feature matching, performing antivirus treatment, and performing antivirus repeated infection treatment to prevent virus regeneration after virus checking and killing;
C. collecting network flow in real time, monitoring whether the network flow is abnormal or not, comparing the collected network flow data with a preset value, if the network flow data is larger than the preset value, indicating that the network flow is abnormal, disconnecting the network, and if the network flow data is smaller than or equal to the preset value, indicating that the network flow is normal, and continuing to use the network;
D. And monitoring the network use state in real time and feeding back a monitoring result in real time.
Further, when the method carries out antivirus processing, the information of the data to be checked and killed and the virus detection result are correspondingly stored; and when the storage duration of the virus detection result reaches a first duration, deleting the information of the data to be checked and killed and the virus detection result.
Further, when the method performs repeated anti-virus infection processing, an anti-virus index of each terminal in a network is obtained, and the anti-virus index of each terminal in the network includes at least one of the following information: virus infection information, anti-virus capability information; optimizing the anti-virus indexes of all terminals in the network by using a genetic algorithm to obtain the optimized anti-virus indexes of all terminals in the network; and obtaining the optimized network anti-virus index based on the optimized anti-virus index of each terminal in the network, namely realizing the repeated infection of the virus.
Compared with the prior art, the invention has the beneficial effects that:
(1) the defense system adopted by the invention can realize real-time monitoring of network viruses, network flow, network running states and user identities, can perform multi-aspect defense, and improves the defense effect.
(2) The invention can monitor the network virus invasion state and the network flow use state in real time, and has comprehensive protection functions of virus protection, spyware prevention, junk mail prevention, phishing fraud prevention and the like.
Drawings
The invention is further described below in conjunction with the appended drawings and the detailed description.
FIG. 1 is a schematic block diagram of a network security defense system in an embodiment of the present invention;
FIG. 2 is a flow chart of a network security defense method according to an embodiment of the present invention.
Detailed Description
In order to make the technical means, the creation characteristics, the achievement purposes and the effects of the invention easy to understand, the invention is further explained below by combining the specific drawings.
Referring to fig. 1, an exemplary scheme of a configuration principle of the network security defense system provided in this embodiment is shown, and the system can defend a network security problem and improve a defense effect.
The network security defense system is mainly formed by matching a network intrusion detection module 1, a network flow acquisition module 2, a login module 3, a virus database module 4, a antivirus module 5, an antivirus repeated infection module 6, a security routing module 8, a security node 9, an identity verification module 10, a controller 11 and a flow management server 12.
The controller 11 in the system coordinates the cooperative work among all the modules for the control center of the whole system to realize active defense.
A network intrusion detection module 1, a virus database module 4, an antivirus module 5 and an antivirus repeated infection module 6 in the system are connected and matched to form a network intrusion prevention unit, the network intrusion prevention unit is connected and matched with a controller 11, virus intrusion in a network is actively detected in real time, and virus killing treatment is carried out on detected network viruses.
Specifically, the network intrusion detection module 1 is connected with a virus database module 4, the virus database module 4 is connected with an antivirus module 5, the antivirus module 5 is connected with an antivirus repeated infection module 6, and the antivirus repeated infection module 6 is connected with the controller 11.
Here, the network intrusion detection module 1 is used for detecting whether a virus intrudes into the network.
For example, the network intrusion detection module 1 specifically includes a virus scanning module 14, and the virus scanning module 14 can scan network viruses in real time, and perform data analysis and characteristic value calculation and comparison, thereby improving virus searching and killing efficiency.
Further, the virus scanning module 14 includes a data analysis module 15, a feature value calculation module 16, and a feature value comparison module 17, where the data analysis module 15 is configured to analyze the collected virus data, the feature value calculation module 16 is configured to calculate a feature value of the virus data, and the feature value comparison module 17 is configured to perform feature value comparison with the virus data in the virus database module.
The virus database module 4 in the system stores the characteristic information of the network virus and is used for matching the network virus acquired by the network intrusion detection module 1.
The disinfection module 5 in the system is used for disinfection.
For example, when the antivirus module 5 performs antivirus processing, the information of the data to be checked and killed and the virus detection result are stored correspondingly; and when the storage duration of the virus detection result reaches the first duration, deleting the information of the data to be searched and killed and the virus detection result.
The anti-virus repeated infection module 6 in the system is used for preventing virus and process from being released again after the virus is cleared after the virus is checked and killed, and the regeneration capacity is realized.
For example, when the anti-virus re-infection module 6 performs anti-virus re-infection processing, the anti-virus index of each terminal in the network is obtained, where the anti-virus index of each terminal in the network includes at least one of the following information: virus infection information, anti-virus capability information; optimizing the anti-virus indexes of all terminals in the network by using a genetic algorithm to obtain the optimized anti-virus indexes of all terminals in the network; and obtaining the optimized network anti-virus index based on the optimized anti-virus index of each terminal in the network, namely realizing the repeated infection of the virus.
The network flow monitoring system comprises a network flow acquisition module 2, a safety routing module 8 and a safety node 9 which are connected and matched to form a network flow monitoring unit, wherein the network flow monitoring unit is connected and matched with a controller 11 to realize active real-time monitoring of network flow, and the disconnection and communication of a network are controlled through the controller according to the state of the network flow.
Specifically, the network traffic collection module 2 is connected to the secure routing module 8, and the secure routing module 8 is connected to the controller 11 through the secure node 9.
The network traffic collection module 2 is used for collecting whether the network traffic is abnormally increased.
The secure routing module 8 is matched with the secure node 9 to save the discovery time of a routing path before forwarding a data packet; only a small amount of routing table information needs to be maintained, so that the storage space is saved, and the communication overhead and the energy consumption are reduced.
The login module 3 and the identity authentication module 10 in the system are connected and matched to form a network login authentication unit, and the network login authentication unit is connected and matched with the controller 11 to realize identity authentication of a network system user.
Specifically, the login module 3 is connected to the authentication module 10, and the authentication module 10 is connected to the controller 11.
The login module 3 is used for the user to log in the system, and the authentication module 10 is used for authenticating the login personnel.
The identity verification module 10 includes, for example, an iris verification module, a fingerprint verification module, a face feature verification module, and a password verification module. The identity authentication module 10 simultaneously adopts at least three modules of a human eye iris authentication module, a fingerprint authentication module, a human face characteristic authentication module and a password authentication module to carry out authentication.
The formed identity authentication module 10 has four authentication modes of human iris authentication, fingerprint authentication, human face feature authentication and password authentication, any three authentication combinations of the four authentication modes are adopted for simultaneous authentication in each operation, only the simultaneous authentication is passed, the identity authentication is passed, any two authentication modes are repeatedly authenticated for three times, and the identity authentication fails. The identity authentication module can authenticate the identity of a login person, and the authentication safety is high.
The traffic management server 12 and the network status monitoring unit 13 in the present system are respectively in data connection with the controller 11.
The traffic management server 12 is used for managing traffic data used in the network.
The network state monitoring unit 13 is configured to monitor a use state of the network in real time.
The system thus constituted may be embodied in the form of a corresponding software program and may be stored in a corresponding storage medium, where the configuration form of the storage medium is not limited herein.
The following describes the network security defense process according to the present embodiment with reference to the network security defense system.
As shown in fig. 2, the process of performing network security defense based on the present system mainly includes the following steps:
A. firstly, a user enters an identity authentication system through a login module, the user carries out authentication through an identity authentication system prompt authentication mode, and the user enters a computer system after the authentication is passed;
B. the network intrusion detection module detects whether a virus intrudes into the network in real time, if the network virus is not detected, the firewall system is automatically started to defend, if the network virus is detected, network virus data is collected and transmitted to the virus database module for feature matching and virus killing treatment, and the virus repeated infection prevention module prevents virus regeneration after virus checking and killing;
C. the network flow acquisition module acquires network flow in real time, monitors whether the network flow is abnormal or not, compares the acquired network flow data with a preset value, if the acquired network flow data is larger than the preset value, the network flow is abnormal, immediately disconnects the network through the controller, and if the acquired network flow data is smaller than or equal to the preset value, the network flow is normal, and the network continues to be used;
D. the network state monitoring unit monitors the network use state in real time and feeds back the monitoring result in real time, and the monitoring content comprises the following steps: whether network viruses exist, whether network flow is abnormal or not and whether a virus feature library is updated or not.
The scheme of the embodiment can monitor the network virus invasion condition and the network flow use state in real time, and has comprehensive protection functions of virus protection, spyware prevention, junk mail prevention, phishing fraud prevention and the like; the defense system adopted by the invention can realize real-time monitoring of network viruses, network flow, network running states and user identities, can perform multi-aspect defense, and improves the defense effect.
Finally, it should be noted that the above-mentioned method of the present invention, or specific system modules, or some of the modules thereof, are purely software structures, and can be distributed on a physical medium such as a hard disk, an optical disk, or any electronic device (such as a smart phone, a computer readable storage medium) through a program code, and when the program code is loaded and executed by a machine (such as a smart phone), the machine becomes an apparatus for implementing the present invention. The methods and apparatus of the present invention may also be embodied in the form of program code transmitted over some transmission medium, such as electrical cable, fiber optics, or via any other form of transmission, wherein, when the program code is received and loaded into and executed by a machine, such as a smart phone, the machine becomes an apparatus for practicing the invention.
The foregoing shows and describes the general principles, essential features, and advantages of the invention. It will be understood by those skilled in the art that the present invention is not limited to the embodiments described above, which are described in the specification and illustrated only to illustrate the principle of the present invention, but that various changes and modifications may be made therein without departing from the spirit and scope of the present invention, which fall within the scope of the invention as claimed. The scope of the invention is defined by the appended claims and equivalents thereof.
Claims (9)
1. A network security defense system, comprising:
the system comprises a network intrusion detection and defense unit, a network login verification unit, a network flow monitoring unit, a controller, a flow management server and a network state monitoring server, wherein the controller is respectively in data connection with the network intrusion detection and defense unit, the network login verification unit, the network flow monitoring unit, the flow management server and the network state monitoring server;
the network intrusion prevention unit actively detects virus intrusion in the network in real time and performs antivirus processing on the detected network virus;
the network flow monitoring unit actively monitors the network flow in real time and controls the disconnection and communication of the network through the controller according to the network flow state;
The network login authentication unit authenticates the identity of a network system user;
the flow management server is used for managing flow data used in a network; the network state monitoring unit is used for monitoring the use state of the network in real time.
2. The system of claim 1, wherein the network intrusion prevention unit comprises a network intrusion detection module, a virus database module, a virus killing module, and a virus repeated infection prevention module, the network intrusion detection module is connected with a virus database module, the virus database module is connected with a virus killing module, the antivirus module is connected with the antivirus repeated infection module, the antivirus repeated infection module is connected with the controller, the network intrusion detection module is used for detecting whether a network is invaded by viruses or not, the virus database module stores the characteristic information of the network viruses, the antivirus repeated infection module is used for preventing viruses and processes from being released again after the viruses are cleared after the viruses are checked and killed, and the regeneration capacity is realized.
3. The system of claim 2, wherein the network intrusion detection module comprises a virus scanning module, and the virus scanning module comprises a data analysis module for analyzing the collected virus data, a feature value calculation module for calculating feature values of the virus data, and a feature value comparison module for performing feature value comparison with the virus data in the virus database module.
4. The system according to claim 1, wherein the network traffic monitoring unit includes a network traffic collection module, a security routing module and a security node, the network traffic collection module is connected to the security routing module, the security routing module is connected to the controller via the security node, the network traffic collection module is configured to collect whether the network traffic is abnormally increased, and the security routing module and the security node cooperate to improve the routing path discovery efficiency.
5. The system of claim 1, wherein the network login authentication unit comprises a login module and an authentication module, the login module is connected to the authentication module, the authentication module is connected to the controller, the login module is used for system login of a user, and the authentication module is used for authentication of a login person.
6. The system of claim 5, wherein the authentication module comprises an iris authentication module, a fingerprint authentication module, a face feature authentication module, and a password authentication module, and the authentication module is jointly authenticated by at least three of the iris authentication module, the fingerprint authentication module, the face feature authentication module, and the password authentication module.
7. The network security defense method is characterized by comprising the following steps:
A. firstly, a user enters an identity authentication system through a login module, the authentication is carried out in an authentication prompting mode through the identity authentication system, and the user enters a network system after the authentication is passed;
B. detecting whether a network is invaded by virus in real time, if the network virus is not detected, automatically starting a firewall system to defend, if the network virus is detected, acquiring network virus data, transmitting the network virus data to a virus database to perform feature matching, performing antivirus treatment, and performing antivirus repeated infection treatment to prevent virus regeneration after virus checking and killing;
C. collecting network flow in real time, monitoring whether the network flow is abnormal or not, comparing the collected network flow data with a preset value, if the network flow data is larger than the preset value, indicating that the network flow is abnormal, disconnecting the network, and if the network flow data is smaller than or equal to the preset value, indicating that the network flow is normal, and continuing to use the network;
D. and monitoring the network use state in real time and feeding back a monitoring result in real time.
8. The method according to claim 7, wherein when performing antivirus processing, the method stores information of data to be detected and killed in correspondence with a virus detection result; and when the storage duration of the virus detection result reaches a first duration, deleting the information of the data to be checked and killed and the virus detection result.
9. The method according to claim 7, wherein the anti-virus indicators of the terminals in the network are obtained when the anti-virus repeated infection process is performed, and the anti-virus indicators of each terminal in the network include at least one of the following information: virus infection information, anti-virus capability information; optimizing the anti-virus indexes of all terminals in the network by using a genetic algorithm to obtain the optimized anti-virus indexes of all terminals in the network; and obtaining the optimized network anti-virus index based on the optimized anti-virus index of each terminal in the network so as to realize the repeated infection of the virus.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010694677.5A CN111865974A (en) | 2020-07-17 | 2020-07-17 | Network security defense system and method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010694677.5A CN111865974A (en) | 2020-07-17 | 2020-07-17 | Network security defense system and method |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN111865974A true CN111865974A (en) | 2020-10-30 |
Family
ID=73002284
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010694677.5A Pending CN111865974A (en) | 2020-07-17 | 2020-07-17 | Network security defense system and method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111865974A (en) |
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112328998A (en) * | 2020-11-30 | 2021-02-05 | 扬州大自然网络信息有限公司 | Computer information security monitoring method |
| CN112448949A (en) * | 2020-11-12 | 2021-03-05 | 武汉空格信息技术有限公司 | Computer network monitoring system |
| CN112464235A (en) * | 2020-11-26 | 2021-03-09 | 西京学院 | Computer network safety control system and control method |
| CN112465513A (en) * | 2020-11-30 | 2021-03-09 | 滨州学院 | Network security system and method based on identity authentication |
| CN113379973A (en) * | 2021-07-26 | 2021-09-10 | 四川创恒智汇信息技术有限公司 | Self-service physical examination all-in-one machine with warning function and network virus intrusion prevention function |
| CN114513333A (en) * | 2022-01-07 | 2022-05-17 | 深圳比特耐特信息技术股份有限公司 | Computer network information safety monitoring system and method |
| CN115037535A (en) * | 2022-06-01 | 2022-09-09 | 上海磐御网络科技有限公司 | Intelligent identification method for network attack behaviors |
| WO2022247675A1 (en) * | 2021-05-24 | 2022-12-01 | 中兴通讯股份有限公司 | Device operation and maintenance method, network device, and storage medium |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20030191966A1 (en) * | 2002-04-09 | 2003-10-09 | Cisco Technology, Inc. | System and method for detecting an infective element in a network environment |
| CN107103236A (en) * | 2016-02-22 | 2017-08-29 | 中国移动通信集团河北有限公司 | A kind of Network anti-virus index optimization method and apparatus |
| CN107612933A (en) * | 2017-10-20 | 2018-01-19 | 广东岭南职业技术学院 | A kind of novel computer internet worm system of defense |
| CN109309680A (en) * | 2018-10-09 | 2019-02-05 | 山西警察学院 | Network security detection method and guard system based on neural network algorithm |
| CN110636077A (en) * | 2019-10-12 | 2019-12-31 | 广元市公安局 | Network security protection system and method based on unified platform |
| US20200045063A1 (en) * | 2018-07-31 | 2020-02-06 | Fortinet, Inc. | Automated feature extraction and artificial intelligence (ai) based detection and classification of malware |
-
2020
- 2020-07-17 CN CN202010694677.5A patent/CN111865974A/en active Pending
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20030191966A1 (en) * | 2002-04-09 | 2003-10-09 | Cisco Technology, Inc. | System and method for detecting an infective element in a network environment |
| CN107103236A (en) * | 2016-02-22 | 2017-08-29 | 中国移动通信集团河北有限公司 | A kind of Network anti-virus index optimization method and apparatus |
| CN107612933A (en) * | 2017-10-20 | 2018-01-19 | 广东岭南职业技术学院 | A kind of novel computer internet worm system of defense |
| US20200045063A1 (en) * | 2018-07-31 | 2020-02-06 | Fortinet, Inc. | Automated feature extraction and artificial intelligence (ai) based detection and classification of malware |
| CN109309680A (en) * | 2018-10-09 | 2019-02-05 | 山西警察学院 | Network security detection method and guard system based on neural network algorithm |
| CN110636077A (en) * | 2019-10-12 | 2019-12-31 | 广元市公安局 | Network security protection system and method based on unified platform |
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112448949A (en) * | 2020-11-12 | 2021-03-05 | 武汉空格信息技术有限公司 | Computer network monitoring system |
| CN112464235A (en) * | 2020-11-26 | 2021-03-09 | 西京学院 | Computer network safety control system and control method |
| CN112328998A (en) * | 2020-11-30 | 2021-02-05 | 扬州大自然网络信息有限公司 | Computer information security monitoring method |
| CN112465513A (en) * | 2020-11-30 | 2021-03-09 | 滨州学院 | Network security system and method based on identity authentication |
| WO2022247675A1 (en) * | 2021-05-24 | 2022-12-01 | 中兴通讯股份有限公司 | Device operation and maintenance method, network device, and storage medium |
| CN113379973A (en) * | 2021-07-26 | 2021-09-10 | 四川创恒智汇信息技术有限公司 | Self-service physical examination all-in-one machine with warning function and network virus intrusion prevention function |
| CN114513333A (en) * | 2022-01-07 | 2022-05-17 | 深圳比特耐特信息技术股份有限公司 | Computer network information safety monitoring system and method |
| CN115037535A (en) * | 2022-06-01 | 2022-09-09 | 上海磐御网络科技有限公司 | Intelligent identification method for network attack behaviors |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111865974A (en) | Network security defense system and method | |
| Staniford-Chen et al. | Holding intruders accountable on the internet | |
| CN103957203B (en) | A network security defense system | |
| JP2002342279A (en) | Filtering device, filtering method, and program for causing computer to execute this method | |
| CN116132989B (en) | Industrial Internet security situation awareness system and method | |
| CN111628981A (en) | Network security system and method capable of being linked with application system | |
| CN103607389A (en) | Remote wireless identity authentication system | |
| Chen et al. | Defending malicious attacks in cyber physical systems | |
| CN1553293A (en) | Collaborative Intrusion Detection System Based on Distributed Data Mining | |
| CN110740140A (en) | network information security supervision system based on cloud platform | |
| CN115396200A (en) | Cross-platform data security management application method, device and system | |
| CN114826880A (en) | Method and system for online monitoring of data safe operation | |
| CN111083172A (en) | Link communication monitoring view construction method based on data packet analysis | |
| US20200099715A1 (en) | Method and Mechanism for Detection of Pass-the-Hash Attacks | |
| CN117278335B (en) | Password suite selection method and device, electronic equipment and storage medium | |
| CN116996238A (en) | Processing method and related device for network abnormal access | |
| CN110912869A (en) | Big data-based monitoring and reminding method | |
| CN118158361A (en) | Information safety protection method and system for video monitoring system | |
| CN111786980A (en) | Behavior-based privileged account threat alarm method | |
| Blaise et al. | Split-and-Merge: detecting unknown botnets | |
| CN117319009A (en) | Remote office processing method and device and remote office processing system | |
| CN116827574A (en) | An artificial intelligence-based sensitive data traceability method and AI system | |
| CN116055220A (en) | A method and system for security protection management and control of an Internet of Things terminal | |
| Al-Ayed et al. | An Efficient Practice of Privacy Implementation: Kerberos and Markov Chain to Secure File Transfer Sessions. | |
| Kalangi et al. | A hybrid IP trace back mechanism to pinpoint the attacker |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20201030 |