CN110166473A - Network data transmission detection method, device, equipment and medium - Google Patents

Network data transmission detection method, device, equipment and medium Download PDF

Info

Publication number
CN110166473A
CN110166473A CN201910457148.0A CN201910457148A CN110166473A CN 110166473 A CN110166473 A CN 110166473A CN 201910457148 A CN201910457148 A CN 201910457148A CN 110166473 A CN110166473 A CN 110166473A
Authority
CN
China
Prior art keywords
data
transmitted
network
server
risk class
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201910457148.0A
Other languages
Chinese (zh)
Other versions
CN110166473B (en
Inventor
王永智
刘利明
戴建东
匡保国
俞新华
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Mobile Communications Group Co Ltd
China Mobile Group Jiangsu Co Ltd
Original Assignee
China Mobile Communications Group Co Ltd
China Mobile Group Jiangsu Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Mobile Communications Group Co Ltd, China Mobile Group Jiangsu Co Ltd filed Critical China Mobile Communications Group Co Ltd
Priority to CN201910457148.0A priority Critical patent/CN110166473B/en
Publication of CN110166473A publication Critical patent/CN110166473A/en
Application granted granted Critical
Publication of CN110166473B publication Critical patent/CN110166473B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/145Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Virology (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The embodiment of the present invention provides a kind of network data transmission detection method, device, equipment and medium.This method comprises: the data to be transmitted of primary server is carried out data backup, Backup Data is obtained;According to data decoding strategy, Backup Data is decoded, decoding data is obtained;Based on decoding data and retrieval pointer, the risk class of data to be transmitted is determined in detection feature database, so that the network operation authority of risk class control primary server of the Relay Server based on data to be transmitted.Network data transmission detection method, device, equipment and the medium provided according to embodiments of the present invention, it is capable of detecting to transmission data for efficiently and accurately, effective monitoring and management can be carried out to each stage of network data transmission, improve the detection accuracy of network data transmission.

Description

Network data transmission detection method, device, equipment and medium
Technical field
The present invention relates to the communications field more particularly to a kind of network data transmission detection method, device, equipment and media.
Background technique
Network transmission is the process communicated according to the network transmission protocol.Under current network environment, due to that can exist The factor of a large amount of menace network operations such as wooden horse, virus and malicious script, and then seriously affected network data transmission Safety and reliability.
Currently, data volume is very big due in network data transmission work, the equipment of network transmission is participated in mostly and distribution Extensively, the precision and efficiency of Network Data Control are relatively low, and leading to the detection of network data, easily there is a phenomenon where missing inspections.
Therefore, at present can not efficiently and accurately to data transmission detect.
Summary of the invention
The embodiment of the invention provides a kind of network data transmission detection method, device, equipment and media, can be efficiently quasi- True detects transmission data, can carry out effective monitoring and management to each stage of network data transmission, improve The detection accuracy of network data transmission.
The one side of the embodiment of the present invention, provides a kind of network data transmission detection method, and this method is examined applied to data Server is surveyed, this method comprises:
The data to be transmitted of primary server is subjected to data backup, obtains Backup Data;
According to data decoding strategy, Backup Data is decoded, decoding data is obtained;
Based on decoding data and retrieval pointer, the risk class of data to be transmitted is determined in detection feature database, so that in After the network operation authority of risk class control primary server of the server based on data to be transmitted.
The another aspect of the embodiment of the present invention, provides a kind of network data transmission detection method, and this method is applied to relaying Server, this method comprises:
Receive the risk class of data to be transmitted;
Risk class based on data to be transmitted controls the network operation authority of primary server, so that primary server is based on Data to be transmitted is sent to child servers by network operation authority, and the data to be transmitted is sent to network end by child servers End;
Wherein, if the risk class of data to be transmitted is high risk, the communication between primary server and current network is interrupted Connection.
The another aspect of the embodiment of the present invention, provides a kind of network data transmission detection method, and this method is applied to main clothes Business device, this method comprises:
Data to be transmitted is sent to Relay Server;
The server identification code of child servers is collected, the mailing address of child servers is obtained, so that child servers The server identification code of the mailing address of child servers and child servers is collected, the mailing address of the network terminal is obtained;
Data to be transmitted is sent to child servers by the mailing address based on network operation authority and child servers, so that The data to be transmitted received is sent to the network terminal based on the mailing address of the network terminal by child servers.
The one side of the embodiment of the present invention, provides a kind of network data transmission detection device, which examines applied to data Server is surveyed, which includes:
Data backup unit obtains Backup Data for the data to be transmitted of primary server to be carried out data backup;
Data decoding unit, for being decoded to Backup Data, obtaining decoding data according to data decoding strategy;
Data detecting unit, for determining data to be transmitted in detection feature database based on decoding data and retrieval pointer Risk class so that Relay Server based on data to be transmitted risk class control primary server network operation authority, Primary server is based on network operation authority and data to be transmitted is sent to child servers, and data to be transmitted is sent to by child servers The network terminal.
The another aspect of the embodiment of the present invention, provides a kind of network data transmission detection device, which is applied to relaying Server, the device include:
Data receipt unit, for receiving the risk class of data to be transmitted;
Permission control unit controls the network operation authority of primary server for the risk class based on data to be transmitted, So that primary server, which is based on network operation authority, is sent to child servers for data to be transmitted, child servers send out data to be transmitted It send to the network terminal;
Wherein, if the risk class of data to be transmitted is high risk, the communication between primary server and current network is interrupted Connection.
The another aspect of the embodiment of the present invention, provides a kind of network data transmission detection device, which is applied to main clothes Business device, the device include:
First data transmission unit, for data to be transmitted to be sent to Relay Server;
Address assembly unit obtains the communication of child servers for the server identification code of child servers to collect Address obtains net so that child servers collect the server identification code of the mailing address of child servers and child servers The mailing address of network terminal;
Second data transmission unit, for the mailing address based on network operation authority and child servers, by number to be transmitted According to child servers are sent to, so that data to be transmitted is sent to network end based on the mailing address of the network terminal by child servers End.
One side according to an embodiment of the present invention, provides a kind of network data transmission detection device, which includes:
Processor and the memory for being stored with computer program instructions;
Processor realizes the net that the either side such as the embodiments of the present invention provides when executing computer program instructions Network data transmission detection method.
According to another aspect of an embodiment of the present invention, a kind of computer storage medium is provided, is deposited in computer storage medium Computer program instructions are contained, any one of such as embodiments of the present invention is realized when computer program instructions are executed by processor The network data transmission detection method that aspect provides.
Network data transmission detection method, device, equipment and medium provided in an embodiment of the present invention can use data inspection It surveys server and effective monitoring and management is carried out to each stage of network data transmission, improve the detection essence of network data transmission Degree.
Detailed description of the invention
In order to illustrate the technical solution of the embodiments of the present invention more clearly, will make below to required in the embodiment of the present invention Attached drawing is briefly described, for those of ordinary skill in the art, without creative efforts, also Other drawings may be obtained according to these drawings without any creative labor.
Fig. 1 shows the structural schematic diagram of the network data transmission detection system of one embodiment of the invention;
Fig. 2 shows the knots of the network data transmission detection method applied to Data Detection server of one embodiment of the invention Structure schematic diagram;
The structure that Fig. 3 shows the network data transmission detection method applied to Relay Server of one embodiment of the invention is shown It is intended to;
Fig. 4 shows the structural representation of the network data transmission detection method applied to primary server of one embodiment of the invention Figure;
Fig. 5 shows the knot of the network data transmission detection device applied to Data Detection server of one embodiment of the invention Structure schematic diagram;
The structure that Fig. 6 shows the network data transmission detection device applied to Relay Server of one embodiment of the invention is shown It is intended to;
Fig. 7 shows the structural representation of the network data transmission detection device applied to primary server of one embodiment of the invention Figure;
Fig. 8 shows the calculating equipment that can be realized network data transmission detection method according to an embodiment of the present invention and device Exemplary hardware architecture structure chart.
Specific embodiment
The feature and exemplary embodiment of various aspects of the invention is described more fully below, in order to make mesh of the invention , technical solution and advantage be more clearly understood, with reference to the accompanying drawings and embodiments, the present invention is further retouched in detail It states.It should be understood that specific embodiment described herein is only configured to explain the present invention, it is not configured as limiting the present invention. To those skilled in the art, the present invention can be real in the case where not needing some details in these details It applies.Below the description of embodiment is used for the purpose of better understanding the present invention to provide by showing example of the invention.
It should be noted that, in this document, relational terms such as first and second and the like are used merely to a reality Body or operation are distinguished with another entity or operation, are deposited without necessarily requiring or implying between these entities or operation In any actual relationship or order or sequence.Moreover, the terms "include", "comprise" or its any other variant are intended to Non-exclusive inclusion, so that the process, method, article or equipment including a series of elements is not only wanted including those Element, but also including other elements that are not explicitly listed, or further include for this process, method, article or equipment Intrinsic element.In the absence of more restrictions, the element limited by sentence " including ... ", it is not excluded that including There is also other identical elements in the process, method, article or equipment of the element.
With reference to the accompanying drawing, network data transmission detection method according to an embodiment of the present invention, device, equipment is described in detail And medium.It should be noted that these embodiments are not for limiting the scope of the present disclosure.
Network data transmission detection system according to an embodiment of the present invention is discussed in detail by Fig. 1 first below.
In order to better understand the present invention, Fig. 1 is combined to examine the network data transmission of one embodiment of the invention first below Examining system is described in detail, and Fig. 1 is the structural schematic diagram for showing the network data transmission detection system of one embodiment of the invention.
As shown in Figure 1, the network data transmission detection system 100 in the embodiment of the present invention may include: Data Detection clothes Business device, Relay Server and primary server.
Data Detection server obtains Backup Data for backing up the data to be transmitted of primary server;According to number According to decoding policy, Backup Data is decoded, obtains decoding data;Based on decoding data and retrieval pointer, in detection feature The risk class of data to be transmitted is determined in library.
Relay Server, for receiving the risk class of data to be transmitted;Risk class based on data to be transmitted, control The network operation authority of primary server;Wherein, if the risk class of data to be transmitted is high risk, primary server and current is interrupted Communication connection between network.
Primary server, for data to be transmitted to be sent to Data Detection server, so that Data Detection server determines The risk class of data to be transmitted;The server identification code of child servers is collected, the mailing address of child servers is obtained, So that child servers collect the server identification code of the mailing address of child servers and child servers, the network terminal is obtained Mailing address;Data to be transmitted is sent to child servers by the mailing address based on network operation authority and child servers, with Make child servers that the data to be transmitted received are sent to the network terminal based on the mailing address of the network terminal.
In one embodiment of the invention, as shown in Figure 1, data to be transmitted is sent to Data Detection clothes by primary server It is engaged in device, a data retrieval main program is included at least in Data Detection server and at least one data encoding decodes main program, Data encoding decodes main program setting data encoding and decodes management strategy.The data to be transmitted that Data Detection server will receive It is backed up, obtains Backup Data, and decoding processing is carried out to Backup Data based on decoding policy, obtain decoding data.It connects down Come, Data Detection server can be based on data retrieval main program, determine Backup Data in detection feature database using retrieval pointer Corresponding risk class, it should be appreciated that the risk class of Backup Data is the risk class of data to be transmitted.
Next, the risk class of data to be transmitted can be sent to Relay Server by Data Detection server, by relaying The network operation authority of risk class control primary server of the server based on data to be transmitted, for example, low according to risk class Risk to risk arrives high risk again, gradually decreases the network operation authority of primary server, until data to be transmitted is high risk When, interrupt the communication connection between primary server and current network.At this point, equipment can be carried out to the primary server of transmission high risk Safety detection, after primary server passes through safety detection, Relay Server can restore the network operation authority of the primary server.
It is emphasized that in embodiments of the present invention, primary server can carry out the server identification code of child servers Compilation, and then obtain the mailing address of child servers.Child servers again can be by the service of the mailing address of oneself and the network terminal Device identification code collects, to obtain the mailing address of the network terminal.Wherein, server identification code includes hardware identification code and soft The mailing address of part identification code, child servers and the network terminal is the mailing address of 8 systems.
Primary server, can be based on son clothes when receiving the risk class for the data to be transmitted that Relay Server is fed back The mailing address and current network operation authority of business device, are sent to child servers for data to be transmitted, child servers can be based on Above-mentioned data to be transmitted is sent to the network terminal by the mailing address of the network terminal.
For example, when the risk class that primary server receives the data to be transmitted that Relay Server is fed back is high risk When, since Relay Server can interrupt the communication connection of primary server and current network at this time, then primary server can not be at this time The transmission of row data.
If primary server receive the data to be transmitted that Relay Server is fed back risk class be risk when, Relay Server can reduce the network operation authority of primary server, and primary server can will be to based on the network operation authority after reduction Transmission data are sent to child servers, and child servers can be sent above-mentioned data to be transmitted based on the mailing address of the network terminal To the network terminal.
If primary server receive the data to be transmitted that Relay Server is fed back risk class be devoid of risk when, Relay Server will not change the network operation authority of primary server, at this point, primary server will will send data to be transmitted To child servers, above-mentioned data to be transmitted can be sent to the network terminal based on the mailing address of the network terminal by child servers.
In one embodiment of the invention, the data transmitted between child servers also can be sent to number by Relay Server According to detection service device, so that Data Detection server determines the risk class for transmitting data between child servers, Relay Server It also can be based on the network operation authority for the risk class control child servers for transmitting data between child servers.And then it realizes to each The server apparatus being related between a data transfer layer grade carries out effective monitoring and management.
The network data transmission detection system provided according to embodiments of the present invention, due to being determined using Data Detection server The risk class of the data to be transmitted of primary server, and the network by Relay Server based on risk class control primary server Operating right can realize effectively between carrying out effective monitoring and management the hardware devices at different levels for participating in network data transmission, And then the efficiency and accuracy of network data transmission detection are improved, reduce the generation of leak detection.
The network data transmission for being applied to Data Detection server in one embodiment of the invention is discussed in detail below by Fig. 2 The flow diagram of detection method.
As shown in Fig. 2, the network data transmission detection method 200 for being applied to Data Detection server includes:
The data to be transmitted of primary server is carried out data backup, obtains Backup Data by S210.
S220 decodes Backup Data, obtains decoding data according to data decoding strategy.
S230 determines the risk class of data to be transmitted based on decoding data and retrieval pointer in detection feature database.
So that the network operation authority of grade control primary server of the Relay Server based on data to be transmitted, primary server Data to be transmitted is sent to child servers based on network operation authority, data to be transmitted is sent to network end by child servers End.
In one embodiment of the invention, Data Detection server is standby by the data to be transmitted progress data of primary server Part, to obtain Backup Data.Also, it is based on data decoding strategy, decoded operation is carried out to Backup Data, to obtain decoding number According to.Based on decoding data and retrieval pointer, the risk class of data to be transmitted can be determined in detection feature database.
In another embodiment of the invention, can be determining decoding data will lead to the frequency that business is abnormal, benefit It is determined and the above-mentioned associated risk class of the service exception frequency in detection feature database with retrieval pointer.It is also possible to determine decoding The risk keyword of data utilizes retrieval pointer determination and above-mentioned associated risk of risk keyword etc. in detection feature database Grade.It can also be the communication equipment quantity influenced in determining current network by decoding data, it is special in detection using retrieval pointer Levy the determining and above-mentioned associated risk class of communication equipment quantity influenced by decoding data in library.
In another embodiment of the invention, applied to the network data transmission detection method 200 of Data Detection server Further include:
Setting detection feature database.
Wherein it is possible to pass through following at least one method setting detection feature databases.
Method one establishes the incidence relation between risk keyword and risk class.For example, by virus signature and high wind Danger is associated, and the risk keyword for being involved in the sensitive informations such as money is associated with risk.
Incidence relation between the frequency and risk class occurs for method two, setting abnormal traffic.For example, high wind is set separately The abnormal traffic for being less than low-risk threshold value the frequency and is associated with low-risk, will be greater than by dangerous threshold value and low-risk threshold value occur The abnormal traffic of high risk threshold value occurs the frequency and is associated with high risk, between low-risk threshold value and high risk threshold value The abnormal traffic frequency is associated with risk.
Method three is established by the incidence relation between the communication equipment quantity and risk class influenced to communication.For example, High risk preset quantity and low-risk preset quantity is set separately, by be less than low-risk preset quantity communication equipment quantity with it is low Risk is associated, and the communication equipment quantity that will be greater than high risk preset quantity is associated with high risk, pre- between low-risk If the communication equipment quantity between quantity and high risk preset quantity is associated with risk.
The network data transmission detection method applied to Data Detection server described in through the embodiment of the present invention is led to Data Detection server is crossed to detect data to be transmitted, can effectively realize to transmitted in network virus, wooden horse and The identification of the invalid datas information such as malicious script facilitates the propagation for preventing invalid information from source.
It is discussed in detail in one embodiment of the invention below by Fig. 3 and is detected applied to the network data transmission of Relay Server The flow diagram of method.
As shown in figure 3, the network data transmission detection method 300 for being applied to Relay Server includes:
S310 receives the risk class of data to be transmitted.
S320, the risk class based on data to be transmitted control the network operation authority of primary server.
So that primary server, which is based on network operation authority, is sent to child servers for data to be transmitted, child servers will be to be passed Transmission of data is sent to the network terminal;Wherein, if the risk class of data to be transmitted is high risk, primary server and current net are interrupted Communication connection between network.
In one embodiment of the invention, Relay Server is based on receiving the to be transmitted of Data Detection server feedback The risk class of data controls the network operation authority of primary server.For example, being arrived again according to risk class low-risk to risk High risk gradually decreases the network operation authority of primary server, until data to be transmitted be high risk when, interrupt primary server with Communication connection between current network.At this point, equipment safety detection can be carried out to the primary server of transmission high risk, when main service After device passes through safety detection, Relay Server can restore the network operation authority of the primary server.
In another embodiment of the invention, it is also wrapped applied to the network data transmission detection method 300 of Relay Server It includes:
The risk class of data to be transmitted is sent to primary server and the network terminal.
In one embodiment of the invention, it is logical to should be its data for the quantity of the child servers of each Relay Server connection The 70%-80% of communication interface quantity.
It is applied to the network data detection method of Relay Server in through the embodiment of the present invention, can use relay services The network operation authority of main service is adjusted in device, with realize to related invalid data information source carry out corresponding limitation and Management.
The network data transmission detection side for being applied to primary server in one embodiment of the invention is discussed in detail below by Fig. 4 The flow diagram of method.
As shown in figure 4, the network data transmission detection method 400 for being applied to primary server includes:
Data to be transmitted is sent to Relay Server by S410.
The server identification code of child servers is collected, obtains the mailing address of child servers by S420.
So that child servers collect the server identification code of the mailing address of child servers and child servers, obtain The mailing address of the network terminal.
Data to be transmitted is sent to child servers by S430, the mailing address based on network operation authority and child servers.
So that the data to be transmitted received is sent to the network terminal based on the mailing address of the network terminal by child servers.
In one embodiment of the invention, primary server can collect the server identification code of child servers, into And obtain the mailing address of child servers.Child servers again can be by the server identification code of the mailing address of oneself and the network terminal It collects, to obtain the mailing address of the network terminal.Wherein, server identification code includes hardware identification code and software identification The mailing address of code, child servers and the network terminal is the mailing address of 8 systems.
Primary server, can be based on son clothes when receiving the risk class for the data to be transmitted that Relay Server is fed back The mailing address and current network operation authority of business device, are sent to child servers for data to be transmitted, child servers can be based on Above-mentioned data to be transmitted is sent to the network terminal by the mailing address of the network terminal.
For example, when the risk class that primary server receives the data to be transmitted that Relay Server is fed back is high risk When, since Relay Server can interrupt the communication connection of primary server and current network at this time, then primary server can not be at this time The transmission of row data.
If primary server receive the data to be transmitted that Relay Server is fed back risk class be risk when, Relay Server can reduce the network operation authority of primary server, and primary server can will be to based on the network operation authority after reduction Transmission data are sent to child servers, and child servers can be sent above-mentioned data to be transmitted based on the mailing address of the network terminal To the network terminal.
If primary server receive the data to be transmitted that Relay Server is fed back risk class be devoid of risk when, Relay Server will not change the network operation authority of primary server, at this point, primary server will will send data to be transmitted To child servers, above-mentioned data to be transmitted can be sent to the network terminal based on the mailing address of the network terminal by child servers.
In embodiments of the present invention, the mailing address of child servers and network terminal is required to obtain by compilation, can be with It prevents mailing address to be maliciously tampered, and then guarantees the transmission safety of data.
Corresponding with above-mentioned embodiment of the method, the embodiment of the present invention also provides a kind of network data transmission detection device.
Fig. 5 shows the network data transmission detection device provided in an embodiment of the present invention applied to Data Detection server 500 structural schematic diagram.Network data transmission detection device 500 applied to Data Detection server may include:
Data backup unit 510 obtains Backup Data for the data to be transmitted of primary server to be carried out data backup.
Data decoding unit 520, for being decoded to Backup Data, obtaining decoding data according to data decoding strategy.
Data detecting unit 530, for determining number to be transmitted in detection feature database based on decoding data and retrieval pointer According to risk class so that Relay Server based on data to be transmitted risk class control primary server network operation power Limit, primary server are based on network operation authority and data to be transmitted are sent to child servers, and the child servers are by number to be transmitted According to being sent to the network terminal.
In an embodiment of the present invention, may be used also applied to the network data transmission detection device 500 of Data Detection server To include:
Lab setting unit is detected, for detection feature database to be arranged, is specifically also used to based on following at least one setting detection Feature database: the incidence relation between default risk keyword and risk class is established;Abnormal traffic is set, the frequency and risk occurs Incidence relation between grade;It establishes by the incidence relation between the communication communication equipment quantity influenced and risk class.
In an embodiment of the present invention, data detecting unit 530 are also used to determine that decoding data causes business to be abnormal The frequency;It is determining with the associated risk class of the frequency in detection feature database using retrieval pointer, and using risk class as to Transmit the risk class of data;Or, determining the risk keyword of decoding data;It is determined in detection feature database using retrieval pointer With the associated risk class of risk keyword, and using risk class as the risk class of data to be transmitted;Or, determining in network The communication equipment quantity influenced by decoding data;It is closed using retrieval pointer is determining in detection feature database with communication equipment quantity The risk class of connection, and using risk class as the risk class of data to be transmitted.
Fig. 6 shows the network data transmission detection device 600 provided in an embodiment of the present invention applied to Relay Server Structural schematic diagram.Network data transmission detection device 600 applied to Relay Server may include:
Data receipt unit 610, for receiving the risk class of data to be transmitted.
Permission control unit 620 controls the network operation power of primary server for the risk class based on data to be transmitted Limit, so that primary server, which is based on network operation authority, is sent to child servers for data to be transmitted, child servers are by number to be transmitted According to being sent to the network terminal;Wherein, if the risk class of data to be transmitted is high risk, interrupt primary server and current network it Between communication connection.
In one embodiment of the invention, may be used also applied to the network data transmission detection device 600 of Relay Server To include:
Data transmission unit, for the risk class of data to be transmitted to be sent to primary server and the network terminal.
Fig. 7 shows the network data transmission detection device 700 provided in an embodiment of the present invention applied to primary server Structural schematic diagram.Network data transmission detection device 700 applied to primary server may include:
First data transmission unit 710, for data to be transmitted to be sent to Relay Server.
Address assembly unit 720 obtains the logical of child servers for the server identification code of child servers to collect Letter address obtains so that child servers collect the server identification code of the mailing address of child servers and child servers The mailing address of the network terminal.
Second data transmission unit 730 will be to be transmitted for the mailing address based on network operation authority and child servers Data are sent to child servers, so that data to be transmitted is sent to network end based on the mailing address of the network terminal by child servers End.
Fig. 8, which is shown, can be realized the calculating of network data transmission detection method according to an embodiment of the present invention and device and sets The structure chart of standby exemplary hardware architecture.
As shown in figure 8, calculating equipment 800 includes input equipment 801, input interface 802, central processing unit 803, memory 804, output interface 805 and output equipment 806.Wherein, input interface 802, central processing unit 803, memory 804 and Output interface 805 is connected with each other by bus 810, and input equipment 801 and output equipment 806 pass through 802 He of input interface respectively Output interface 805 is connect with bus 810, and then is connect with the other assemblies for calculating equipment 800.
Specifically, input equipment 801 is received from external input information, and will input information by input interface 802 It is transmitted to central processing unit 803;Central processing unit 803 is based on the computer executable instructions stored in memory 804 to input Information is handled to generate output information, and output information is temporarily or permanently stored in memory 804, is then passed through Output information is transmitted to output equipment 806 by output interface 805;Output information is output to and calculates equipment 800 by output equipment 806 Outside for users to use.
That is, calculating equipment shown in Fig. 8 can also be implemented network data transmission detection device, the network data Transmitting detection device may include: the memory for being stored with computer executable instructions;And processor, the processor are executing The network data transmission detection method for combining Fig. 1 to Fig. 7 to describe and device may be implemented when computer executable instructions.
The embodiment of the present invention also provides a kind of computer readable storage medium, is stored on the computer readable storage medium Computer program instructions;The computer program instructions realize that network data provided in an embodiment of the present invention passes when being executed by processor Defeated detection method.
It should be clear that the invention is not limited to specific configuration described above and shown in figure and processing. For brevity, it is omitted here the detailed description to known method.In the above-described embodiments, several tools have been described and illustrated The step of body, is as example.But method process of the invention is not limited to described and illustrated specific steps, this field Technical staff can be variously modified, modification and addition after understanding spirit of the invention, or suitable between changing the step Sequence.Functional block shown in structures described above block diagram can be implemented as hardware, software, firmware or their combination.When When realizing in hardware, electronic circuit, specific integrated circuit (ASIC), firmware appropriate, plug-in unit, function may, for example, be Card etc..When being realized with software mode, element of the invention is used to execute the program or code segment of required task.Journey Sequence perhaps code segment can store in machine readable media or the data-signal by being carried in carrier wave in transmission medium or Person's communication links are sent." machine readable media " may include any medium for capableing of storage or transmission information.It is machine readable The example of medium include electronic circuit, semiconductor memory devices, ROM, flash memory, erasable ROM (EROM), floppy disk, CD-ROM, CD, hard disk, fiber medium, radio frequency (RF) link, etc..Code segment can be via the calculating of internet, Intranet etc. Machine network is downloaded.
The present invention can realize in other specific forms, without departing from its spirit and essential characteristics.For example, particular implementation Algorithm described in example can be modified, and device architecture is without departing from essence spirit of the invention.Therefore, currently Embodiment be all counted as being exemplary rather than in all respects it is limited, the scope of the present invention by appended claims rather than Foregoing description definition, also, the meaning of claim and whole changes in the range of equivalent are fallen into all be included in Among the scope of the present invention.

Claims (12)

1. a kind of network data transmission detection method is applied to Data Detection server characterized by comprising
The data to be transmitted of primary server is subjected to data backup, obtains Backup Data;
According to data decoding strategy, the Backup Data is decoded, decoding data is obtained;
Based on the decoding data and retrieval pointer, the risk class of the data to be transmitted is determined in detection feature database, with Relay Server is set to control the network operation authority of the primary server, the master based on the risk class of the data to be transmitted Server is based on the network operation authority and data to be transmitted is sent to child servers, and the child servers will be described to be transmitted Data are sent to the network terminal.
2. network data transmission detection method according to claim 1, which is characterized in that further include:
The detection feature database is set;
Wherein, the step of setting detection feature database comprises at least one of the following:
Establish the incidence relation between default risk keyword and the risk class;
Incidence relation between the abnormal traffic generation frequency and the risk class is set;
It establishes by the incidence relation between the communication communication equipment quantity influenced and the risk class.
3. network data transmission detection method according to claim 1, which is characterized in that it is described based on the decoding data and Pointer is retrieved, the risk class of the data to be transmitted is determined in detection feature database, comprising:
Determine the frequency that the decoding data causes business to be abnormal;Using the retrieval pointer in the detection feature database The determining and associated risk class of the frequency, and using the risk class as the risk class of the data to be transmitted;
Or,
Determine the risk keyword of the decoding data;Using the retrieval pointer in the detection feature database determine with it is described The associated risk class of risk keyword, and using the risk class as the risk class of the data to be transmitted;
Or,
Determine the communication equipment quantity influenced in network by the decoding data;It is special in the detection using the retrieval pointer The determining and associated risk class of communication equipment quantity in library is levied, and using the risk class as the data to be transmitted Risk class.
4. a kind of network data transmission detection method is applied to Relay Server characterized by comprising
Receive the risk class of data to be transmitted;
Based on the risk class of the data to be transmitted, the network operation authority of primary server is controlled, so that the primary server Data to be transmitted is sent to child servers based on network operation authority, the data to be transmitted is sent to by the child servers The network terminal;
Wherein, it if the risk class of the data to be transmitted is high risk, interrupts between the primary server and current network Communication connection.
5. network data transmission detection method according to claim 4, which is characterized in that further include:
The risk class of the data to be transmitted is sent to the primary server and the network terminal.
6. a kind of network data transmission detection method is applied to primary server characterized by comprising
Data to be transmitted is sent to Relay Server;
The server identification code of child servers is collected, the mailing address of the child servers is obtained, so that the sub- clothes Business device collects the server identification code of the mailing address of the child servers and the child servers, obtains the network terminal Mailing address;
The data to be transmitted is sent to the sub-services by the mailing address based on network operation authority and the child servers Device, so that the data to be transmitted received is sent to institute by mailing address of the child servers based on the network terminal State the network terminal.
7. network data transmission detection method according to claim 6, which is characterized in that the server identification code includes: Hardware identification code and software identification code.
8. a kind of network data transmission detection device is applied to Data Detection server characterized by comprising
Data backup unit obtains Backup Data for the data to be transmitted of primary server to be carried out data backup;
Data decoding unit, for being decoded to the Backup Data, obtaining decoding data according to data decoding strategy;
Data detecting unit, for based on the decoding data and retrieval pointer, determination to be described to be transmitted in detection feature database The risk class of data, so that Relay Server controls the net of the primary server based on the risk class of the data to be transmitted Network operating right, the primary server are based on the network operation authority and data to be transmitted are sent to child servers, the son The data to be transmitted is sent to the network terminal by server.
9. a kind of network data transmission detection device is applied to Relay Server characterized by comprising
Data receipt unit, for receiving the risk class of data to be transmitted;
Permission control unit controls the network operation of the primary server for the risk class based on the data to be transmitted Permission, so that the primary server, which is based on network operation authority, is sent to child servers, the child servers for data to be transmitted The data to be transmitted is sent to the network terminal;
Wherein, it if the risk class of the data to be transmitted is high risk, interrupts between the primary server and current network Communication connection.
10. a kind of network data transmission detection device is applied to primary server characterized by comprising
First data transmission unit, for data to be transmitted to be sent to Relay Server;
Address assembly unit obtains the communication of the child servers for the server identification code of child servers to collect Address, so that the child servers carry out the server identification code of the mailing address of the child servers and the child servers Compilation, obtains the mailing address of the network terminal;
Second data transmission unit will be described for the mailing address based on the network operation authority and the child servers Data to be transmitted is sent to the child servers, so that mailing address of the child servers based on the network terminal will be described Data to be transmitted is sent to the network terminal.
11. a kind of network data transmission detection device, which is characterized in that the equipment includes: processor and is stored with calculating The memory of machine program instruction;
The processor realizes that network data passes as described in claim 1-3 any one when executing the computer program instructions Defeated detection method realizes the network data transmission detection method as described in claim 4-5 any one or realizes such as claim Network data transmission detection method described in 6-7 any one.
12. a kind of computer storage medium, which is characterized in that be stored with computer program in the computer storage medium and refer to It enables, the network data transmission as described in claim 1-3 any one is realized when the computer program instructions are executed by processor Detection method realizes the network data transmission detection method as described in claim 4-5 any one or realizes such as claim 6- Network data transmission detection method described in 7 any one.
CN201910457148.0A 2019-05-29 2019-05-29 Network data transmission detection method, device, equipment and medium Active CN110166473B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910457148.0A CN110166473B (en) 2019-05-29 2019-05-29 Network data transmission detection method, device, equipment and medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910457148.0A CN110166473B (en) 2019-05-29 2019-05-29 Network data transmission detection method, device, equipment and medium

Publications (2)

Publication Number Publication Date
CN110166473A true CN110166473A (en) 2019-08-23
CN110166473B CN110166473B (en) 2021-08-27

Family

ID=67629764

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910457148.0A Active CN110166473B (en) 2019-05-29 2019-05-29 Network data transmission detection method, device, equipment and medium

Country Status (1)

Country Link
CN (1) CN110166473B (en)

Citations (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1889427A (en) * 2006-06-02 2007-01-03 清华大学 Safety star-shape local network computer system
CN101448264A (en) * 2008-12-22 2009-06-03 杭州华三通信技术有限公司 Access control method and system of access subscribers
CN102810139A (en) * 2012-06-29 2012-12-05 宇龙计算机通信科技(深圳)有限公司 Secure data operation method and communication terminal
CN104618396A (en) * 2015-03-04 2015-05-13 浪潮集团有限公司 Trusted network access and access control system and method
CN105100048A (en) * 2015-05-26 2015-11-25 北京奇虎科技有限公司 WiFi network security identification method, server, client device and system
US20160182527A1 (en) * 2014-04-30 2016-06-23 Intuit Inc. Method and system for providing permissions management
US20160226919A1 (en) * 2012-12-20 2016-08-04 Bank Of America Corporation Facilitating Separation-of-Duties When Provisioning Access Rights in a Computing System
CN107315968A (en) * 2017-06-29 2017-11-03 国信优易数据有限公司 A kind of data processing method and equipment
CN107615292A (en) * 2015-11-06 2018-01-19 华为国际有限公司 For the system and method for the installation for managing the application package for needing excessive risk authority to access
CN108494797A (en) * 2018-04-16 2018-09-04 深信服科技股份有限公司 Data monitoring and managing method, system, equipment and storage medium based on virtualization technology
CN108520177A (en) * 2018-04-11 2018-09-11 厦门美图移动科技有限公司 Application software management method and device, mobile terminal and readable storage medium
CN108881219A (en) * 2018-06-14 2018-11-23 郑州云海信息技术有限公司 A kind of file permission management method and system based on forced symmetric centralization

Patent Citations (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1889427A (en) * 2006-06-02 2007-01-03 清华大学 Safety star-shape local network computer system
CN101448264A (en) * 2008-12-22 2009-06-03 杭州华三通信技术有限公司 Access control method and system of access subscribers
CN102810139A (en) * 2012-06-29 2012-12-05 宇龙计算机通信科技(深圳)有限公司 Secure data operation method and communication terminal
US20160226919A1 (en) * 2012-12-20 2016-08-04 Bank Of America Corporation Facilitating Separation-of-Duties When Provisioning Access Rights in a Computing System
US20160182527A1 (en) * 2014-04-30 2016-06-23 Intuit Inc. Method and system for providing permissions management
CN104618396A (en) * 2015-03-04 2015-05-13 浪潮集团有限公司 Trusted network access and access control system and method
CN105100048A (en) * 2015-05-26 2015-11-25 北京奇虎科技有限公司 WiFi network security identification method, server, client device and system
CN107615292A (en) * 2015-11-06 2018-01-19 华为国际有限公司 For the system and method for the installation for managing the application package for needing excessive risk authority to access
CN107315968A (en) * 2017-06-29 2017-11-03 国信优易数据有限公司 A kind of data processing method and equipment
CN108520177A (en) * 2018-04-11 2018-09-11 厦门美图移动科技有限公司 Application software management method and device, mobile terminal and readable storage medium
CN108494797A (en) * 2018-04-16 2018-09-04 深信服科技股份有限公司 Data monitoring and managing method, system, equipment and storage medium based on virtualization technology
CN108881219A (en) * 2018-06-14 2018-11-23 郑州云海信息技术有限公司 A kind of file permission management method and system based on forced symmetric centralization

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
王世轶、吴江、张辉: "渗透测试在网络安全等级保护测评中的应用", 《计算机应用与软件》 *

Also Published As

Publication number Publication date
CN110166473B (en) 2021-08-27

Similar Documents

Publication Publication Date Title
EP1573522A2 (en) Apparatus and method for converting local sensitive data in textual data based on locale of the recipient
CN109995555B (en) Monitoring method, device, equipment and medium
US8683027B2 (en) Utilization of uncertainty dependency relationships between items in a data stream
CN109376534B (en) Method and apparatus for detecting applications
CN111931047B (en) Artificial intelligence-based black product account detection method and related device
CN109344042B (en) Abnormal operation behavior identification method, device, equipment and medium
JP2019121358A (en) Logistics data transmitting system and method thereof
CN109815697A (en) Wrong report behavior processing method and processing device
CN111913824A (en) Method for determining data link fault reason and related equipment
CN111611097A (en) Fault detection method, device, equipment and storage medium
CN107562555A (en) The cleaning method and server of duplicate data
CN108804914A (en) A kind of method and device of anomaly data detection
CN111476579B (en) Authority control method, device, equipment and medium
CN110807104B (en) Method and device for determining abnormal information, storage medium and electronic device
CN110166473A (en) Network data transmission detection method, device, equipment and medium
CN109871294B (en) Method and device for checking data and processing request
CN114579416B (en) Index determination method, device, server and medium
US11734691B2 (en) Identifying sister nodes based on a context node
WO2022125625A1 (en) Detecting anomalies on a controller area network bus
CN110888811B (en) Code coverage rate information processing method and device, electronic equipment and medium
CN110489568B (en) Method and device for generating event graph, storage medium and electronic equipment
CN106302715A (en) A kind of file management method, Apparatus and system
CN113535067A (en) Data storage method, device, equipment and storage medium
CN111783804A (en) Abnormal call bill determining method, device, equipment and storage medium
CN110782238A (en) Abnormal resource transfer combination identification method, device, equipment and medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant