CN110233858A - The methods of risk assessment and system of smart machine based on cloud prestige library - Google Patents

The methods of risk assessment and system of smart machine based on cloud prestige library Download PDF

Info

Publication number
CN110233858A
CN110233858A CN201910584877.2A CN201910584877A CN110233858A CN 110233858 A CN110233858 A CN 110233858A CN 201910584877 A CN201910584877 A CN 201910584877A CN 110233858 A CN110233858 A CN 110233858A
Authority
CN
China
Prior art keywords
address
log
message
mac address
smart machine
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201910584877.2A
Other languages
Chinese (zh)
Inventor
文有庆
龚致
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Sichuan Changhong Electric Co Ltd
Original Assignee
Sichuan Changhong Electric Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Sichuan Changhong Electric Co Ltd filed Critical Sichuan Changhong Electric Co Ltd
Priority to CN201910584877.2A priority Critical patent/CN110233858A/en
Publication of CN110233858A publication Critical patent/CN110233858A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1425Traffic logging, e.g. anomaly detection

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Power Engineering (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The present invention relates to technical field of network security, the present invention is directed to go out the methods of risk assessment and system of a kind of smart machine based on cloud prestige library, to improve the safety of cloud server, it the described method comprises the following steps: obtaining the log-on message of each smart machine in preset time period, the log-on message includes at least the MAC Address and network ip address of smart machine;MAC Address prestige library and IP address prestige library is respectively created according to log-on message;Risk assessment is carried out according to the smart machine that MAC Address prestige library and IP address prestige library opposite direction cloud server initiate service request, and corresponding operating is executed according to the result of risk assessment.According to the daily behavior data of smart machine, create cloud prestige library, and risk assessment is carried out according to the smart machine that cloud prestige library opposite direction cloud server issues service request, and then the strategy that cloud server responds its service request is adjusted according to risk evaluation result, improve the safety of cloud server.

Description

The methods of risk assessment and system of smart machine based on cloud prestige library
Technical field
The present invention relates to technical field of network security, relates in particular to a kind of methods of risk assessment of smart machine and be System.
Background technique
With the rapid development of Internet of Things, national development enters the Intelligent internet of things epoch, various physical environments such as family, Enterprise's office, plant produced, traffic administration, aviation hall, hospital hall etc., internet of things equipment is nearly ubiquitous, Internet of Things Net equipment is also more and more.
Data interaction is mainly carried out by cloud server between internet of things equipment, but in the prior art, cloud clothes Business device is difficult to carry out risk assessment to internet of things equipment, can not carry out corresponding defensive measure for its risk, high when existing When the internet of things equipment and cloud server of risk carry out data interaction, it may cause cloud server and attacked, Jin Erzao At huge economic loss.
Summary of the invention
The present invention is directed to propose a kind of methods of risk assessment and system of the smart machine based on cloud prestige library, to improve The safety of cloud server.
The technical proposal adopted by the invention to solve the above technical problems is that: the wind of the smart machine based on cloud prestige library Dangerous appraisal procedure, comprising the following steps:
Step 1. obtains the log-on message of each smart machine in preset time period, and the log-on message includes at least intelligence and sets Network ip address when standby MAC Address and smart machine log in;
MAC Address prestige library and IP address prestige library, the MAC Address is respectively created according to the log-on message in step 2. Prestige library includes the quantity of the corresponding all MAC Address of at least one network ip address and each MAC Address in log-on message, institute Stating IP address prestige library includes the corresponding all-network IP address of at least one MAC Address and each network IP in log-on message The quantity of location;
Step 3. initiates service request according to MAC Address prestige library and IP address prestige library opposite direction cloud server Smart machine carries out risk assessment, and executes corresponding operating according to the result of risk assessment.
It further, is the accuracy for improving risk assessment, the log-on message further include: the on-line time of smart machine And online hours;
Before the step 2 further include: carried out to the corresponding on-line time of the MAC Address of each smart machine and online hours Statistics obtains the corresponding common on-line time of MAC Address and common online hours;
MAC Address prestige library further include: the corresponding common on-line time of at least one MAC Address in log-on message And common online hours.
It further, is the validity for guaranteeing log-on message, the risk of the smart machine based on cloud prestige library is commented Estimate method further include: regular log-on message is updated.
Further, described according to MAC Address prestige library and IP in step 3 to realize risk assessment to smart machine The smart machine that address prestige library opposite direction cloud server initiates service request carries out risk assessment
The log-on message that the smart machine of service request is initiated to cloud server is obtained, if the network in the log-on message IP address is not present in IP address prestige library, then is judged as that high risk operates;
If the network ip address in the log-on message exists in IP address prestige library, but in the log-on message The corresponding common on-line time of MAC Address, MAC Address and common online hours are not present in MAC Address prestige library, then It is judged as that low-risk operates;
If the network ip address in the log-on message exists in IP address prestige library, the MAC in the log-on message There is also then sentence in MAC Address prestige library for address, the corresponding common on-line time of MAC Address and common online hours Break as safety operation.
It further, is the service strategy adjustment for realizing cloud server, it is described that phase is executed according to the result of risk assessment It should operate and include:
When being judged as high risk operation, cloud server refuses its service request;When being judged as low-risk operation, only Refuse its service request when server load is higher beyond the clouds;When being judged as safety operation, its corresponding service of cloud server Request, and the quantity according to the network ip address of the log-on message in network ip address prestige library, beyond the clouds server load Limitation responds the frequency of its service request when higher.
The present invention also proposes a kind of risk evaluating system of smart machine based on cloud prestige library, comprising:
Acquiring unit, for obtaining the log-on message of each smart machine in preset time period, the log-on message is at least wrapped The network ip address when MAC Address and smart machine for including smart machine log in;
Creating unit, it is described for MAC Address prestige library and IP address prestige library to be respectively created according to the log-on message MAC Address prestige library includes the corresponding all MAC Address of at least one network ip address and each MAC Address in log-on message Quantity, IP address prestige library include the corresponding all-network IP address of at least one MAC Address in log-on message and each The quantity of network ip address;
Assessment unit, for initiating clothes according to MAC Address prestige library and IP address prestige library opposite direction cloud server The smart machine of business request carries out risk assessment, and executes corresponding operating according to the result of risk assessment.
Further, the log-on message further include: the on-line time and online hours of smart machine;
The acquiring unit is also used to: being carried out to the corresponding on-line time of the MAC Address of each smart machine and online hours Statistics obtains the corresponding common on-line time of MAC Address and common online hours;
MAC Address prestige library further include: the corresponding common on-line time of at least one MAC Address in log-on message And common online hours.
Further, the risk evaluating system of the smart machine based on cloud prestige library further include: updating unit is used Log-on message is updated in periodically.
Further, the assessment unit is also used to: being obtained to the smart machine of cloud server initiation service request Log-on message is judged as high risk if the network ip address in the log-on message is not present in IP address prestige library Operation;
If the network ip address in the log-on message exists in IP address prestige library, but in the log-on message The corresponding common on-line time of MAC Address, MAC Address and common online hours are not present in MAC Address prestige library, then It is judged as that low-risk operates;
If the network ip address in the log-on message exists in IP address prestige library, the MAC in the log-on message There is also then sentence in MAC Address prestige library for address, the corresponding common on-line time of MAC Address and common online hours Break as safety operation.
Further, described to include: according to the result of risk assessment execution corresponding operating
When being judged as high risk operation, cloud server refuses its service request;When being judged as low-risk operation, only Refuse its service request when server load is higher beyond the clouds;When being judged as safety operation, its corresponding service of cloud server Request, and the quantity according to the network ip address of the log-on message in network ip address prestige library, beyond the clouds server load Limitation responds the frequency of its service request when higher.
The beneficial effects of the present invention are: the methods of risk assessment of the smart machine of the present invention based on cloud prestige library And system creates cloud prestige library according to the daily behavior data of smart machine, and according to cloud prestige library opposite direction cloud service The smart machine that device issues service request carries out risk assessment, and then adjusts cloud server according to risk evaluation result and respond it The strategy of service request improves the safety of cloud server in this way, reducing a possibility that cloud server is attacked.
Detailed description of the invention
Fig. 1 is that the process of the methods of risk assessment of the smart machine based on cloud prestige library described in the embodiment of the present invention is shown It is intended to;
Fig. 2 is that the structure of the methods of risk assessment of the smart machine based on cloud prestige library described in the embodiment of the present invention is shown It is intended to.
Specific embodiment
Embodiments of the present invention are described in detail below in conjunction with attached drawing.
The methods of risk assessment of smart machine of the present invention based on cloud prestige library, comprising the following steps: step 1. obtaining the log-on message of each smart machine in preset time period, the log-on message includes at least the MAC Address of smart machine And network ip address when smart machine login;MAC Address prestige library and IP is respectively created according to the log-on message in step 2. Address prestige library, MAC Address prestige library include corresponding all MAC of at least one network ip address in log-on message The quantity of location and each MAC Address, the IP address prestige library include that at least one MAC Address in log-on message is corresponding all The quantity of network ip address and each network ip address;Step 3. is opposite according to MAC Address prestige library and IP address prestige library The smart machine that cloud server initiates service request carries out risk assessment, and executes corresponding behaviour according to the result of risk assessment Make.
Firstly, recording the log-on message for obtaining all smart machines for logging in cloud server according to log in history, wherein Network ip address when the unique identification i.e. MAC Address and smart machine that log-on message includes smart machine log in, primary During historical log, corresponding log-on message then contains a MAC Address and its a corresponding network ip address, such as This obtains all MAC Address and network ip address in all log-on messages, wherein identical MAC Address or network ip address meeting It is repeatedly recorded, when acquisition also can repeatedly obtain according to number of repetition;Then cloud prestige is created according to the log-on message of acquisition Library, including MAC Address prestige library and IP address prestige library, wherein MAC Address prestige library contains all in log-on message The quantity of MAC Address and each MAC Address, IP address prestige library contain all-network IP address and each network IP in log-on message The quantity of address;Finally, first carrying out risk after smart machine initiates service request to cloud server to the smart machine and commenting Estimate, and corresponding operating is executed according to the result of risk assessment, such as responds or refuse the service request of smart machine.
Embodiment
The methods of risk assessment of smart machine based on cloud prestige library described in the embodiment of the present invention, as shown in Figure 1, packet Include following steps:
Step S1. obtains the log-on message of each smart machine in preset time period, and the log-on message includes at least intelligence The network ip address when MAC Address and smart machine of equipment log in;
Specifically, can by deployment information capture program to smart machine, such as device power-up, networking, shutdown or Data are carried out when person's online hours are more than 1 day to report, and also may be selected to report daily once, collection capacity is small, avoids resource consumption; After being acquired to the logon data of smart machine, judge whether every logon data is in preset time period respectively, and creates A rootlet heap is built for storing the log-on message in preset time period, if so, this logon data is generated corresponding format Log-on message be added rootlet heap in, obtain the log-on message of each smart machine in preset time period.Wherein, preset time period root It is arranged according to actual conditions, such as the last 30 days.
Optionally, can by periodically by log-on message quick indexing in a manner of search stale data, for example, finding rootlet It is not belonging to the log-on message of the last 30 days in heap and it is deleted, correspondingly, the statistical information to log-on message also carries out Again statistical updating realizes the update to log-on message.
Optionally, the log-on message further include: the on-line time and online hours of smart machine;
Before the step S2 further include: to the corresponding on-line time of the MAC Address of each smart machine and online hours into Row statistics, obtains the corresponding common on-line time of MAC Address and common online hours;
MAC Address prestige library further include: the corresponding common on-line time of at least one MAC Address in log-on message And common online hours.
It is appreciated that during carrying out log-on message acquisition, can also on-line time to smart machine and Line duration is acquired and is counted, and then obtains the corresponding common on-line time of MAC Address and common online hours, and will It is added in MAC Address prestige library.
MAC Address prestige library and IP address prestige library is respectively created according to the log-on message in step S2., the MAC Location prestige library includes the quantity of the corresponding all MAC Address of at least one network ip address and each MAC Address in log-on message, IP address prestige library includes the corresponding all-network IP address of at least one MAC Address and each network IP in log-on message The quantity of address;
It is appreciated that counting log-on message after the log-on message for obtaining each smart machine, obtain including logging in The MAC Address prestige library of the quantity of the corresponding all MAC Address of at least one network ip address and each MAC Address in information with And the IP of the quantity including the corresponding all-network IP address of at least one MAC Address and each network ip address in log-on message Address prestige library, wherein the quantity of the corresponding MAC Address of a network ip address can indicate common under the network ip address Smart machine, the corresponding network ip address of a MAC Address can indicate the common network of the corresponding smart machine of the MAC Address IP address.When in log-on message including the on-line time and online hours of smart machine, MAC Address prestige library further includes The corresponding common on-line time of MAC Address and common online hours.
Step S3. initiates service request according to MAC Address prestige library and IP address prestige library opposite direction cloud server Smart machine carry out risk assessment, and according to the result of risk assessment execute corresponding operating.
It is appreciated that saving behind creation MAC Address prestige library and IP address prestige library to cloud server, set when intelligently It is standby initiate service request to cloud server after, according to the MAC Address prestige library and IP address prestige library to the smart machine into Row risk assessment, is specifically as follows: the log-on message that the smart machine of service request is initiated to cloud server is obtained, if this is stepped on Network ip address in record information is not present in IP address prestige library, then is judged as that high risk operates;Specifically, It does not include the network IP in the log-on message for initiate the smart machine of service request to cloud server in IP address prestige library Location may then be attacked for Replay Attack, DDos, at this point, cloud server can refuse its service request, avoid cloud server It is attacked.
If the network ip address in the log-on message exists in IP address prestige library, but in the log-on message The corresponding common on-line time of MAC Address, MAC Address and common online hours are not present in MAC Address prestige library, then It is judged as that low-risk operates;Specifically, network ip address is in IP when smart machine initiates service request to cloud server Prestige inventory exists, but its MAC Address is not present in MAC prestige library, then it represents that may be added for new smart machine, in new intelligence When energy equipment is added, the interior security protection of cloud server needs to carry out safety monitoring to it, but server exists beyond the clouds When loading higher, the detection to it may be ignored, therefore, its service can be refused when server load is higher beyond the clouds at this time Request.
If the network ip address in the log-on message exists in IP address prestige library, the MAC in the log-on message There is also then sentence in MAC Address prestige library for address, the corresponding common on-line time of MAC Address and common online hours Break as safety operation.Specifically, network ip address is in IP prestige when smart machine initiates service request to cloud server Inventory exists, while its MAC Address is safety operation there is also, then it represents that the operation in MAC prestige library, and cloud server can at this time To respond its service request, in addition, when including the corresponding common on-line time of MAC Address in MAC Address prestige library and being commonly used in When line duration, it can also be judged according to the on-line time for the smart machine for sending service request to cloud server and online hours Whether matched with common on-line time and common online hours, only when MAC Address is not present in MAC prestige library, and it is online When time and online hours are matched with common on-line time and common online hours, just determine to meet wanting for MAC Address prestige library It asks.
Optionally, when being judged as safety operation, can server beyond the clouds load it is higher when according to the log-on message Network ip address in network ip address prestige library quantity limitation respond its service request frequency.Specifically, working as intelligence When energy equipment initiates service request to cloud server, the MAC Address and network ip address in log-on message are in corresponding cloud The number of quantity in the prestige library of end corresponding network ip address when indicating the historical log number of the smart machine and logging in, If MAC Address quantity in MAC Address prestige library is larger or network ip address quantity in IP address prestige library is larger, Limiting by a small margin when loading higher for server the frequency that its service is imposed can be responded beyond the clouds, conversely, then can be beyond the clouds Significantly limitation responds the frequency that its service is imposed when the load of server is higher.
Based on the above-mentioned technical proposal, the embodiment of the present invention also proposes a kind of risk of smart machine based on cloud prestige library Assessment system, as shown in Figure 2, comprising:
Acquiring unit, for obtaining the log-on message of each smart machine in preset time period, the log-on message is at least wrapped The network ip address when MAC Address and smart machine for including smart machine log in;
Creating unit, it is described for MAC Address prestige library and IP address prestige library to be respectively created according to the log-on message MAC Address prestige library includes the corresponding all MAC Address of at least one network ip address and each MAC Address in log-on message Quantity, IP address prestige library include the corresponding all-network IP address of at least one MAC Address in log-on message and each The quantity of network ip address;
Assessment unit, for initiating clothes according to MAC Address prestige library and IP address prestige library opposite direction cloud server The smart machine of business request carries out risk assessment, and executes corresponding operating according to the result of risk assessment.
Optionally, the log-on message further include: the on-line time and online hours of smart machine;
The acquiring unit is also used to: being carried out to the corresponding on-line time of the MAC Address of each smart machine and online hours Statistics obtains the corresponding common on-line time of MAC Address and common online hours;
MAC Address prestige library further include: the corresponding common on-line time of at least one MAC Address in log-on message And common online hours.
Optionally, the risk evaluating system of the smart machine based on cloud prestige library further include: updating unit is used for Periodically log-on message is updated.
Optionally, the assessment unit is also used to: obtaining stepping on to the smart machine of cloud server initiation service request Information is recorded, if the network ip address in the log-on message is not present in IP address prestige library, is judged as that high risk is grasped Make;
If the network ip address in the log-on message exists in IP address prestige library, but in the log-on message The corresponding common on-line time of MAC Address, MAC Address and common online hours are not present in MAC Address prestige library, then It is judged as that low-risk operates;
If the network ip address in the log-on message exists in IP address prestige library, the MAC in the log-on message There is also then sentence in MAC Address prestige library for address, the corresponding common on-line time of MAC Address and common online hours Break as safety operation.
Optionally, described to include: according to the result of risk assessment execution corresponding operating
When being judged as high risk operation, cloud server refuses its service request;When being judged as low-risk operation, only Refuse its service request when server load is higher beyond the clouds;When being judged as safety operation, its corresponding service of cloud server Request, and the quantity according to the network ip address of the log-on message in network ip address prestige library, beyond the clouds server load Limitation responds the frequency of its service request when higher.
It is appreciated that the risk evaluating system of the smart machine based on cloud prestige library as described in the embodiment of the present invention It is for realizing the system of the methods of risk assessment of the smart machine based on cloud prestige library, for being disclosed in embodiment For system, since it is corresponded to the methods disclosed in the examples, so description is relatively simple, referring to the portion of method in place of correlation It defends oneself bright.Since the methods of risk assessment of the above-mentioned smart machine based on cloud prestige library can be improved cloud server Safety, therefore, the system for realizing the methods of risk assessment of the above-mentioned smart machine based on cloud prestige library equally can be improved The safety of cloud server.

Claims (10)

1. the methods of risk assessment of the smart machine based on cloud prestige library, which comprises the following steps:
Step 1. obtains the log-on message of each smart machine in preset time period, and the log-on message includes at least smart machine Network ip address when MAC Address and smart machine log in;
MAC Address prestige library and IP address prestige library, the MAC Address prestige is respectively created according to the log-on message in step 2. Library includes the quantity of the corresponding all MAC Address of at least one network ip address and each MAC Address in log-on message, the IP Address prestige library includes the corresponding all-network IP address of at least one MAC Address and each network ip address in log-on message Quantity;
Step 3. initiates the intelligence of service request according to MAC Address prestige library and IP address prestige library opposite direction cloud server Equipment carries out risk assessment, and executes corresponding operating according to the result of risk assessment.
2. the methods of risk assessment of the smart machine as described in claim 1 based on cloud prestige library, which is characterized in that described Log-on message further include: the on-line time and online hours of smart machine;
Before the step 2 further include: unite to the corresponding on-line time of the MAC Address of each smart machine and online hours Meter obtains the corresponding common on-line time of MAC Address and common online hours;
MAC Address prestige library further include: the corresponding common on-line time of at least one MAC Address in log-on message and often Use online hours.
3. the methods of risk assessment of the smart machine as described in claim 1 based on cloud prestige library, which is characterized in that also wrap Include: regular log-on message is updated.
4. the methods of risk assessment of the smart machine as described in any one of claims 1 to 3 based on cloud prestige library, feature It is, it is described that service request is initiated according to MAC Address prestige library and IP address prestige library opposite direction cloud server in step 3 Smart machine carries out risk assessment
The log-on message that the smart machine of service request is initiated to cloud server is obtained, if the network IP in the log-on message Location is not present in IP address prestige library, then is judged as that high risk operates;
If the network ip address in the log-on message exists in IP address prestige library, but the MAC in the log-on message Address, the corresponding common on-line time of MAC Address and common online hours are not present in MAC Address prestige library, then sentence Break as low-risk operation;
If the network ip address in the log-on message exists in IP address prestige library, MAC Address in the log-on message, There is also be then judged as peace in MAC Address prestige library for the corresponding common on-line time of MAC Address and common online hours Full operation.
5. the methods of risk assessment of the smart machine as claimed in claim 4 based on cloud prestige library, which is characterized in that described Executing corresponding operating according to the result of risk assessment includes:
When being judged as high risk operation, cloud server refuses its service request;When being judged as low-risk operation, only in cloud End server load refuses its service request when higher;When being judged as safety operation, its corresponding service request of cloud server, And the quantity according to the network ip address of the log-on message in network ip address prestige library, when server load is higher beyond the clouds Limitation responds the frequency of its service request.
6. the risk evaluating system of the smart machine based on cloud prestige library characterized by comprising
Acquiring unit, for obtaining the log-on message of each smart machine in preset time period, the log-on message includes at least intelligence The network ip address when MAC Address and smart machine of energy equipment log in;
Creating unit, for MAC Address prestige library and IP address prestige library, the MAC to be respectively created according to the log-on message Address prestige library includes the number of the corresponding all MAC Address of at least one network ip address and each MAC Address in log-on message Amount, IP address prestige library includes the corresponding all-network IP address of at least one MAC Address and each net in log-on message The quantity of network IP address;
Assessment unit is asked for initiating service according to MAC Address prestige library and IP address prestige library opposite direction cloud server The smart machine asked carries out risk assessment, and executes corresponding operating according to the result of risk assessment.
7. the risk evaluating system of the smart machine as claimed in claim 6 based on cloud prestige library, which is characterized in that described Log-on message further include: the on-line time and online hours of smart machine;
The acquiring unit is also used to: the corresponding on-line time of the MAC Address of each smart machine and online hours counted, Obtain the corresponding common on-line time of MAC Address and common online hours;
MAC Address prestige library further include: the corresponding common on-line time of at least one MAC Address in log-on message and often Use online hours.
8. the risk evaluating system of the smart machine as claimed in claim 6 based on cloud prestige library, which is characterized in that also wrap It includes: updating unit, for being periodically updated to log-on message.
9. such as the risk evaluating system of the described in any item smart machines based on cloud prestige library of claim 6 to 8, feature It is, the assessment unit is also used to:
The log-on message that the smart machine of service request is initiated to cloud server is obtained, if the network IP in the log-on message Location is not present in IP address prestige library, then is judged as that high risk operates;
If the network ip address in the log-on message exists in IP address prestige library, but the MAC in the log-on message Address, the corresponding common on-line time of MAC Address and common online hours are not present in MAC Address prestige library, then sentence Break as low-risk operation;
If the network ip address in the log-on message exists in IP address prestige library, MAC Address in the log-on message, There is also be then judged as peace in MAC Address prestige library for the corresponding common on-line time of MAC Address and common online hours Full operation.
10. the risk evaluating system of the smart machine as claimed in claim 9 based on cloud prestige library, which is characterized in that institute It states and includes: according to the result of risk assessment execution corresponding operating
When being judged as high risk operation, cloud server refuses its service request;When being judged as low-risk operation, only in cloud End server load refuses its service request when higher;When being judged as safety operation, its corresponding service request of cloud server, And the quantity according to the network ip address of the log-on message in network ip address prestige library, when server load is higher beyond the clouds Limitation responds the frequency of its service request.
CN201910584877.2A 2019-07-01 2019-07-01 The methods of risk assessment and system of smart machine based on cloud prestige library Pending CN110233858A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910584877.2A CN110233858A (en) 2019-07-01 2019-07-01 The methods of risk assessment and system of smart machine based on cloud prestige library

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910584877.2A CN110233858A (en) 2019-07-01 2019-07-01 The methods of risk assessment and system of smart machine based on cloud prestige library

Publications (1)

Publication Number Publication Date
CN110233858A true CN110233858A (en) 2019-09-13

Family

ID=67856650

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910584877.2A Pending CN110233858A (en) 2019-07-01 2019-07-01 The methods of risk assessment and system of smart machine based on cloud prestige library

Country Status (1)

Country Link
CN (1) CN110233858A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113992358A (en) * 2021-09-29 2022-01-28 杭州迪普科技股份有限公司 Method and device for distributing network security policy

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8533821B2 (en) * 2007-05-25 2013-09-10 International Business Machines Corporation Detecting and defending against man-in-the-middle attacks
CN103731413A (en) * 2013-11-18 2014-04-16 广州多益网络科技有限公司 Abnormal login handling method
CN106254153A (en) * 2016-09-19 2016-12-21 腾讯科技(深圳)有限公司 A kind of Network Abnormal monitoring method and apparatus
CN106453321A (en) * 2016-10-18 2017-02-22 郑州云海信息技术有限公司 Authentication server, system and method, and to-be-authenticated terminal
CN106789868A (en) * 2016-09-05 2017-05-31 中国人民财产保险股份有限公司 A kind of website user's Activity recognition and managing and control system
CN106992994A (en) * 2017-05-24 2017-07-28 腾讯科技(深圳)有限公司 A kind of automatically-monitored method and system of cloud service
CN109218318A (en) * 2018-09-25 2019-01-15 北京镇远网安科技有限公司 A kind of things-internet gateway login detecting method based on equipment knowledge
CN109831465A (en) * 2019-04-12 2019-05-31 重庆天蓬网络有限公司 A kind of invasion detection method based on big data log analysis

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8533821B2 (en) * 2007-05-25 2013-09-10 International Business Machines Corporation Detecting and defending against man-in-the-middle attacks
CN103731413A (en) * 2013-11-18 2014-04-16 广州多益网络科技有限公司 Abnormal login handling method
CN106789868A (en) * 2016-09-05 2017-05-31 中国人民财产保险股份有限公司 A kind of website user's Activity recognition and managing and control system
CN106254153A (en) * 2016-09-19 2016-12-21 腾讯科技(深圳)有限公司 A kind of Network Abnormal monitoring method and apparatus
CN106453321A (en) * 2016-10-18 2017-02-22 郑州云海信息技术有限公司 Authentication server, system and method, and to-be-authenticated terminal
CN106992994A (en) * 2017-05-24 2017-07-28 腾讯科技(深圳)有限公司 A kind of automatically-monitored method and system of cloud service
CN109218318A (en) * 2018-09-25 2019-01-15 北京镇远网安科技有限公司 A kind of things-internet gateway login detecting method based on equipment knowledge
CN109831465A (en) * 2019-04-12 2019-05-31 重庆天蓬网络有限公司 A kind of invasion detection method based on big data log analysis

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113992358A (en) * 2021-09-29 2022-01-28 杭州迪普科技股份有限公司 Method and device for distributing network security policy
CN113992358B (en) * 2021-09-29 2023-07-07 杭州迪普科技股份有限公司 Distribution method and device of network security policy

Similar Documents

Publication Publication Date Title
CN108769064A (en) Realize the distributed asset identification and change cognitive method and system that loophole is administered
KR100748246B1 (en) Multi-step integrated security monitoring system and method using intrusion detection system log collection engine and traffic statistic generation engine
CN108494747B (en) Digital substation flow abnormity detection method, electronic equipment and computer storage medium
CN108092847B (en) A kind of electric power LTE wireless terminal remote on-line monitoring method
CN109005528A (en) A kind of bluetooth mesh gateway data polymerization report method
CN103281366A (en) Embedded agency monitoring device and method supporting real-time operating state acquiring
CN102882701B (en) A kind of electrical network core business data intelligent monitoring warning system and method
CN107995377A (en) Customer service management method, electronic device and computer-readable recording medium
CN106443166B (en) A kind of kilowatt meter reading-out system based on platform of internet of things
CN107463839A (en) A kind of system and method for managing application program
CN107168853A (en) A kind of server performance information acquisition method, system and substrate control manager
CN109462580A (en) Training flow detection model, the method and device for detecting service traffics exception
CN106447242B (en) Electricity consumption service handling time limit management method and device
CN110233858A (en) The methods of risk assessment and system of smart machine based on cloud prestige library
KR20130020862A (en) Apparatus and method for anomaly detection in scada network using self-similarity
CN110523083A (en) Processing method, device and the server device of log-in events
CN208046653U (en) A kind of electric power monitoring system network security monitoring main website plateform system
CN108510162B (en) Safety efficiency evaluation method for active power distribution network
CN108712365B (en) DDoS attack event detection method and system based on flow log
CN106708417A (en) Cache data management method and apparatus
CN105139122A (en) Program operation time duration statistics method and system
CN106790439B (en) Intelligent management and control system and method for aquatic product sampling and drug residue detection
CN106254375B (en) A kind of recognition methods of hotspot equipment and device
CN108809955A (en) A kind of power consumer behavior depth analysis method based on hidden Markov model
CN112799921A (en) Multi-device and multi-network environment operation and maintenance monitoring method and device and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20190913

RJ01 Rejection of invention patent application after publication