CN111131334A - Block chain-based network security early warning method and system - Google Patents
Block chain-based network security early warning method and system Download PDFInfo
- Publication number
- CN111131334A CN111131334A CN202010227212.9A CN202010227212A CN111131334A CN 111131334 A CN111131334 A CN 111131334A CN 202010227212 A CN202010227212 A CN 202010227212A CN 111131334 A CN111131334 A CN 111131334A
- Authority
- CN
- China
- Prior art keywords
- early warning
- network security
- network
- information
- warning information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/50—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using hash chains, e.g. blockchains or hash trees
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The application provides a network security early warning method and a system based on a block chain, wherein the method comprises the following steps: the node generating the network safety early warning information in the block chain network issues the network safety early warning information to an early warning evaluation expert system and initiates an early warning evaluation confirmation request to the early warning evaluation expert system; each node in the early warning assessment expert system respectively responds to the early warning assessment request, and the real effectiveness of the network safety early warning information is judged to obtain a judgment result; and under the condition that the number of the judgment results representing the real and effective network safety early warning information is larger than the set reliability number threshold value, the node generating the network safety early warning information encrypts the network safety early warning information and issues the encrypted network safety early warning information to the block chain. In the application, the false alarm rate and the missing alarm rate of the network security early warning can be reduced through the above modes, the reliability and authority of the network security early warning are improved, and meanwhile, the rapid and credible sharing capability of the early warning information is improved.
Description
Technical Field
The present application relates to the field of network security technologies, and in particular, to a block chain-based network security early warning method and system.
Background
With the rapid integration of the internet into the aspects of people's life, people rely on the internet more and more strongly, however, the network attack is endless, and the network security is seriously threatened.
The network security early warning can discover network malicious behaviors as early as possible, and is an effective support means for defending network attacks.
However, the fact that some organizations and individuals issue early warning at will is exaggerated, and even stir-frying is performed, so that the effectiveness and authority of the early warning are damaged, and the construction of a network security early warning system and ecology are extremely unfavorable. How to perform reliable network security early warning and perform trusted information sharing becomes a problem to be solved urgently.
Disclosure of Invention
In order to solve the above technical problems, embodiments of the present application provide a block chain-based network security early warning method and system, so as to achieve the purpose of improving reliability of network security early warning, and the technical scheme is as follows:
a network security early warning method based on a block chain comprises the following steps:
the method comprises the steps that nodes generating network safety early warning information in a block chain network issue the network safety early warning information to an early warning evaluation expert system, and initiate an early warning evaluation confirmation request to the early warning evaluation expert system, wherein the early warning evaluation expert system is composed of a plurality of nodes in the block chain network;
each node in the early warning assessment expert system respectively responds to the early warning assessment request, and the real effectiveness of the network safety early warning information is judged to obtain a judgment result;
and the node generating the network security early warning information receives the judgment results returned by each node in the early warning evaluation expert system, encrypts the network security early warning information under the condition that the number of the judgment results representing the real and effective network security early warning information is greater than a set reliability number threshold value, and issues the encrypted network security early warning information to a block chain.
Preferably, the method further comprises:
and issuing the decryption key of the encrypted network security early warning information to a target node in the block chain network so that the target node decrypts the encrypted network security early warning information by using the decryption key.
Preferably, the method further comprises:
and reporting the encrypted network security early warning information to a national network security early warning platform.
Preferably, the process of generating the network security early warning information includes:
acquiring network security data in a network system;
detecting threat information in the network security data by using a threat detection model established based on IOC information;
and generating network safety early warning information based on the threat information.
Preferably, the acquisition process of the IOC intelligence includes;
capturing network security information from a network security information data source;
converting the network security information into a text document with a uniform format;
screening out documents related to network security from the text documents in the unified format by using a text classification method;
IOC intelligence is extracted from the network security related document based on text analysis techniques.
A block chain based network security early warning system comprises: a blockchain network and a blockchain, the blockchain network comprising a plurality of nodes;
the node generating the network safety early warning information in the block chain network issues the network safety early warning information to an early warning evaluation expert system, and initiates an early warning evaluation confirmation request to the early warning evaluation expert system, wherein the early warning evaluation expert system consists of a plurality of nodes in the block chain network;
each node in the early warning assessment expert system respectively responds to the early warning assessment request, and the real effectiveness of the network safety early warning information is judged to obtain a judgment result;
and the node generating the network security early warning information receives the judgment results returned by each node in the early warning evaluation expert system, encrypts the network security early warning information under the condition that the number of the judgment results representing the real and effective network security early warning information is greater than a set reliability number threshold value, and issues the encrypted network security early warning information to a block chain.
Preferably, the node for generating network security early warning information is further configured to:
and issuing the decryption key of the encrypted network security early warning information to a target node in the block chain network so that the target node decrypts the encrypted network security early warning information by using the decryption key.
Preferably, the node for generating network security early warning information is further configured to:
and reporting the encrypted network security early warning information to a national network security early warning platform.
Preferably, the node generating the network security early warning information is specifically configured to:
acquiring network security data in a network system;
detecting threat information in the network security data by using a threat detection model established based on IOC information;
and generating network safety early warning information based on the threat information.
Preferably, the node generating the network security early warning information is specifically configured to:
capturing network security information from a network security information data source;
converting the network security information into a text document with a uniform format;
screening out documents related to network security from the text documents in the unified format by using a text classification method;
IOC intelligence is extracted from the network security related document based on text analysis techniques.
Compared with the prior art, the beneficial effect of this application is:
in the application, a node generating network safety early warning information in a block chain network issues the network safety early warning information to an early warning evaluation expert system and initiates an early warning evaluation confirmation request to the early warning evaluation expert system, each node in the early warning evaluation expert system respectively responds to the early warning evaluation request to judge the real effectiveness of the network safety early warning information to obtain a judgment result, multiple nodes in the block chain network identify the network safety early warning information, the false alarm rate of network safety early warning is reduced, and based on the characteristic that the block chain cannot be tampered, the network safety early warning information issued to the block chain can be guaranteed not to be tampered, and the credibility of the network safety early warning information is guaranteed. And based on the gathering and cooperative processing capacity of each node in the block chain network, the missing report rate of network security early warning can be reduced, and meanwhile, the credible sharing capacity of early warning information is improved. The reliability and authority of the network safety early warning are improved by reducing the false alarm rate and the missing report rate of the network safety early warning.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present application, the drawings needed to be used in the description of the embodiments are briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present application, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without inventive labor.
Fig. 1 is a flowchart of an embodiment 1 of a block chain-based network security early warning method provided in the present application;
fig. 2 is a flowchart of an embodiment 2 of a block chain-based network security early warning method provided in the present application;
fig. 3 is a flowchart of an embodiment 3 of a block chain-based network security early warning method provided in the present application;
fig. 4 is a schematic logical structure diagram of a network security early warning system based on a blockchain according to the present invention.
Detailed Description
The technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are only a part of the embodiments of the present application, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
The embodiment of the application discloses a network security early warning method based on a block chain, which comprises the following steps: the method comprises the steps that nodes generating network safety early warning information in a block chain network issue the network safety early warning information to an early warning evaluation expert system, and initiate an early warning evaluation confirmation request to the early warning evaluation expert system, wherein the early warning evaluation expert system is composed of a plurality of nodes in the block chain network; each node in the early warning assessment expert system respectively responds to the early warning assessment request, and the real effectiveness of the network safety early warning information is judged to obtain a judgment result; and the node for generating the network security early warning information receives the judgment results returned by each node in the early warning evaluation expert system, encrypts the network security early warning information under the condition that the number of the real and effective judgment results is larger than the set reliability number threshold value, and issues the encrypted network security early warning information to the block chain. In the application, the reliability of network security early warning can be improved.
Next, a block chain-based network security early warning method disclosed in an embodiment of the present application is introduced, and as shown in fig. 1, a flowchart of an embodiment 1 of a block chain-based network security early warning method provided in the present application may include the following steps:
when a certain node in the block chain network generates network safety early warning information, the generated network safety early warning information is issued to the early warning evaluation expert system, and an early warning evaluation confirmation request is initiated to the early warning evaluation expert system.
The number of nodes forming the early warning evaluation expert system in the block chain network can be set according to needs, and is not limited herein.
The network security pre-warning information may include, but is not limited to: and early warning description and suspicious system files, flow, logs and other information.
In this embodiment, the process of generating the network security early warning information may include:
s110, acquiring network security data in a network system;
network security data in a network system may include, but is not limited to: network files, network traffic, and network logs.
And S111, detecting threat information in the network security data by using a threat detection model established based on IOC information.
The threat information in the network security data may include: threat information of network files, threat information of network traffic, and threat information of weblogs.
In this embodiment, the process of obtaining the IOC intelligence may include:
s1110, capturing network security information from a network security information data source;
in this embodiment, the network security information data source may include, but is not limited to: the network attack tool develops company websites, network strong government departments websites, network security facilitator websites, network security related blogs and payment information sources.
Specifically, the network security information can be captured through a web crawler technology or a purchasing manner.
S1111, converting the network security information into a text document with a unified format;
the uniformly formatted text document may be, but is not limited to: text documents in txt format.
S1112, screening out documents related to network security from the text documents in the unified format by using a text classification method;
s1113, extracting ioc (indicators of compliance) intelligence from the network security-related document based on text analysis technology.
Text analysis techniques may include, but are not limited to: a canonical matching technique.
And S112, generating network safety early warning information based on the threat information.
Generating network security pre-warning information based on the threat information, which may include but is not limited to:
generating file alarm information based on the threat information of the network file;
generating flow alarm information based on the threat information of the network flow;
generating log alarm information based on threat information of the weblog;
and combining the file warning information, the flow warning information and the flow warning information to obtain network safety early warning information.
And step S12, each node in the early warning assessment expert system respectively responds to the early warning assessment request, and the real effectiveness of the network safety early warning information is judged to obtain a judgment result.
Each node in the early warning evaluation expert system respectively judges the real effectiveness of the network safety early warning information to obtain a judgment result, which can be understood as: and (3) detecting and analyzing the real and effective network safety early warning information by using a threat information library and a network threat detection and analysis tool or system of each resource bureau of each node in the early warning evaluation expert system, and taking the detection and analysis result as a judgment result.
And step S13, the node generating the network safety early warning information receives the judgment results returned by each node in the early warning evaluation expert system, encrypts the network safety early warning information under the condition that the number of the judgment results representing the real and effective network safety early warning information is greater than a set reliability number threshold value, and issues the encrypted network safety early warning information to a block chain.
After receiving the judgment results returned by each node in the early warning assessment expert system, the nodes generating the network safety early warning information respectively judge whether the judgment results returned by each node in the early warning assessment expert system represent that the network safety early warning information is real and effective, and under the condition that the number of the judgment results representing that the network safety early warning information is real and effective is larger than a set reliability number threshold value, the network safety early warning information is determined to be real and effective, and the real and effective of the network safety early warning information is ensured.
On the basis of ensuring the real effectiveness of the network safety early warning information, the network safety early warning information is encrypted, and the encrypted network safety early warning information is issued to a block chain.
And issuing the encrypted network security early warning information to the block chain, and ensuring that each node in the block chain network stores the encrypted network security early warning information. However, it should be noted that not every node in the blockchain network has access to the encrypted network security early warning information, but only an authorized node can access the encrypted network security early warning information.
The network safety early warning information is encrypted, and the encrypted network safety early warning information is issued to the block chain, so that the rights and interests of network safety early warning information issuers can be guaranteed.
In the application, a node generating network safety early warning information in a block chain network issues the network safety early warning information to an early warning evaluation expert system and initiates an early warning evaluation confirmation request to the early warning evaluation expert system, each node in the early warning evaluation expert system respectively responds to the early warning evaluation request to judge the real effectiveness of the network safety early warning information to obtain a judgment result, multiple nodes in the block chain network identify the network safety early warning information, the false alarm rate of network safety early warning is reduced, and based on the characteristic that the block chain cannot be tampered, the network safety early warning information issued to the block chain can be guaranteed not to be tampered, and the credibility of the network safety early warning information is guaranteed. And based on the gathering and cooperative processing capacity of each node in the block chain network, the missing report rate of network security early warning can be reduced, and meanwhile, the credible sharing capacity of early warning information is improved. The reliability and authority of the network safety early warning are improved by reducing the false alarm rate and the missing report rate of the network safety early warning.
As another optional embodiment of the present application, referring to fig. 2, a schematic flow diagram of an embodiment 2 of a block chain-based network security early warning method provided by the present application is provided, where this embodiment mainly relates to an extension scheme of the block chain-based network security early warning method described in the foregoing embodiment 1, and as shown in fig. 2, the method may include, but is not limited to, the following steps:
step S21, the node generating the network safety early warning information in the block chain network issues the network safety early warning information to an early warning evaluation expert system, and sends an early warning evaluation confirmation request to the early warning evaluation expert system, wherein the early warning evaluation expert system is composed of a plurality of nodes in the block chain network.
And step S22, each node in the early warning assessment expert system respectively responds to the early warning assessment request, and the real effectiveness of the network safety early warning information is judged to obtain a judgment result.
And step S23, the node generating the network safety early warning information receives the judgment results returned by each node in the early warning evaluation expert system, encrypts the network safety early warning information under the condition that the number of the judgment results representing the real and effective network safety early warning information is greater than a set reliability number threshold value, and issues the encrypted network safety early warning information to a block chain.
The detailed procedures of steps S21-S23 can be found in the related descriptions of steps S11-S13 in embodiment 1, and are not repeated herein.
Step S24, the node generating the network security warning information issues the decryption key of the encrypted network security warning information to a target node in the blockchain network, so that the target node decrypts the encrypted network security warning information by using the decryption key.
As another optional embodiment of the present application, referring to fig. 3, a schematic flow diagram of embodiment 3 of a block chain-based network security early warning method provided by the present application is provided, where this embodiment mainly relates to an extension scheme of the block chain-based network security early warning method described in the foregoing embodiment 1, and as shown in fig. 3, the method may include, but is not limited to, the following steps:
step S31, the node generating the network safety early warning information in the block chain network issues the network safety early warning information to an early warning evaluation expert system, and sends an early warning evaluation confirmation request to the early warning evaluation expert system, wherein the early warning evaluation expert system is composed of a plurality of nodes in the block chain network.
And step S32, each node in the early warning assessment expert system respectively responds to the early warning assessment request, and the real effectiveness of the network safety early warning information is judged to obtain a judgment result.
And step S33, the node generating the network safety early warning information receives the judgment results returned by each node in the early warning evaluation expert system, encrypts the network safety early warning information under the condition that the number of the judgment results representing the real and effective network safety early warning information is greater than a set reliability number threshold value, and issues the encrypted network safety early warning information to a block chain.
The detailed procedures of steps S31-S33 can be found in the related descriptions of steps S11-S13 in embodiment 1, and are not repeated herein.
And step S34, the node generating the network security early warning information reports the encrypted network security early warning information to a national network security early warning platform.
And the encrypted network security early warning information is reported to a national network security early warning platform, which is beneficial to improving the national network security early warning capability.
Next, the block chain based network security early warning system provided by the present application is introduced, and the block chain based network security early warning system introduced below and the block chain based management security early warning method received above may be referred to correspondingly.
Referring to fig. 4, the network security early warning system based on the block chain includes: a blockchain network and a blockchain, the blockchain network comprising a plurality of nodes.
The node generating the network safety early warning information in the block chain network issues the network safety early warning information to an early warning evaluation expert system, and initiates an early warning evaluation confirmation request to the early warning evaluation expert system, wherein the early warning evaluation expert system consists of a plurality of nodes in the block chain network;
each node in the early warning assessment expert system respectively responds to the early warning assessment request, and the real effectiveness of the network safety early warning information is judged to obtain a judgment result;
and the node generating the network security early warning information receives the judgment results returned by each node in the early warning evaluation expert system, encrypts the network security early warning information under the condition that the number of the judgment results representing the real and effective network security early warning information is greater than a set reliability number threshold value, and issues the encrypted network security early warning information to a block chain.
In this embodiment, the node that generates the network security early warning information may be further configured to:
and issuing the decryption key of the encrypted network security early warning information to a target node in the block chain network so that the target node decrypts the encrypted network security early warning information by using the decryption key.
In this embodiment, the node that generates the network security early warning information may be further configured to:
and reporting the encrypted network security early warning information to a national network security early warning platform.
The node for generating the network security early warning information may be specifically configured to:
acquiring network security data in a network system;
detecting threat information in the network security data by using a threat detection model established based on IOC information;
and generating network safety early warning information based on the threat information.
The node generating the network security early warning information may be specifically configured to:
capturing network security information from a network security information data source;
converting the network security information into a text document with a uniform format;
screening out documents related to network security from the text documents in the unified format by using a text classification method;
IOC intelligence is extracted from the network security related document based on text analysis techniques.
It should be noted that each embodiment is mainly described as a difference from the other embodiments, and the same and similar parts between the embodiments may be referred to each other. For the device-like embodiment, since it is basically similar to the method embodiment, the description is simple, and for the relevant points, reference may be made to the partial description of the method embodiment.
Finally, it should also be noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.
For convenience of description, the above devices are described as being divided into various units by function, and are described separately. Of course, the functionality of the units may be implemented in one or more software and/or hardware when implementing the present application.
From the above description of the embodiments, it is clear to those skilled in the art that the present application can be implemented by software plus necessary general hardware platform. Based on such understanding, the technical solutions of the present application may be essentially or partially implemented in the form of a software product, which may be stored in a storage medium, such as a ROM/RAM, a magnetic disk, an optical disk, etc., and includes several instructions for enabling a computer device (which may be a personal computer, a server, or a network device, etc.) to execute the method according to the embodiments or some parts of the embodiments of the present application.
The block chain-based network security early warning method and system provided by the application are introduced in detail, a specific example is applied in the method to explain the principle and the implementation of the application, and the description of the embodiment is only used for helping to understand the method and the core idea of the application; meanwhile, for a person skilled in the art, according to the idea of the present application, there may be variations in the specific embodiments and the application scope, and in summary, the content of the present specification should not be construed as a limitation to the present application.
Claims (10)
1. A network security early warning method based on a block chain is characterized by comprising the following steps:
the node generating network safety early warning information in a block chain network issues the network safety early warning information to an early warning evaluation expert system and initiates an early warning evaluation confirmation request to the early warning evaluation expert system, the block chain network comprises a plurality of nodes, each node in the block chain network stores a block chain respectively, and the early warning evaluation expert system consists of a plurality of nodes in the block chain network;
each node in the early warning assessment expert system respectively responds to the early warning assessment confirmation request, and the real effectiveness of the network safety early warning information is judged to obtain a judgment result;
and the node generating the network security early warning information receives the judgment results returned by each node in the early warning evaluation expert system, encrypts the network security early warning information under the condition that the number of the judgment results representing the real and effective network security early warning information is greater than a set reliability number threshold value, and issues the encrypted network security early warning information to a block chain.
2. The method of claim 1, further comprising:
and issuing the decryption key of the encrypted network security early warning information to a target node in the block chain network so that the target node decrypts the encrypted network security early warning information by using the decryption key.
3. The method of claim 1, further comprising:
and reporting the encrypted network security early warning information to a national network security early warning platform.
4. The method of claim 1, wherein the generating of the network security pre-warning information comprises:
acquiring network security data in a network system;
detecting threat information in the network security data by using a threat detection model established based on IOC information;
and generating network safety early warning information based on the threat information.
5. The method of claim 4, wherein the IOC intelligence acquisition process comprises;
capturing network security information from a network security information data source;
converting the network security information into a text document with a uniform format;
screening out documents related to network security from the text documents in the unified format by using a text classification method;
IOC intelligence is extracted from the network security related document based on text analysis techniques.
6. A network security early warning system based on a block chain is characterized by comprising: the block chain network comprises a plurality of nodes, and each node in the block chain network stores a block chain respectively;
the node generating the network safety early warning information in the block chain network issues the network safety early warning information to an early warning evaluation expert system, and initiates an early warning evaluation confirmation request to the early warning evaluation expert system, wherein the early warning evaluation expert system consists of a plurality of nodes in the block chain network;
each node in the early warning assessment expert system respectively responds to the early warning assessment confirmation request, and the real effectiveness of the network safety early warning information is judged to obtain a judgment result;
and the node generating the network security early warning information receives the judgment results returned by each node in the early warning evaluation expert system, encrypts the network security early warning information under the condition that the number of the judgment results representing the real and effective network security early warning information is greater than a set reliability number threshold value, and issues the encrypted network security early warning information to a block chain.
7. The system of claim 6, wherein the node that generates network security pre-warning information is further configured to:
and issuing the decryption key of the encrypted network security early warning information to a target node in the block chain network so that the target node decrypts the encrypted network security early warning information by using the decryption key.
8. The system of claim 6, wherein the node that generates network security pre-warning information is further configured to:
and reporting the encrypted network security early warning information to a national network security early warning platform.
9. The system of claim 6, wherein the node that generates the network security pre-warning information is specifically configured to:
acquiring network security data in a network system;
detecting threat information in the network security data by using a threat detection model established based on IOC information;
and generating network safety early warning information based on the threat information.
10. The system of claim 9, wherein the node that generates the network security pre-warning information is specifically configured to:
capturing network security information from a network security information data source;
converting the network security information into a text document with a uniform format;
screening out documents related to network security from the text documents in the unified format by using a text classification method;
IOC intelligence is extracted from the network security related document based on text analysis techniques.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010227212.9A CN111131334A (en) | 2020-03-27 | 2020-03-27 | Block chain-based network security early warning method and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010227212.9A CN111131334A (en) | 2020-03-27 | 2020-03-27 | Block chain-based network security early warning method and system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN111131334A true CN111131334A (en) | 2020-05-08 |
Family
ID=70493963
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010227212.9A Pending CN111131334A (en) | 2020-03-27 | 2020-03-27 | Block chain-based network security early warning method and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111131334A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112153047A (en) * | 2020-09-24 | 2020-12-29 | 国网区块链科技(北京)有限公司 | Block chain-based network security operation and maintenance and defense method and system |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106445711A (en) * | 2016-08-28 | 2017-02-22 | 杭州云象网络技术有限公司 | Byzantine-fault-tolerant consensus method applied to block chain |
| CN108122165A (en) * | 2017-12-15 | 2018-06-05 | 北京中电普华信息技术有限公司 | A kind of block chain common recognition method and system |
| CN108965247A (en) * | 2018-06-04 | 2018-12-07 | 上海交通大学 | A kind of threat information exchange shared system and method based on block chain |
| CN110120936A (en) * | 2019-02-23 | 2019-08-13 | 西安电子科技大学 | Distributed network attack detecting and security measurement system and method based on block chain |
-
2020
- 2020-03-27 CN CN202010227212.9A patent/CN111131334A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106445711A (en) * | 2016-08-28 | 2017-02-22 | 杭州云象网络技术有限公司 | Byzantine-fault-tolerant consensus method applied to block chain |
| CN108122165A (en) * | 2017-12-15 | 2018-06-05 | 北京中电普华信息技术有限公司 | A kind of block chain common recognition method and system |
| CN108965247A (en) * | 2018-06-04 | 2018-12-07 | 上海交通大学 | A kind of threat information exchange shared system and method based on block chain |
| CN110120936A (en) * | 2019-02-23 | 2019-08-13 | 西安电子科技大学 | Distributed network attack detecting and security measurement system and method based on block chain |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112153047A (en) * | 2020-09-24 | 2020-12-29 | 国网区块链科技(北京)有限公司 | Block chain-based network security operation and maintenance and defense method and system |
| CN112153047B (en) * | 2020-09-24 | 2021-05-18 | 国网区块链科技(北京)有限公司 | Block chain-based network security operation and maintenance and defense method and system |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CA3041871A1 (en) | System and method for monitoring security attack chains | |
| CN107819771A (en) | A kind of Information Security Risk Assessment Methods and system based on assets dependence | |
| CN115996146B (en) | Numerical control system security situation sensing and analyzing system, method, equipment and terminal | |
| US10645100B1 (en) | Systems and methods for attacker temporal behavior fingerprinting and grouping with spectrum interpretation and deep learning | |
| Alkawaz et al. | Detecting phishing website using machine learning | |
| CN112787992A (en) | Method, device, equipment and medium for detecting and protecting sensitive data | |
| CN103441982A (en) | Intrusion alarm analyzing method based on relative entropy | |
| KR101692982B1 (en) | Automatic access control system of detecting threat using log analysis and automatic feature learning | |
| Mishra et al. | Process mining in intrusion detection-the need of current digital world | |
| CN111131334A (en) | Block chain-based network security early warning method and system | |
| Agrawal et al. | A SURVEY ON ATTACKS AND APPROACHES OF INTRUSION DETECTION SYSTEMS. | |
| CN116720194A (en) | Method and system for evaluating data security risk | |
| Ficco et al. | A weight-based symptom correlation approach to SQL injection attacks | |
| CN114124453B (en) | Processing method and device of network security information, electronic equipment and storage medium | |
| Lu et al. | One intrusion detection method based on uniformed conditional dynamic mutual information | |
| CN116346433A (en) | Method and system for detecting network security situation of power system | |
| Al-Sanjary et al. | Challenges on digital cyber-security and network forensics: a survey | |
| Azmi Bin Mustafa Sulaiman et al. | SIEM Network Behaviour Monitoring Framework using Deep Learning Approach for Campus Network Infrastructure | |
| CN115640581A (en) | Data security risk assessment method, device, medium and electronic equipment | |
| Banerjee et al. | An integrated approach for botnet detection and prediction using honeynet and socialnet data | |
| Hakkoymaz | Classifying database users for intrusion prediction and detection in data security | |
| Al-Saedi et al. | Research Proposal: an Intrusion Detection System Alert Reduction and Assessment Framework based on Data Mining. | |
| Chen et al. | Attack intent analysis method based on attack path graph | |
| Kovačević et al. | Light-weight synthesis of security logs for evaluation of anomaly detection and security related experiments | |
| Prabu et al. | An Automated Intrusion Detection and Prevention Model for Enhanced Network Security and Threat Assessment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20200508 |
|
| RJ01 | Rejection of invention patent application after publication |