CN112769823A - Information management-based secure network auditing method and system - Google Patents
Information management-based secure network auditing method and system Download PDFInfo
- Publication number
- CN112769823A CN112769823A CN202110018474.9A CN202110018474A CN112769823A CN 112769823 A CN112769823 A CN 112769823A CN 202110018474 A CN202110018474 A CN 202110018474A CN 112769823 A CN112769823 A CN 112769823A
- Authority
- CN
- China
- Prior art keywords
- user
- information management
- access
- secure network
- auditing
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 42
- 238000012550 audit Methods 0.000 claims abstract description 37
- 238000007726 management method Methods 0.000 claims abstract description 34
- 238000012544 monitoring process Methods 0.000 claims abstract description 13
- 230000006399 behavior Effects 0.000 claims description 50
- 230000015654 memory Effects 0.000 claims description 38
- 238000012545 processing Methods 0.000 claims description 12
- 230000002159 abnormal effect Effects 0.000 claims description 6
- 230000008713 feedback mechanism Effects 0.000 claims description 6
- 230000005856 abnormality Effects 0.000 claims description 3
- 230000009471 action Effects 0.000 claims description 3
- 238000013500 data storage Methods 0.000 claims description 3
- 230000000694 effects Effects 0.000 claims description 3
- 238000012216 screening Methods 0.000 claims description 3
- 230000003542 behavioural effect Effects 0.000 claims 1
- 238000012423 maintenance Methods 0.000 abstract description 13
- 238000004891 communication Methods 0.000 description 8
- 238000011161 development Methods 0.000 description 3
- 230000018109 developmental process Effects 0.000 description 3
- 238000010586 diagram Methods 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000003066 decision tree Methods 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 230000002950 deficient Effects 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000001514 detection method Methods 0.000 description 1
- 238000005065 mining Methods 0.000 description 1
- 238000003058 natural language processing Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000002093 peripheral effect Effects 0.000 description 1
- 230000008569 process Effects 0.000 description 1
- 238000012552 review Methods 0.000 description 1
- 230000011218 segmentation Effects 0.000 description 1
- 239000007787 solid Substances 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
Landscapes
- Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a secure network auditing method and system based on information management, wherein the method comprises the following steps: setting an auditing range according to the interesting semantics of the user; performing identity authentication on a user; after the identity authentication is passed, limiting and examining an audit range according to the access authority of the user; monitoring and analyzing the behavior data which is requested to be accessed by the user according to the limited and examined audit range; and judging the legality of the behavior data which is requested to be accessed by the user, alarming the illegal behavior and terminating the access. The method and the system provided by the invention improve the safety and reliability of authentication, protect the safety of user resources to the maximum extent, facilitate the maintenance of resources by operation and maintenance personnel, reduce repeated work and improve the operation and maintenance efficiency.
Description
Technical Field
The invention relates to the technical field of information security, in particular to a secure network auditing method and system based on information management.
Background
In network auditing activities, security and reliability issues have become very important issues. Because of the limitations of the computer and the hackers attacking the network website, tampering and destroying the audit data and even the whole system, the operator suffers huge loss, and meanwhile, the network audit requires that the auditor not only has to fully know the computer hardware, software and processing system of the audit system, but also has enough knowledge for the electronic data processing required by the audit program, and the auditor not only needs to understand the network knowledge and master the audit theory, but also needs to be familiar with the development, design, maintenance and the like of the network audit software; the talents are very deficient, so that network audit is difficult to implement widely, development of network audit is greatly hindered, and audit software is an effective tool for auditors to carry out specific audit work, so that development of network audit in China is greatly hindered, and the problems of low safety, low reliability and low operation and maintenance efficiency of an audit network exist.
Disclosure of Invention
Therefore, the method and the system for auditing the secure network based on information management overcome the defects of low safety and reliability and low operation and maintenance efficiency of an auditing network in the prior art.
In order to achieve the purpose, the invention provides the following technical scheme:
in a first aspect, an embodiment of the present invention provides a secure network auditing method based on information management, including:
setting an auditing range according to the interesting semantics of the user;
performing identity authentication on a user;
after the identity authentication is passed, limiting and examining an audit range according to the access authority of the user;
monitoring and analyzing the behavior data which is requested to be accessed by the user according to the limited and examined audit range;
and judging the legality of the behavior data which is requested to be accessed by the user, alarming the illegal behavior and terminating the access.
In one embodiment, setting the audit range according to the semantics interested by the user comprises:
segmenting the keyword sentences interested by the user into independent words, removing words with preset parts of speech to obtain the words of the keywords interested by the user, carrying out range limitation and synonymous replacement according to the words of the keywords interested by the user, and setting the auditing range interested by the user.
In one embodiment, the method for authenticating the user includes: authentication code means and history authentication means.
In one embodiment, when the user passes the identity authentication, the audit range is limited and checked according to the access authority of the user, and the method comprises the following steps:
the content of the user account passing the identity authentication is graded, the content of the user account of different grades is stored in different databases, and the user account without the relative application of the database grade cannot retrieve or look up the data in the corresponding database grade.
In one embodiment, the behavior data that the user requests to access includes: the path, habits of the user requesting access and intrusion into sensitive content.
In one embodiment, the illegal action includes: attempt to access a higher level database, log on to a sensitive entry, and copy sensitive text.
In one embodiment, the step of alarming for illegal activities and terminating access further comprises: auditing illegal behaviors, synchronously forming structured data and user data storage, forming a user access map according to behavior characteristics of a user, using the user access map as a reference standard for next behavior examination, and triggering an alarm or feedback mechanism if the user access map deviates from the reference standard greatly; the feedback mechanism is used for processing the warning information in the warning list by an administrator, screening out whether the abnormality given by the information management system needs to be corrected, and if the sent warning is considered to be false, changing the operation label in the history record from 'abnormal' to 'normal'.
In a second aspect, an embodiment of the present invention provides a secure network auditing system based on information management, including:
the user audit range determining module is used for setting an audit range according to the interesting semantics of the user;
the identity authentication module is used for authenticating the identity of the user;
the limited examination module is used for limiting and examining the audit range according to the access authority of the user after the identity authentication is passed;
the monitoring and analyzing module is used for monitoring and analyzing the behavior data which is requested to be accessed by the user according to the limited and examined auditing range;
and the judging module is used for judging the legality of the behavior data which is requested to be accessed by the user, alarming the illegal behavior and terminating the access.
In a third aspect, an embodiment of the present invention provides a terminal, including: at least one processor, and a memory communicatively coupled to the at least one processor, wherein the memory stores instructions executable by the at least one processor, the instructions being executable by the at least one processor to cause the at least one processor to perform the information management-based secure network auditing method of the first aspect of the embodiments of the present invention.
In a fourth aspect, an embodiment of the present invention provides a computer-readable storage medium, where computer instructions are stored, and the computer instructions are configured to cause the computer to execute the information management-based secure network auditing method according to the first aspect of the present invention.
The technical scheme of the invention has the following advantages:
the invention provides a secure network auditing method and system based on information management, comprising the following steps: setting an auditing range according to the interesting semantics of the user; performing identity authentication on a user; after the identity authentication is passed, limiting and examining an audit range according to the access authority of the user; monitoring and analyzing the behavior data which is requested to be accessed by the user according to the limited and examined audit range; and judging the legality of the behavior data which is requested to be accessed by the user, alarming the illegal behavior and terminating the access. The information management security network auditing method and the information management security network auditing system improve the safety and the reliability of authentication, protect the safety of user resources to the maximum extent, facilitate the maintenance of the resources by operation and maintenance personnel, reduce repeated work and improve the operation and maintenance efficiency.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, and it is obvious that the drawings in the following description are some embodiments of the present invention, and other drawings can be obtained by those skilled in the art without creative efforts.
Fig. 1 is a flowchart of a specific example of a secure network auditing method based on information management according to an embodiment of the present invention;
FIG. 2 is a block diagram of a secure network audit system based on information management according to an embodiment of the present invention;
fig. 3 is a composition diagram of a specific example of a terminal according to an embodiment of the present invention.
Detailed Description
The technical solutions of the present invention will be described clearly and completely with reference to the accompanying drawings, and it should be understood that the described embodiments are some, but not all embodiments of the present invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
In addition, the technical features involved in the different embodiments of the present invention described below may be combined with each other as long as they do not conflict with each other.
Example 1
An information management-based secure network auditing method provided by the embodiment of the invention, as shown in fig. 1, includes the following steps:
step S1: and setting an auditing range according to the interesting semantics of the user.
In the embodiment of the invention, the keyword sentence which is interested by the user is divided into the independent words, the words with preset parts of speech are removed to obtain the words of the keyword which is interested by the user, the range limitation and the synonymous replacement are carried out according to the words of the keyword which is interested by the user, and the audit range which is interested by the user is set.
In the embodiment of the present invention, segmenting the keyword sentence in which the user is interested into separate words includes: cutting the key words and sentences interested by the user into independent words, matching the words and sentences by taking sentences as units, requiring that the identical sentences can be matched with each other, only searching the key words which can be logically matched with the key words and sentences interested by the user without complete matching on the sentences in the application, cutting the key words and sentences into independent words, extracting core words in the sentences, obtaining required key information, matching the key words and sentences by best selection, judging the intention and content searched by the user, and showing the content meeting the requirements of the user, wherein in English texts, spaces are used as Natural delimiters among the words, Chinese characters, sentences and paragraphs are only used for dividing the boundaries briefly by obvious delimiters, so that the Chinese sentences can be divided by using an algorithm, and the Natural Language processing tool kit (NLTK) is required for dividing the words and the English, the NLTK includes a graphical presentation and example data that explains the language processing tasks supported by the toolkit; the jieba library is used in Chinese and is a third-party tool library of python for word segmentation in Chinese.
In the embodiment of the present invention, after segmenting the keyword sentence in which the user is interested into separate words, words with preset parts of speech need to be removed, where the preset parts of speech refer to words that appear frequently in the conversation but have little practical meaning and do not play a role in searching information, such as: the terms "in", "and", "next", and the like, are merely examples, but not limited to these, and in practical applications, corresponding parts of speech are selected for processing, and such terms frequently appear in keyword sentences that are of interest to users, which may reduce search efficiency. The method comprises the steps of obtaining the vocabulary of the keywords interested by the user, carrying out range limitation and synonymous replacement according to the vocabulary of the keywords interested by the user, and setting the auditing range interested by the user so as to achieve the aim of more precision and filter the review information.
Step S2: and authenticating the identity of the user.
In the embodiment of the present invention, the method for authenticating the identity of the user includes: the authentication code method and the history authentication method are only examples, but not limited to these, and the corresponding identity authentication method is selected according to actual requirements in practical applications.
Step S3: and after the identity authentication is passed, limiting and examining the auditing range according to the access authority of the user.
In the embodiment of the invention, when the user passes the identity authentication, the audit range is limited and examined according to the access authority of the user, and the method comprises the following steps: grading the contents of the user accounts passing the identity authentication, storing the contents of the user accounts of different grades in different databases, and not searching or looking up the data in the corresponding database grade without the user account of the relative application of the database grade; or different data may have different tags and persons who do not have the application to this data level may not be able to retrieve or refer to the corresponding data.
Step S4: and monitoring and analyzing the behavior data which is requested to be accessed by the user according to the limited and examined auditing range.
In this embodiment of the present invention, the behavior data that the user requests to access includes: the path and habit of the user requesting access and the intrusion to the sensitive content; by way of example only, and not by way of limitation, in practical applications, corresponding settings are performed according to actual requirements.
Step S5: and judging the legality of the behavior data which is requested to be accessed by the user, alarming the illegal behavior and terminating the access.
In the embodiment of the present invention, the step of alarming the illegal action and terminating the access further includes: auditing illegal behaviors, synchronously forming structured data and user data storage, forming a user access map according to behavior characteristics of a user, using the user access map as a reference standard for next behavior examination, and triggering an alarm or feedback mechanism if the user access map deviates from the reference standard greatly; the feedback mechanism is used for processing the warning information in the warning list by an administrator, screening out whether the abnormity given by the information management system needs to be corrected, if the sent warning is considered to be false alarm, the system changes the label of the operation in the history record from abnormal to normal, perfects and updates the database, and after the user behavior database is established, the associated database can be updated regularly, so that the data in the database can be ensured to be more accurate.
In the embodiment of the invention, the warning information comprises fields such as user names, operation time, executed statements and the like; the present invention is not limited to the above examples, and the selection is performed according to actual requirements in practical applications.
In a specific embodiment, the validity judgment of the behavior data requested to be accessed by the user is performed by a user behavior anomaly detection algorithm based on decision tree prediction: establishing a user behavior criterion which is predefined standard data and is matched with the user level; analyzing and processing audit data to be detected, and extracting a database to be accessed; matching a user behavior rule generated by a user operation statement to be detected with a rule in a user normal behavior rule base; if the generated behavior rule matches the normal behavior rule, the operation statement is a normal behavior; if the normal behavior rule of the user cannot be matched, if the access frequency to a certain entry exceeds 5 times or a copy operation is performed, the operation behavior is abnormal, which is only taken as an example and not limited to the example, and the corresponding frequency is set according to the actual requirement in the actual application; processing abnormal operation, and for the user behavior record with unsuccessful matching, the system will send out an alarm and write the alarm information into an alarm table, wherein the alarm information comprises fields of user name, operation time, executed statement and the like; the administrator processes the alarm information in the alarm table, discriminates whether the abnormality given by the system needs to be corrected, and if the sent alarm is considered to be a false alarm, the system changes the label of the operation in the history record from 'abnormal' to 'normal'. If the matching is unsuccessful, the rule base is perfected and updated, and after the rule base is established by rule mining, the association rule base is regularly updated, so that the rules in the rule base can be more accurate.
The safe network auditing method based on information management provided by the embodiment of the invention sets the auditing range according to the interesting semantics of the user; performing identity authentication on a user; after the identity authentication is passed, limiting and examining an audit range according to the access authority of the user; monitoring and analyzing the behavior data which is requested to be accessed by the user according to the limited and examined audit range; the legality judgment is carried out on the behavior data which the user requests to access, the illegal behavior is alarmed and the access is stopped, so that the safety and the reliability of authentication are improved, the safety of user resources is protected to the maximum extent, meanwhile, the resources are conveniently maintained by operation and maintenance personnel, the repeated work is reduced, and the operation and maintenance efficiency is improved.
Example 2
An embodiment of the present invention provides a secure network auditing system based on information management, as shown in fig. 2, including:
the user audit range determining module 1 is used for setting an audit range according to the interesting semantics of a user; this module executes the method described in step S1 in embodiment 1, and is not described herein again.
The identity authentication module 2 is used for carrying out identity authentication on the user; this module executes the method described in step S2 in embodiment 1, and is not described herein again.
The limited examination module 3 is used for limiting and examining the audit range according to the access authority of the user after the identity authentication is passed; this module executes the method described in step S3 in embodiment 1, and is not described herein again.
The monitoring and analyzing module 4 is used for monitoring and analyzing the behavior data which is requested to be accessed by the user according to the limited and examined auditing range; this module executes the method described in step S4 in embodiment 1, and is not described herein again.
The judging module 5 is used for judging the legality of the behavior data which the user requests to access, alarming the illegal behavior and stopping the access; this module executes the method described in step S5 in embodiment 1, and is not described herein again.
The embodiment of the invention provides a safety network auditing system based on information management, which sets an auditing range according to the interested semantics of a user; performing identity authentication on a user; after the identity authentication is passed, limiting and examining an audit range according to the access authority of the user; monitoring and analyzing the behavior data which is requested to be accessed by the user according to the limited and examined audit range; the legality judgment is carried out on the behavior data which the user requests to access, the illegal behavior is alarmed and the access is stopped, so that the safety and the reliability of authentication are improved, the safety of user resources is protected to the maximum extent, meanwhile, the resources are conveniently maintained by operation and maintenance personnel, the repeated work is reduced, and the operation and maintenance efficiency is improved.
Example 3
An embodiment of the present invention provides a terminal, as shown in fig. 3, including: at least one processor 401, such as a CPU (Central Processing Unit), at least one communication interface 403, memory 404, and at least one communication bus 402. Wherein a communication bus 402 is used to enable connective communication between these components. The communication interface 403 may include a Display (Display) and a Keyboard (Keyboard), and the optional communication interface 403 may also include a standard wired interface and a standard wireless interface. The Memory 404 may be a high-speed RAM Memory (Random Access Memory) or a non-volatile Memory (non-volatile Memory), such as at least one disk Memory. The memory 404 may optionally be at least one memory device located remotely from the processor 401. Wherein the processor 401 may execute the secure network auditing method based on information management in embodiment 1. A set of program codes is stored in the memory 404, and the processor 401 calls the program codes stored in the memory 404 for executing the secure network auditing method based on information management in embodiment 1. The communication bus 402 may be a Peripheral Component Interconnect (PCI) bus or an Extended Industry Standard Architecture (EISA) bus. The communication bus 402 may be divided into an address bus, a data bus, a control bus, and the like. For ease of illustration, only one line is shown in FIG. 3, but this does not represent only one bus or one type of bus. The memory 404 may include a volatile memory (RAM), such as a random-access memory (RAM); the memory may also include a non-volatile memory (english: non-volatile memory), such as a flash memory (english: flash memory), a hard disk (english: hard disk drive, abbreviated: HDD) or a solid-state drive (english: SSD); the memory 404 may also comprise a combination of memories of the kind described above. The processor 401 may be a Central Processing Unit (CPU), a Network Processor (NP), or a combination of a CPU and an NP.
The memory 404 may include a volatile memory (RAM), such as a random-access memory (RAM); the memory may also include a non-volatile memory (english: non-volatile memory), such as a flash memory (english: flash memory), a hard disk (english: hard disk drive, abbreviated: HDD) or a solid-state drive (english: SSD); the memory 404 may also comprise a combination of memories of the kind described above.
The processor 401 may be a Central Processing Unit (CPU), a Network Processor (NP), or a combination of a CPU and an NP.
The processor 401 may further include a hardware chip. The hardware chip may be an application-specific integrated circuit (ASIC), a Programmable Logic Device (PLD), or a combination thereof. The PLD may be a Complex Programmable Logic Device (CPLD), a field-programmable gate array (FPGA), a General Array Logic (GAL), or any combination thereof.
Optionally, the memory 404 is also used to store program instructions. The processor 401 may invoke program instructions to implement the secure network auditing method based on information management as in embodiment 1 of the present application.
An embodiment of the present invention further provides a computer-readable storage medium, where computer-executable instructions are stored on the computer-readable storage medium, and the computer-executable instructions may execute the information management-based secure network auditing method in embodiment 1. The storage medium may be a magnetic Disk, an optical Disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a Flash Memory (Flash Memory), a Hard Disk (Hard Disk Drive, abbreviated as HDD), a Solid State Drive (SSD), or the like; the storage medium may also comprise a combination of memories of the kind described above.
It should be understood that the above examples are only for clarity of illustration and are not intended to limit the embodiments. Other variations and modifications will be apparent to persons skilled in the art in light of the above description. And are neither required nor exhaustive of all embodiments. And obvious variations or modifications of the invention may be made without departing from the spirit or scope of the invention.
Claims (10)
1. A secure network auditing method based on information management is characterized by comprising the following steps:
setting an auditing range according to the interesting semantics of the user;
performing identity authentication on a user;
after the identity authentication is passed, limiting and examining an audit range according to the access authority of the user;
monitoring and analyzing the behavior data which is requested to be accessed by the user according to the limited and examined audit range;
and judging the legality of the behavior data which is requested to be accessed by the user, alarming the illegal behavior and terminating the access.
2. The information management-based secure network auditing method of claim 1 where setting the auditing range according to the semantics of interest to the user comprises:
segmenting the keyword sentences interested by the user into independent words, removing words with preset parts of speech to obtain the words of the keywords interested by the user, carrying out range limitation and synonymous replacement according to the words of the keywords interested by the user, and setting the auditing range interested by the user.
3. The information management-based secure network auditing method of claim 1 where authenticating the user comprises: authentication code means and history authentication means.
4. The information management-based secure network auditing method according to claim 3, characterized in that when the user passes identity authentication, the auditing range is limited and checked according to the access authority of the user, including:
the content of the user account passing the identity authentication is graded, the content of the user account of different grades is stored in different databases, and the user account without the relative application of the database grade cannot retrieve or look up the data in the corresponding database grade.
5. The information management-based secure network auditing method of claim 1 where the user requests access to behavioral data comprising: the path, habits of the user requesting access and intrusion into sensitive content.
6. The information management-based secure network auditing method of claim 1 where the illegal action comprises: attempt to access a higher level database, log on to a sensitive entry, and copy sensitive text.
7. The information management-based secure network auditing method of claim 6 where the step of alerting of illegal activities and terminating access further comprises: auditing illegal behaviors, synchronously forming structured data and user data storage, forming a user access map according to behavior characteristics of a user, using the user access map as a reference standard for next behavior examination, and triggering an alarm or feedback mechanism if the user access map deviates from the reference standard greatly; the feedback mechanism is used for processing the warning information in the warning list by an administrator, screening out whether the abnormality given by the information management system needs to be corrected, and if the sent warning is considered to be false, changing the operation label in the history record from 'abnormal' to 'normal'.
8. A secure network audit system based on information management, comprising:
the user audit range determining module is used for setting an audit range according to the interesting semantics of the user;
the identity authentication module is used for authenticating the identity of the user;
the limited examination module is used for limiting and examining the audit range according to the access authority of the user after the identity authentication is passed;
the monitoring and analyzing module is used for monitoring and analyzing the behavior data which is requested to be accessed by the user according to the limited and examined auditing range;
and the judging module is used for judging the legality of the behavior data which is requested to be accessed by the user, alarming the illegal behavior and terminating the access.
9. A terminal, comprising: at least one processor, and a memory communicatively coupled to the at least one processor, wherein the memory stores instructions executable by the at least one processor to cause the at least one processor to perform the information management based secure network auditing method of any of claims 1-7.
10. A computer-readable storage medium having stored thereon computer instructions for causing a computer to execute the method for information management-based secure network auditing of any of claims 1-7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110018474.9A CN112769823A (en) | 2021-01-07 | 2021-01-07 | Information management-based secure network auditing method and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110018474.9A CN112769823A (en) | 2021-01-07 | 2021-01-07 | Information management-based secure network auditing method and system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN112769823A true CN112769823A (en) | 2021-05-07 |
Family
ID=75700672
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110018474.9A Pending CN112769823A (en) | 2021-01-07 | 2021-01-07 | Information management-based secure network auditing method and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112769823A (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113297605A (en) * | 2021-06-24 | 2021-08-24 | 建信金融科技有限责任公司 | Copy data management method, device, electronic equipment and computer readable medium |
| CN115296874A (en) * | 2022-07-26 | 2022-11-04 | 北京科能腾达信息技术股份有限公司 | Computer network security system, method, medium, equipment and terminal |
| CN116232770A (en) * | 2023-05-08 | 2023-06-06 | 中国石油大学(华东) | Enterprise network safety protection system and method based on SDN controller |
Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20140165189A1 (en) * | 2012-12-08 | 2014-06-12 | International Business Machines Corporation | Directing Audited Data Traffic to Specific Repositories |
| CN104111941A (en) * | 2013-04-18 | 2014-10-22 | 阿里巴巴集团控股有限公司 | Method and equipment for information display |
| CN106874492A (en) * | 2017-02-23 | 2017-06-20 | 北京京东尚科信息技术有限公司 | Searching method and device |
| CN108009407A (en) * | 2017-11-29 | 2018-05-08 | 华迪计算机集团有限公司 | A kind of method and system that differentiated control is carried out to system user authority |
| CN108763543A (en) * | 2018-05-31 | 2018-11-06 | 郑州信大天瑞信息技术有限公司 | Database audit monitors system |
| CN109241699A (en) * | 2018-07-27 | 2019-01-18 | 安徽云图信息技术有限公司 | Authorizing secure auditing system |
| CN110472436A (en) * | 2019-07-23 | 2019-11-19 | 浙江无极互联科技有限公司 | A kind of computer data management system, method and computer readable storage medium |
| CN111914234A (en) * | 2020-09-21 | 2020-11-10 | 安徽长泰信息安全服务有限公司 | Data security management method applied to operation and maintenance auditing system |
-
2021
- 2021-01-07 CN CN202110018474.9A patent/CN112769823A/en active Pending
Patent Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20140165189A1 (en) * | 2012-12-08 | 2014-06-12 | International Business Machines Corporation | Directing Audited Data Traffic to Specific Repositories |
| CN104111941A (en) * | 2013-04-18 | 2014-10-22 | 阿里巴巴集团控股有限公司 | Method and equipment for information display |
| CN106874492A (en) * | 2017-02-23 | 2017-06-20 | 北京京东尚科信息技术有限公司 | Searching method and device |
| CN108009407A (en) * | 2017-11-29 | 2018-05-08 | 华迪计算机集团有限公司 | A kind of method and system that differentiated control is carried out to system user authority |
| CN108763543A (en) * | 2018-05-31 | 2018-11-06 | 郑州信大天瑞信息技术有限公司 | Database audit monitors system |
| CN109241699A (en) * | 2018-07-27 | 2019-01-18 | 安徽云图信息技术有限公司 | Authorizing secure auditing system |
| CN110472436A (en) * | 2019-07-23 | 2019-11-19 | 浙江无极互联科技有限公司 | A kind of computer data management system, method and computer readable storage medium |
| CN111914234A (en) * | 2020-09-21 | 2020-11-10 | 安徽长泰信息安全服务有限公司 | Data security management method applied to operation and maintenance auditing system |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113297605A (en) * | 2021-06-24 | 2021-08-24 | 建信金融科技有限责任公司 | Copy data management method, device, electronic equipment and computer readable medium |
| CN115296874A (en) * | 2022-07-26 | 2022-11-04 | 北京科能腾达信息技术股份有限公司 | Computer network security system, method, medium, equipment and terminal |
| CN116232770A (en) * | 2023-05-08 | 2023-06-06 | 中国石油大学(华东) | Enterprise network safety protection system and method based on SDN controller |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN112769823A (en) | Information management-based secure network auditing method and system | |
| US20160285918A1 (en) | System and method for classifying documents based on access | |
| CN108171073B (en) | Private data identification method based on code layer semantic parsing drive | |
| Murtaza et al. | Mining trends and patterns of software vulnerabilities | |
| US8875302B2 (en) | Classification of an electronic document | |
| US9667644B2 (en) | Risk identification | |
| US20160378993A1 (en) | Systems for diagnosing and tracking product vulnerabilities | |
| EP2880580A1 (en) | Vulnerability vector information analysis | |
| US9871826B1 (en) | Sensor based rules for responding to malicious activity | |
| US10482240B2 (en) | Anti-malware device, anti-malware system, anti-malware method, and recording medium in which anti-malware program is stored | |
| CN110602029A (en) | Method and system for identifying network attack | |
| CN109829304B (en) | Virus detection method and device | |
| CN113609261B (en) | Vulnerability information mining method and device based on knowledge graph of network information security | |
| US20220253526A1 (en) | Incremental updates to malware detection models | |
| CN115238286A (en) | Data protection method and device, computer equipment and storage medium | |
| US20210136032A1 (en) | Method and apparatus for generating summary of url for url clustering | |
| CN112799722A (en) | Command recognition method, device, equipment and storage medium | |
| CN114048227A (en) | SQL statement anomaly detection method, device, equipment and storage medium | |
| Luo et al. | MAD-API: Detection, correction and explanation of API misuses in distributed android applications | |
| CN111414621B (en) | Malicious webpage file identification method and device | |
| Alneyadi et al. | Word N-gram based classification for data leakage prevention | |
| CN110866700B (en) | Method and device for determining enterprise employee information disclosure source | |
| CN112650769A (en) | Method and device for detecting SQL statement injection attack | |
| CN116089985A (en) | Encryption storage method, device, equipment and medium for distributed log | |
| CN113688240B (en) | Threat element extraction method, threat element extraction device, threat element extraction equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20210507 |
|
| RJ01 | Rejection of invention patent application after publication |