CN115484063A - Network security prevention and control method and system for industrial control system - Google Patents
Network security prevention and control method and system for industrial control system Download PDFInfo
- Publication number
- CN115484063A CN115484063A CN202210968308.XA CN202210968308A CN115484063A CN 115484063 A CN115484063 A CN 115484063A CN 202210968308 A CN202210968308 A CN 202210968308A CN 115484063 A CN115484063 A CN 115484063A
- Authority
- CN
- China
- Prior art keywords
- preset
- user
- network security
- coefficient
- level
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/105—Multiple levels of security
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02P—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN THE PRODUCTION OR PROCESSING OF GOODS
- Y02P90/00—Enabling technologies with a potential contribution to greenhouse gas [GHG] emissions mitigation
- Y02P90/02—Total factory control, e.g. smart factories, flexible manufacturing systems [FMS] or integrated manufacturing systems [IMS]
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Safety Devices In Control Systems (AREA)
Abstract
The invention relates to the technical field of network security prevention and control, and discloses a network security prevention and control method and a system for an industrial control system, wherein the method comprises the following steps: step S1: acquiring login account information and historical behavior information of a user; step S2: determining a grade coefficient and a network security prevention and control grade of a user according to the information acquired in the step S1; and step S3: after the grade coefficient and the network security prevention and control grade of the user are determined, corresponding access authority is generated according to the grade coefficient of the user, the industrial control system is prevented and controlled according to the network security prevention and control grade, the grade coefficient and the network security prevention and control grade of the user are determined according to login account information and historical behavior information of the user, then the corresponding access authority is generated through the grade coefficient of the user, meanwhile, different user security prevention and control grades are different, and further, network security prevention and control modes are different.
Description
Technical Field
The invention relates to the technical field of network security prevention and control, in particular to a network security prevention and control method and a network security prevention and control system for an industrial control system.
Background
An industrial control system (industrial control system for short) is a system which is composed of various automation components and a control component for collecting data in real time. The core components of the system comprise a data acquisition and monitoring system, a distributed control system, a programmable controller, a remote terminal, a human-computer interaction interface device and an interface technology for ensuring the communication of all the components. However, with the integration of industrialization and informatization, the network security problem of the industrial control system becomes increasingly prominent, once a security hole occurs, the industrial control system is attacked by others, so that important data in the industrial control system is stolen, and particularly, the occurrence of the network security problem causes immeasurable loss to the industrial control system.
In the prior art, the network security prevention and control method has the problem that the security is insufficient due to the fact that the network security prevention and control level is difficult to adjust according to the actual situation of the current user.
Therefore, how to provide a method for effectively preventing and controlling the network security of the industrial control system is a technical problem to be solved at present.
Disclosure of Invention
The embodiment of the invention provides a network security prevention and control method and a network security prevention and control system for an industrial control system, which are used for solving the technical problems that different security prevention and control levels cannot be set according to different users, the prevention and control effect of network security cannot be ensured, and the security of the industrial control system cannot be ensured in the prior art.
In order to achieve the above object, the present invention provides a network security prevention and control method for an industrial control system, the method comprising:
step S1: acquiring login account information and historical behavior information of a user;
step S2: determining a grade coefficient of a user and a network security prevention and control grade of an industrial control system according to the information acquired in the step S1;
and step S3: after determining the grade coefficient of the user and the network security prevention and control grade of the industrial control system, generating corresponding access authority according to the grade coefficient of the user, and performing prevention and control on the industrial control system according to the network security prevention and control grade of the industrial control system;
in the step S1, the login account information of the user includes a registration number of days a of registration of the user login account and a historical login number of times B of the user login account; the historical behavior information comprises historical dangerous operation times C of the user and total historical dangerous operation duration D of the user;
in the step S2, when determining the level coefficient of the user and the network security prevention and control level of the industrial control system, determining the level coefficient of the user according to the registration days a of the user login account, and correcting the level coefficient of the user according to the historical login times B of the user login account; and when the network security prevention and control level is determined, determining the network security prevention and control level of the industrial control system according to the historical dangerous operation times C of the user, and correcting the network security prevention and control level of the industrial control system according to the total historical dangerous operation time D of the user.
Preferably, when determining the level coefficient of the user according to the registration days a of the user login account, specifically:
a registration day matrix A0 of a login account of a user is preset, and A0 (A1, A2, A3, A4) is set, wherein A1 is a first preset registration day, A2 is a second preset registration day, A3 is a third preset registration day, A4 is a fourth preset registration day, and A1 is more than A2 and more than A3 and more than A4;
presetting a level coefficient matrix E of a user, and setting E (E1, E2, E3, E4, E5), wherein E1 is a first preset level coefficient, E2 is a second preset level coefficient, E3 is a third preset level coefficient, E4 is a fourth preset level coefficient, E5 is a fifth preset level coefficient, and E1 is more than E2 and is more than E3 and is more than E4 and is more than E5;
setting the grade coefficient of the user according to the relation between the registration days A of the user login account and the registration days of each preset user login account:
when A is less than A1, selecting the first preset level coefficient E1 as the level coefficient of the user;
when A1 is more than or equal to A and less than A2, selecting the second preset level coefficient E2 as the level coefficient of the user;
when A2 is more than or equal to A and less than A3, selecting the third preset level coefficient E3 as the level coefficient of the user;
when A3 is more than or equal to A and less than A4, selecting the fourth preset level coefficient E4 as the level coefficient of the user;
and when A is larger than or equal to A4, selecting the fifth preset level coefficient E5 as the level coefficient of the user.
Preferably, when the level coefficient of the user is corrected according to the historical login times B of the login account of the user, the method specifically includes:
presetting a history login frequency matrix F0 of a user login account, and setting F0 (F1, F2, F3 and F4), wherein F1 is a first preset history login frequency, F2 is a second preset history login frequency, F3 is a third preset history login frequency, F4 is a fourth preset history login frequency, and F1 is more than F2 and less than F3 and less than F4;
presetting a level coefficient correction coefficient matrix h of a user, and setting h (h 1, h2, h3, h4, h 5), wherein h1 is a first preset level coefficient correction coefficient, h2 is a second preset level coefficient correction coefficient, h3 is a third preset level coefficient correction coefficient, h4 is a fourth preset level coefficient correction coefficient, h5 is a fifth preset level coefficient correction coefficient, and h1 is more than 0.8, more than h2, more than h3, more than h4, more than h5 and less than 1.2;
when the level coefficient of the user is set as the ith preset level coefficient Ei, i =1,2,3,4,5 corrects the level coefficient of the user according to the relation between the historical login times B of the user login account and the historical login times of each preset user login account:
when B is less than F1, selecting the first preset grade coefficient correction coefficient h1 to correct the ith preset grade coefficient Ei, wherein the grade coefficient of the corrected user is Ei x h1;
when F1 is not more than B and less than F2, selecting the second preset level coefficient correction coefficient h2 to correct the ith preset level coefficient Ei, wherein the corrected level coefficient of the user is Ei h2;
when F2 is not less than B and less than F3, selecting the third preset grade coefficient correction coefficient h3 to correct the ith preset grade coefficient Ei, wherein the grade coefficient of the corrected user is Ei x h3;
when F3 is not more than B and less than F4, selecting the fourth preset level coefficient correction coefficient h4 to correct the ith preset level coefficient Ei, wherein the corrected level coefficient of the user is Ei h4;
and when B is larger than or equal to F4, selecting the fifth preset grade coefficient correction coefficient h5 to correct the ith preset grade coefficient Ei, wherein the grade coefficient of the corrected user is Ei x h5.
Preferably, when the network security prevention and control level of the industrial control system is determined according to the historical dangerous operation times C of the user, the method specifically comprises the following steps:
presetting a historical dangerous operation frequency matrix G0 of a user, and setting G0 (G1, G2, G3 and G4), wherein G1 is a first preset historical dangerous operation frequency, G2 is a second preset historical dangerous operation frequency, G3 is a third preset historical dangerous operation frequency, G4 is a fourth preset historical dangerous operation frequency, and G1 is more than G2 and less than G3 and less than G4;
presetting a network security prevention and control level matrix K of the industrial control system, and setting K (K1, K2, K3, K4, K5), wherein K1 is a first preset network security prevention and control level, K2 is a second preset network security prevention and control level, K3 is a third preset network security prevention and control level, K4 is a fourth preset network security prevention and control level, K5 is a fifth preset network security prevention and control level, and K1 is more than K2 and less than K3 and less than K4 and less than K5;
setting the network security prevention and control level of the industrial control system according to the relation between the historical dangerous operation times C of the user and the historical dangerous operation times of each preset user:
when C is less than G1, selecting the first preset network security prevention and control level K1 as the network security prevention and control level of the industrial control system;
when G1 is not more than C and less than G2, selecting the second preset network security prevention and control level K2 as the network security prevention and control level of the industrial control system;
when G2 is less than or equal to C and less than G3, selecting the third preset network security prevention and control level K3 as the network security prevention and control level of the industrial control system;
when G3 is less than or equal to C and less than G4, selecting the fourth preset network security prevention and control level K4 as the network security prevention and control level of the industrial control system;
and when the C is larger than or equal to the G4, selecting the fifth preset network security prevention and control level K5 as the network security prevention and control level of the industrial control system.
Preferably, when the network security prevention and control level of the industrial control system is modified according to the total historical dangerous operation duration D of the user, the method specifically comprises the following steps:
presetting a historical dangerous operation total time matrix M0 of a user, and setting M0 (M1, M2, M3, M4), wherein M1 is a first preset historical dangerous operation total time, M2 is a second preset historical dangerous operation total time, M3 is a third preset historical dangerous operation total time, M4 is a fourth preset historical dangerous operation total time, and M1 is more than M2 and more than M3 and more than M4;
presetting a network security prevention and control grade correction coefficient matrix n of an industrial control system, and setting n (n 1, n2, n3, n4, n 5), wherein n1 is a first preset network security prevention and control grade correction coefficient, n2 is a second preset network security prevention and control grade correction coefficient, n3 is a third preset network security prevention and control grade correction coefficient, n4 is a fourth preset network security prevention and control grade correction coefficient, n5 is a fifth preset network security prevention and control grade correction coefficient, and n1 is more than 0.8 and less than n2 and less than n3 and less than n4 and less than n5 and less than 1.2;
when the network security prevention and control level of the industrial control system is set as the ith preset network security prevention and control level Ki, i =1,2,3,4,5, and the network security prevention and control level of the industrial control system is corrected according to the relation between the total historical dangerous operation duration D of the user and the total historical dangerous operation duration of each preset user:
when D is less than M1, selecting the first preset network security prevention and control grade correction coefficient n1 to correct the ith preset network security prevention and control grade Ki, wherein the corrected network security prevention and control grade of the industrial control system is Ki x n1;
when M1 is not more than D and less than M2, selecting the second preset network security prevention and control grade correction coefficient n2 to correct the ith preset network security prevention and control grade Ki, wherein the corrected network security prevention and control grade of the industrial control system is Ki x n2;
when M2 is less than or equal to D and less than M3, selecting a third preset network security prevention and control grade correction coefficient n3 to correct the ith preset network security prevention and control grade Ki, wherein the corrected network security prevention and control grade of the industrial control system is Ki x n3;
when M3 is less than or equal to D and less than M4, selecting a fourth preset network security prevention and control grade correction coefficient n4 to correct the ith preset network security prevention and control grade Ki, wherein the corrected network security prevention and control grade of the industrial control system is Ki x n4;
and when D is larger than or equal to M4, selecting a fifth preset network safety prevention and control grade correction coefficient n5 to correct the ith preset network safety prevention and control grade Ki, wherein the corrected network safety prevention and control grade of the industrial control system is Ki x n5.
In order to achieve the above object, the present invention provides a network security prevention and control system for an industrial control system, the system comprising:
the acquisition module is used for acquiring login account information and historical behavior information of a user;
the determining module is used for determining the grade coefficient of the user and the network security prevention and control grade of the industrial control system according to the information acquired in the acquiring module;
the control module is used for generating corresponding access authority according to the grade coefficient of the user after the grade coefficient of the user and the network security prevention and control grade of the industrial control system are determined, and performing prevention and control on the industrial control system according to the network security prevention and control grade of the industrial control system;
in the acquisition module, the login account information of the user comprises the registration days A of the login account of the user and the historical login times B of the login account of the user; the historical behavior information comprises historical dangerous operation times C of the user and the total historical dangerous operation duration D of the user;
in the determining module, when determining the level coefficient of a user and the network security prevention and control level of an industrial control system, determining the level coefficient of the user according to the registration days A of the user login account, and correcting the level coefficient of the user according to the historical login times B of the user login account; and when the network security prevention and control level is determined, determining the network security prevention and control level of the industrial control system according to the historical dangerous operation times C of the user, and correcting the network security prevention and control level of the industrial control system according to the total historical dangerous operation time D of the user.
Preferably, in the determining module, when determining the level coefficient of the user according to the registration days a of the user login account, specifically:
the determining module is used for presetting a registration day matrix A0 of a login account of a user and setting A0 (A1, A2, A3 and A4), wherein A1 is a first preset registration day, A2 is a second preset registration day, A3 is a third preset registration day, A4 is a fourth preset registration day, and A1 is more than A2 and is more than A3 and is more than A4;
the determining module is used for presetting a level coefficient matrix E of a user and setting E (E1, E2, E3, E4, E5), wherein E1 is a first preset level coefficient, E2 is a second preset level coefficient, E3 is a third preset level coefficient, E4 is a fourth preset level coefficient, E5 is a fifth preset level coefficient, and E1 is more than E2 and less than E3 and less than E4 and less than E5;
the determining module is further configured to set a level coefficient of the user according to a relationship between the registration days a of the user login account and the registration days of each preset user login account:
when A is less than A1, selecting the first preset level coefficient E1 as the level coefficient of the user;
when A1 is more than or equal to A and less than A2, selecting the second preset level coefficient E2 as the level coefficient of the user;
when A2 is more than or equal to A and less than A3, selecting the third preset level coefficient E3 as the level coefficient of the user;
when A3 is more than or equal to A and less than A4, selecting the fourth preset level coefficient E4 as the level coefficient of the user;
and when A is larger than or equal to A4, selecting the fifth preset level coefficient E5 as the level coefficient of the user.
Preferably, in the determining module, when the level coefficient of the user is corrected according to the historical login times B of the user login account, the step of correcting is specifically as follows:
the determining module is used for presetting a historical login time matrix F0 of a user login account and setting F0 (F1, F2, F3 and F4), wherein F1 is a first preset historical login time, F2 is a second preset historical login time, F3 is a third preset historical login time, F4 is a fourth preset historical login time, and F1 is more than F2 and less than F3 and less than F4;
the determining module is used for presetting a level coefficient correction coefficient matrix h of a user and setting h (h 1, h2, h3, h4, h 5), wherein h1 is a first preset level coefficient correction coefficient, h2 is a second preset level coefficient correction coefficient, h3 is a third preset level coefficient correction coefficient, h4 is a fourth preset level coefficient correction coefficient, h5 is a fifth preset level coefficient correction coefficient, and h1 is more than 0.8, more than h2, more than h3, more than h4, more than h5 and less than 1.2;
the determining module is further configured to, when the level coefficient of the user is set as the i-th preset level coefficient Ei, i =1,2,3,4,5, correct the level coefficient of the user according to a relationship between the historical login number B of the user login account and the historical login number of each preset user login account:
when B is less than F1, selecting the first preset grade coefficient correction coefficient h1 to correct the ith preset grade coefficient Ei, wherein the grade coefficient of the corrected user is Ei x h1;
when F1 is not less than B and less than F2, selecting the second preset grade coefficient correction coefficient h2 to correct the ith preset grade coefficient Ei, wherein the grade coefficient of the corrected user is Ei x h2;
when F2 is not more than B and less than F3, selecting the third preset level coefficient correction coefficient h3 to correct the ith preset level coefficient Ei, wherein the corrected level coefficient of the user is Ei h3;
when F3 is not more than B and less than F4, selecting the fourth preset level coefficient correction coefficient h4 to correct the ith preset level coefficient Ei, wherein the corrected level coefficient of the user is Ei h4;
and when B is larger than or equal to F4, selecting the fifth preset grade coefficient correction coefficient h5 to correct the ith preset grade coefficient Ei, wherein the grade coefficient of the corrected user is Ei x h5.
Preferably, in the determining module, when determining the network security prevention and control level of the industrial control system according to the historical dangerous operation times C of the user, specifically:
the determining module is used for presetting a historical dangerous operation frequency matrix G0 of a user and setting G0 (G1, G2, G3 and G4), wherein G1 is a first preset historical dangerous operation frequency, G2 is a second preset historical dangerous operation frequency, G3 is a third preset historical dangerous operation frequency, G4 is a fourth preset historical dangerous operation frequency, and G1 is more than G2 and more than G3 and more than G4;
the determining module is used for presetting a network security prevention and control level matrix K of the industrial control system and setting K (K1, K2, K3, K4 and K5), wherein K1 is a first preset network security prevention and control level, K2 is a second preset network security prevention and control level, K3 is a third preset network security prevention and control level, K4 is a fourth preset network security prevention and control level, K5 is a fifth preset network security prevention and control level, and K1 is greater than K2 and less than K3 and less than K4 and less than K5;
the determining module is further configured to set a network security prevention and control level of the industrial control system according to a relationship between the historical dangerous operation times C of the user and the historical dangerous operation times of each preset user:
when C is less than G1, selecting the first preset network security prevention and control level K1 as the network security prevention and control level of the industrial control system;
when G1 is not less than C and less than G2, selecting the second preset network security prevention and control level K2 as the network security prevention and control level of the industrial control system;
when G2 is less than or equal to C and less than G3, selecting the third preset network security prevention and control level K3 as the network security prevention and control level of the industrial control system;
when G3 is more than or equal to C and less than G4, selecting the fourth preset network security prevention and control level K4 as the network security prevention and control level of the industrial control system;
and when C is larger than or equal to G4, selecting the fifth preset network security prevention and control level K5 as the network security prevention and control level of the industrial control system.
Preferably, in the determining module, when the network security prevention and control level of the industrial control system is modified according to the total historical dangerous operation duration D of the user, the modifying specifically includes:
the determining module is used for presetting a historical dangerous operation total time matrix M0 of a user and setting M0 (M1, M2, M3 and M4), wherein M1 is a first preset historical dangerous operation total time, M2 is a second preset historical dangerous operation total time, M3 is a third preset historical dangerous operation total time, M4 is a fourth preset historical dangerous operation total time, and M1 is more than M2 and more than M3 and more than M4;
the determining module is used for presetting a network security control grade correction coefficient matrix n of the industrial control system and setting n (n 1, n2, n3, n4, n 5), wherein n1 is a first preset network security control grade correction coefficient, n2 is a second preset network security control grade correction coefficient, n3 is a third preset network security control grade correction coefficient, n4 is a fourth preset network security control grade correction coefficient, n5 is a fifth preset network security control grade correction coefficient, and n1 is more than 0.8 and more than n2 and more than n3 and more than n4 and less than n5 and less than 1.2;
the determining module is further configured to, when the network security prevention and control level of the industrial control system is set to the ith preset network security prevention and control level Ki, i =1,2,3,4,5, modify the network security prevention and control level of the industrial control system according to a relationship between the total historical dangerous operation duration D of the user and the total historical dangerous operation duration of each preset user:
when D is less than M1, selecting the first preset network security prevention and control grade correction coefficient n1 to correct the ith preset network security prevention and control grade Ki, wherein the corrected network security prevention and control grade of the industrial control system is Ki x n1;
when M1 is not more than D and less than M2, selecting the second preset network security prevention and control grade correction coefficient n2 to correct the ith preset network security prevention and control grade Ki, wherein the corrected network security prevention and control grade of the industrial control system is Ki x n2;
when M2 is less than or equal to D and less than M3, selecting a third preset network security prevention and control grade correction coefficient n3 to correct the ith preset network security prevention and control grade Ki, wherein the corrected network security prevention and control grade of the industrial control system is Ki x n3;
when M3 is less than or equal to D and less than M4, selecting a fourth preset network security prevention and control grade correction coefficient n4 to correct the ith preset network security prevention and control grade Ki, wherein the corrected network security prevention and control grade of the industrial control system is Ki x n4;
and when D is larger than or equal to M4, selecting a fifth preset network safety prevention and control grade correction coefficient n5 to correct the ith preset network safety prevention and control grade Ki, wherein the corrected network safety prevention and control grade of the industrial control system is Ki x n5.
Compared with the prior art, the network security prevention and control method and the system for the industrial control system have the following beneficial effects that:
the application includes: step S1: acquiring login account information and historical behavior information of a user; step S2: determining a grade coefficient and a network security prevention and control grade of a user according to the information acquired in the step S1; and step S3: after the grade coefficient and the network security prevention and control grade of the user are determined, corresponding access authority is generated according to the grade coefficient of the user, the industrial control system is prevented and controlled according to the network security prevention and control grade, the grade coefficient and the network security prevention and control grade of the user are determined according to login account information and historical behavior information of the user, corresponding access authority is generated according to the grade coefficient of the user, meanwhile, different user security prevention and control grades are different, and further, network security prevention and control modes are different.
Drawings
FIG. 1 is a flow chart of a network security prevention and control method for an industrial control system according to an embodiment of the invention;
fig. 2 is a schematic structural diagram of a network security prevention and control system for an industrial control system according to an embodiment of the present invention.
Detailed Description
The following detailed description of embodiments of the present invention is provided in connection with the accompanying drawings and examples. The following examples are intended to illustrate the invention but are not intended to limit the scope of the invention.
In the description of the present application, it is to be understood that the terms "center", "upper", "lower", "front", "rear", "left", "right", "vertical", "horizontal", "top", "bottom", "inner", "outer", and the like indicate orientations or positional relationships based on those shown in the drawings, and are only for convenience in describing the present application and simplifying the description, but do not indicate or imply that the referred device or element must have a particular orientation, be constructed in a particular orientation, and be operated, and thus should not be construed as limiting the present application.
The terms "first", "second" and "first" are used for descriptive purposes only and are not to be construed as indicating or implying relative importance or implicitly indicating the number of technical features indicated. Thus, a feature defined as "first" or "second" may explicitly or implicitly include one or more of that feature. In the description of the present application, "a plurality" means two or more unless otherwise specified.
Throughout the description of the present application, it is to be noted that, unless otherwise expressly specified or limited, the terms "mounted," "connected," and "connected" are to be construed broadly, e.g., as meaning either a fixed connection, a removable connection, or an integral connection; can be mechanically or electrically connected; they may be connected directly or indirectly through intervening media, or they may be interconnected between two elements. The specific meaning of the above terms in this application will be understood to be a specific case for those of ordinary skill in the art.
The following is a description of preferred embodiments of the present invention with reference to the accompanying drawings.
As shown in fig. 1, an embodiment of the present invention discloses a network security prevention and control method for an industrial control system, the method including:
step S1: acquiring login account information and historical behavior information of a user;
step S2: determining a level coefficient of a user and a network security prevention and control level of an industrial control system according to the information obtained in the step S1;
and step S3: after determining the grade coefficient of the user and the network security prevention and control grade of the industrial control system, generating corresponding access authority according to the grade coefficient of the user, and performing prevention and control on the industrial control system according to the network security prevention and control grade of the industrial control system;
in the step S1, the login account information of the user includes a registration number of days a of registration of the user login account and a historical login number of times B of the user login account; the historical behavior information comprises historical dangerous operation times C of the user and total historical dangerous operation duration D of the user;
in the step S2, when the grade coefficient of the user and the network security prevention and control level of the industrial control system are determined, the grade coefficient of the user is determined according to the registration days A of the user login account, and the grade coefficient of the user is corrected according to the historical login times B of the user login account; and when the network security prevention and control level is determined, determining the network security prevention and control level of the industrial control system according to the historical dangerous operation times C of the user, and correcting the network security prevention and control level of the industrial control system according to the total historical dangerous operation time D of the user.
It should be noted that the present application includes: step S1: acquiring login account information and historical behavior information of a user; step S2: determining a grade coefficient and a network security prevention and control grade of a user according to the information acquired in the step S1; and step S3: after the grade coefficient and the network security prevention and control grade of the user are determined, corresponding access authority is generated according to the grade coefficient of the user, the industrial control system is prevented and controlled according to the network security prevention and control grade, the grade coefficient and the network security prevention and control grade of the user are determined according to login account information and historical behavior information of the user, then the corresponding access authority is generated through the grade coefficient of the user, meanwhile, different user security prevention and control grades are different, and further, network security prevention and control modes are different.
It should be noted that, when a user needs to access a website of the industrial control system, a login account and a login password of the user need to be input, and after the user passes the authentication, the registration time of the login account of the user and the historical login times of the user from the registration to the login are obtained. Meanwhile, the historical dangerous operation times between the current user and the current login from the login account registration and the total historical dangerous operation duration are obtained, wherein when the user actually accesses, for example, when the user accesses a webpage, a link with unknown security is clicked, for example, when the user actually accesses, an illegal file is uploaded, all the behaviors are judged as dangerous operations and counted, meanwhile, the duration from the beginning to the end of the dangerous operation is recorded, namely, the time from the moment that the user clicks the link to the moment that the firewall detects and kills a virus, or the time from the moment that the user clicks the link to automatically stop accessing the link is recorded, and the durations corresponding to all the dangerous operation times are summed to obtain the total historical dangerous operation duration.
In some embodiments of the present application, when determining the level coefficient of the user according to the registration number of days a of login of the user to the account, specifically:
a registration day matrix A0 of a login account of a user is preset, and A0 (A1, A2, A3, A4) is set, wherein A1 is a first preset registration day, A2 is a second preset registration day, A3 is a third preset registration day, A4 is a fourth preset registration day, and A1 is more than A2 and more than A3 and more than A4;
presetting a level coefficient matrix E of a user, and setting E (E1, E2, E3, E4, E5), wherein E1 is a first preset level coefficient, E2 is a second preset level coefficient, E3 is a third preset level coefficient, E4 is a fourth preset level coefficient, E5 is a fifth preset level coefficient, and E1 is more than E2 and less than E3 and less than E4 and less than E5;
setting the grade coefficient of the user according to the relation between the registration days A of the user login account and the registration days of each preset user login account:
when A is less than A1, selecting the first preset level coefficient E1 as the level coefficient of the user;
when A1 is more than or equal to A and less than A2, selecting the second preset level coefficient E2 as the level coefficient of the user;
when A2 is more than or equal to A and less than A3, selecting the third preset level coefficient E3 as the level coefficient of the user;
when A3 is more than or equal to A and less than A4, selecting the fourth preset level coefficient E4 as the level coefficient of the user;
and when A is larger than or equal to A4, selecting the fifth preset level coefficient E5 as the level coefficient of the user.
It should be noted that, when the number of registration days of the user is longer, the corresponding ranking coefficient is higher, and conversely, when the number of registration days is shorter, the corresponding ranking coefficient is lower,
the registration days of the user login account can be determined according to the login account of the user, the level coefficient matrix of the user is set according to actual requirements, the level coefficient matrix of the user is also set according to the actual requirements, but the specific level coefficient of the user cannot be directly judged according to the registration days of the user, so that the level coefficient of the user is set according to the relation between the registration days A of the user login account and the registration days of each preset user login account, and the level coefficient of the current user can be accurately determined.
In some embodiments of the present application, when the level coefficient of the user is corrected according to the historical login times B of the user login account, specifically:
presetting a history login frequency matrix F0 of a user login account, and setting F0 (F1, F2, F3 and F4), wherein F1 is a first preset history login frequency, F2 is a second preset history login frequency, F3 is a third preset history login frequency, F4 is a fourth preset history login frequency, and F1 is more than F2 and less than F3 and less than F4;
presetting a level coefficient correction coefficient matrix h of a user, and setting h (h 1, h2, h3, h4, h 5), wherein h1 is a first preset level coefficient correction coefficient, h2 is a second preset level coefficient correction coefficient, h3 is a third preset level coefficient correction coefficient, h4 is a fourth preset level coefficient correction coefficient, h5 is a fifth preset level coefficient correction coefficient, and h1 is more than 0.8, more than h2, more than h3, more than h4, more than h5 and less than 1.2;
when the level coefficient of the user is set as the ith preset level coefficient Ei, i =1,2,3,4,5 corrects the level coefficient of the user according to the relation between the historical login times B of the user login account and the historical login times of each preset user login account:
when B is less than F1, selecting the first preset grade coefficient correction coefficient h1 to correct the ith preset grade coefficient Ei, wherein the grade coefficient of the corrected user is Ei x h1;
when F1 is not more than B and less than F2, selecting the second preset level coefficient correction coefficient h2 to correct the ith preset level coefficient Ei, wherein the corrected level coefficient of the user is Ei h2;
when F2 is not more than B and less than F3, selecting the third preset level coefficient correction coefficient h3 to correct the ith preset level coefficient Ei, wherein the corrected level coefficient of the user is Ei h3;
when F3 is not more than B and less than F4, selecting the fourth preset level coefficient correction coefficient h4 to correct the ith preset level coefficient Ei, wherein the corrected level coefficient of the user is Ei h4;
and when B is larger than or equal to F4, selecting the fifth preset grade coefficient correction coefficient h5 to correct the ith preset grade coefficient Ei, wherein the grade coefficient of the corrected user is Ei h5.
It should be noted that, although the longer the number of registration days of the user is, the higher the level coefficient of the user is, in an actual situation, if the number of registration days of the user is long, but the number of times that the user logs in the industrial control system using the login account is small, in this case, the level coefficient of the user cannot be determined directly according to the number of registration days of the login account, and the level coefficient of the user needs to be corrected and adjusted according to the historical login number of times that the user logs in the account.
It should be further noted that, after determining the level coefficient of the user, a corresponding access right is generated according to the level coefficient of the user, where the higher the level coefficient of the user is, the greater the access right of the user is, and the access right may be: the access is only allowed to preset web pages or all web pages can be accessed, or files can be downloaded while all web pages are allowed to be accessed, and the like, which is not specifically limited herein, and can be set according to actual requirements.
In some embodiments of the present application, when determining the network security prevention and control level of the industrial control system according to the historical dangerous operation times C of the user, specifically:
presetting a historical dangerous operation frequency matrix G0 of a user, and setting G0 (G1, G2, G3 and G4), wherein G1 is a first preset historical dangerous operation frequency, G2 is a second preset historical dangerous operation frequency, G3 is a third preset historical dangerous operation frequency, G4 is a fourth preset historical dangerous operation frequency, and G1 is more than G2 and less than G3 and less than G4;
presetting a network security prevention and control level matrix K of the industrial control system, and setting K (K1, K2, K3, K4, K5), wherein K1 is a first preset network security prevention and control level, K2 is a second preset network security prevention and control level, K3 is a third preset network security prevention and control level, K4 is a fourth preset network security prevention and control level, K5 is a fifth preset network security prevention and control level, and K1 is more than K2 and less than K3 and less than K4 and less than K5;
setting the network security prevention and control level of the industrial control system according to the relation between the historical dangerous operation times C of the user and the historical dangerous operation times of each preset user:
when C is less than G1, selecting the first preset network security prevention and control level K1 as the network security prevention and control level of the industrial control system;
when G1 is not more than C and less than G2, selecting the second preset network security prevention and control level K2 as the network security prevention and control level of the industrial control system;
when G2 is less than or equal to C and less than G3, selecting the third preset network security prevention and control level K3 as the network security prevention and control level of the industrial control system;
when G3 is less than or equal to C and less than G4, selecting the fourth preset network security prevention and control level K4 as the network security prevention and control level of the industrial control system;
and when C is larger than or equal to G4, selecting the fifth preset network security prevention and control level K5 as the network security prevention and control level of the industrial control system.
It should be noted that, when the number of dangerous operations of the user is greater, the network security prevention and control level of the industrial control system needs to be increased, and when the security prevention and control level is higher, the current network condition is more dangerous, the dangerous operation behavior of the user needs to be continuously prohibited, and under the security prevention and control level, the number of dangerous inducements received by the user is less, and particularly, when the current user accesses the system, if the number of dangerous operations of the user is too large, the access of the user is suspended.
In some embodiments of the present application, when the network security prevention and control level of the industrial control system is modified according to the total historical dangerous operation duration D of the user, specifically:
presetting a historical dangerous operation total time matrix M0 of a user, and setting M0 (M1, M2, M3, M4), wherein M1 is a first preset historical dangerous operation total time, M2 is a second preset historical dangerous operation total time, M3 is a third preset historical dangerous operation total time, M4 is a fourth preset historical dangerous operation total time, and M1 is more than M2 and more than M3 and more than M4;
presetting a network security prevention and control grade correction coefficient matrix n of an industrial control system, and setting n (n 1, n2, n3, n4, n 5), wherein n1 is a first preset network security prevention and control grade correction coefficient, n2 is a second preset network security prevention and control grade correction coefficient, n3 is a third preset network security prevention and control grade correction coefficient, n4 is a fourth preset network security prevention and control grade correction coefficient, n5 is a fifth preset network security prevention and control grade correction coefficient, and n1 is more than 0.8 and more than n2 and more than n3 and more than n4 and less than n5 and less than 1.2;
when the network security prevention and control level of the industrial control system is set as the ith preset network security prevention and control level Ki, i =1,2,3,4,5, and the network security prevention and control level of the industrial control system is corrected according to the relation between the total historical dangerous operation duration D of the user and the total historical dangerous operation duration of each preset user:
when D is less than M1, selecting the first preset network security prevention and control grade correction coefficient n1 to correct the ith preset network security prevention and control grade Ki, wherein the corrected network security prevention and control grade of the industrial control system is Ki x n1;
when M1 is not more than D and less than M2, selecting the second preset network security prevention and control grade correction coefficient n2 to correct the ith preset network security prevention and control grade Ki, wherein the corrected network security prevention and control grade of the industrial control system is Ki x n2;
when M2 is more than or equal to D and less than M3, selecting the third preset network security prevention and control grade correction coefficient n3 to correct the ith preset network security prevention and control grade Ki, wherein the corrected network security prevention and control grade of the industrial control system is Ki x n3;
when M3 is less than or equal to D and less than M4, selecting a fourth preset network security prevention and control grade correction coefficient n4 to correct the ith preset network security prevention and control grade Ki, wherein the corrected network security prevention and control grade of the industrial control system is Ki x n4;
and when D is larger than or equal to M4, selecting a fifth preset network safety prevention and control grade correction coefficient n5 to correct the ith preset network safety prevention and control grade Ki, wherein the corrected network safety prevention and control grade of the industrial control system is Ki x n5.
It should be noted that, when a user performs a dangerous operation, the firewall detects a virus and performs checking and killing, or the firewall directly and automatically stops accessing the link, so as to avoid further dangerous inducement, if the time spent by the firewall to find the virus and check and kill or directly stop accessing is shorter, the dangerous operation degree of the user is lighter, and if the time spent by the firewall to find the virus and check and kill or directly stop accessing is longer, the dangerous operation degree of the user is heavier, so that the application corrects the network security prevention and control level of the industrial control system according to the relationship between the total historical dangerous operation duration D of the user and the total historical dangerous operation duration of each preset user, thereby ensuring the stability of the normal operation of the user, and further ensuring the security of the industrial control system.
It should be further noted that, when accessing a relevant website of the industrial control system, a user can only access the relevant website under a corresponding access authority, for example, only access to a preset website is allowed, and when actually accessing, security prevention and control are performed on this access through a corresponding network security prevention and control level, and network security prevention and control manners corresponding to the network security prevention and control level are also different, for example, when the network security prevention and control level is one level, the network security prevention and control manner may be: when clicking the unknown link of security, carry out the page and wait for, judge the security back by preventing the hot wall, show again, when network security prevention and control level is higher, network security prevention and control mode this moment can be for: and when a link with unknown security is clicked or a file is uploaded, identity authentication is carried out, and related security verification and the like are carried out. It should be understood that the above description is by way of example and not by way of limitation, and the network security control level and the corresponding network security control manner may be set according to actual requirements. By generating different safety prevention and control levels for different users and adopting different safety prevention and control modes, the normal operation of the users can be ensured, and the safety of the industrial control system and the users can be ensured.
As shown in fig. 2, an embodiment of the present invention discloses a network security prevention and control system for an industrial control system, the system comprising:
the acquisition module is used for acquiring login account information and historical behavior information of a user;
the determining module is used for determining the grade coefficient of the user and the network security prevention and control grade of the industrial control system according to the information acquired in the acquiring module;
the control module is used for generating corresponding access authority according to the grade coefficient of the user after the grade coefficient of the user and the network security prevention and control grade of the industrial control system are determined, and performing prevention and control on the industrial control system according to the network security prevention and control grade of the industrial control system;
in the acquisition module, the login account information of the user comprises the registration days A of the login account of the user and the historical login times B of the login account of the user; the historical behavior information comprises historical dangerous operation times C of the user and the total historical dangerous operation duration D of the user;
in the determining module, when determining the level coefficient of a user and the network security prevention and control level of an industrial control system, determining the level coefficient of the user according to the registration days A of the user login account, and correcting the level coefficient of the user according to the historical login times B of the user login account; and when the network security prevention and control level is determined, determining the network security prevention and control level of the industrial control system according to the historical dangerous operation times C of the user, and correcting the network security prevention and control level of the industrial control system according to the total historical dangerous operation time D of the user.
It should be noted that the present application includes: an acquisition module: acquiring login account information and historical behavior information of a user; a determination module: determining a grade coefficient and a network security prevention and control grade of a user according to the information acquired in the acquisition module; a control module: after the grade coefficient and the network security prevention and control grade of the user are determined, corresponding access authority is generated according to the grade coefficient of the user, the industrial control system is prevented and controlled according to the network security prevention and control grade, the grade coefficient and the network security prevention and control grade of the user are determined according to login account information and historical behavior information of the user, corresponding access authority is generated according to the grade coefficient of the user, meanwhile, different user security prevention and control grades are different, and further, network security prevention and control modes are different.
It should be noted that, when a user needs to access a website of the industrial control system, a login account and a login password of the user need to be input, and after the user passes the authentication, the registration time of the login account of the user and the historical login times of the user between the registration and the login are obtained. Meanwhile, the historical dangerous operation times between the current user and the current login from the login account registration and the total historical dangerous operation duration are obtained, wherein when the user actually accesses, for example, when the user accesses a webpage, a link with unknown security is clicked, for example, when the user actually accesses, an illegal file is uploaded, all the behaviors are judged as dangerous operations and counted, meanwhile, the duration from the beginning to the end of the dangerous operation is recorded, namely, the time from the moment that the user clicks the link to the moment that the firewall detects and kills a virus, or the time from the moment that the user clicks the link to automatically stop accessing the link is recorded, and the durations corresponding to all the dangerous operation times are summed to obtain the total historical dangerous operation duration.
In some embodiments of the present application, in the determining module, when determining the level coefficient of the user according to the registration number of days a of the user logging in the account, specifically:
the determining module is used for presetting a registration day matrix A0 of a user login account and setting A0 (A1, A2, A3 and A4), wherein A1 is a first preset registration day, A2 is a second preset registration day, A3 is a third preset registration day, A4 is a fourth preset registration day, and A1 is more than A2 and is more than A3 and is more than A4;
the determining module is used for presetting a level coefficient matrix E of a user and setting E (E1, E2, E3, E4, E5), wherein E1 is a first preset level coefficient, E2 is a second preset level coefficient, E3 is a third preset level coefficient, E4 is a fourth preset level coefficient, E5 is a fifth preset level coefficient, and E1 is more than E2 and less than E3 and less than E4 and less than E5;
the determining module is further configured to set a level coefficient of the user according to a relationship between the registration days a of the user login account and the registration days of each preset user login account:
when A is less than A1, selecting the first preset level coefficient E1 as the level coefficient of the user;
when A1 is more than or equal to A and less than A2, selecting the second preset level coefficient E2 as the level coefficient of the user;
when A2 is more than or equal to A and less than A3, selecting the third preset level coefficient E3 as the level coefficient of the user;
when A3 is more than or equal to A and less than A4, selecting the fourth preset level coefficient E4 as the level coefficient of the user;
and when A is larger than or equal to A4, selecting the fifth preset level coefficient E5 as the level coefficient of the user.
It should be noted that, when the number of registration days of a user is longer, the corresponding level coefficient is higher, and conversely, when the number of registration days is shorter, the corresponding level coefficient is lower, where the number of registration days of a user login account may be determined according to the login account of the user, the level coefficient matrix of the user is set according to the actual demand, and the level coefficient matrix of the user is also set according to the actual demand, but the specific level coefficient of the user cannot be directly determined according to the number of registration days of the user, so the level coefficient of the current user may be accurately determined by setting the level coefficient of the user according to the relationship between the number of registration days a of the user login account and the number of registration days of each preset user login account.
In some embodiments of the present application, in the determining module, when the level coefficient of the user is corrected according to the historical login times B of the user login account, specifically:
the determining module is used for presetting a historical login frequency matrix F0 of a user login account and setting F0 (F1, F2, F3 and F4), wherein F1 is a first preset historical login frequency, F2 is a second preset historical login frequency, F3 is a third preset historical login frequency, F4 is a fourth preset historical login frequency, and F1 is greater than F2 and less than F3 and less than F4;
the determining module is used for presetting a grade coefficient correction coefficient matrix h of a user and setting h (h 1, h2, h3, h4, h 5), wherein h1 is a first preset grade coefficient correction coefficient, h2 is a second preset grade coefficient correction coefficient, h3 is a third preset grade coefficient correction coefficient, h4 is a fourth preset grade coefficient correction coefficient, h5 is a fifth preset grade coefficient correction coefficient, and h1 is more than 0.8, more than h2, more than h3, more than h4, more than h5 and less than 1.2;
the determining module is further configured to, when the level coefficient of the user is set as the i-th preset level coefficient Ei, i =1,2,3,4,5, correct the level coefficient of the user according to a relationship between the historical login number B of the user login account and the historical login number of each preset user login account:
when B is less than F1, selecting the first preset grade coefficient correction coefficient h1 to correct the ith preset grade coefficient Ei, wherein the grade coefficient of the corrected user is Ei x h1;
when F1 is not more than B and less than F2, selecting the second preset level coefficient correction coefficient h2 to correct the ith preset level coefficient Ei, wherein the corrected level coefficient of the user is Ei h2;
when F2 is not less than B and less than F3, selecting the third preset grade coefficient correction coefficient h3 to correct the ith preset grade coefficient Ei, wherein the grade coefficient of the corrected user is Ei x h3;
when F3 is not more than B and less than F4, selecting the fourth preset level coefficient correction coefficient h4 to correct the ith preset level coefficient Ei, wherein the corrected level coefficient of the user is Ei h4;
and when B is larger than or equal to F4, selecting the fifth preset grade coefficient correction coefficient h5 to correct the ith preset grade coefficient Ei, wherein the grade coefficient of the corrected user is Ei h5.
It should be noted that, although the longer the number of registration days of the user is, the higher the level coefficient of the user is, in an actual situation, if the number of registration days of the user is long, but the number of times that the user logs in the industrial control system by using the login account is very small, in this case, the level coefficient of the user cannot be determined directly according to the number of registration days of the login account, and the level coefficient of the user needs to be corrected and adjusted according to the historical login number of times of the login account of the user.
It should be further noted that, after determining the level coefficient of the user, a corresponding access right is generated according to the level coefficient of the user, where the higher the level coefficient of the user is, the greater the access right of the user is, and the access right may be: the access to the preset web page is only allowed or all web pages can be accessed, or the access to all web pages is allowed and files can be downloaded, and the like, which is not specifically limited herein, can be set according to actual requirements.
In some embodiments of the present application, in the determining module, when determining the network security prevention and control level of the industrial control system according to the historical dangerous operation times C of the user, specifically:
the determining module is used for presetting a historical dangerous operation frequency matrix G0 of a user and setting G0 (G1, G2, G3 and G4), wherein G1 is a first preset historical dangerous operation frequency, G2 is a second preset historical dangerous operation frequency, G3 is a third preset historical dangerous operation frequency, G4 is a fourth preset historical dangerous operation frequency, and G1 is more than G2 and more than G3 and more than G4;
the determining module is used for presetting a network security prevention and control level matrix K of the industrial control system and setting K (K1, K2, K3, K4 and K5), wherein K1 is a first preset network security prevention and control level, K2 is a second preset network security prevention and control level, K3 is a third preset network security prevention and control level, K4 is a fourth preset network security prevention and control level, K5 is a fifth preset network security prevention and control level, and K1 is more than K2 and less than K3 and less than K4 and less than K5;
the determining module is further configured to set a network security prevention and control level of the industrial control system according to a relationship between the historical dangerous operation times C of the user and the historical dangerous operation times of each preset user:
when C is less than G1, selecting the first preset network security prevention and control level K1 as the network security prevention and control level of the industrial control system;
when G1 is not more than C and less than G2, selecting the second preset network security prevention and control level K2 as the network security prevention and control level of the industrial control system;
when G2 is less than or equal to C and less than G3, selecting the third preset network security prevention and control level K3 as the network security prevention and control level of the industrial control system;
when G3 is less than or equal to C and less than G4, selecting the fourth preset network security prevention and control level K4 as the network security prevention and control level of the industrial control system;
and when C is larger than or equal to G4, selecting the fifth preset network security prevention and control level K5 as the network security prevention and control level of the industrial control system.
It should be noted that, when the number of dangerous operations of the user is greater, the network security prevention and control level of the industrial control system needs to be increased, and when the security prevention and control level is higher, the current network condition is more dangerous, the dangerous operation behavior of the user needs to be continuously prohibited, and under the security prevention and control level, the number of dangerous inducements received by the user is less, and particularly, when the current user accesses the system, if the number of dangerous operations of the user is too large, the access of the user is suspended.
In some embodiments of the present application, in the determining module, when the network security prevention and control level of the industrial control system is modified according to the total historical dangerous operation duration D of the user, specifically:
the determining module is used for presetting a historical dangerous operation total time matrix M0 of a user and setting M0 (M1, M2, M3 and M4), wherein M1 is a first preset historical dangerous operation total time, M2 is a second preset historical dangerous operation total time, M3 is a third preset historical dangerous operation total time, M4 is a fourth preset historical dangerous operation total time, and M1 is greater than M2 and is greater than M3 and is greater than M4;
the determining module is used for presetting a network security control grade correction coefficient matrix n of the industrial control system and setting n (n 1, n2, n3, n4, n 5), wherein n1 is a first preset network security control grade correction coefficient, n2 is a second preset network security control grade correction coefficient, n3 is a third preset network security control grade correction coefficient, n4 is a fourth preset network security control grade correction coefficient, n5 is a fifth preset network security control grade correction coefficient, and n1 is more than 0.8 and more than n2 and more than n3 and more than n4 and less than n5 and less than 1.2;
the determining module is further configured to, when the network security prevention and control level of the industrial control system is set to the ith preset network security prevention and control level Ki, i =1,2,3,4,5, modify the network security prevention and control level of the industrial control system according to a relationship between the total historical dangerous operation duration D of the user and the total historical dangerous operation duration of each preset user:
when D is less than M1, selecting the first preset network security prevention and control grade correction coefficient n1 to correct the ith preset network security prevention and control grade Ki, wherein the corrected network security prevention and control grade of the industrial control system is Ki x n1;
when M1 is not more than D and less than M2, selecting the second preset network security prevention and control grade correction coefficient n2 to correct the ith preset network security prevention and control grade Ki, wherein the corrected network security prevention and control grade of the industrial control system is Ki x n2;
when M2 is less than or equal to D and less than M3, selecting a third preset network security prevention and control grade correction coefficient n3 to correct the ith preset network security prevention and control grade Ki, wherein the corrected network security prevention and control grade of the industrial control system is Ki x n3;
when M3 is less than or equal to D and less than M4, selecting a fourth preset network security prevention and control grade correction coefficient n4 to correct the ith preset network security prevention and control grade Ki, wherein the corrected network security prevention and control grade of the industrial control system is Ki x n4;
and when D is larger than or equal to M4, selecting a fifth preset network safety prevention and control grade correction coefficient n5 to correct the ith preset network safety prevention and control grade Ki, wherein the corrected network safety prevention and control grade of the industrial control system is Ki x n5.
It should be noted that, when a user performs a dangerous operation, the firewall detects a virus and performs checking and killing, or the firewall directly and automatically stops accessing the link, so as to avoid further dangerous inducement, if the time spent by the firewall to find the virus and check and kill or directly stop accessing is shorter, the dangerous operation degree of the user is lighter, and if the time spent by the firewall to find the virus and check and kill or directly stop accessing is longer, the dangerous operation degree of the user is heavier, so that the application corrects the network security prevention and control level of the industrial control system according to the relationship between the total historical dangerous operation duration D of the user and the total historical dangerous operation duration of each preset user, thereby ensuring the stability of the normal operation of the user, and further ensuring the security of the industrial control system.
It should be further noted that, when accessing a relevant website of the industrial control system, a user can only access the relevant website under a corresponding access authority, for example, only access to a preset website is allowed, and when actually accessing, security prevention and control are performed on this access through a corresponding network security prevention and control level, and network security prevention and control manners corresponding to the network security prevention and control level are also different, for example, when the network security prevention and control level is one level, the network security prevention and control manner may be: when clicking the unknown link of security, carry out the page and wait for, judge the security back by preventing the hot wall, show again, when network security prevention and control level is higher, network security prevention and control mode this moment can be for: and when a link with unknown security is clicked or a file is uploaded, identity authentication is performed, related security verification is performed, and the like. It should be understood that the foregoing is shown by way of example, and not by way of limitation, and the network security prevention and control level and the corresponding network security prevention and control manner may be set according to actual requirements. By generating different safety prevention and control levels for different users and adopting different safety prevention and control modes, the normal operation of the users can be ensured, and the safety of the industrial control system and the users can be ensured.
In the foregoing description of embodiments, the particular features, structures, materials, or characteristics may be combined in any suitable manner in any one or more embodiments or examples.
While the invention has been described above with reference to an embodiment, various modifications may be made and equivalents may be substituted for elements thereof without departing from the scope of the invention. In particular, the various features of the disclosed embodiments of the invention can be used in any combination with one another as long as there is no structural conflict, and nothing in this specification should be taken as a complete description of such combinations for the sake of brevity and resource savings. Therefore, it is intended that the invention not be limited to the particular embodiments disclosed, but that the invention will include all embodiments falling within the scope of the appended claims.
Those of ordinary skill in the art will understand that: although the present invention has been described in detail with reference to the foregoing embodiments, those skilled in the art will understand that various changes, modifications and substitutions can be made without departing from the spirit and scope of the invention as defined by the appended claims. Any modification, equivalent replacement, or improvement made within the spirit and principle of the present invention should be included in the protection scope of the present invention.
Claims (10)
1. A network security prevention and control method for an industrial control system, the method comprising:
step S1: acquiring login account information and historical behavior information of a user;
step S2: determining a grade coefficient of a user and a network security prevention and control grade of an industrial control system according to the information acquired in the step S1;
and step S3: after determining the grade coefficient of the user and the network security prevention and control grade of the industrial control system, generating corresponding access authority according to the grade coefficient of the user, and performing prevention and control on the industrial control system according to the network security prevention and control grade of the industrial control system;
in the step S1, the login account information of the user includes the registration days a of the user login account and the historical login times B of the user login account; the historical behavior information comprises historical dangerous operation times C of the user and the total historical dangerous operation duration D of the user;
in the step S2, when determining the level coefficient of the user and the network security prevention and control level of the industrial control system, determining the level coefficient of the user according to the registration days a of the user login account, and correcting the level coefficient of the user according to the historical login times B of the user login account; and when the network security prevention and control level is determined, determining the network security prevention and control level of the industrial control system according to the historical dangerous operation times C of the user, and correcting the network security prevention and control level of the industrial control system according to the total historical dangerous operation time D of the user.
2. The network security prevention and control method for the industrial control system according to claim 1, wherein when determining the level coefficient of the user according to the registration days a of the user login account, specifically:
presetting a registration day matrix A0 of a user login account, and setting A0 (A1, A2, A3, A4), wherein A1 is a first preset registration day, A2 is a second preset registration day, A3 is a third preset registration day, A4 is a fourth preset registration day, and A1 is more than A2 and more than A3 and less than A4;
presetting a level coefficient matrix E of a user, and setting E (E1, E2, E3, E4, E5), wherein E1 is a first preset level coefficient, E2 is a second preset level coefficient, E3 is a third preset level coefficient, E4 is a fourth preset level coefficient, E5 is a fifth preset level coefficient, and E1 is more than E2 and less than E3 and less than E4 and less than E5;
setting the grade coefficient of the user according to the relation between the registration days A of the user login account and the registration days of each preset user login account:
when A is less than A1, selecting the first preset level coefficient E1 as the level coefficient of the user;
when A1 is more than or equal to A and less than A2, selecting the second preset level coefficient E2 as the level coefficient of the user;
when A2 is more than or equal to A and less than A3, selecting the third preset level coefficient E3 as the level coefficient of the user;
when A3 is more than or equal to A and less than A4, selecting the fourth preset level coefficient E4 as the level coefficient of the user;
and when A is larger than or equal to A4, selecting the fifth preset level coefficient E5 as the level coefficient of the user.
3. The network security prevention and control method for the industrial control system according to claim 2, wherein when the level coefficient of the user is corrected according to the historical login times B of the login account of the user, the method specifically comprises the following steps:
presetting a historical login frequency matrix F0 of a user login account, and setting F0 (F1, F2, F3 and F4), wherein F1 is a first preset historical login frequency, F2 is a second preset historical login frequency, F3 is a third preset historical login frequency, F4 is a fourth preset historical login frequency, and F1 is more than F2 and less than F3 and less than F4;
presetting a level coefficient correction coefficient matrix h of a user, and setting h (h 1, h2, h3, h4, h 5), wherein h1 is a first preset level coefficient correction coefficient, h2 is a second preset level coefficient correction coefficient, h3 is a third preset level coefficient correction coefficient, h4 is a fourth preset level coefficient correction coefficient, h5 is a fifth preset level coefficient correction coefficient, and h1 is more than 0.8, more than h2, more than h3, more than h4, more than h5 and less than 1.2;
when the level coefficient of the user is set as the ith preset level coefficient Ei, i =1,2,3,4,5 corrects the level coefficient of the user according to the relation between the historical login times B of the user login account and the historical login times of each preset user login account:
when B is less than F1, selecting the first preset grade coefficient correction coefficient h1 to correct the ith preset grade coefficient Ei, wherein the grade coefficient of the corrected user is Ei x h1;
when F1 is not less than B and less than F2, selecting the second preset grade coefficient correction coefficient h2 to correct the ith preset grade coefficient Ei, wherein the grade coefficient of the corrected user is Ei x h2;
when F2 is not more than B and less than F3, selecting the third preset level coefficient correction coefficient h3 to correct the ith preset level coefficient Ei, wherein the corrected level coefficient of the user is Ei h3;
when F3 is not more than B and less than F4, selecting the fourth preset level coefficient correction coefficient h4 to correct the ith preset level coefficient Ei, wherein the corrected level coefficient of the user is Ei h4;
and when B is larger than or equal to F4, selecting the fifth preset grade coefficient correction coefficient h5 to correct the ith preset grade coefficient Ei, wherein the grade coefficient of the corrected user is Ei h5.
4. The network security prevention and control method for the industrial control system according to claim 1, wherein when determining the network security prevention and control level of the industrial control system according to the historical dangerous operation times C of the user, specifically:
presetting a historical dangerous operation frequency matrix G0 of a user, and setting G0 (G1, G2, G3 and G4), wherein G1 is a first preset historical dangerous operation frequency, G2 is a second preset historical dangerous operation frequency, G3 is a third preset historical dangerous operation frequency, G4 is a fourth preset historical dangerous operation frequency, and G1 is more than G2 and less than G3 and less than G4;
presetting a network security prevention and control level matrix K of the industrial control system, and setting K (K1, K2, K3, K4, K5), wherein K1 is a first preset network security prevention and control level, K2 is a second preset network security prevention and control level, K3 is a third preset network security prevention and control level, K4 is a fourth preset network security prevention and control level, K5 is a fifth preset network security prevention and control level, and K1 is more than K2 and less than K3 and less than K4 and less than K5;
setting the network security prevention and control level of the industrial control system according to the relation between the historical dangerous operation times C of the user and the historical dangerous operation times of each preset user:
when C is less than G1, selecting the first preset network security prevention and control level K1 as the network security prevention and control level of the industrial control system;
when G1 is not more than C and less than G2, selecting the second preset network security prevention and control level K2 as the network security prevention and control level of the industrial control system;
when G2 is less than or equal to C and less than G3, selecting the third preset network security prevention and control level K3 as the network security prevention and control level of the industrial control system;
when G3 is more than or equal to C and less than G4, selecting the fourth preset network security prevention and control level K4 as the network security prevention and control level of the industrial control system;
and when C is larger than or equal to G4, selecting the fifth preset network security prevention and control level K5 as the network security prevention and control level of the industrial control system.
5. The network security prevention and control method for the industrial control system according to claim 4, wherein when the network security prevention and control level of the industrial control system is modified according to the total historical dangerous operation duration D of the user, the method comprises the following steps:
presetting a historical dangerous operation total time matrix M0 of a user, and setting M0 (M1, M2, M3, M4), wherein M1 is a first preset historical dangerous operation total time, M2 is a second preset historical dangerous operation total time, M3 is a third preset historical dangerous operation total time, M4 is a fourth preset historical dangerous operation total time, and M1 is more than M2 and more than M3 and more than M4;
presetting a network security prevention and control grade correction coefficient matrix n of an industrial control system, and setting n (n 1, n2, n3, n4, n 5), wherein n1 is a first preset network security prevention and control grade correction coefficient, n2 is a second preset network security prevention and control grade correction coefficient, n3 is a third preset network security prevention and control grade correction coefficient, n4 is a fourth preset network security prevention and control grade correction coefficient, n5 is a fifth preset network security prevention and control grade correction coefficient, and n1 is more than 0.8 and more than n2 and more than n3 and more than n4 and less than n5 and less than 1.2;
when the network security prevention and control level of the industrial control system is set as the ith preset network security prevention and control level Ki, i =1,2,3,4,5, and the network security prevention and control level of the industrial control system is corrected according to the relation between the total historical dangerous operation duration D of the user and the total historical dangerous operation duration of each preset user:
when D is less than M1, selecting the first preset network security prevention and control grade correction coefficient n1 to correct the ith preset network security prevention and control grade Ki, wherein the corrected network security prevention and control grade of the industrial control system is Ki x n1;
when M1 is not more than D and less than M2, selecting the second preset network security prevention and control grade correction coefficient n2 to correct the ith preset network security prevention and control grade Ki, wherein the corrected network security prevention and control grade of the industrial control system is Ki x n2;
when M2 is less than or equal to D and less than M3, selecting a third preset network security prevention and control grade correction coefficient n3 to correct the ith preset network security prevention and control grade Ki, wherein the corrected network security prevention and control grade of the industrial control system is Ki x n3;
when M3 is less than or equal to D and less than M4, selecting a fourth preset network security prevention and control grade correction coefficient n4 to correct the ith preset network security prevention and control grade Ki, wherein the corrected network security prevention and control grade of the industrial control system is Ki x n4;
and when D is larger than or equal to M4, selecting a fifth preset network security prevention and control grade correction coefficient n5 to correct the ith preset network security prevention and control grade Ki, wherein the corrected network security prevention and control grade of the industrial control system is Ki x n5.
6. A network security prevention and control system for an industrial control system, the system comprising:
the acquisition module is used for acquiring login account information and historical behavior information of a user;
the determining module is used for determining the grade coefficient of the user and the network security prevention and control grade of the industrial control system according to the information acquired in the acquiring module;
the control module is used for generating corresponding access authority according to the grade coefficient of the user after the grade coefficient of the user and the network security prevention and control grade of the industrial control system are determined, and performing prevention and control on the industrial control system according to the network security prevention and control grade of the industrial control system;
in the acquisition module, the login account information of the user comprises the registration days A of the login account of the user and the historical login times B of the login account of the user; the historical behavior information comprises historical dangerous operation times C of the user and the total historical dangerous operation duration D of the user;
in the determining module, when determining the level coefficient of a user and the network security prevention and control level of an industrial control system, determining the level coefficient of the user according to the registration days A of the user login account, and correcting the level coefficient of the user according to the historical login times B of the user login account; and when the network security prevention and control level is determined, determining the network security prevention and control level of the industrial control system according to the historical dangerous operation times C of the user, and correcting the network security prevention and control level of the industrial control system according to the total historical dangerous operation time D of the user.
7. The network security prevention and control system for an industrial control system according to claim 6, wherein in the determining module, when determining the level coefficient of the user according to the registration days a of the user logging in the account, specifically:
the determining module is used for presetting a registration day matrix A0 of a login account of a user and setting A0 (A1, A2, A3 and A4), wherein A1 is a first preset registration day, A2 is a second preset registration day, A3 is a third preset registration day, A4 is a fourth preset registration day, and A1 is more than A2 and is more than A3 and is more than A4;
the determining module is used for presetting a level coefficient matrix E of a user and setting E (E1, E2, E3, E4, E5), wherein E1 is a first preset level coefficient, E2 is a second preset level coefficient, E3 is a third preset level coefficient, E4 is a fourth preset level coefficient, E5 is a fifth preset level coefficient, and E1 is more than E2 and less than E3 and less than E4 and less than E5;
the determining module is further configured to set a level coefficient of the user according to a relationship between the registration days a of the user login account and the registration days of each preset user login account:
when A is less than A1, selecting the first preset level coefficient E1 as the level coefficient of the user;
when A1 is more than or equal to A and less than A2, selecting the second preset level coefficient E2 as the level coefficient of the user;
when A2 is more than or equal to A and less than A3, selecting the third preset level coefficient E3 as the level coefficient of the user;
when A3 is more than or equal to A and less than A4, selecting the fourth preset level coefficient E4 as the level coefficient of the user;
and when A is larger than or equal to A4, selecting the fifth preset level coefficient E5 as the level coefficient of the user.
8. The system according to claim 7, wherein in the determining module, when the level coefficient of the user is modified according to the historical login times B of the user login account, the modifying is specifically:
the determining module is used for presetting a historical login time matrix F0 of a user login account and setting F0 (F1, F2, F3 and F4), wherein F1 is a first preset historical login time, F2 is a second preset historical login time, F3 is a third preset historical login time, F4 is a fourth preset historical login time, and F1 is more than F2 and less than F3 and less than F4;
the determining module is used for presetting a level coefficient correction coefficient matrix h of a user and setting h (h 1, h2, h3, h4, h 5), wherein h1 is a first preset level coefficient correction coefficient, h2 is a second preset level coefficient correction coefficient, h3 is a third preset level coefficient correction coefficient, h4 is a fourth preset level coefficient correction coefficient, h5 is a fifth preset level coefficient correction coefficient, and h1 is more than 0.8, more than h2, more than h3, more than h4, more than h5 and less than 1.2;
the determining module is further configured to, when the level coefficient of the user is set as the i-th preset level coefficient Ei, i =1,2,3,4,5, correct the level coefficient of the user according to a relationship between the historical login number B of the user login account and the historical login number of each preset user login account:
when B is less than F1, selecting the first preset grade coefficient correction coefficient h1 to correct the ith preset grade coefficient Ei, wherein the grade coefficient of the corrected user is Ei x h1;
when F1 is not more than B and less than F2, selecting the second preset level coefficient correction coefficient h2 to correct the ith preset level coefficient Ei, wherein the corrected level coefficient of the user is Ei h2;
when F2 is not more than B and less than F3, selecting the third preset level coefficient correction coefficient h3 to correct the ith preset level coefficient Ei, wherein the corrected level coefficient of the user is Ei h3;
when F3 is not more than B and less than F4, selecting the fourth preset level coefficient correction coefficient h4 to correct the ith preset level coefficient Ei, wherein the corrected level coefficient of the user is Ei h4;
and when B is larger than or equal to F4, selecting the fifth preset grade coefficient correction coefficient h5 to correct the ith preset grade coefficient Ei, wherein the grade coefficient of the corrected user is Ei h5.
9. The cyber security and control system for an industrial control system according to claim 6, wherein in the determining module, when determining the cyber security and control level of the industrial control system according to the historical dangerous operation times C of the user, specifically:
the determining module is used for presetting a historical dangerous operation frequency matrix G0 of a user and setting G0 (G1, G2, G3 and G4), wherein G1 is a first preset historical dangerous operation frequency, G2 is a second preset historical dangerous operation frequency, G3 is a third preset historical dangerous operation frequency, G4 is a fourth preset historical dangerous operation frequency, and G1 is greater than G2 and is greater than G3 and is greater than G4;
the determining module is used for presetting a network security prevention and control level matrix K of the industrial control system and setting K (K1, K2, K3, K4 and K5), wherein K1 is a first preset network security prevention and control level, K2 is a second preset network security prevention and control level, K3 is a third preset network security prevention and control level, K4 is a fourth preset network security prevention and control level, K5 is a fifth preset network security prevention and control level, and K1 is greater than K2 and less than K3 and less than K4 and less than K5;
the determining module is further configured to set a network security prevention and control level of the industrial control system according to a relationship between the historical dangerous operation times C of the user and the historical dangerous operation times of each preset user:
when C is less than G1, selecting the first preset network security prevention and control level K1 as the network security prevention and control level of the industrial control system;
when G1 is not more than C and less than G2, selecting the second preset network security prevention and control level K2 as the network security prevention and control level of the industrial control system;
when G2 is more than or equal to C and less than G3, selecting the third preset network security prevention and control level K3 as the network security prevention and control level of the industrial control system;
when G3 is less than or equal to C and less than G4, selecting the fourth preset network security prevention and control level K4 as the network security prevention and control level of the industrial control system;
and when C is larger than or equal to G4, selecting the fifth preset network security prevention and control level K5 as the network security prevention and control level of the industrial control system.
10. The cyber security and control system for an industrial control system according to claim 9, wherein in the determination module, when the cyber security and control level of the industrial control system is modified according to the historical dangerous operation total duration D of the user, specifically:
the determining module is used for presetting a historical dangerous operation total time matrix M0 of a user and setting M0 (M1, M2, M3 and M4), wherein M1 is a first preset historical dangerous operation total time, M2 is a second preset historical dangerous operation total time, M3 is a third preset historical dangerous operation total time, M4 is a fourth preset historical dangerous operation total time, and M1 is more than M2 and more than M3 and more than M4;
the determining module is used for presetting a network security prevention and control grade correction coefficient matrix n of the industrial control system and setting n (n 1, n2, n3, n4, n 5), wherein n1 is a first preset network security prevention and control grade correction coefficient, n2 is a second preset network security prevention and control grade correction coefficient, n3 is a third preset network security prevention and control grade correction coefficient, n4 is a fourth preset network security prevention and control grade correction coefficient, n5 is a fifth preset network security prevention and control grade correction coefficient, and n1 is more than 0.8 and more than n2 and more than n3 and more than n4 and more than n5 and less than 1.2;
the determining module is further configured to, when the network security prevention and control level of the industrial control system is set to the ith preset network security prevention and control level Ki, i =1,2,3,4,5, modify the network security prevention and control level of the industrial control system according to a relationship between the total historical dangerous operation duration D of the user and the total historical dangerous operation duration of each preset user:
when D is less than M1, selecting the first preset network security prevention and control grade correction coefficient n1 to correct the ith preset network security prevention and control grade Ki, wherein the corrected network security prevention and control grade of the industrial control system is Ki x n1;
when M1 is not more than D and less than M2, selecting the second preset network security prevention and control grade correction coefficient n2 to correct the ith preset network security prevention and control grade Ki, wherein the corrected network security prevention and control grade of the industrial control system is Ki x n2;
when M2 is less than or equal to D and less than M3, selecting a third preset network security prevention and control grade correction coefficient n3 to correct the ith preset network security prevention and control grade Ki, wherein the corrected network security prevention and control grade of the industrial control system is Ki x n3;
when M3 is less than or equal to D and less than M4, selecting a fourth preset network security prevention and control grade correction coefficient n4 to correct the ith preset network security prevention and control grade Ki, wherein the corrected network security prevention and control grade of the industrial control system is Ki x n4;
and when D is larger than or equal to M4, selecting a fifth preset network safety prevention and control grade correction coefficient n5 to correct the ith preset network safety prevention and control grade Ki, wherein the corrected network safety prevention and control grade of the industrial control system is Ki x n5.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210968308.XA CN115484063B (en) | 2022-08-12 | 2022-08-12 | Network security prevention and control method and system for industrial control system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210968308.XA CN115484063B (en) | 2022-08-12 | 2022-08-12 | Network security prevention and control method and system for industrial control system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN115484063A true CN115484063A (en) | 2022-12-16 |
| CN115484063B CN115484063B (en) | 2023-05-30 |
Family
ID=84421965
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210968308.XA Active CN115484063B (en) | 2022-08-12 | 2022-08-12 | Network security prevention and control method and system for industrial control system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115484063B (en) |
Citations (17)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP2004192205A (en) * | 2002-12-10 | 2004-07-08 | Fuerishimo:Kk | User history data generating device, user history data generating method and program therefor |
| WO2013097714A1 (en) * | 2011-12-29 | 2013-07-04 | 北京网秦天下科技有限公司 | Statistical analysis and prompting method and system for mobile terminal internet traffic |
| US20150020149A1 (en) * | 2013-07-15 | 2015-01-15 | University Of Florida Research Foundation, Inc. | Adaptive identity rights management system for regulatory compliance and privacy protection |
| US9148424B1 (en) * | 2015-03-13 | 2015-09-29 | Snapchat, Inc. | Systems and methods for IP-based intrusion detection |
| JP2016187166A (en) * | 2015-03-27 | 2016-10-27 | 富士通株式会社 | Nuisance phone call detection device, nuisance phone call detection method and nuisance phone call detection program |
| JP2017010258A (en) * | 2015-06-22 | 2017-01-12 | 富士通株式会社 | Unauthorized operation monitor, unauthorized operation monitoring method, and unauthorized operation monitoring system |
| US20170142130A1 (en) * | 2015-11-16 | 2017-05-18 | Cal-Comp Electronics & Communications Company Limited | Account registration and login method, and network attached storage system using the same |
| CN106888214A (en) * | 2017-03-17 | 2017-06-23 | 北京潘达互娱科技有限公司 | Dynamic rights collocation method and device |
| CN107516213A (en) * | 2016-06-17 | 2017-12-26 | 阿里巴巴集团控股有限公司 | risk identification method and device |
| CN108462615A (en) * | 2018-02-05 | 2018-08-28 | 百川通联(北京)网络技术有限公司 | A kind of network user's group technology and device |
| CN109639735A (en) * | 2019-01-24 | 2019-04-16 | 重庆邮电大学 | A kind of test method of IPv6 industry wireless network security level |
| WO2020010983A1 (en) * | 2018-07-11 | 2020-01-16 | 阿里巴巴集团控股有限公司 | Risk control method, risk control device, electronic device and storage medium |
| CN110718067A (en) * | 2019-09-23 | 2020-01-21 | 浙江大华技术股份有限公司 | Violation behavior warning method and related device |
| CN113205683A (en) * | 2021-04-26 | 2021-08-03 | 青岛海信网络科技股份有限公司 | Alarm data processing method, device, equipment and medium |
| CN113411353A (en) * | 2021-08-03 | 2021-09-17 | 广州汇图计算机信息技术有限公司 | Network security protection method and system |
| CN114003481A (en) * | 2021-11-08 | 2022-02-01 | 湖南快乐阳光互动娱乐传媒有限公司 | User behavior risk judgment method and device |
| CN114385367A (en) * | 2022-01-14 | 2022-04-22 | 黑龙江省政务大数据中心 | Resource management system based on cloud management platform |
-
2022
- 2022-08-12 CN CN202210968308.XA patent/CN115484063B/en active Active
Patent Citations (17)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP2004192205A (en) * | 2002-12-10 | 2004-07-08 | Fuerishimo:Kk | User history data generating device, user history data generating method and program therefor |
| WO2013097714A1 (en) * | 2011-12-29 | 2013-07-04 | 北京网秦天下科技有限公司 | Statistical analysis and prompting method and system for mobile terminal internet traffic |
| US20150020149A1 (en) * | 2013-07-15 | 2015-01-15 | University Of Florida Research Foundation, Inc. | Adaptive identity rights management system for regulatory compliance and privacy protection |
| US9148424B1 (en) * | 2015-03-13 | 2015-09-29 | Snapchat, Inc. | Systems and methods for IP-based intrusion detection |
| JP2016187166A (en) * | 2015-03-27 | 2016-10-27 | 富士通株式会社 | Nuisance phone call detection device, nuisance phone call detection method and nuisance phone call detection program |
| JP2017010258A (en) * | 2015-06-22 | 2017-01-12 | 富士通株式会社 | Unauthorized operation monitor, unauthorized operation monitoring method, and unauthorized operation monitoring system |
| US20170142130A1 (en) * | 2015-11-16 | 2017-05-18 | Cal-Comp Electronics & Communications Company Limited | Account registration and login method, and network attached storage system using the same |
| CN107516213A (en) * | 2016-06-17 | 2017-12-26 | 阿里巴巴集团控股有限公司 | risk identification method and device |
| CN106888214A (en) * | 2017-03-17 | 2017-06-23 | 北京潘达互娱科技有限公司 | Dynamic rights collocation method and device |
| CN108462615A (en) * | 2018-02-05 | 2018-08-28 | 百川通联(北京)网络技术有限公司 | A kind of network user's group technology and device |
| WO2020010983A1 (en) * | 2018-07-11 | 2020-01-16 | 阿里巴巴集团控股有限公司 | Risk control method, risk control device, electronic device and storage medium |
| CN109639735A (en) * | 2019-01-24 | 2019-04-16 | 重庆邮电大学 | A kind of test method of IPv6 industry wireless network security level |
| CN110718067A (en) * | 2019-09-23 | 2020-01-21 | 浙江大华技术股份有限公司 | Violation behavior warning method and related device |
| CN113205683A (en) * | 2021-04-26 | 2021-08-03 | 青岛海信网络科技股份有限公司 | Alarm data processing method, device, equipment and medium |
| CN113411353A (en) * | 2021-08-03 | 2021-09-17 | 广州汇图计算机信息技术有限公司 | Network security protection method and system |
| CN114003481A (en) * | 2021-11-08 | 2022-02-01 | 湖南快乐阳光互动娱乐传媒有限公司 | User behavior risk judgment method and device |
| CN114385367A (en) * | 2022-01-14 | 2022-04-22 | 黑龙江省政务大数据中心 | Resource management system based on cloud management platform |
Also Published As
| Publication number | Publication date |
|---|---|
| CN115484063B (en) | 2023-05-30 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10757103B2 (en) | Single authentication portal for diverse industrial network protocols across multiple OSI layers | |
| JP4829354B2 (en) | System and method for reliable network connectivity | |
| US10673985B2 (en) | Router-host logging | |
| US9824196B2 (en) | Authenticating users requesting access to computing resources | |
| US9245145B2 (en) | Methods and systems for regulating database activity | |
| US9467475B2 (en) | Secure mobile framework | |
| US10097667B2 (en) | Methods and systems for regulating database activity | |
| EP2866411A1 (en) | Method and system for detecting unauthorized access to and use of network resources with targeted analytics | |
| CN106254451B (en) | Embedded device web menu control system and method | |
| CN112800411B (en) | Multi-protocol and multi-mode supporting safe and reliable identity authentication method and device | |
| CN111522264A (en) | Device control method and device, storage medium, and electronic device | |
| US9882914B1 (en) | Security group authentication | |
| DE102017116311A1 (en) | AUTHENTICATION AND AUTHORIZATION TO CONTROL ACCESS TO PROCESS CONTROL DEVICES IN A PROCESS PLANT | |
| US20120005729A1 (en) | System and method of network authorization by scoring | |
| DE112014006708T5 (en) | Device control system, device control device, device control method and program | |
| US20210320945A1 (en) | Method for verifying configurations of security technologies deployed on a computer network | |
| US20210152542A1 (en) | Access tokens with scope expressions of personal data policies | |
| GB2581105A (en) | Page accessing method and system for terminal | |
| CN110880074B (en) | Quality monitoring system and method, storage medium, and server | |
| US20060085648A1 (en) | Autonomic removal of a user from a client and network | |
| CN115484063A (en) | Network security prevention and control method and system for industrial control system | |
| CN116866024A (en) | Network security monitoring method based on user analysis | |
| DE102020205704A1 (en) | VALIDITY APPROVAL EQUIPMENT | |
| CN111541703A (en) | Terminal equipment authentication method and device, computer equipment and storage medium | |
| CN105282145A (en) | Multi-data center user access control method and system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |