CN116896452A - Computer network information security management method based on data processing - Google Patents
Computer network information security management method based on data processing Download PDFInfo
- Publication number
- CN116896452A CN116896452A CN202310652402.9A CN202310652402A CN116896452A CN 116896452 A CN116896452 A CN 116896452A CN 202310652402 A CN202310652402 A CN 202310652402A CN 116896452 A CN116896452 A CN 116896452A
- Authority
- CN
- China
- Prior art keywords
- risk
- computer network
- model
- security
- assessment
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000012545 processing Methods 0.000 title claims abstract description 50
- 238000007726 management method Methods 0.000 title abstract description 30
- 238000011156 evaluation Methods 0.000 claims abstract description 59
- 238000012549 training Methods 0.000 claims abstract description 35
- 238000013210 evaluation model Methods 0.000 claims abstract description 20
- 238000012502 risk assessment Methods 0.000 claims description 76
- 230000004927 fusion Effects 0.000 claims description 25
- 238000012423 maintenance Methods 0.000 claims description 23
- 238000012360 testing method Methods 0.000 claims description 19
- 238000000034 method Methods 0.000 claims description 17
- 238000012795 verification Methods 0.000 claims description 15
- 230000005540 biological transmission Effects 0.000 claims description 12
- 238000010276 construction Methods 0.000 claims description 11
- 238000000556 factor analysis Methods 0.000 claims description 10
- 238000013135 deep learning Methods 0.000 claims description 9
- 230000003044 adaptive effect Effects 0.000 claims description 8
- 230000002776 aggregation Effects 0.000 claims description 6
- 238000004220 aggregation Methods 0.000 claims description 6
- 238000004458 analytical method Methods 0.000 claims description 4
- 230000000694 effects Effects 0.000 abstract description 4
- 238000012986 modification Methods 0.000 description 4
- 230000004048 modification Effects 0.000 description 4
- 238000013528 artificial neural network Methods 0.000 description 3
- 238000010801 machine learning Methods 0.000 description 3
- 230000008569 process Effects 0.000 description 3
- 238000011161 development Methods 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 230000004075 alteration Effects 0.000 description 1
- 210000004556 brain Anatomy 0.000 description 1
- 238000004364 calculation method Methods 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 238000011418 maintenance treatment Methods 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 230000004044 response Effects 0.000 description 1
- 238000003860 storage Methods 0.000 description 1
- 230000009466 transformation Effects 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/90—Details of database functions independent of the retrieved data types
- G06F16/906—Clustering; Classification
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F18/00—Pattern recognition
- G06F18/20—Analysing
- G06F18/21—Design or setup of recognition systems or techniques; Extraction of features in feature space; Blind source separation
- G06F18/214—Generating training patterns; Bootstrap methods, e.g. bagging or boosting
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F18/00—Pattern recognition
- G06F18/20—Analysing
- G06F18/25—Fusion techniques
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06N—COMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N3/00—Computing arrangements based on biological models
- G06N3/02—Neural networks
- G06N3/04—Architecture, e.g. interconnection topology
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06N—COMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N3/00—Computing arrangements based on biological models
- G06N3/02—Neural networks
- G06N3/08—Learning methods
- G06N3/098—Distributed learning, e.g. federated learning
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Data Mining & Analysis (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Evolutionary Computation (AREA)
- Life Sciences & Earth Sciences (AREA)
- Artificial Intelligence (AREA)
- Computing Systems (AREA)
- Computer Security & Cryptography (AREA)
- Health & Medical Sciences (AREA)
- Computer Vision & Pattern Recognition (AREA)
- Evolutionary Biology (AREA)
- Software Systems (AREA)
- Bioinformatics & Cheminformatics (AREA)
- Mathematical Physics (AREA)
- Molecular Biology (AREA)
- Databases & Information Systems (AREA)
- Bioinformatics & Computational Biology (AREA)
- Biomedical Technology (AREA)
- Biophysics (AREA)
- Computational Linguistics (AREA)
- General Health & Medical Sciences (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computer Networks & Wireless Communication (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The application discloses a computer network information security management method based on data processing, which relates to the technical field of data processing, and comprises the following steps: constructing a computer network security risk feature library; according to the computer information security standard, a network security factor set is obtained, a computer network security risk feature library is subjected to multidimensional evaluation according to the set, a network security factor risk data set is obtained, the network security factor risk data set is used as a risk sample data set for training, a basic risk evaluation branch model set is obtained, each branch model is fused, a computer network risk self-adaptive evaluation model is generated, risk evaluation is performed on computer network information based on the model, and information security processing is performed according to a risk evaluation result. The application solves the technical problems of low efficiency and low accuracy of computer network information security management in the prior art, and achieves the technical effect of improving the efficiency and accuracy of computer network information security management.
Description
Technical Field
The application relates to the technical field of data processing, in particular to a computer network information security management method based on data processing.
Background
With the rapid development of computer technology, the development of productivity and social transformation are greatly promoted, the traditional production and life style are greatly changed, the application of computers is increasingly wide, the computer network security problem is increasingly outstanding, and people are increasingly paying attention to the computer network security problem. Computer networks are more and more complex, information is more and more, and many vulnerabilities exist in the current computer network information security management.
Disclosure of Invention
The application provides a computer network information security management method based on data processing, which is used for the technical problems of low efficiency and low accuracy of computer network information security management.
In a first aspect of the present application, there is provided a computer network information security management method based on data processing, the method comprising: constructing a computer network security risk feature library; acquiring a network security factor set according to a computer information security standard, wherein the network security factor set comprises information confidentiality, endpoint authenticity, information integrity, access security and transmission security; performing multidimensional evaluation on the computer network security risk feature library according to the network security factor set to obtain a network security factor risk data set; taking the network security factor risk data set as a risk sample data set, and respectively training the risk sample data set based on the network security factor set to obtain a basic risk assessment branch model set; fusing all branch models in the basic risk assessment branch model set to generate a computer network risk self-adaptive assessment model; and performing risk assessment on the computer network information based on the computer network risk self-adaptive assessment model, and performing information security processing according to a risk assessment result.
In a second aspect of the present application, there is provided a computer network information security management system based on data processing, the system comprising: the system comprises a network security risk feature library construction module, a computer network security risk feature library generation module and a computer network security risk feature library generation module, wherein the network security risk feature library construction module is used for constructing a computer network security risk feature library; the network security factor set obtaining module is used for obtaining a network security factor set according to the computer information security standard, wherein the network security factor set comprises information confidentiality, endpoint authenticity, information integrity, access security and transmission security; the network security factor risk data acquisition module is used for carrying out multidimensional evaluation on the computer network security risk feature library according to the network security factor set to obtain a network security factor risk data set; the basic risk assessment branch model building module is used for taking the network security factor risk data set as a risk sample data set, and training the risk sample data set based on the network security factor set to obtain a basic risk assessment branch model set; the self-adaptive assessment model generation module is used for fusing all branch models in the basic risk assessment branch model set to generate a computer network risk self-adaptive assessment model; the information security processing module is used for performing risk assessment on the computer network information based on the computer network risk self-adaptive assessment model and performing information security processing according to a risk assessment result.
One or more technical schemes provided by the application have at least the following technical effects or advantages:
the application provides a computer network information security management method based on data processing, which relates to the technical field of data processing, and aims to solve the technical problems of low efficiency and low accuracy of computer network information security management in the prior art by constructing a computer network security risk feature library, carrying out multidimensional evaluation on the computer network security risk feature library according to the set to obtain a network security factor risk data set, training the network security factor risk data set as a risk sample data set to obtain a basic risk evaluation branch model set, fusing branch models to generate a computer network risk self-adaptive evaluation model, carrying out risk evaluation on computer network information based on the model, and carrying out information security processing according to a risk evaluation result.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings required for the description of the embodiments will be briefly described below, and it is apparent that the drawings in the following description are only some embodiments of the present application, and other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
FIG. 1 is a schematic flow chart of a computer network information security management method based on data processing according to an embodiment of the present application;
FIG. 2 is a schematic flow chart of obtaining a set of branch models for basic risk assessment in a computer network information security management method based on data processing according to an embodiment of the present application;
FIG. 3 is a schematic flow chart of a computer network risk adaptive assessment model generated in a computer network information security management method based on data processing according to an embodiment of the present application;
fig. 4 is a schematic structural diagram of a computer network information security management system based on data processing according to an embodiment of the present application.
Reference numerals illustrate: the system comprises a network security risk feature library construction module 11, a network security factor set acquisition module 12, a network security factor risk data acquisition module 13, a basic risk assessment branch model construction module 14, an adaptive assessment model generation module 15 and an information security processing module 16.
Detailed Description
The application provides a computer network information security management method based on data processing, which is used for solving the technical problems of low efficiency and low accuracy of computer network information security management in the prior art.
The technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present application. It will be apparent that the described embodiments are only some, but not all, embodiments of the application. All other embodiments, which can be made by those skilled in the art based on the embodiments of the application without making any inventive effort, are intended to be within the scope of the application.
It should be noted that the terms "first," "second," and the like in the description and the claims of the present application and the above-described drawings are used for distinguishing between similar objects and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used may be interchanged where appropriate such that the embodiments of the application described herein may be implemented in sequences other than those illustrated or otherwise described herein. Furthermore, the terms "comprises," "comprising," and "having," and any variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or server that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed but may include other steps or modules not expressly listed or inherent to such process, method, article, or apparatus.
Example 1
As shown in fig. 1, the present application provides a computer network information security management method based on data processing, the method comprising:
s100: constructing a computer network security risk feature library;
further, step S100 of the embodiment of the present application further includes:
s110: acquiring historical computer network security risk data information;
s120: acquiring a feature processing rule, and determining risk feature classification elements according to the feature processing rule;
s130: classifying and marking the historical computer network security risk data information according to the risk feature classification elements to obtain a security risk element feature set;
s140: and combing and integrating based on the security risk element feature set to construct the computer network security risk feature library.
Specifically, computer network security risk data information in a past period of time (which may be three months, half a year, one year, etc., and specific time may be adaptively adjusted according to practical situations) is collected from big data, including a risk type, a domain to which the risk type belongs, a risk coefficient, a security protection measure, etc., a professional formulates a feature processing rule, that is, a requirement of processing data features, and determines a classification basis of the historical computer network security risk data information, for example, a risk type, an influence range, a duration, a response measure, etc., according to the data processing feature requirement, and uses the classification basis as a risk feature classification element, classifies and marks the historical computer network security risk data information according to the risk feature classification element, sorts and marks all the classified and marked data into a security risk element feature set, and combines the data in the security risk element feature set to construct the computer network security risk feature library from the integrated security risk data, which may be used as basic data for subsequently obtained network security element data set.
S200: acquiring a network security factor set according to a computer information security standard, wherein the network security factor set comprises information confidentiality, endpoint authenticity, information integrity, access security and transmission security;
specifically, network security factors related to information security are extracted from computer information security standards formulated in the computer industry and are organized into a collection, wherein the collection comprises information confidentiality, endpoint authenticity, information integrity, access security and transmission security, and the information confidentiality is exemplified by adding an access password to information so as to prevent leakage; the authenticity of the endpoint is to acquire the true identities of the information sender and the information receiver, so that the data forgery is prevented; the information integrity is to ensure that the information storage is complete, the access security can be realized by setting access rights, the transmission security is to ensure that the information cannot be leaked or lost in the transmission process, and the network security factor set can be used as a reference for carrying out subsequent multidimensional evaluation on the computer network security risk feature library.
S300: performing multidimensional evaluation on the computer network security risk feature library according to the network security factor set to obtain a network security factor risk data set;
specifically, according to the network security factor set, the computer network security risk feature library is subjected to information confidentiality, endpoint authenticity, information integrity, access security, transmission security and other dimensions, information confidentiality, endpoint authenticity, information integrity, access security and transmission security of each piece of data in the computer network security risk feature library are respectively determined, and corresponding grade coefficients are set according to the security degree, wherein the information confidentiality coefficient of a certain piece of network information is 2, the endpoint authenticity coefficient is 1, the information integrity coefficient is 3, the access security coefficient is 2 and the transmission security coefficient is 2. And (3) the information data after multidimensional evaluation is arranged into a network security factor risk data set, and the network security factor risk data set can be used as basic data for subsequent basic risk evaluation branch model training.
S400: taking the network security factor risk data set as a risk sample data set, and respectively training the risk sample data set based on the network security factor set to obtain a basic risk assessment branch model set;
specifically, the risk data set of the network security factor is used as a risk sample data set, the risk sample data set is divided into a plurality of training data sets, a plurality of verification data sets and a plurality of test data sets, the training data sets of all branches are trained by using a neural network structure to obtain a plurality of risk assessment branch models, each security factor corresponds to one risk assessment branch model, and the verification data sets and the test data sets of all branches are used for verifying and testing the plurality of risk assessment branch models until preset requirements are met to obtain a basic risk assessment branch model set which can be used as a basic model for subsequently generating a computer network risk self-adaptive assessment model.
Further, as shown in fig. 2, step S400 of the embodiment of the present application further includes:
s410: dividing the risk sample data set into a training risk sample set, a test risk sample set and a verification risk sample set according to a preset proportion;
s420: training the training risk sample set by using a deep learning network structure to obtain an initial risk assessment branch model set;
s430: and respectively verifying and testing the initial risk assessment branch model set based on the test risk sample set and the verification risk sample set until the model assessment error rate set is smaller than a preset assessment error rate, so as to obtain the basic risk assessment branch model set.
Specifically, the network security factor risk dataset is used as a risk sample dataset, and then the risk sample dataset is divided into a plurality of training risk sample sets, test risk sample sets and verification risk sample sets according to a preset proportion, and the preset proportion is 7:2:1 for example, wherein the preset proportion can be adjusted according to actual conditions, and each network security factor corresponds to one training risk sample set, one test risk sample set and one verification risk sample set. And training sample data in the training risk sample set of each network safety factor by using a deep learning network structure until convergence to obtain a plurality of initial risk assessment branch models corresponding to each safety factor. The deep learning network is a special form of machine learning, which simulates a neural network in the human brain and can automatically learn and identify patterns. The neural network itself can automatically extract the features of the data clusters as long as there is enough learning data. Further, in order to ensure the accuracy of risk assessment of the plurality of initial risk assessment branch models, an assessment error rate is preset, for example, 10%, data in the test risk sample set and the verification risk sample set are respectively input into the plurality of initial risk assessment branch models for verification and testing, the plurality of initial risk assessment branch models are corrected by using the results output by the models until the assessment error rate of all initial risk assessment branch models is smaller than the preset assessment error rate, verification and testing of all initial risk assessment branch models are completed, and the basic risk assessment branch model set is obtained and is used as a basic model for subsequently generating a computer network risk self-adaptive assessment model.
S500: fusing all branch models in the basic risk assessment branch model set to generate a computer network risk self-adaptive assessment model;
specifically, each branch model in the basic risk assessment branch model set is distributed with corresponding weight according to the risk influence degree of each safety factor, and then each branch model with weight is fused to generate a computer network risk self-adaptive assessment model which can be used for risk assessment of computer network information.
Further, as shown in fig. 3, step S500 of the embodiment of the present application further includes:
s510: carrying out criticality evaluation on each security factor in the network security factor set to obtain a security factor criticality coefficient;
s520: determining a branch model relevance weight according to the safety factor criticality coefficient;
s530: carrying out parameter fusion on the model evaluation error rate set and the branch model relevance weight to obtain a model fusion voting coefficient set;
s540: and fusing each branch model in the basic risk assessment branch model set based on the model fusion voting coefficient set to obtain the computer network risk self-adaptive assessment model.
Specifically, each security factor in the network security factor set is subjected to criticality evaluation, namely, the importance degree of each security factor to the security evaluation, namely, the criticality degree is judged according to the influence degree of each security factor on the information security, corresponding security factor criticality coefficients are set according to the criticality degree, and then, corresponding branch model relativity weights are distributed to each security factor according to the security factor criticality coefficients. And carrying out parameter fusion on the model evaluation error rate set and the branch model relevance weights, namely adjusting the branch model relevance weights according to the model evaluation error rate of each branch model, wherein the model evaluation error rate is smaller, the model relevance weights are larger, the model quality is better, and the voteability of the model in the final fusion model is stronger. And taking the fused parameter set as a model fusion voting coefficient set, wherein the model fusion voting coefficient can be regarded as a weight coefficient corresponding to each branch model, setting the weight of each branch model in the basic risk assessment branch model set based on the model fusion voting coefficient set, fusing the branch models with the weight, combining the branch models into the computer network risk self-adaptive assessment model, and carrying out risk assessment on computer network information.
S600: and performing risk assessment on the computer network information based on the computer network risk self-adaptive assessment model, and performing information security processing according to a risk assessment result.
Specifically, the computer network information is input into the computer network risk self-adaptive evaluation model to perform risk evaluation, the computer network risk self-adaptive evaluation model outputs the current risk evaluation result of the computer network information, and the computer network information security management is performed by referring to the risk evaluation result, so that the efficiency and accuracy of the computer network information security management can be improved.
Further, step S600 of the embodiment of the present application further includes:
s610: the computer network risk self-adaptive evaluation model comprises an input layer, a risk analysis layer, an evaluation fusion layer and an output layer, wherein the computer network information is input into the risk analysis layer through the input layer for analysis, and a network risk factor analysis set is obtained;
s620: performing fusion evaluation on the network risk factor analysis set based on the evaluation fusion layer to obtain a computer network risk evaluation result;
s630: and outputting the computer network risk assessment result as a model output result based on the output layer.
Specifically, the computer network risk self-adaptive evaluation model includes an input layer, a risk analysis layer, an evaluation fusion layer and an output layer, the computer network information is input into the risk analysis layer through the input layer, risk evaluation is performed by the risk analysis layer according to branches corresponding to each safety factor, a risk factor analysis result corresponding to each safety factor is obtained, the risk factor analysis result is used as a network risk factor analysis set, then the analysis results in the network risk factor analysis set are fused according to corresponding weight values by the evaluation fusion layer, namely weighting calculation is performed, the fused risk evaluation result is used as a computer network risk evaluation result, finally the output layer outputs the computer network risk evaluation result as a model output result, and computer network information safety management is performed by using the computer network risk evaluation result, so that management efficiency and accuracy of computer network information safety management can be improved.
Further, step S600 of the embodiment of the present application further includes:
s640: constructing a computer network risk operation and maintenance knowledge base;
s650: matching the computer network risk assessment result with the computer network risk operation and maintenance knowledge base to obtain a computer network risk operation and maintenance scheme;
s660: and carrying out operation and maintenance processing on the computer network risk based on the computer network risk operation and maintenance scheme.
Specifically, based on a big data network and a computer professional management method, a certain amount of computer network risk operation and maintenance management knowledge is obtained as sample data, information including a sample network risk level, a sample network risk operation and maintenance scheme and the like is extracted from the sample data, and after finishing and encoding, a computer network risk operation and maintenance knowledge base is generated. And inputting the computer network risk assessment result into the computer network risk operation and maintenance knowledge base for matching, and taking the matched corresponding sample network risk operation and maintenance scheme as a computer network risk operation and maintenance scheme, and carrying out operation and maintenance treatment on the computer network risk based on the computer network risk operation and maintenance scheme, thereby improving the computer network risk operation and maintenance efficiency.
Further, the embodiment of the present application further includes step S700, where step S700 further includes:
s710: acquiring a multi-party computer network security risk feature library, and acquiring a multi-party network security factor risk data set according to the multi-party computer network security risk feature library;
s720: training the multiparty network security factor risk data set based on a deep learning network structure to obtain a multiparty network risk self-adaptive assessment model;
s730: and extracting model parameters of the computer network risk self-adaptive evaluation model and the multiparty network risk self-adaptive evaluation model for joint training to obtain a computer network risk self-adaptive evaluation aggregation model.
Specifically, network security risk data of other areas or enterprises are collected, and after being combed and encoded according to security factor characteristics, a multiparty computer network security risk feature library is generated, a certain number of multiparty network security factor risk data are extracted from the multiparty computer network security risk feature library and are used as multiparty network security factor risk data sets, the multiparty network security factor risk data sets are divided into training data sets, verification data sets and test data sets, training, verification and testing are carried out on the multiparty network security factor risk data sets based on a deep learning network structure, a multiparty network risk self-adaptive assessment model is obtained, model parameters of the computer network risk self-adaptive assessment model and model parameters of the multiparty network risk self-adaptive assessment model are extracted for joint training, namely model federal learning is carried out, the federal learning is a distributed machine learning framework with privacy protection and security encryption technology, and aims at enabling scattered participants to cooperatively carry out model training of machine learning on the premise that privacy data are not disclosed to other participants, the comprehensiveness and accuracy of model training can be improved, the computer network risk self-adaptive assessment aggregation model is obtained, and the computer network self-adaptive risk aggregation is carried out by evaluating more computer network risk self-adaptive assessment models, and more accurate assessment model assessment is carried out on computer network risk self-adaptive assessment models.
In summary, the embodiment of the application has at least the following technical effects:
the application constructs a computer network security risk feature library; according to the computer information security standard, a network security factor set is obtained, a computer network security risk feature library is subjected to multidimensional evaluation according to the set, a network security factor risk data set is obtained, the network security factor risk data set is used as a risk sample data set for training, a basic risk evaluation branch model set is obtained, each branch model is fused, a computer network risk self-adaptive evaluation model is generated, risk evaluation is performed on computer network information based on the model, and information security processing is performed according to a risk evaluation result.
The technical effect of improving the efficiency and accuracy of computer network information security management is achieved.
Example two
Based on the same inventive concept as the computer network information security management method based on data processing in the foregoing embodiments, as shown in fig. 4, the present application provides a computer network information security management system based on data processing, and the system and method embodiments in the embodiments of the present application are based on the same inventive concept. Wherein the system comprises:
the network security risk feature library construction module 11, wherein the network security risk feature library construction module 11 is used for constructing a computer network security risk feature library;
a network security factor set obtaining module 12, where the network security factor set obtaining module 12 is configured to obtain a network security factor set according to a computer information security standard, where the network security factor set includes information confidentiality, endpoint authenticity, information integrity, access security, and transmission security;
the network security factor risk data acquisition module 13 is used for carrying out multidimensional evaluation on the computer network security risk feature library according to the network security factor set to obtain a network security factor risk data set;
the basic risk assessment branch model construction module 14 is configured to take the network security factor risk data set as a risk sample data set, and train the risk sample data set based on the network security factor set to obtain a basic risk assessment branch model set;
the adaptive evaluation model generation module 15 is configured to fuse each branch model in the basic risk evaluation branch model set to generate a computer network risk adaptive evaluation model;
the information security processing module 16, the information security processing module 16 is configured to perform risk assessment on computer network information based on the computer network risk adaptive assessment model, and perform information security processing according to a risk assessment result.
Further, the cyber-security risk feature library construction module 11 is further configured to perform the following steps:
acquiring historical computer network security risk data information;
acquiring a feature processing rule, and determining risk feature classification elements according to the feature processing rule;
classifying and marking the historical computer network security risk data information according to the risk feature classification elements to obtain a security risk element feature set;
and combing and integrating based on the security risk element feature set to construct the computer network security risk feature library.
Further, the basic risk assessment branch model construction module 14 is further configured to perform the following steps:
dividing the risk sample data set into a training risk sample set, a test risk sample set and a verification risk sample set according to a preset proportion;
training the training risk sample set by using a deep learning network structure to obtain an initial risk assessment branch model set;
and respectively verifying and testing the initial risk assessment branch model set based on the test risk sample set and the verification risk sample set until the model assessment error rate set is smaller than a preset assessment error rate, so as to obtain the basic risk assessment branch model set.
Further, the adaptive evaluation model generation module 15 is further configured to perform the following steps:
carrying out criticality evaluation on each security factor in the network security factor set to obtain a security factor criticality coefficient;
determining a branch model relevance weight according to the safety factor criticality coefficient;
carrying out parameter fusion on the model evaluation error rate set and the branch model relevance weight to obtain a model fusion voting coefficient set;
and fusing each branch model in the basic risk assessment branch model set based on the model fusion voting coefficient set to obtain the computer network risk self-adaptive assessment model.
Further, the information security processing module 16 is further configured to perform the following steps:
the computer network risk self-adaptive evaluation model comprises an input layer, a risk analysis layer, an evaluation fusion layer and an output layer, wherein the computer network information is input into the risk analysis layer through the input layer for analysis, and a network risk factor analysis set is obtained;
performing fusion evaluation on the network risk factor analysis set based on the evaluation fusion layer to obtain a computer network risk evaluation result;
and outputting the computer network risk assessment result as a model output result based on the output layer.
Constructing a computer network risk operation and maintenance knowledge base;
matching the computer network risk assessment result with the computer network risk operation and maintenance knowledge base to obtain a computer network risk operation and maintenance scheme;
and carrying out operation and maintenance processing on the computer network risk based on the computer network risk operation and maintenance scheme.
Further, the system further comprises:
the multi-party network security factor risk data set obtaining module is used for obtaining a multi-party computer network security risk feature library and obtaining a multi-party network security factor risk data set according to the multi-party computer network security risk feature library;
the multiparty network risk self-adaptive evaluation model obtaining module is used for training the multiparty network security factor risk data set based on a deep learning network structure to obtain a multiparty network risk self-adaptive evaluation model;
the computer network risk self-adaptive evaluation aggregation model obtaining module is used for extracting model parameters of the computer network risk self-adaptive evaluation model and the multiparty network risk self-adaptive evaluation model for joint training to obtain the computer network risk self-adaptive evaluation aggregation model.
It should be noted that the sequence of the embodiments of the present application is only for description, and does not represent the advantages and disadvantages of the embodiments. And the foregoing description has been directed to specific embodiments of this specification. Other embodiments are within the scope of the following claims. In some cases, the actions or steps recited in the claims can be performed in a different order than in the embodiments and still achieve desirable results. In addition, the processes depicted in the accompanying figures do not necessarily require the particular order shown, or sequential order, to achieve desirable results. In some embodiments, multitasking and parallel processing are also possible or may be advantageous.
The foregoing description of the preferred embodiments of the application is not intended to limit the application to the precise form disclosed, and any such modifications, equivalents, and alternatives falling within the spirit and scope of the application are intended to be included within the scope of the application.
The specification and figures are merely exemplary illustrations of the present application and are considered to cover any and all modifications, variations, combinations, or equivalents that fall within the scope of the application. It will be apparent to those skilled in the art that various modifications and variations can be made to the present application without departing from the scope of the application. Thus, the present application is intended to include such modifications and alterations insofar as they come within the scope of the application or the equivalents thereof.
Claims (8)
1. A method for managing computer network information security based on data processing, the method comprising:
constructing a computer network security risk feature library;
acquiring a network security factor set according to a computer information security standard, wherein the network security factor set comprises information confidentiality, endpoint authenticity, information integrity, access security and transmission security;
performing multidimensional evaluation on the computer network security risk feature library according to the network security factor set to obtain a network security factor risk data set;
taking the network security factor risk data set as a risk sample data set, and respectively training the risk sample data set based on the network security factor set to obtain a basic risk assessment branch model set;
fusing all branch models in the basic risk assessment branch model set to generate a computer network risk self-adaptive assessment model;
and performing risk assessment on the computer network information based on the computer network risk self-adaptive assessment model, and performing information security processing according to a risk assessment result.
2. The method of claim 1, wherein the constructing a computer network security risk feature library comprises:
acquiring historical computer network security risk data information;
acquiring a feature processing rule, and determining risk feature classification elements according to the feature processing rule;
classifying and marking the historical computer network security risk data information according to the risk feature classification elements to obtain a security risk element feature set;
and combing and integrating based on the security risk element feature set to construct the computer network security risk feature library.
3. The method of claim 1, wherein the obtaining a set of base risk assessment branch models comprises:
dividing the risk sample data set into a training risk sample set, a test risk sample set and a verification risk sample set according to a preset proportion;
training the training risk sample set by using a deep learning network structure to obtain an initial risk assessment branch model set;
and respectively verifying and testing the initial risk assessment branch model set based on the test risk sample set and the verification risk sample set until the model assessment error rate set is smaller than a preset assessment error rate, so as to obtain the basic risk assessment branch model set.
4. The method of claim 3, wherein the generating a computer network risk adaptive assessment model comprises:
carrying out criticality evaluation on each security factor in the network security factor set to obtain a security factor criticality coefficient;
determining a branch model relevance weight according to the safety factor criticality coefficient;
carrying out parameter fusion on the model evaluation error rate set and the branch model relevance weight to obtain a model fusion voting coefficient set;
and fusing each branch model in the basic risk assessment branch model set based on the model fusion voting coefficient set to obtain the computer network risk self-adaptive assessment model.
5. The method of claim 1, wherein the method comprises:
acquiring a multi-party computer network security risk feature library, and acquiring a multi-party network security factor risk data set according to the multi-party computer network security risk feature library;
training the multiparty network security factor risk data set based on a deep learning network structure to obtain a multiparty network risk self-adaptive assessment model;
and extracting model parameters of the computer network risk self-adaptive evaluation model and the multiparty network risk self-adaptive evaluation model for joint training to obtain a computer network risk self-adaptive evaluation aggregation model.
6. The method of claim 1, wherein performing risk assessment on computer network information based on the computer network risk adaptive assessment model comprises:
the computer network risk self-adaptive evaluation model comprises an input layer, a risk analysis layer, an evaluation fusion layer and an output layer, wherein the computer network information is input into the risk analysis layer through the input layer for analysis, and a network risk factor analysis set is obtained;
performing fusion evaluation on the network risk factor analysis set based on the evaluation fusion layer to obtain a computer network risk evaluation result;
and outputting the computer network risk assessment result as a model output result based on the output layer.
7. The method of claim 6, wherein the performing information security processing according to the risk assessment result comprises:
constructing a computer network risk operation and maintenance knowledge base;
matching the computer network risk assessment result with the computer network risk operation and maintenance knowledge base to obtain a computer network risk operation and maintenance scheme;
and carrying out operation and maintenance processing on the computer network risk based on the computer network risk operation and maintenance scheme.
8. A computer network information security management system based on data processing, the system comprising:
the system comprises a network security risk feature library construction module, a computer network security risk feature library generation module and a computer network security risk feature library generation module, wherein the network security risk feature library construction module is used for constructing a computer network security risk feature library;
the network security factor set obtaining module is used for obtaining a network security factor set according to the computer information security standard, wherein the network security factor set comprises information confidentiality, endpoint authenticity, information integrity, access security and transmission security;
the network security factor risk data acquisition module is used for carrying out multidimensional evaluation on the computer network security risk feature library according to the network security factor set to obtain a network security factor risk data set;
the basic risk assessment branch model building module is used for taking the network security factor risk data set as a risk sample data set, and training the risk sample data set based on the network security factor set to obtain a basic risk assessment branch model set;
the self-adaptive assessment model generation module is used for fusing all branch models in the basic risk assessment branch model set to generate a computer network risk self-adaptive assessment model;
the information security processing module is used for performing risk assessment on the computer network information based on the computer network risk self-adaptive assessment model and performing information security processing according to a risk assessment result.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310652402.9A CN116896452B (en) | 2023-06-05 | 2023-06-05 | Computer network information security management method and system based on data processing |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310652402.9A CN116896452B (en) | 2023-06-05 | 2023-06-05 | Computer network information security management method and system based on data processing |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN116896452A true CN116896452A (en) | 2023-10-17 |
| CN116896452B CN116896452B (en) | 2024-01-26 |
Family
ID=88314030
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202310652402.9A Active CN116896452B (en) | 2023-06-05 | 2023-06-05 | Computer network information security management method and system based on data processing |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN116896452B (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117336097A (en) * | 2023-11-16 | 2024-01-02 | 国网江苏省电力有限公司信息通信分公司 | Network information security management method and system based on big data |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109359469A (en) * | 2018-10-16 | 2019-02-19 | 上海电力学院 | A kind of Information Security Risk Assessment Methods of industrial control system |
| CN111489065A (en) * | 2020-03-27 | 2020-08-04 | 北京理工大学 | Node risk assessment integrating ICT supply chain network topology and product business information |
| WO2022093007A1 (en) * | 2020-10-28 | 2022-05-05 | Nexagate Sdn Bhd | An improved computer implemented system and method for cybersecurity management platform of a monitored network |
| CN115086089A (en) * | 2022-08-23 | 2022-09-20 | 广州市宏方网络科技有限公司 | Method and system for network security assessment prediction |
| CN115860118A (en) * | 2022-12-06 | 2023-03-28 | 国家石油天然气管网集团有限公司 | Safety construction method and system of intelligent pipe network knowledge model |
-
2023
- 2023-06-05 CN CN202310652402.9A patent/CN116896452B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109359469A (en) * | 2018-10-16 | 2019-02-19 | 上海电力学院 | A kind of Information Security Risk Assessment Methods of industrial control system |
| CN111489065A (en) * | 2020-03-27 | 2020-08-04 | 北京理工大学 | Node risk assessment integrating ICT supply chain network topology and product business information |
| WO2022093007A1 (en) * | 2020-10-28 | 2022-05-05 | Nexagate Sdn Bhd | An improved computer implemented system and method for cybersecurity management platform of a monitored network |
| CN115086089A (en) * | 2022-08-23 | 2022-09-20 | 广州市宏方网络科技有限公司 | Method and system for network security assessment prediction |
| CN115860118A (en) * | 2022-12-06 | 2023-03-28 | 国家石油天然气管网集团有限公司 | Safety construction method and system of intelligent pipe network knowledge model |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117336097A (en) * | 2023-11-16 | 2024-01-02 | 国网江苏省电力有限公司信息通信分公司 | Network information security management method and system based on big data |
| CN117336097B (en) * | 2023-11-16 | 2024-04-26 | 国网江苏省电力有限公司信息通信分公司 | Network information security management method and system based on big data |
Also Published As
| Publication number | Publication date |
|---|---|
| CN116896452B (en) | 2024-01-26 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN106790019B (en) | Encryption method for recognizing flux and device based on feature self study | |
| CN110413707A (en) | The excavation of clique's relationship is cheated in internet and checks method and its system | |
| CN108848068A (en) | Based on deepness belief network-Support Vector data description APT attack detection method | |
| CN116896452B (en) | Computer network information security management method and system based on data processing | |
| CN114818011A (en) | Federal learning method and system suitable for carbon credit evaluation and electronic equipment | |
| CN114785563B (en) | Encryption malicious traffic detection method of soft voting strategy | |
| CN110011990A (en) | Intranet security threatens intelligent analysis method | |
| CN112116103A (en) | Method, device and system for evaluating personal qualification based on federal learning and storage medium | |
| Bogavac et al. | IDSME index–new method for evaluation of SMEs digitalization | |
| CN115062328A (en) | Intelligent information analysis method based on cross-modal data fusion | |
| CN103970651A (en) | Software architecture safety assessment method based on module safety attributes | |
| CN110457601A (en) | The recognition methods and device of social account, storage medium and electronic device | |
| CN110049034A (en) | A kind of real-time Sybil attack detection method of complex network based on deep learning | |
| CN113807736A (en) | Data quality evaluation method, computer equipment and storage medium | |
| Yin et al. | A feature selection method for improved clonal algorithm towards intrusion detection | |
| CN113487241A (en) | Method, device, equipment and storage medium for classifying enterprise environment-friendly credit grades | |
| US20220405681A1 (en) | Personal introduction information generating method, computing device using the same, and storage medium | |
| CN116341793A (en) | Block chain-based method and device for determining carbon emission of product | |
| CN110457009A (en) | The implementation method of software security demand recommended models based on data analysis | |
| CN112992156B (en) | Power distribution network dispatching identity authentication system based on voiceprint authentication | |
| Lili | A Mobile Terminal‐Based College English Teaching Evaluation Method | |
| CN114863430A (en) | Automatic population information error correction method, device and storage medium thereof | |
| CN113516229A (en) | Credible user optimization selection method facing crowd sensing system | |
| Chang et al. | Pre-evaluation of industrialization project of local science and technology achievements based on FAHP | |
| Fox | Course LNIRT: Modeling response accuracy and response times |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |