技术领域technical field
本发明涉及信息安全技术领域,具体地说是一种实用性强、安全态势分析统计方法。The invention relates to the technical field of information security, in particular to a highly practical security situation analysis and statistical method.
背景技术Background technique
快速发展的互联网技术不断地改变人们的生活方式,然而,多层面的安全威胁和安全风险也不断出现。对于一个大型网络,在网络安全层面,除了访问控制、入侵检测、身份识别等基础技术手段,需要安全运维和管理人员能够及时感知网络中的异常事件与整体安全态势。对于安全运维人员来说,如何从成千上万的安全事件和日志中找到最有价值、最需要处理和解决的安全问题,从而保障网络的安全状态,是他们最关心也是最需要解决的问题。与此同时,对于安全管理者和高层管理者而言,如何描述当前网络安全的整体状况,如何预测和判断风险发展的趋势,如何指导下一步安全建设与规划,则是一道持久的难题。The rapid development of Internet technology is constantly changing people's way of life, however, multi-level security threats and security risks are also constantly emerging. For a large-scale network, in terms of network security, in addition to access control, intrusion detection, identification and other basic technical means, it is necessary for security operation and maintenance and management personnel to be able to perceive abnormal events and the overall security situation in the network in a timely manner. For security operation and maintenance personnel, how to find the most valuable security issues that need to be dealt with and resolved from thousands of security events and logs, so as to ensure the security status of the network, is what they are most concerned about and need to solve. question. At the same time, for security managers and senior managers, how to describe the current overall situation of network security, how to predict and judge the trend of risk development, and how to guide the next step of security construction and planning are persistent problems.
随着大数据技术的成熟、应用与推广,大数据技术特有的海量存储、并行计算、高效查询等特点,为大规模网络安全态势感知的关键技术创造了突破的机遇。基于此,现提供一种基于大数据技术的安全态势分析统计方法,该方法利用大数据技术对信息系统中的日志进行处理,分析统计当前的安全态势,为整个信息系统提供“全景式”的安全状态呈现。With the maturity, application and promotion of big data technology, the unique characteristics of big data technology such as massive storage, parallel computing, and efficient query have created opportunities for breakthroughs in key technologies for large-scale network security situational awareness. Based on this, a security situation analysis and statistics method based on big data technology is now provided. This method uses big data technology to process logs in the information system, analyzes and counts the current security situation, and provides a "panoramic" view for the entire information system. The security status is presented.
发明内容Contents of the invention
本发明的技术任务是针对以上不足之处,提供一种实用性强、安全态势分析统计方法。The technical task of the present invention is to provide a highly practical security situation analysis and statistical method aiming at the above deficiencies.
一种安全态势分析统计方法,其具体实现过程为:A statistical method for security situation analysis, the specific implementation process of which is as follows:
一、数据预处理:信息系统采集数据后,根据不同的数据需求,对海量数据个体的安全事件日志进行分级存储,对数据进行清理、整合及分类,依次存储到各类日志库中;1. Data preprocessing: After the information system collects data, according to different data requirements, it stores the security event logs of massive data individuals in a hierarchical manner, cleans, integrates and classifies the data, and stores them in various log databases in turn;
二、数据分析:设置日志分析参数、配置规则,对日志数据进行分析处理和挖掘,形成单独数据个体的追踪数据流;2. Data analysis: set log analysis parameters and configuration rules, analyze, process and mine log data, and form a tracking data flow of individual data individuals;
三、设置安全服务:通过对大数据的分析处理和比对,形成特征库或资源库,该安全服务模块利用特征库通过服务总线对外提供日志分析服务;3. Set up security services: through the analysis, processing and comparison of big data, a feature library or resource library is formed. The security service module uses the feature library to provide external log analysis services through the service bus;
四、设置安全态势呈现:呈现整个系统的数据安全态势。4. Set the security situation display: present the data security situation of the entire system.
所述步骤一中对日志进行分类成计算设施日志、业务系统日志、安全设备日志、网络设备日志。In the first step, the logs are classified into computing facility logs, business system logs, security device logs, and network device logs.
所述步骤一中的信息存储在大数据平台下的内存数据库,磁盘数据库,分布式文件系统中。The information in the step 1 is stored in the memory database, the disk database and the distributed file system under the big data platform.
内存数据库通过采用开源分布式内存数据H2;磁盘数据库作内存数据库的持久化存储,采用开源数据库MySQL,该磁盘数据库将信息定期导入到分布式文件系统中,供管理平台进行数据分析,挖掘大数据的价值;分布式存储系统则采用大数据存储的Hadoop集群。The memory database adopts open source distributed memory data H2; the disk database is used as the persistent storage of the memory database, and the open source database MySQL is used. The disk database regularly imports information into the distributed file system for the management platform to conduct data analysis and mine big data value; the distributed storage system uses Hadoop clusters for big data storage.
所述步骤二中的数据分析是通过Mahout搭建数据挖掘引擎,提供数据安全挖掘模型,结合聚类、趋势分析的挖掘算法,为客户提供数据挖掘平台,对海量安全数据进行智能分析。The data analysis in the second step is to build a data mining engine through Mahout, provide a data security mining model, and combine clustering and trend analysis mining algorithms to provide customers with a data mining platform for intelligent analysis of massive security data.
所述步骤三中设置安全服务,形成特征库或资源库的过程为:采用大数据存储Hadoop、HDFS、Hbase,分布式处理MapReduce处理海量的日志信息,从中挖掘出具有价值的信息,并分别形成系统管理员资源库、业务用户资源库、网络地址资源库、软件资源库、服务资源库以及系统用户行为特征库、应用用户行为特征库、应用业务安全特征库、网络攻击特征库、专家知识库,供安全服务的请求及调用。The process of setting up security services in the step 3 and forming a feature library or resource library is: using big data to store Hadoop, HDFS, Hbase, distributed processing MapReduce to process massive log information, mining valuable information from it, and forming System administrator resource library, business user resource library, network address resource library, software resource library, service resource library and system user behavior feature library, application user behavior feature library, application business security feature library, network attack feature library, expert knowledge base , for the request and invocation of security services.
所述步骤四中安全态势呈现包括以下四种呈现形式:The presentation of the security situation in step 4 includes the following four presentation forms:
1)多维度查询:提供多维度、细粒度查询条件,用户通过设定时间、设备、数据标识、数据生命周期状态、操作行为条件,查询数据个体的安全事件;查询结果支持线索化展示方式,用户通过看到数据在产生、修改、流转、销毁所有的全景式安全事件,对数据进行溯源追踪,实现到“事后审计”的功能;1) Multi-dimensional query: Provide multi-dimensional and fine-grained query conditions. Users can query security events of individual data by setting time, equipment, data identification, data life cycle status, and operation behavior conditions; query results support threaded display. By seeing all panoramic security events in which data is generated, modified, transferred, and destroyed, users can trace the source of the data and realize the function of "post-event auditing";
2)数据透视表:用户通过管理平台统计界面,通过拖拽行、列的条件,利用Apache Pivot组件和延迟加载实时生成数据透视表;用户通过预设置数据透视表模板,后台系统自动定时生成透视图,在平台界面展示,或通过邮件发给用户;2) Pivot table: The user can use the Apache Pivot component and delay loading to generate a pivot table in real time by dragging and dropping the conditions of rows and columns through the statistical interface of the management platform; the user can set the template of the pivot table in advance, and the background system will automatically generate a pivot table at regular intervals Figures, displayed on the platform interface, or sent to users by email;
3)静态统计图:采用JFreeChart开源组件,根据用户设定的条件,生成柱状图、饼图,展示给客户;3) Static statistical charts: use JFreeChart open source components to generate histograms and pie charts according to the conditions set by users, and display them to customers;
4)3D效果展示图:通过安全态势展示引擎iSec3D,提供动态3D安全威胁星云图。4) 3D effect display map: Provide a dynamic 3D security threat nebula map through the security situation display engine iSec3D.
本发明的一种安全态势分析统计方法,具有以下优点:A kind of security situation analysis statistical method of the present invention has the following advantages:
该发明的一种安全态势分析统计方法利用大数据技术的处理框架对信息系统所搜集的安全事件日志进行深度挖掘分析,对当前的安全态势进行多维度、细粒度的统计,并以“全景式”的图形界面进行展示,实用性强,适用范围广泛,易于推广。A security situation analysis and statistics method of the invention uses the processing framework of big data technology to conduct in-depth mining and analysis on the security event logs collected by the information system, conduct multi-dimensional and fine-grained statistics on the current security situation, and use the "panoramic approach" "Graphic interface for display, strong practicability, wide range of application, easy to promote.
附图说明Description of drawings
附图1为本发明的实现示意图。Accompanying drawing 1 is the realization schematic diagram of the present invention.
附图2为本发明的管理存储架构图。Accompanying drawing 2 is the structure diagram of management storage of the present invention.
具体实施方式Detailed ways
下面结合附图和具体实施例对本发明作进一步说明。The present invention will be further described below in conjunction with the accompanying drawings and specific embodiments.
本发明提供一种安全态势分析统计方法,该方法利用大数据技术的处理框架对信息系统所搜集的安全事件日志进行深度挖掘分析,对当前的安全态势进行多维度、细粒度的统计,并以“全景式”的图形界面进行展示。如附图1、图2所示,其具体实现过程为:The present invention provides a security situation analysis and statistics method, which utilizes the processing framework of big data technology to conduct in-depth mining and analysis on the security event logs collected by the information system, conducts multi-dimensional and fine-grained statistics on the current security situation, and uses "Panoramic" graphical interface for display. As shown in Figure 1 and Figure 2, the specific implementation process is as follows:
一、数据预处理:信息系统采集数据后,根据不同的数据需求,将日志数据进行预处理,例如,对不满足规定格式的数据进行清理、按一定格式进行转换日志、将一些数据整合等,并对日志进行分类,对海量数据个体的安全事件日志进行分级存储,依次存储到各类日志库中;1. Data preprocessing: After the information system collects data, it preprocesses the log data according to different data requirements, for example, cleaning up the data that does not meet the specified format, converting the log according to a certain format, and integrating some data, etc. And classify the logs, store the security event logs of massive data individuals in a hierarchical manner, and store them in various log libraries in turn;
二、数据分析:设置日志分析参数、配置规则,对日志数据进行分析处理和挖掘,形成单独数据个体的追踪数据流;2. Data analysis: set log analysis parameters and configuration rules, analyze, process and mine log data, and form a tracking data flow of individual data individuals;
三、设置安全服务:通过对大数据的分析处理和比对,形成特征库或资源库,该安全服务模块利用特征库通过服务总线对外提供日志分析服务;3. Set up security services: through the analysis, processing and comparison of big data, a feature library or resource library is formed. The security service module uses the feature library to provide external log analysis services through the service bus;
四、设置安全态势呈现:呈现整个系统的数据安全态势,提供多种视图,支持细粒度、多维度的查询,柱图、饼图、堆积图等多种形式的可视化展示,及“3D全景式”的呈现。4. Set up security situation display: present the data security situation of the entire system, provide multiple views, support fine-grained, multi-dimensional queries, column charts, pie charts, stacked charts and other forms of visual display, and "3D panoramic " presentation.
所述步骤一中对日志进行分类成计算设施日志、业务系统日志、安全设备日志、网络设备日志。In the first step, the logs are classified into computing facility logs, business system logs, security device logs, and network device logs.
所述步骤一中的信息存储在大数据平台下的内存数据库,磁盘数据库,分布式文件系统中。The information in the step 1 is stored in the memory database, the disk database and the distributed file system under the big data platform.
内存数据库的高性能,可以不再进行读写分离设计,OLTP性能是传统数据库的几十倍以上,该内存数据库通过采用开源分布式内存数据H2,能够提供零成本的优势;磁盘数据库作内存数据库的持久化存储,采用开源数据库MySQL,该磁盘数据库将信息定期导入到分布式文件系统中,供管理平台进行数据分析,挖掘大数据的价值;分布式存储系统则采用大数据存储的Hadoop集群。The high performance of the in-memory database can no longer be designed for read-write separation. The performance of OLTP is dozens of times that of the traditional database. The in-memory database can provide the advantage of zero cost by using the open source distributed in-memory data H2; the disk database can be used as an in-memory database The persistent storage uses the open source database MySQL, which regularly imports information into the distributed file system for the management platform to analyze the data and tap the value of big data; the distributed storage system uses the Hadoop cluster for big data storage.
所述步骤二中的数据分析是通过Mahout搭建数据挖掘引擎,提供数据安全挖掘模型,结合聚类、趋势分析的挖掘算法,为客户提供数据挖掘平台,对海量安全数据进行智能分析。The data analysis in the second step is to build a data mining engine through Mahout, provide a data security mining model, and combine clustering and trend analysis mining algorithms to provide customers with a data mining platform for intelligent analysis of massive security data.
所述步骤三中设置安全服务,形成特征库或资源库的过程为:采用大数据存储Hadoop、HDFS、Hbase,分布式处理MapReduce处理海量的日志信息,从中挖掘出具有价值的信息,并分别形成系统管理员资源库、业务用户资源库、网络地址资源库、软件资源库、服务资源库以及系统用户行为特征库、应用用户行为特征库、应用业务安全特征库、网络攻击特征库、专家知识库,供安全服务的请求及调用。The process of setting up security services in the step 3 and forming a feature library or resource library is: using big data to store Hadoop, HDFS, Hbase, distributed processing MapReduce to process massive log information, mining valuable information from it, and forming System administrator resource library, business user resource library, network address resource library, software resource library, service resource library and system user behavior feature library, application user behavior feature library, application business security feature library, network attack feature library, expert knowledge base , for the request and invocation of security services.
所述步骤四中安全态势呈现包括以下四种呈现形式:The presentation of the security situation in step 4 includes the following four presentation forms:
1)多维度查询:提供多维度、细粒度查询条件,用户可以设定时间、设备、数据标识、数据生命周期状态、操作行为等条件,查询数据个体的安全事件。查询结果支持“线索化”展示方式,用户可以看到数据在产生、修改、流转、销毁所有的“全景式”安全事件,可以方便的对数据进行溯源追踪,实现到“事后审计”的功能。1) Multi-dimensional query: Provides multi-dimensional and fine-grained query conditions. Users can set conditions such as time, equipment, data identification, data life cycle status, and operation behavior to query security events of individual data. The query results support the "clue-based" display method. Users can see all "panoramic" security events in which data is generated, modified, transferred, and destroyed. It is convenient to trace the source of the data and realize the "post-event audit" function.
2)数据透视表Pivot Table:用户通过管理平台统计界面,通过拖拽行、列的条件,利用Apache Pivot组件和延迟加载实时生成数据透视表。用户通过预设置数据透视表模板,后台系统自动定时生成透视图,在平台界面展示,或通过邮件发给用户。2) Pivot Table: The user can use the Apache Pivot component and lazy loading to generate a Pivot Table in real time by dragging and dropping the row and column conditions through the statistics interface of the management platform. The user presets the pivot table template, and the background system automatically generates the perspective chart at regular intervals, displays it on the platform interface, or sends it to the user by email.
3)静态统计图:采用JFreeChart开源组件,根据用户设定的条件,生成柱状图、饼图等,给客户最直观的数据统计展示。3) Static statistical graphs: JFreeChart open source components are used to generate histograms, pie charts, etc. according to the conditions set by users, to give customers the most intuitive statistical display of data.
4)3D效果展示图:数据平台提供3D效果展示图,利用浪潮自主研发的安全态势展示引擎iSec3D,提供动态3D安全威胁星云图。用户在一个页面内,通过多维视角,浏览到整个数据中心数据安全态势。4) 3D effect display map: the data platform provides 3D effect display map, and uses the security situation display engine iSec3D independently developed by Inspur to provide a dynamic 3D security threat nebula map. Users can browse the data security situation of the entire data center from a multi-dimensional perspective on one page.
上述具体实施方式仅是本发明的具体个案,本发明的专利保护范围包括但不限于上述具体实施方式,任何符合本发明的一种安全态势分析统计方法的权利要求书的且任何所属技术领域的普通技术人员对其所做的适当变化或替换,皆应落入本发明的专利保护范围。The specific implementation described above is only a specific case of the present invention, and the scope of patent protection of the present invention includes but is not limited to the specific implementation described above, any claim in accordance with the claims of a security situation analysis statistical method of the present invention and any technical field Appropriate changes or substitutions made by ordinary skilled persons shall fall within the patent protection scope of the present invention.
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410526907.1ACN104268254A (en) | 2014-10-09 | 2014-10-09 | Security situation analysis and statistics method |
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410526907.1ACN104268254A (en) | 2014-10-09 | 2014-10-09 | Security situation analysis and statistics method |
| Publication Number | Publication Date |
|---|---|
| CN104268254Atrue CN104268254A (en) | 2015-01-07 |
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410526907.1APendingCN104268254A (en) | 2014-10-09 | 2014-10-09 | Security situation analysis and statistics method |
| Country | Link |
|---|---|
| CN (1) | CN104268254A (en) |
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104993952A (en)* | 2015-06-19 | 2015-10-21 | 成都艾尔普科技有限责任公司 | Network user behavior audit and responsibility management system |
| CN105049232A (en)* | 2015-06-19 | 2015-11-11 | 成都艾尔普科技有限责任公司 | Network information log audit system |
| CN105162614A (en)* | 2015-06-19 | 2015-12-16 | 成都艾尔普科技有限责任公司 | Network user behavior auditing and responsibility management method |
| CN105208000A (en)* | 2015-08-21 | 2015-12-30 | 深信服网络科技(深圳)有限公司 | Network attack retrospective analysis method and network security equipment |
| CN105389482A (en)* | 2015-09-28 | 2016-03-09 | 深圳华大基因科技服务有限公司 | Massive data analysis method based on cloud platform |
| CN105681298A (en)* | 2016-01-13 | 2016-06-15 | 成都安信共创检测技术有限公司 | Data security abnormity monitoring method and system in public information platform |
| CN105843803A (en)* | 2015-01-12 | 2016-08-10 | 上海悦程信息技术有限公司 | Big data security visualization interaction analysis system and method |
| CN106372504A (en)* | 2016-08-30 | 2017-02-01 | 北京奇艺世纪科技有限公司 | Security threat data integration method, device and system |
| CN106445943A (en)* | 2015-08-06 | 2017-02-22 | 中兴通讯股份有限公司 | Log display method and apparatus |
| CN106484708A (en)* | 2015-08-26 | 2017-03-08 | 北京奇虎科技有限公司 | A kind of processing method of user behavior data and system |
| CN106778253A (en)* | 2016-11-24 | 2017-05-31 | 国家电网公司 | Threat context aware information security Initiative Defense model based on big data |
| CN107124325A (en)* | 2017-03-10 | 2017-09-01 | 北京国电通网络技术有限公司 | A kind of power communication network operation safety evaluation method and system |
| CN107196910A (en)* | 2017-04-18 | 2017-09-22 | 国网山东省电力公司电力科学研究院 | Threat early warning monitoring system, method and the deployment framework analyzed based on big data |
| CN107579944A (en)* | 2016-07-05 | 2018-01-12 | 南京联成科技发展股份有限公司 | Based on artificial intelligence and MapReduce security attack Forecasting Methodologies |
| CN107679087A (en)* | 2017-09-04 | 2018-02-09 | 浙江聚邦科技有限公司 | A kind of growth information gathering mobile terminal microfluidic platform towards medium-sized and small enterprises |
| CN107733859A (en)* | 2017-09-03 | 2018-02-23 | 中国南方电网有限责任公司 | A kind of Network Safety Analysis system and its analysis method based on big data |
| CN108550053A (en)* | 2018-04-12 | 2018-09-18 | 南京龙梅电子商务有限公司 | User consumption data acquisition and analysis system and method based on platform technology |
| CN108920951A (en)* | 2018-07-20 | 2018-11-30 | 山东浪潮通软信息科技有限公司 | A kind of security audit frame based under cloud mode |
| CN109101230A (en)* | 2018-07-10 | 2018-12-28 | 云南大学 | A kind of the double level software process method for digging and system of data-driven |
| CN109189818A (en)* | 2018-07-05 | 2019-01-11 | 四川省烟草公司成都市公司 | The method that a kind of tobacco data granularity under value-added service environment divides |
| CN109302402A (en)* | 2018-10-26 | 2019-02-01 | 北京芯盾时代科技有限公司 | A kind of behavioral value method and device |
| CN109491651A (en)* | 2018-10-24 | 2019-03-19 | 东软集团股份有限公司 | Data preprocessing method, device, storage medium and electronic equipment |
| CN109510721A (en)* | 2018-11-01 | 2019-03-22 | 郑州云海信息技术有限公司 | A kind of network log management method and system based on Syslog |
| CN109614181A (en)* | 2018-11-15 | 2019-04-12 | 中国科学院计算机网络信息中心 | Method, device and storage medium for displaying security situation of mobile terminal |
| CN109657460A (en)* | 2018-11-15 | 2019-04-19 | 中国科学院计算机网络信息中心 | Self study security postures feature base construction method, device and the storage medium of mobile terminal |
| CN109739837A (en)* | 2018-12-28 | 2019-05-10 | 深圳市简工智能科技有限公司 | Analysis method, terminal and the readable storage medium storing program for executing of smart lock log |
| CN109815198A (en)* | 2018-12-10 | 2019-05-28 | 北京龙拳风暴科技有限公司 | Method and device for realizing source layer of mobile game big data |
| CN109857924A (en)* | 2019-02-28 | 2019-06-07 | 重庆科技学院 | A kind of big data analysis monitor information processing system and method |
| CN111046022A (en)* | 2019-12-04 | 2020-04-21 | 山西云时代技术有限公司 | Database auditing method based on big data technology |
| CN111435374A (en)* | 2019-01-11 | 2020-07-21 | 百度在线网络技术(北京)有限公司 | Display device and method for searching statistical data |
| WO2020207292A1 (en)* | 2019-04-12 | 2020-10-15 | 阿里巴巴集团控股有限公司 | Data security processing system and method, storage medium, processor, and hardware security card |
| CN111832017A (en)* | 2020-07-17 | 2020-10-27 | 中国移动通信集团广西有限公司 | A cloud-oriented database security situational awareness system |
| CN112148698A (en)* | 2020-09-10 | 2020-12-29 | 深圳供电局有限公司 | Log auditing method and system for big data platform |
| CN113076355A (en)* | 2021-04-09 | 2021-07-06 | 国家计算机网络与信息安全管理中心 | Method for sensing data security flow situation |
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP0720336A2 (en)* | 1994-12-15 | 1996-07-03 | AT&T Corp. | Script preprocessing system and method |
| CN103166794A (en)* | 2013-02-22 | 2013-06-19 | 中国人民解放军91655部队 | Information security management method with integration security control function |
| CN103177333A (en)* | 2013-02-22 | 2013-06-26 | 中国人民解放军91655部队 | Network warning on-duty management method based on workflow |
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP0720336A2 (en)* | 1994-12-15 | 1996-07-03 | AT&T Corp. | Script preprocessing system and method |
| CN103166794A (en)* | 2013-02-22 | 2013-06-19 | 中国人民解放军91655部队 | Information security management method with integration security control function |
| CN103177333A (en)* | 2013-02-22 | 2013-06-26 | 中国人民解放军91655部队 | Network warning on-duty management method based on workflow |
| Title |
|---|
| 吕广娟: "网络安全监测分析系统的研究与实现", 《中国优秀硕士学位论文全文数据库 信息科技辑》* |
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105843803A (en)* | 2015-01-12 | 2016-08-10 | 上海悦程信息技术有限公司 | Big data security visualization interaction analysis system and method |
| CN105843803B (en)* | 2015-01-12 | 2019-04-12 | 上海悦程信息技术有限公司 | Big data secure visual interaction analysis system and method |
| CN105049232A (en)* | 2015-06-19 | 2015-11-11 | 成都艾尔普科技有限责任公司 | Network information log audit system |
| CN105162614A (en)* | 2015-06-19 | 2015-12-16 | 成都艾尔普科技有限责任公司 | Network user behavior auditing and responsibility management method |
| CN105049232B (en)* | 2015-06-19 | 2019-06-21 | 成都艾尔普科技有限责任公司 | Network information Log Audit System |
| CN104993952A (en)* | 2015-06-19 | 2015-10-21 | 成都艾尔普科技有限责任公司 | Network user behavior audit and responsibility management system |
| CN106445943B (en)* | 2015-08-06 | 2020-09-08 | 南京中兴新软件有限责任公司 | Log display method and device |
| CN106445943A (en)* | 2015-08-06 | 2017-02-22 | 中兴通讯股份有限公司 | Log display method and apparatus |
| CN105208000B (en)* | 2015-08-21 | 2019-02-22 | 深信服网络科技(深圳)有限公司 | The method and Network Security Device of network analysis attack backtracking |
| CN105208000A (en)* | 2015-08-21 | 2015-12-30 | 深信服网络科技(深圳)有限公司 | Network attack retrospective analysis method and network security equipment |
| CN106484708A (en)* | 2015-08-26 | 2017-03-08 | 北京奇虎科技有限公司 | A kind of processing method of user behavior data and system |
| CN105389482A (en)* | 2015-09-28 | 2016-03-09 | 深圳华大基因科技服务有限公司 | Massive data analysis method based on cloud platform |
| CN105389482B (en)* | 2015-09-28 | 2018-09-14 | 深圳华大基因科技服务有限公司 | A kind of big data analysis method based on cloud platform |
| CN105681298A (en)* | 2016-01-13 | 2016-06-15 | 成都安信共创检测技术有限公司 | Data security abnormity monitoring method and system in public information platform |
| CN107579944A (en)* | 2016-07-05 | 2018-01-12 | 南京联成科技发展股份有限公司 | Based on artificial intelligence and MapReduce security attack Forecasting Methodologies |
| CN107579944B (en)* | 2016-07-05 | 2020-08-11 | 南京联成科技发展股份有限公司 | Artificial intelligence and MapReduce-based security attack prediction method |
| CN106372504A (en)* | 2016-08-30 | 2017-02-01 | 北京奇艺世纪科技有限公司 | Security threat data integration method, device and system |
| CN106778253A (en)* | 2016-11-24 | 2017-05-31 | 国家电网公司 | Threat context aware information security Initiative Defense model based on big data |
| CN107124325A (en)* | 2017-03-10 | 2017-09-01 | 北京国电通网络技术有限公司 | A kind of power communication network operation safety evaluation method and system |
| CN107196910A (en)* | 2017-04-18 | 2017-09-22 | 国网山东省电力公司电力科学研究院 | Threat early warning monitoring system, method and the deployment framework analyzed based on big data |
| CN107196910B (en)* | 2017-04-18 | 2019-09-10 | 国网山东省电力公司电力科学研究院 | Threat early warning monitoring system, method and deployment framework based on big data analysis |
| CN107733859A (en)* | 2017-09-03 | 2018-02-23 | 中国南方电网有限责任公司 | A kind of Network Safety Analysis system and its analysis method based on big data |
| CN107679087A (en)* | 2017-09-04 | 2018-02-09 | 浙江聚邦科技有限公司 | A kind of growth information gathering mobile terminal microfluidic platform towards medium-sized and small enterprises |
| CN108550053A (en)* | 2018-04-12 | 2018-09-18 | 南京龙梅电子商务有限公司 | User consumption data acquisition and analysis system and method based on platform technology |
| CN108550053B (en)* | 2018-04-12 | 2022-05-13 | 南京海丽尔信息技术有限公司 | User consumption data acquisition and analysis system and method based on platform technology |
| CN109189818A (en)* | 2018-07-05 | 2019-01-11 | 四川省烟草公司成都市公司 | The method that a kind of tobacco data granularity under value-added service environment divides |
| CN109101230B (en)* | 2018-07-10 | 2022-03-04 | 云南大学 | Data-driven double-level software process mining method and system |
| CN109101230A (en)* | 2018-07-10 | 2018-12-28 | 云南大学 | A kind of the double level software process method for digging and system of data-driven |
| CN108920951A (en)* | 2018-07-20 | 2018-11-30 | 山东浪潮通软信息科技有限公司 | A kind of security audit frame based under cloud mode |
| CN109491651A (en)* | 2018-10-24 | 2019-03-19 | 东软集团股份有限公司 | Data preprocessing method, device, storage medium and electronic equipment |
| CN109302402A (en)* | 2018-10-26 | 2019-02-01 | 北京芯盾时代科技有限公司 | A kind of behavioral value method and device |
| CN109510721A (en)* | 2018-11-01 | 2019-03-22 | 郑州云海信息技术有限公司 | A kind of network log management method and system based on Syslog |
| CN109657460A (en)* | 2018-11-15 | 2019-04-19 | 中国科学院计算机网络信息中心 | Self study security postures feature base construction method, device and the storage medium of mobile terminal |
| CN109614181A (en)* | 2018-11-15 | 2019-04-12 | 中国科学院计算机网络信息中心 | Method, device and storage medium for displaying security situation of mobile terminal |
| CN109815198A (en)* | 2018-12-10 | 2019-05-28 | 北京龙拳风暴科技有限公司 | Method and device for realizing source layer of mobile game big data |
| CN109739837A (en)* | 2018-12-28 | 2019-05-10 | 深圳市简工智能科技有限公司 | Analysis method, terminal and the readable storage medium storing program for executing of smart lock log |
| CN109739837B (en)* | 2018-12-28 | 2021-09-17 | 深圳市简工智能科技有限公司 | Intelligent lock log analysis method, terminal and readable storage medium |
| CN111435374A (en)* | 2019-01-11 | 2020-07-21 | 百度在线网络技术(北京)有限公司 | Display device and method for searching statistical data |
| CN111435374B (en)* | 2019-01-11 | 2023-04-25 | 百度在线网络技术(北京)有限公司 | Display device and method for searching statistical data |
| CN109857924A (en)* | 2019-02-28 | 2019-06-07 | 重庆科技学院 | A kind of big data analysis monitor information processing system and method |
| WO2020207292A1 (en)* | 2019-04-12 | 2020-10-15 | 阿里巴巴集团控股有限公司 | Data security processing system and method, storage medium, processor, and hardware security card |
| CN111046022A (en)* | 2019-12-04 | 2020-04-21 | 山西云时代技术有限公司 | Database auditing method based on big data technology |
| CN111832017A (en)* | 2020-07-17 | 2020-10-27 | 中国移动通信集团广西有限公司 | A cloud-oriented database security situational awareness system |
| CN111832017B (en)* | 2020-07-17 | 2023-08-11 | 中国移动通信集团广西有限公司 | A Cloud-Oriented Database Security Situational Awareness System |
| CN112148698A (en)* | 2020-09-10 | 2020-12-29 | 深圳供电局有限公司 | Log auditing method and system for big data platform |
| CN113076355A (en)* | 2021-04-09 | 2021-07-06 | 国家计算机网络与信息安全管理中心 | Method for sensing data security flow situation |
| Publication | Publication Date | Title |
|---|---|---|
| CN104268254A (en) | Security situation analysis and statistics method | |
| Fischer et al. | NStreamAware: Real-time visual analytics for data streams to enhance situational awareness | |
| US20160011723A1 (en) | Parallel Display of Multiple Graphical Indicators Representing Differing Search Criteria Evaluated Across a Plurality of Events | |
| CN102411766A (en) | Electric power system data analysis platform and method | |
| Fischer et al. | Real-time visual analytics for event data streams | |
| Jayasingh et al. | Security issues and challenges of big data analytics and visualization | |
| CN118093687A (en) | Digital economic data acquisition system, method and storage medium based on big data | |
| Okewu et al. | Design of a learning analytics system for academic advising in Nigerian universities | |
| Arora et al. | Big data: A review of analytics methods & techniques | |
| CN117151350A (en) | Visual billboard system, method, device and medium for decision management | |
| Tiwari et al. | A review on big data and its security | |
| Bhuyan et al. | Crime predictive model using big data analytics | |
| Sanjay et al. | An insight into big data analytics—Methods and application | |
| Wong et al. | A visual analytics paradigm enabling trillion-edge graph exploration | |
| CN106127503A (en) | A kind of Analysis of Network Information method based on true social relations and big data | |
| CN117408431A (en) | Power grid company supervision method and system for improving full business process efficiency | |
| Saha et al. | Big data trends and analytics: A survey | |
| US12158828B1 (en) | Correlating application performance to external events | |
| Shrivastava et al. | Graph mining framework for finding and visualizing substructures using graph database | |
| Simaković et al. | Big Data Applications and Challenges | |
| Qiu | [Retracted] Effect of Improved Association Algorithm on Mining and Recognition of Audit Data | |
| US10152556B1 (en) | Semantic modeling platform | |
| Stryk | How do organizations prepare and clean big data to achieve better data governance? A Delphi Study | |
| Mahmood et al. | Recent advances in big data: features, classification, analytics, research challenges, and future trends | |
| Pospiech et al. | Deployment of A Descriptive Big Data Model |
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| WD01 | Invention patent application deemed withdrawn after publication | ||
| WD01 | Invention patent application deemed withdrawn after publication | Application publication date:20150107 |