[go: up one dir, main page]
More Web Proxy on the site http://driver.im/

CN115118513A - Network data access security control method and system - Google Patents

Network data access security control method and system Download PDF

Info

Publication number
CN115118513A
CN115118513A CN202210777933.6A CN202210777933A CN115118513A CN 115118513 A CN115118513 A CN 115118513A CN 202210777933 A CN202210777933 A CN 202210777933A CN 115118513 A CN115118513 A CN 115118513A
Authority
CN
China
Prior art keywords
network
network data
feature vector
access
vector
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202210777933.6A
Other languages
Chinese (zh)
Inventor
王皓然
周泽元
魏力鹏
付鋆
刘俊荣
陶佳冶
班秋成
吕嵘晶
李荣宇
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Guizhou Power Grid Co Ltd
Original Assignee
Guizhou Power Grid Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Guizhou Power Grid Co Ltd filed Critical Guizhou Power Grid Co Ltd
Priority to CN202210777933.6A priority Critical patent/CN115118513A/en
Publication of CN115118513A publication Critical patent/CN115118513A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06NCOMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
    • G06N3/00Computing arrangements based on biological models
    • G06N3/02Neural networks
    • G06N3/08Learning methods

Landscapes

  • Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Computing Systems (AREA)
  • General Health & Medical Sciences (AREA)
  • General Physics & Mathematics (AREA)
  • Computational Linguistics (AREA)
  • Data Mining & Analysis (AREA)
  • Evolutionary Computation (AREA)
  • Biomedical Technology (AREA)
  • Molecular Biology (AREA)
  • Artificial Intelligence (AREA)
  • Life Sciences & Earth Sciences (AREA)
  • Biophysics (AREA)
  • Mathematical Physics (AREA)
  • Software Systems (AREA)
  • Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention discloses a network data access security control method and a system, wherein a neural network model is used for processing a network data stream characteristic matrix to extract the expression and the primary judgment result of the network data stream characteristic matrix in a high-dimensional characteristic space, the analysis of network data stream visual characteristic data is considered, the characteristic value of a covariance matrix is calculated by calculating the covariance matrix of a first characteristic matrix, the characteristic vector corresponding to the characteristic value is used as a second characteristic vector, and a spliced characteristic vector and a support vector model spliced based on the first characteristic vector and the second characteristic vector are executed to determine the state type of network data; and determining the current network data state type as the final network data state type by judging whether the current network state type is consistent with the preliminary judgment result of the network state, and determining whether the current network data access is in a safe state according to the final network data state type of the network, so that the accurate judgment of the safety of the network state access is improved.

Description

Network data access security control method and system
Technical Field
The invention belongs to the field of network access, and particularly relates to a network data access security control method and system.
Background
The security of network transmission is closely related to the transmitted information content, namely the security of the information content, including the confidentiality, authenticity and integrity of the information; because the network is a carrier of information transmission, the information security has an inherent relation with the network security, and all information on the network is necessarily related to the network security.
However, at present, access to a network is often triggered access performed by hardware devices, that is, exception triggering messages or alarms, but such a method cannot monitor potential data for exceptions, and generally, accuracy of security identification performed by network data monitoring is low, and data access security control cannot be well realized.
Disclosure of Invention
In view of this, embodiments of the present invention provide a method and a system for controlling network data access security, which perform preliminary state determination according to model learning based on a neural network and perform subsequent state determination based on a feature vector and a support vector machine, compare consistency of two state determinations, improve recognition accuracy, determine whether a current network data access is a security state, and improve accurate judgment of security of network state access.
And multi-modal data such as vehicle, environment, in-vehicle user behavior, voice and the like are fused to perform scene decision, active interaction scene service is provided, and accurate active interaction action recommendation is provided for the user.
In a first aspect of the present invention, a network data access security control method is provided, the method including:
receiving an access request, wherein the access request comprises a network access interface ID and an access time; capturing a network data stream passing through the network access interface according to an access request, and performing preprocessing operation on the network data stream to generate a first feature matrix;
inputting the first feature matrix into a first neural network model to obtain a first feature vector; meanwhile, a covariance matrix of the first feature matrix is calculated, an eigenvalue of the covariance matrix is calculated, and an eigenvector corresponding to the eigenvalue is used as a second eigenvector;
performing splicing on the first feature vector and the second feature vector to obtain a spliced feature vector; determining the network data state type based on the splicing feature vector and the support vector machine model; wherein the first neural network model, support vector machine model comprise a plurality of defined network state types;
and determining whether the current network data access is in a safe state or not according to the network data state type, and if the current network data access is in an abnormal state, forbidding the access.
Further, the preprocessing operation includes:
Figure DEST_PATH_IMAGE002
wherein, X is the network data flow, M is the first characteristic matrix, W is the preprocessing weight matrix, and b is the offset.
Further, the first feature vector and the second feature vector are spliced to obtain a spliced feature vector, and the method comprises the following steps:
determining a splicing vector of the first feature vector and the second feature vector, wherein the dimension of the splicing vector is the sum of the dimensions of the first feature vector and the second feature vector;
and performing splicing on the first feature vector and the second feature vector based on the splicing vector to obtain a splicing feature vector.
Further, each layer of the first neural network model comprises convolution processing, maximum value pooling processing along the first characteristic matrix and activation processing on input data in forward transmission of the layer, wherein in the activation processing process, the activation value of any neuron is stopped at a certain probability by randomly selecting a neuron node operation; the input of the first layer of the first neural network model is a first feature matrix, and the output is a first feature vector and a network state preliminary judgment result.
Further, determining a network data state type based on the stitched feature vector and a support vector machine model, the support vector machine model comprising a defined network state type, comprising:
predefining the types of network states as an abnormal state and a normal state, wherein the abnormal state at least comprises an offline abnormality and/or an intrusion abnormality; and the network data flow passing through the network access interface under the corresponding network state type;
and determining the current network data state type based on the splicing characteristic vector and the support vector machine model, and determining the current network data state type as the final network data state type if the current network state type is consistent with the preliminary judgment result of the network state.
Further, determining whether the current network data access is in a safe state according to the network data state type, and if the current network data access is in an abnormal state, prohibiting the access, including: if the determined network data state type is abnormal intrusion, triggering the system to break the network, prompting the user and displaying early warning information;
if the determined network data state type is normal, acquiring the transmission rate of the network access interface, and transmitting display information to a user; the display information includes a network access interface ID and a transmission rate fluctuation map.
In addition, in the second aspect of the present invention, a network data access security control system is further provided, where the system includes:
the access module receives an access request, wherein the access request comprises a network access interface ID and access time; capturing a network data stream passing through the network access interface according to an access request, and performing preprocessing operation on the network data stream to generate a first feature matrix;
the characteristic generating module is used for inputting the first characteristic matrix into the first neural network model so as to obtain a first characteristic vector; meanwhile, a covariance matrix of the first feature matrix is calculated, an eigenvalue of the covariance matrix is calculated, and an eigenvector corresponding to the eigenvalue is used as a second eigenvector;
the determining module is used for splicing the first feature vector and the second feature vector to obtain a spliced feature vector; determining the network data state type based on the splicing feature vector and the support vector machine model; wherein the first neural network model, support vector machine model comprise a plurality of defined network state types;
and the determining and controlling module is used for determining whether the current network data access is in a safe state or not according to the network data state type, and if the current network data access is in an abnormal state, the access is forbidden.
Further, the preprocessing operation includes:
Figure 812505DEST_PATH_IMAGE002
wherein X is a network data stream, M is a first characteristic matrix, W is a preprocessing weight matrix, and b is an offset;
and performing splicing on the first feature vector and the second feature vector to obtain spliced feature vectors, wherein the splicing step comprises the following steps: determining a splicing vector of the first feature vector and the second feature vector, wherein the dimension of the splicing vector is the sum of the dimensions of the first feature vector and the second feature vector;
and performing splicing on the first feature vector and the second feature vector based on the splicing vector to obtain a splicing feature vector.
Further, each layer of the first neural network model comprises convolution processing, maximum value pooling processing along the first characteristic matrix and activation processing on input data in forward transmission of the layer, wherein in the activation processing process, the activation value of any neuron is stopped at a certain probability by randomly selecting a neuron node operation; the input of the first layer of the first neural network model is a first feature matrix, and the output is a first feature vector and a network state preliminary judgment result.
Further, determining a network data state type based on the stitched feature vector and a support vector machine model, the support vector machine model comprising a defined network state type, comprising:
predefining the types of network states as an abnormal state and a normal state, wherein the abnormal state at least comprises an offline abnormality and/or an intrusion abnormality; and the network data flow passing through the network access interface under the corresponding network state type;
and determining the current network data state type based on the splicing characteristic vector and the support vector machine model, and determining the current network data state type as the final network data state type if the current network state type is consistent with the preliminary judgment result of the network state.
According to the network data access security control method and system provided by the invention, the expression and the preliminary judgment result of the network data stream feature matrix on a high-dimensional feature space are extracted by using the neural network model to execute processing on the network data stream feature matrix, and meanwhile, the analysis on the network data stream visual feature data is considered, the feature vector corresponding to the feature value is used as a second feature vector by calculating the covariance matrix of the first feature matrix and calculating the feature value of the covariance matrix, and the splicing is further executed based on the first feature vector and the second feature vector to obtain the spliced feature vector; determining the network data state type based on the splicing feature vector and the support vector machine model; and determining the current network data state type as the final network data state type by judging whether the current network state type is consistent with the preliminary judgment result of the network state, and determining whether the current network data access is in a safe state according to the final network data state type of the network, so that the accurate judgment of the safety of the network state access is improved.
Drawings
Fig. 1 is a flowchart illustrating a flow chart of a network data access security control method according to an embodiment of the present invention;
fig. 2 is a schematic structural diagram of a network data access security control system according to an embodiment of the present invention.
Detailed Description
Example embodiments will now be described more fully with reference to the accompanying drawings. Example embodiments may, however, be embodied in many different forms and should not be construed as limited to the examples set forth herein; rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the concept of example embodiments to those skilled in the art.
Furthermore, the described features, structures, or characteristics may be combined in any suitable manner in one or more embodiments. In the following description, numerous specific details are provided to give a thorough understanding of embodiments of the application. One skilled in the relevant art will recognize, however, that the subject matter of the present application can be practiced without one or more of the specific details, or with other methods, components, devices, steps, and so forth. In other instances, well-known methods, devices, implementations, or operations have not been shown or described in detail to avoid obscuring aspects of the application.
The block diagrams shown in the figures are functional entities only and do not necessarily correspond to physically separate entities. I.e. these functional entities may be implemented in the form of software, or in one or more hardware modules or integrated circuits, or in different networks and/or processor means and/or microcontroller means.
The flow charts shown in the drawings are merely illustrative and do not necessarily include all of the contents and operations/steps, nor do they necessarily have to be performed in the order described. For example, some operations/steps may be decomposed, and some operations/steps may be combined or partially combined, so that the actual execution sequence may be changed according to the actual situation.
The implementation details of the technical solution of the embodiment of the present application are set forth in detail below:
referring to fig. 1, fig. 1 is a schematic flowchart of a network data access security control method according to an embodiment of the present invention. As shown in fig. 1, a method for controlling network data access security according to an embodiment of the present invention includes:
s1, receiving an access request, wherein the access request comprises a network access interface ID and access time; capturing a network data stream passing through the network access interface according to an access request, and performing preprocessing operation on the network data stream to generate a first feature matrix;
s2, inputting the first feature matrix into the first neural network model to obtain a first feature vector; meanwhile, a covariance matrix of the first feature matrix is calculated, an eigenvalue of the covariance matrix is calculated, and an eigenvector corresponding to the eigenvalue is used as a second eigenvector;
s3, splicing the first eigenvector and the second eigenvector to obtain spliced eigenvectors; determining the network data state type based on the splicing feature vector and the support vector machine model; wherein the first neural network model, support vector machine model, comprises a plurality of defined network state types.
S4, determining whether the current network data access is safe state according to the network data state type, if it is abnormal state, forbidding access.
In this embodiment, the network access interface includes a heterogeneous USB interface or other network transmission interface.
Preferably, the preprocessing operation includes:
Figure 20764DEST_PATH_IMAGE002
wherein, X is the network data flow, M is the first characteristic matrix, W is the preprocessing weight matrix, and b is the offset.
Preferably, the stitching the first feature vector and the second feature vector to obtain a stitched feature vector includes:
determining a splicing vector of the first feature vector and the second feature vector, wherein the dimension of the splicing vector is the sum of the dimensions of the first feature vector and the second feature vector;
and performing splicing on the first feature vector and the second feature vector based on the splicing vector to obtain a splicing feature vector.
In this embodiment, specifically, if the first feature vector is x i =[x i1 , x i2 , x i3 , x i4 , x i5 … x ia ]The second feature vector is y i =[y i1 , y i2 , y i3 , y i4 , y i5 … y ib ]Wherein i =1,2 … n. Setting stitching vector u = [ u ] 1 , u 2 , u 3 , u 4 … u a+b ](ii) a The splicing feature vector is K i =[ u 1 x i1 , u 2 x i2 , u 3 x i3 , u 4 x i4 , u 5 x i5 … u a x ia, u a+1 y i1 , u a+2 y i2 , u a+3 y i3 , u a+4 y i4 , u a+5 y i5 … u a+b y ib ]。
Preferably, each layer of the first neural network model includes, in the forward direction transfer of the layer, convolution processing of input data, maximum pooling processing along the first feature matrix, and activation processing, wherein in the activation processing, the activation value of any neuron is stopped at a certain probability by randomly selecting a neuron node operation; the input of the first layer of the first neural network model is a first feature matrix, and the output is a first feature vector and a network state preliminary judgment result.
Preferably, the network data state type is determined based on the stitched feature vector and a support vector machine model, the support vector machine model including a defined network state type, including:
predefining the types of network states as an abnormal state and a normal state, wherein the abnormal state at least comprises an offline abnormality and/or an intrusion abnormality; and the network data flow passing through the network access interface under the corresponding network state type;
and determining the current network data state type based on the splicing characteristic vector and the support vector machine model, and determining the current network data state type as the final network data state type if the current network state type is consistent with the preliminary judgment result of the network state.
Further, determining whether the current network data access is in a safe state according to the network data state type, and if the current network data access is in an abnormal state, prohibiting the access, including: if the determined network data state type is abnormal intrusion, triggering the system to break the network, prompting the user and displaying early warning information;
if the determined network data state type is normal, acquiring the transmission rate of the network access interface, and transmitting display information to a user; the display information includes a network access interface ID and a transmission rate fluctuation map.
Referring to fig. 2, fig. 2 is a schematic structural diagram of a network data access security control system according to an embodiment of the present invention. As shown in fig. 2, a network data access security control system according to an embodiment of the present invention includes:
the access module 10 receives an access request, wherein the access request comprises a network access interface ID and access time; capturing a network data stream passing through the network access interface according to an access request, and performing preprocessing operation on the network data stream to generate a first feature matrix;
a feature generation module 20, which inputs the first feature matrix to the first neural network model to obtain a first feature vector; meanwhile, a covariance matrix of the first feature matrix is calculated, an eigenvalue of the covariance matrix is calculated, and an eigenvector corresponding to the eigenvalue is used as a second eigenvector;
the determining module 30 is configured to perform stitching on the first eigenvector and the second eigenvector to obtain a stitched eigenvector; determining the network data state type based on the splicing feature vector and the support vector machine model; wherein the first neural network model, support vector machine model comprise a plurality of defined network state types;
and the determining and controlling module 40 determines whether the current network data access is in a safe state according to the network data state type, and if the current network data access is in an abnormal state, the access is forbidden.
Preferably, the pretreatment operation comprises:
Figure 897453DEST_PATH_IMAGE002
wherein X is a network data stream, M is a first characteristic matrix, W is a preprocessing weight matrix, and b is an offset;
and performing splicing on the first feature vector and the second feature vector to obtain spliced feature vectors, wherein the splicing step comprises the following steps: determining a splicing vector of the first feature vector and the second feature vector, wherein the dimension of the splicing vector is the sum of the dimensions of the first feature vector and the second feature vector;
and performing splicing on the first feature vector and the second feature vector based on the splicing vector to obtain a splicing feature vector.
Preferably, each layer of the first neural network model includes, in the forward direction transfer of the layer, convolution processing of input data, maximum pooling processing along the first feature matrix, and activation processing, wherein in the activation processing, the activation value of any neuron is stopped at a certain probability by randomly selecting a neuron node operation; the input of the first layer of the first neural network model is a first feature matrix, and the output is a first feature vector and a network state preliminary judgment result.
Preferably, the network data state type is determined based on the stitched feature vector and a support vector machine model, the support vector machine model including a defined network state type, including:
predefining the types of network states as an abnormal state and a normal state, wherein the abnormal state at least comprises an offline abnormality and/or an intrusion abnormality; and the network data flow passing through the network access interface under the corresponding network state type;
and determining the current network data state type based on the splicing characteristic vector and the support vector machine model, and determining the current network data state type as the final network data state type if the current network state type is consistent with the preliminary judgment result of the network state.
In addition, the system includes a display module to: if the determined network data state type is abnormal intrusion, triggering the system to break the network, prompting the user and displaying early warning information; if the determined network data state type is normal, acquiring the transmission rate of the network access interface, and transmitting display information to a user; the display information includes a network access interface ID and a transmission rate fluctuation map.
In the scheme of the above embodiment of the present invention, the provided method and system for controlling network data access security receive an access request, where the access request includes a network access interface ID and an access time; capturing a network data stream passing through the network access interface according to an access request, and performing preprocessing operation on the network data stream to generate a first feature matrix; inputting the first feature matrix into a first neural network model to obtain a first feature vector; meanwhile, a covariance matrix of the first feature matrix is calculated, an eigenvalue of the covariance matrix is calculated, and an eigenvector corresponding to the eigenvalue is used as a second eigenvector; performing splicing on the first feature vector and the second feature vector to obtain a spliced feature vector; determining the network data state type based on the splicing feature vector and the support vector machine model; wherein the first neural network model, support vector machine model comprise a plurality of defined network state types.
Performing processing on a network data stream feature matrix by using a neural network model to extract expression and a preliminary judgment result of the network data stream feature matrix on a high-dimensional feature space, considering analysis on network data stream visual feature data, calculating a covariance matrix of a first feature matrix, calculating a feature value of the covariance matrix, taking a feature vector corresponding to the feature value as a second feature vector, and performing splicing based on the first feature vector and the second feature vector to obtain a spliced feature vector; determining the network data state type based on the splicing feature vector and the support vector machine model; and determining the current network data state type as the final network data state type by judging whether the current network state type is consistent with the preliminary judgment result of the network state, and determining whether the current network data access is in a safe state according to the final network data state type of the network, so that the accurate judgment of the safety of the network state access is improved.
The embodiment of the invention also discloses a computer storage medium, wherein a computer program is stored on the storage medium, and when the computer program is executed by a processor, the method is executed.
Embodiments of the present application also provide a computer program product or computer program comprising computer instructions stored in a computer-readable storage medium. The processor of the computer device reads the computer instructions from the computer-readable storage medium, and the processor executes the computer instructions to cause the computer device to perform the method described in the various alternative implementations described above.
Those of ordinary skill in the art will appreciate that the elements and algorithm steps of the examples described in connection with the embodiments disclosed herein may be embodied in electronic hardware, computer software, or combinations of both, and that the components and steps of the examples have been described in a functional general in the foregoing description for the purpose of illustrating clearly the interchangeability of hardware and software. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the implementation. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present invention.
In the several embodiments provided in the present application, it should be understood that the disclosed apparatus and method may be implemented in other manners. For example, the above-described apparatus embodiments are merely illustrative, and for example, the division of the units is only one logical division, and other divisions may be realized in practice, for example, a plurality of units or components may be combined or integrated into another system, or some features may be omitted, or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, devices or units, and may also be an electric, mechanical or other form of connection.
The elements described as separate parts may or may not be physically separate, as one of ordinary skill in the art would appreciate that the elements and algorithm steps of the examples described in connection with the embodiments disclosed herein may be embodied in electronic hardware, computer software, or combinations of both, and that the components and steps of the examples have been described in a functional general sense in the foregoing description for clarity of explanation of the interchangeability of hardware and software. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the technical solution. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present invention.
In addition, functional units in the embodiments of the present invention may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit. The integrated unit may be implemented in the form of hardware, or may also be implemented in the form of a software functional unit.
The integrated unit, if implemented in the form of a software functional unit and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present invention essentially or partially contributes to the prior art, or all or part of the technical solution can be embodied in the form of a software product stored in a storage medium and including instructions for causing a computer device (which may be a personal computer, a server, or a grid device) to execute all or part of the steps of the method according to the embodiments of the present invention. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and other various media capable of storing program codes.
The above-mentioned embodiments are intended to illustrate the objects, technical solutions and advantages of the present invention in further detail, and it should be understood that the above-mentioned embodiments are merely exemplary embodiments of the present invention, and are not intended to limit the scope of the present invention, and any modifications, equivalent substitutions, improvements and the like made within the spirit and principle of the present invention should be included in the scope of the present invention.

Claims (10)

1. A network data access security control method, the method comprising:
receiving an access request, wherein the access request comprises a network access interface ID and access time; capturing a network data stream passing through the network access interface according to an access request, and performing preprocessing operation on the network data stream to generate a first feature matrix;
inputting the first feature matrix into a first neural network model to obtain a first feature vector; meanwhile, a covariance matrix of the first feature matrix is calculated, an eigenvalue of the covariance matrix is calculated, and an eigenvector corresponding to the eigenvalue is used as a second eigenvector;
performing splicing on the first feature vector and the second feature vector to obtain a spliced feature vector; determining the network data state type based on the splicing feature vector and the support vector machine model; wherein the first neural network model and the support vector machine model comprise a plurality of defined network state types;
and determining whether the current network data access is in a safe state or not according to the network data state type, and if the current network data access is in an abnormal state, prohibiting the access.
2. The method of claim 1, wherein the preprocessing operation comprises:
Figure DEST_PATH_IMAGE001
wherein, X is the network data flow, M is the first characteristic matrix, W is the preprocessing weight matrix, and b is the offset.
3. The method of claim 2, wherein the stitching the first eigenvector and the second eigenvector to obtain a stitched eigenvector comprises:
determining a splicing vector of the first feature vector and the second feature vector, wherein the dimension of the splicing vector is the sum of the dimensions of the first feature vector and the second feature vector;
and performing splicing on the first feature vector and the second feature vector based on the splicing vector to obtain a splicing feature vector.
4. The method according to claim 2, wherein each layer of the first neural network model includes convolution processing, maximum pooling processing along the first feature matrix, and activation processing on input data in forward direction of layer, wherein during the activation processing, the activation value of any neuron is stopped with a certain probability by randomly selecting neuron node operation; the input of the first layer of the first neural network model is a first feature matrix, and the output is a first feature vector and a network state preliminary judgment result.
5. The method of claim 4, wherein determining the network data state type is based on the stitched feature vector and a support vector machine model, the support vector machine model comprising a defined network state type, comprises:
predefining the types of network states as an abnormal state and a normal state, wherein the abnormal state at least comprises an offline abnormality and/or an intrusion abnormality; and the network data flow passing through the network access interface under the corresponding network state type;
and determining the current network data state type based on the splicing characteristic vector and the support vector machine model, and determining the current network data state type as the final network data state type if the current network state type is consistent with the preliminary judgment result of the network state.
6. The method of claim 5, wherein determining whether the current network data access is in a security state according to the network data state type, and if the current network data access is in an abnormal state, prohibiting the access comprises: if the determined network data state type is abnormal intrusion, triggering the system to break the network, prompting the user and displaying early warning information;
if the determined network data state type is normal, acquiring the transmission rate of the network access interface, and transmitting display information to a user; the display information includes a network access interface ID and a transmission rate fluctuation map.
7. A network data access security control system, the system comprising:
the access module receives an access request, wherein the access request comprises a network access interface ID and access time; capturing a network data stream passing through the network access interface according to an access request, and performing preprocessing operation on the network data stream to generate a first feature matrix;
the characteristic generating module is used for inputting the first characteristic matrix into the first neural network model so as to obtain a first characteristic vector; meanwhile, a covariance matrix of the first feature matrix is calculated, an eigenvalue of the covariance matrix is calculated, and an eigenvector corresponding to the eigenvalue is used as a second eigenvector;
the determining module is used for splicing the first feature vector and the second feature vector to obtain a spliced feature vector; determining the network data state type based on the splicing feature vector and the support vector machine model; wherein the first neural network model, support vector machine model comprise a plurality of defined network state types;
and the determining and controlling module is used for determining whether the current network data access is in a safe state or not according to the network data state type, and if the current network data access is in an abnormal state, the access is forbidden.
8. The network data access security control system of claim 7, wherein the preprocessing operation comprises:
Figure 522667DEST_PATH_IMAGE001
wherein X is a network data stream, M is a first characteristic matrix, W is a preprocessing weight matrix, and b is an offset;
executing splicing on the first feature vector and the second feature vector to obtain a spliced feature vector, wherein the splicing process comprises the following steps: determining a splicing vector of the first feature vector and the second feature vector, wherein the dimension of the splicing vector is the sum of the dimensions of the first feature vector and the second feature vector;
and performing splicing on the first feature vector and the second feature vector based on the splicing vector to obtain a splicing feature vector.
9. The system according to claim 8, wherein each layer of the first neural network model includes convolution processing, maximum pooling processing along the first feature matrix, and activation processing on input data in forward direction of layer, wherein during the activation processing, the activation value of any neuron is stopped with a certain probability by randomly selecting neuron node operation; the input of the first layer of the first neural network model is a first feature matrix, and the output is a first feature vector and a network state preliminary judgment result.
10. The network data access security control system of claim 9, wherein the network data state type is determined based on the stitched feature vectors and a support vector machine model, the support vector machine model comprising a defined network state type, comprising:
predefining the types of network states as an abnormal state and a normal state, wherein the abnormal state at least comprises an offline abnormality and/or an intrusion abnormality; and the network data flow passing through the network access interface under the corresponding network state type;
and determining the current network data state type based on the splicing characteristic vector and the support vector machine model, and determining the current network data state type as the final network data state type if the current network state type is consistent with the preliminary judgment result of the network state.
CN202210777933.6A 2022-07-04 2022-07-04 Network data access security control method and system Pending CN115118513A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210777933.6A CN115118513A (en) 2022-07-04 2022-07-04 Network data access security control method and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210777933.6A CN115118513A (en) 2022-07-04 2022-07-04 Network data access security control method and system

Publications (1)

Publication Number Publication Date
CN115118513A true CN115118513A (en) 2022-09-27

Family

ID=83329896

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210777933.6A Pending CN115118513A (en) 2022-07-04 2022-07-04 Network data access security control method and system

Country Status (1)

Country Link
CN (1) CN115118513A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116436700A (en) * 2023-06-09 2023-07-14 北京中科网芯科技有限公司 Monitoring method and system for network security event

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116436700A (en) * 2023-06-09 2023-07-14 北京中科网芯科技有限公司 Monitoring method and system for network security event
CN116436700B (en) * 2023-06-09 2023-08-22 北京中科网芯科技有限公司 Monitoring method and system for network security event

Similar Documents

Publication Publication Date Title
CN111652496B (en) Running risk assessment method and device based on network security situation awareness system
US20210125005A1 (en) System and method for protection and detection of adversarial attacks against a classifier
CN108073821A (en) Data safety processing method and device
CN111260620A (en) Image anomaly detection method and device and electronic equipment
CN115099684A (en) Enterprise safety production management system and management method thereof
CN112365001A (en) Model generation method and device and server
CN115550053A (en) Monitoring alarm prediction method and device
CN115118513A (en) Network data access security control method and system
CN111433786B (en) Computing device and information input method for computing device
CN112860549A (en) Method and device for obtaining test sample
WO2021095101A1 (en) Learning device, detection device, learning method, and abnormality detection method
EP4258178A1 (en) Information processing apparatus for improving robustness of deep neural network by using adversarial training and formal method
CN114826765A (en) Network monitoring method and system based on special-shaped interface
CN116089920A (en) Sensitive field early warning method, system, computer equipment and medium
CN117097541A (en) API service attack detection method, device, equipment and storage medium
EP4254241A1 (en) Method and device for image-based malware detection, and artificial intelligence-based endpoint detection and response system using same
EP4184398A1 (en) Identifying, or checking integrity of, a machine-learning classification model
CN115250199B (en) Data stream detection method and device, terminal equipment and storage medium
CN115150439B (en) Method and system for analyzing perception data, storage medium and electronic equipment
CN114548982A (en) Service request processing method and device, computer equipment and storage medium
CN112733155B (en) Software forced safety protection method based on external environment model learning
EP4398152A1 (en) Analytics platform optimisation
CN118709187A (en) Application security verification method, device, computer equipment and storage medium
CN117113304A (en) Resource interaction method, device, computer equipment and storage medium
CN116209998A (en) Method for preventing capture of AI module and AI system thereof

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20220927