[go: up one dir, main page]
More Web Proxy on the site http://driver.im/

CN111885106A - Internet of things safety management and control method and system based on terminal equipment characteristic information - Google Patents

Internet of things safety management and control method and system based on terminal equipment characteristic information Download PDF

Info

Publication number
CN111885106A
CN111885106A CN202010550285.1A CN202010550285A CN111885106A CN 111885106 A CN111885106 A CN 111885106A CN 202010550285 A CN202010550285 A CN 202010550285A CN 111885106 A CN111885106 A CN 111885106A
Authority
CN
China
Prior art keywords
characteristic information
information
terminal equipment
network
equipment
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202010550285.1A
Other languages
Chinese (zh)
Inventor
王方华
王慧
李劲松
李绘图
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Wuhan Zero Sense Network Technology Co ltd
Original Assignee
Wuhan Zero Sense Network Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Wuhan Zero Sense Network Technology Co ltd filed Critical Wuhan Zero Sense Network Technology Co ltd
Priority to CN202010550285.1A priority Critical patent/CN111885106A/en
Publication of CN111885106A publication Critical patent/CN111885106A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/12Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint

Landscapes

  • Engineering & Computer Science (AREA)
  • Computing Systems (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Power Engineering (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Medical Informatics (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention relates to a method and a system for managing and controlling the safety of an internet of things based on characteristic information of terminal equipment. The invention obtains the multi-dimensional characteristic information of each terminal device in the network in advance, and constructs a characteristic information database taking the terminal device as a unit; carrying out high-speed polling on terminal equipment in a network, collecting partial or all characteristic information of the terminal equipment and comparing the characteristic information with the multi-dimensional characteristic information of the terminal equipment stored in the characteristic information database; if the comparison consistency is greater than a preset threshold value, passing the safety verification; otherwise network operation is blocked. By extracting various characteristic information of the terminal equipment, comprehensive 'portrait' is carried out on each terminal network equipment from multiple dimensions, and therefore uniqueness and legality of the equipment are determined.

Description

Internet of things safety management and control method and system based on terminal equipment characteristic information
Technical Field
The invention relates to the technical field of Internet of things, in particular to a method and a system for security management and control of Internet of things based on characteristic information of terminal equipment.
Background
With the rapid development of the technology of the internet of things, various front-end devices of the internet of things (such as video monitoring, electronic policemen, bayonets, signal machines, induction screens, automobile electronic identifications and the like) have explosive growth trends in types and quantity, the front-end devices are distributed on each road and each corner of a city, are large in quantity, wide in distribution and difficult to monitor, a communication hanging box on each front-end rod piece is a network access point, and each terminal device is possible to be forged or replaced by a hacker, so that network security risks are caused.
In order to prevent security risks similar to those from network terminals, traditional security manufacturers often adopt a flow analysis mode, that is, flow analysis devices are physically connected in series (or logically connected in series, such as drainage and the like) in a network to identify, clean and filter data packets in network flow, so that threats are discovered and blocked. The network fault points are increased physically, the network complexity is increased logically, network cutover is often required in the deployment and implementation process, service interruption is caused, the implementation difficulty is high, and the implementation risk is high. And a large number of network access rules need to be configured on the security equipment at the later stage, the requirements on the professional skill level of implementation and operation and maintenance personnel are high, and a large-area network fault can be caused by carelessness.
Disclosure of Invention
Aiming at the technical problems in the prior art, the invention provides the method and the system for managing and controlling the safety of the internet of things based on the characteristic information of the terminal equipment.
The technical scheme for solving the technical problems is as follows:
in a first aspect, the invention provides a method for managing and controlling the security of the internet of things based on characteristic information of terminal equipment, which comprises the following steps:
obtaining multi-dimensional characteristic information of each terminal device in a network in advance, and constructing a characteristic information database with the terminal device as a unit;
carrying out high-speed polling on terminal equipment in a network, collecting partial or all characteristic information of the terminal equipment and comparing the partial or all characteristic information with the multi-dimensional characteristic information of the terminal equipment stored in the characteristic information database;
if the comparison consistency is greater than a preset threshold value, passing the safety verification; otherwise network operation is blocked.
Further, the multi-dimensional feature information includes an IP address, an MAC address, a network access path, open port information, service type information, operating system information, software and hardware version information, a device manufacturer, a device type, and a device model.
Further, the acquiring part or all of the characteristic information of the terminal device and comparing the acquired part or all of the characteristic information with the multi-dimensional characteristic information of the terminal device stored in the characteristic information database includes:
acquiring an MAC address and a network access path by analyzing an ARP table, scanning and acquiring open port information, service type information and operating system information of the terminal equipment by network fingerprint information, and detecting and acquiring software and hardware version information, equipment manufacturers, equipment types and models of the terminal equipment by different private communication protocols; one item of feature information is sequentially selected to be matched with feature information stored in the feature information database;
and if the matching is successful, comparing the collected other characteristic information with other characteristic information of the equipment terminal corresponding to the successfully matched characteristic information in the characteristic information database one by one.
Further, the method further comprises: classifying the terminal equipment according to the multi-dimensional characteristic information of each terminal equipment, and grading the characteristic information aiming at different classified equipment terminals.
Further, for different classified device terminals, the preset thresholds corresponding to the security verification are different.
In a second aspect, the present invention further provides an internet of things security management and control system based on terminal device feature information, including:
the database construction module is used for acquiring multi-dimensional characteristic information of each terminal device in the network in advance and constructing a characteristic information database taking the network-access terminal device as a unit;
the information comparison module is used for carrying out high-speed polling on the terminal equipment in the network, acquiring partial or all characteristic information of the terminal equipment and comparing the acquired partial or all characteristic information with the multidimensional characteristic information of the terminal equipment stored in the characteristic information database;
the safety control module is used for carrying out safety control according to the comparison result, and if the comparison consistency is greater than a preset threshold value, the safety verification is passed; otherwise network operation is blocked.
Further, the information comparison module includes:
the information acquisition module is used for acquiring an MAC address and a network access path by analyzing an ARP table, scanning and acquiring open port information, service type information and operating system information of the terminal equipment through network fingerprint information, and detecting and acquiring software and hardware version information, equipment manufacturers, equipment types and models of the terminal equipment through different private communication protocols;
the matching module is used for sequentially selecting one item of feature information to match with the feature information stored in the feature information database; and the characteristic information database is used for comparing the collected other characteristic information with other characteristic information of the equipment terminal corresponding to the characteristic information which is successfully matched in the characteristic information database one by one.
Further, the database construction module is further configured to classify the terminal devices according to the multidimensional feature information of each terminal device, and rank the feature information for different classified device terminals.
In a third aspect, the present invention provides an internet of things security management and control system based on terminal device feature information, including:
the scanner is used for acquiring multi-dimensional characteristic information of each terminal device in the network;
and the data analysis server is used for realizing the safety verification of the network access terminal equipment by adopting the method of the first aspect of the invention.
In a fourth aspect, the present invention provides a non-transitory computer-readable storage medium, in which a computer software program for implementing the method for controlling security of an internet of things based on feature information of a terminal device according to the first aspect of the present invention is stored.
The invention has the beneficial effects that: the system has zero transformation on the network structure and zero perception on the service system, all equipment only needs to be accessed into the network, the original network structure does not need to be transformed or cut off in any form, and the risks of service interruption, network interruption and the like in the deployment and implementation process do not exist. After deployment is completed, operation and maintenance personnel operate simply and conveniently without professional knowledge background in the aspect of network security. Compared with the traditional network security solution, the system does not need a large number of optical splitters, flow dividers and protocol analysis equipment, thereby greatly reducing the cost.
Drawings
Fig. 1 is a flow chart of a method for managing and controlling the security of the internet of things based on the characteristic information of terminal equipment;
fig. 2 is a frame diagram of an internet of things security management and control system based on terminal device characteristic information.
Detailed Description
The principles and features of this invention are described below in conjunction with the following drawings, which are set forth by way of illustration only and are not intended to limit the scope of the invention.
Example 1
As shown in fig. 1, an embodiment of the present invention provides a method for security management and control of an internet of things based on terminal device feature information, including the following steps:
step 1, obtaining multi-dimensional characteristic information of each terminal device in a network in advance, and constructing a characteristic information database taking the terminal device as a unit.
The multi-dimensional characteristic information comprises an IP address, an MAC address, a network access path, open port information, service type information, operating system information, software and hardware version information, equipment manufacturers, equipment types, models and the like.
When the data acquisition is carried out,
1) obtaining an MAC address and a network access path by analyzing an ARP table;
2) acquiring open port information, service type information and operating system information of the terminal equipment through network fingerprint information scanning; the network fingerprint in the system mainly refers to TCP/IP protocol stack fingerprint, and in RFC specification, the realization of TCP/IP is not compulsorily stipulated in some places, so that different TCP/IP schemes may have own special processing modes; the system mainly judges the type of the operating system and the type of the service according to the difference of the details;
3) detecting and acquiring software and hardware version information, equipment manufacturers, equipment types and models of terminal equipment through different private communication protocols;
specifically, hardware, software versions, equipment manufacturers, equipment types, specific models and the like of the equipment are acquired through various protocols aiming at different types of internet of things terminal equipment. If various monitoring cameras can be scanned by using an ONVIF protocol, and annunciators can be scanned by using an NTCIP protocol, and deep characteristic information of the annunciators can be clarified by analyzing a return message; the deep-level network characteristics refer to private information of some devices except for an IP address, a MAC address, an open port, and an operating system, such as a manufacturer of the device, a type of the device, a specific model of the device, a software version of the device, a hardware version of the device, and the like. The system also integrates a large number of private communication protocol libraries of different types of Internet of things equipment, such as an ONVIF protocol for network video protocol transmission, an NTCIP protocol for data transmission between electronic equipment of an intelligent transportation system, and private communication protocols of manufacturers such as Dahua, Haican, Yu-Vis, Kodao, Siemens and Haixin, and the deep-level characteristics of the equipment are detected and acquired through various private protocols.
After the above feature information extraction operation, the following part or all of the information of the terminal device can be clarified:
1. who is it? A MAC address;
2. from where it came? A network access path;
3. what do it possess? The service type can be provided externally;
4. its privacy information? The protocol probes the identified deep device characteristics.
After the information is clarified, a 'make-up fixation picture' is shot for the equipment, and a characteristic information database taking the terminal equipment as a unit is constructed.
And 2, performing high-speed polling on the terminal equipment in the network, collecting partial or whole characteristic information of the terminal equipment and comparing the partial or whole characteristic information with the multi-dimensional characteristic information of the terminal equipment stored in the characteristic information database.
Specifically, in the polling process, the feature information of the current terminal device is collected. It should be noted that, due to different types of terminal devices (for example, the terminal device may be a camera used only for video capture, or may be a terminal or a server with a separate operating system), the feature information of the current terminal device does not necessarily include all the feature information mentioned in step 1.
After the characteristic information group of the current terminal equipment is obtained, one item of characteristic information in the characteristic information group is sequentially selected to be matched with the characteristic information stored in the characteristic information database.
And if the matching is successful, comparing the collected other characteristic information with other characteristic information of the equipment terminal corresponding to the characteristic information successfully matched in the characteristic information database one by one.
Because a large amount of characteristic information is stored in the characteristic information base, one of the characteristic information base is selected for matching, so that the matching amount is reduced, and the matching efficiency is improved. When one feature information is successfully matched, it indicates that the current terminal device may be a certain type of terminal device already stored in the database, which greatly reduces the matching range, and at this time, the unmatched other feature information is compared with the other feature information of the type of terminal device one by one.
Step 3, if the comparison consistency is greater than a preset threshold value, passing the safety verification; otherwise network operation is blocked.
The comparison consistency can be represented by a feature information matching rate, that is, the feature information of the comparison consistency is divided by the number of the feature information of the current terminal equipment. And if the matching rate of the characteristic information is greater than a preset threshold value, passing the safety verification. Otherwise, adding the mac address of the terminal equipment into the blacklist, and blocking the network operation of the terminal equipment.
It should be noted that the preset threshold may be different for different types of networks. For example, in a local information network with a high security level, when a terminal accesses, it is necessary that the matching rate of the feature information reaches 100% before the terminal can effectively access the network. For some local information networks with lower security level, it may only need to compare mac addresses or network access paths to be consistent.
Preferably, the method further comprises: and classifying the terminal equipment according to the multi-dimensional characteristic information of each terminal equipment. The terminal devices are classified, in practice, to reduce the amount of data matching. Since the number of terminal devices of the urban internet of things can be described in a huge amount, even if matching is performed by using only one piece of characteristic information, a large amount of time is consumed. And classifying the terminal equipment. When the feature information of the terminal device is obtained through polling, which device type the current terminal device belongs to can be judged according to the obtained feature information, and when matching, matching is performed in the feature set corresponding to the device type. The data matching amount is greatly seen.
And grading the characteristic information aiming at different classified equipment terminals. For different classified device terminals, the preset threshold values corresponding to the security verification may be different.
Example 2
As shown in fig. 2, an embodiment of the present invention provides an internet of things security management and control system based on terminal device feature information, including:
the database construction module is used for acquiring multi-dimensional characteristic information of each terminal device in the network in advance and constructing a characteristic information database taking the network-access terminal device as a unit;
the information comparison module is used for carrying out high-speed polling on the terminal equipment in the network, acquiring partial or all characteristic information of the terminal equipment and comparing the acquired partial or all characteristic information with the multidimensional characteristic information of the terminal equipment stored in the characteristic information database;
the safety control module is used for carrying out safety control according to the comparison result, and if the comparison consistency is greater than a preset threshold value, the safety verification is passed; otherwise network operation is blocked.
Further, the information comparison module includes:
the information acquisition module is used for acquiring an MAC address and a network access path by analyzing an ARP table, scanning and acquiring open port information, service type information and operating system information of the terminal equipment through network fingerprint information, and detecting and acquiring software and hardware version information, equipment manufacturers, equipment types and models of the terminal equipment through different private communication protocols;
the matching module is used for sequentially selecting one item of feature information to match with the feature information stored in the feature information database; and the characteristic information database is used for comparing the collected other characteristic information with other characteristic information of the equipment terminal corresponding to the characteristic information which is successfully matched in the characteristic information database one by one.
Further, the database construction module is further configured to classify the terminal devices according to the multidimensional feature information of each terminal device, and rank the feature information for different classified device terminals.
Example 3
The invention provides an Internet of things safety management and control system based on terminal equipment characteristic information, which comprises:
the scanner is used for acquiring multi-dimensional characteristic information of each terminal device in the network;
and the data analysis server is used for realizing the safety verification of the network access terminal equipment by adopting the method in the embodiment 1 of the invention.
It should be noted that the logic instructions in the computer software program can be realized in the form of software functional units and stored in a computer readable storage medium when the software functional units are sold or used as independent products. Based on such understanding, the technical solutions of the embodiments of the present invention may be essentially implemented or contributed to by the prior art, or may be implemented in a software product, which is stored in a storage medium and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method of the embodiments of the present invention. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-only memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and other various media capable of storing program codes.
The above description is only for the purpose of illustrating the preferred embodiments of the present invention and is not to be construed as limiting the invention, and any modifications, equivalents, improvements and the like that fall within the spirit and principle of the present invention are intended to be included therein.

Claims (10)

1. An Internet of things safety management and control method based on terminal equipment characteristic information is characterized by comprising the following steps:
obtaining multi-dimensional characteristic information of each terminal device in a network in advance, and constructing a characteristic information database taking the terminal device as a unit;
carrying out high-speed polling on terminal equipment in a network, collecting partial or all characteristic information of the terminal equipment and comparing the characteristic information with the multi-dimensional characteristic information of the terminal equipment stored in the characteristic information database;
if the comparison consistency is greater than a preset threshold value, passing the safety verification; otherwise network operation is blocked.
2. The method of claim 1, wherein the multi-dimensional feature information comprises an IP address, a MAC address, a network access path, open port information, service type information, operating system information, software and hardware version information, a device manufacturer, a device type, and a device model.
3. The method according to claim 1 or 2, wherein the collecting of part or all of the feature information of the terminal device and the comparing with the multi-dimensional feature information of the terminal device stored in the feature information database comprises:
acquiring an MAC address and a network access path by analyzing an ARP table, scanning and acquiring open port information, service type information and operating system information of the terminal equipment by network fingerprint information, and detecting and acquiring software and hardware version information, equipment manufacturers, equipment types and models of the terminal equipment by different private communication protocols;
one item of feature information is sequentially selected to be matched with feature information stored in the feature information database;
and if the matching is successful, comparing the collected other characteristic information with other characteristic information of the equipment terminal corresponding to the characteristic information successfully matched in the characteristic information database one by one.
4. The method according to claim 1 or 2, characterized in that the method further comprises: classifying the terminal equipment according to the multi-dimensional characteristic information of each terminal equipment, and grading the characteristic information aiming at different classified equipment terminals.
5. The method according to claim 4, wherein the preset threshold corresponding to the security verification is different for different classes of device terminals.
6. The utility model provides a thing networking safety control system based on terminal equipment characteristic information which characterized in that includes:
the database construction module is used for acquiring multi-dimensional characteristic information of each terminal device in the network in advance and constructing a characteristic information database taking the network-access terminal device as a unit;
the information comparison module is used for carrying out high-speed polling on the terminal equipment in the network, acquiring partial or all characteristic information of the terminal equipment and comparing the acquired partial or all characteristic information with the multi-dimensional characteristic information of the terminal equipment stored in the characteristic information database;
the safety control module is used for carrying out safety control according to the comparison result, and if the comparison consistency is greater than a preset threshold value, the safety verification is passed; otherwise network operation is blocked.
7. The system of claim 6, wherein the information comparison module comprises:
the information acquisition module is used for acquiring an MAC address and a network access path by analyzing an ARP table, acquiring open port information, service type information and operating system information of the terminal equipment by scanning network fingerprint information, and acquiring software and hardware version information, equipment manufacturers, equipment types and models of the terminal equipment by detecting different private communication protocols;
the matching module is used for sequentially selecting one item of feature information to match with the feature information stored in the feature information database; and the characteristic information database is used for comparing the collected other characteristic information with other characteristic information of the equipment terminal corresponding to the characteristic information which is successfully matched in the characteristic information database one by one.
8. The system according to claim 6, wherein the database construction module is further configured to classify the terminal devices according to the multidimensional feature information of each terminal device, and rank the feature information for different classes of device terminals.
9. The utility model provides a thing networking safety control system based on terminal equipment characteristic information which characterized in that includes:
the scanner is used for acquiring multi-dimensional characteristic information of each terminal device in the network;
data analysis server, for implementing security verification of network-accessing terminal equipment by adopting the method of any one of claims 1-5.
10. A non-transitory computer-readable storage medium, wherein the storage medium stores therein a computer software program for implementing the method for security management of internet of things based on the feature information of the terminal device according to any one of claims 1 to 5.
CN202010550285.1A 2020-06-16 2020-06-16 Internet of things safety management and control method and system based on terminal equipment characteristic information Pending CN111885106A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010550285.1A CN111885106A (en) 2020-06-16 2020-06-16 Internet of things safety management and control method and system based on terminal equipment characteristic information

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010550285.1A CN111885106A (en) 2020-06-16 2020-06-16 Internet of things safety management and control method and system based on terminal equipment characteristic information

Publications (1)

Publication Number Publication Date
CN111885106A true CN111885106A (en) 2020-11-03

Family

ID=73156788

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010550285.1A Pending CN111885106A (en) 2020-06-16 2020-06-16 Internet of things safety management and control method and system based on terminal equipment characteristic information

Country Status (1)

Country Link
CN (1) CN111885106A (en)

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112468500A (en) * 2020-11-28 2021-03-09 武汉零感网御网络科技有限公司 Risk processing method and system based on multi-dimensional data dynamic change scene
CN112491888A (en) * 2020-11-27 2021-03-12 深圳万物安全科技有限公司 Method and system for preventing equipment from being falsely used
CN112766891A (en) * 2021-01-11 2021-05-07 东方网力科技股份有限公司 Information acquisition method, device and equipment based on urban informatization equipment
CN113706100A (en) * 2021-08-24 2021-11-26 国网辽宁省电力有限公司电力科学研究院 Real-time detection and identification method and system for distribution network Internet of things terminal equipment
CN114124436A (en) * 2021-09-27 2022-03-01 广东电力信息科技有限公司 APN access trusted computing management system based on electric power Internet of things universal terminal
CN114139733A (en) * 2021-10-27 2022-03-04 深圳市移动力量科技有限公司 Device management method, terminal device and storage medium for intelligent apartment
CN114338373A (en) * 2021-12-16 2022-04-12 中国电信股份有限公司 Network element configuration data storage method and device, electronic equipment and storage medium
CN118713929A (en) * 2024-08-27 2024-09-27 深圳万物安全科技有限公司 Method, device and computer storage medium for identifying counterfeit of device

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050138417A1 (en) * 2003-12-19 2005-06-23 Mcnerney Shaun C. Trusted network access control system and method
CN109922160A (en) * 2019-03-28 2019-06-21 全球能源互联网研究院有限公司 A kind of terminal security cut-in method, apparatus and system based on electric power Internet of Things
CN110808951A (en) * 2019-09-25 2020-02-18 国网思极网安科技(北京)有限公司 Method and device for discovering abnormal behavior of terminal based on equipment image
CN110855605A (en) * 2019-09-26 2020-02-28 山东鲁能软件技术有限公司 Safety protection method, system, equipment and readable storage medium for terminal equipment
CN111147527A (en) * 2020-03-09 2020-05-12 深信服科技股份有限公司 Internet of things system and equipment authentication method, device, equipment and medium thereof

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050138417A1 (en) * 2003-12-19 2005-06-23 Mcnerney Shaun C. Trusted network access control system and method
CN109922160A (en) * 2019-03-28 2019-06-21 全球能源互联网研究院有限公司 A kind of terminal security cut-in method, apparatus and system based on electric power Internet of Things
CN110808951A (en) * 2019-09-25 2020-02-18 国网思极网安科技(北京)有限公司 Method and device for discovering abnormal behavior of terminal based on equipment image
CN110855605A (en) * 2019-09-26 2020-02-28 山东鲁能软件技术有限公司 Safety protection method, system, equipment and readable storage medium for terminal equipment
CN111147527A (en) * 2020-03-09 2020-05-12 深信服科技股份有限公司 Internet of things system and equipment authentication method, device, equipment and medium thereof

Cited By (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112491888A (en) * 2020-11-27 2021-03-12 深圳万物安全科技有限公司 Method and system for preventing equipment from being falsely used
CN112468500A (en) * 2020-11-28 2021-03-09 武汉零感网御网络科技有限公司 Risk processing method and system based on multi-dimensional data dynamic change scene
CN112766891A (en) * 2021-01-11 2021-05-07 东方网力科技股份有限公司 Information acquisition method, device and equipment based on urban informatization equipment
CN113706100A (en) * 2021-08-24 2021-11-26 国网辽宁省电力有限公司电力科学研究院 Real-time detection and identification method and system for distribution network Internet of things terminal equipment
CN113706100B (en) * 2021-08-24 2023-12-05 国网辽宁省电力有限公司电力科学研究院 Real-time detection and identification method and system for Internet of things terminal equipment of power distribution network
CN114124436A (en) * 2021-09-27 2022-03-01 广东电力信息科技有限公司 APN access trusted computing management system based on electric power Internet of things universal terminal
CN114124436B (en) * 2021-09-27 2024-01-16 广东电力信息科技有限公司 APN access trusted computing management system based on electric power Internet of things universal terminal
CN114139733A (en) * 2021-10-27 2022-03-04 深圳市移动力量科技有限公司 Device management method, terminal device and storage medium for intelligent apartment
CN114338373A (en) * 2021-12-16 2022-04-12 中国电信股份有限公司 Network element configuration data storage method and device, electronic equipment and storage medium
CN118713929A (en) * 2024-08-27 2024-09-27 深圳万物安全科技有限公司 Method, device and computer storage medium for identifying counterfeit of device

Similar Documents

Publication Publication Date Title
CN111885106A (en) Internet of things safety management and control method and system based on terminal equipment characteristic information
CN111935170B (en) Network abnormal flow detection method, device and equipment
CN107135093B (en) Internet of things intrusion detection method and detection system based on finite automaton
CN112260861A (en) Network asset topology identification method based on flow perception
EP3905622A1 (en) Botnet detection method and system, and storage medium
CN111277570A (en) Data security monitoring method and device, electronic equipment and readable medium
CN101572691B (en) Method, system and device for intrusion detection
KR101391781B1 (en) Apparatus and Method for Detecting HTTP Botnet based on the Density of Web Transaction
CN107360118B (en) Advanced persistent threat attack protection method and device
CN107733867B (en) Botnet discovery and protection method, system and storage medium
CN111683097A (en) Cloud network flow monitoring system based on two-stage architecture
CN109587156A (en) Abnormal network access connection identification and blocking-up method, system, medium and equipment
CN113206860A (en) DRDoS attack detection method based on machine learning and feature selection
DE202022102631U1 (en) Intelligent defense system against distributed Denial of Service (DDoS) attacks in Internet of Things (IoT) networks
CN111654486A (en) Server equipment judgment and identification method
CN109067778B (en) Industrial control scanner fingerprint identification method based on honeynet data
CN111368595A (en) System for identifying equipment fingerprint
CN114598499A (en) Network risk behavior analysis method combined with business application
JP2020022133A (en) Infection expansion attack detection device, attack source identification method and program
CN115190056B (en) Method, device and equipment for identifying and analyzing programmable flow protocol
Nie et al. Intrusion detection using a graphical fingerprint model
CN112565259B (en) Method and device for filtering DNS tunnel Trojan communication data
CN113595958B (en) Security detection system and method for Internet of things equipment
CN111901138B (en) Visual auditing method for illegal access of industrial network
CN116170227A (en) Flow abnormality detection method and device, electronic equipment and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20201103