[go: up one dir, main page]

CN111431821A - Method for rapidly detecting and identifying specific information in network large flow - Google Patents

Method for rapidly detecting and identifying specific information in network large flow Download PDF

Info

Publication number
CN111431821A
CN111431821A CN202010231603.8A CN202010231603A CN111431821A CN 111431821 A CN111431821 A CN 111431821A CN 202010231603 A CN202010231603 A CN 202010231603A CN 111431821 A CN111431821 A CN 111431821A
Authority
CN
China
Prior art keywords
module
information
data
receiving
communication unit
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202010231603.8A
Other languages
Chinese (zh)
Inventor
马旸
蔡冰
罗雅琼
尹魏昕
仲思超
王祥
赵云
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Jiangsu Branch Center National Computer Network And Information Security Management Center
Original Assignee
Jiangsu Branch Center National Computer Network And Information Security Management Center
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Jiangsu Branch Center National Computer Network And Information Security Management Center filed Critical Jiangsu Branch Center National Computer Network And Information Security Management Center
Priority to CN202010231603.8A priority Critical patent/CN111431821A/en
Publication of CN111431821A publication Critical patent/CN111431821A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L47/00Traffic control in data switching networks
    • H04L47/10Flow control; Congestion control
    • H04L47/24Traffic characterised by specific attributes, e.g. priority or QoS
    • H04L47/2441Traffic characterised by specific attributes, e.g. priority or QoS relying on flow classification, e.g. using integrated services [IntServ]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L47/00Traffic control in data switching networks
    • H04L47/10Flow control; Congestion control
    • H04L47/24Traffic characterised by specific attributes, e.g. priority or QoS
    • H04L47/2483Traffic characterised by specific attributes, e.g. priority or QoS involving identification of individual flows
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L47/00Traffic control in data switching networks
    • H04L47/50Queue scheduling
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0227Filtering policies
    • H04L63/0236Filtering by address, protocol, port number or service, e.g. IP-address or URL
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1416Event detection, e.g. attack signature detection
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1425Traffic logging, e.g. anomaly detection
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/02Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1095Replication or mirroring of data, e.g. scheduling or transport for data synchronisation between network nodes

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

本发明公开了一种在网络大流量中快速检测与识别特定信息的方法,包括处理器,所述处理器连接有数据库模块、信息识别模块、信息存储模块以及防护模块,其中所述数据库模块包括数据采集模块、发送模块、接收模块和中央控制模块;所述信息识别模块包括获取模块和筛选模块;所述信息存储模块包括数据转换单元、通信单元、云端存储器和反馈系统,所述防护模块包括无线入侵防护系统、防火墙系统。本发明可以快速从网络大流量中,在对各应用、协议进行分类识别的基础上,利用信息指纹技术准确识别特定信息内容,可以大幅度提高互联网特定信息鉴别和提取的准确性;且能对信息安全进行防护,避免信息丢失。

Figure 202010231603

The invention discloses a method for rapidly detecting and identifying specific information in large network traffic, comprising a processor connected with a database module, an information identification module, an information storage module and a protection module, wherein the database module includes a data acquisition module, a sending module, a receiving module and a central control module; the information identification module includes an acquisition module and a screening module; the information storage module includes a data conversion unit, a communication unit, a cloud storage and a feedback system, and the protection module includes Wireless intrusion prevention systems, firewall systems. The present invention can quickly identify specific information content by using information fingerprint technology on the basis of classifying and identifying applications and protocols from large network traffic, and can greatly improve the accuracy of identifying and extracting specific information on the Internet; Information security is protected to avoid information loss.

Figure 202010231603

Description

一种在网络大流量中快速检测与识别特定信息的方法A method for rapid detection and identification of specific information in large network traffic

技术领域technical field

本发明涉及网络信息处理技术领域,尤其涉及一种在网络大流量中快速检测与识别特定信息的方法。The invention relates to the technical field of network information processing, in particular to a method for rapidly detecting and identifying specific information in large network traffic.

背景技术Background technique

随着互联网的迅猛发展、WEB信息的增加,要对海量互联网流量进行准实时的数据采集、协议分类、应用识别、特征提取,就象大海捞针一样,信息处理技术则应运而生,信息处理是指将网络上大量网站的页面信息收集到本地,经过加工处理建立信息数据库和索引数据库,从而对用户提出的各种检索作出响应,提供用户所需的信息或相关指针。用户的检索途径主要包括自由词全文检索、关键词检索、分类检索及其他特定信息的检索。为此,我们提出了一种在网络大流量中快速检测与识别特定信息的方法。With the rapid development of the Internet and the increase of WEB information, it is necessary to perform quasi-real-time data collection, protocol classification, application identification, and feature extraction for massive Internet traffic. Just like finding a needle in a haystack, information processing technology has emerged. The page information of a large number of websites on the Internet is collected locally, and the information database and index database are established after processing, so as to respond to various searches proposed by users, and provide the information or related pointers required by users. The retrieval methods of users mainly include free-word full-text retrieval, keyword retrieval, classification retrieval and retrieval of other specific information. To this end, we propose a method to rapidly detect and identify specific information in large network traffic.

发明内容SUMMARY OF THE INVENTION

本发明的目的是为了解决背景技术中的问题,而提出的一种在网络大流量中快速检测与识别特定信息的方法。The purpose of the present invention is to solve the problems in the background technology, and propose a method for rapidly detecting and identifying specific information in large network traffic.

为了实现上述目的,本发明采用了如下技术方案:一种在网络大流量中快速检测与识别特定信息的方法,包括处理器,所述处理器连接有数据库模块、信息识别模块、信息存储模块以及防护模块,其中所述数据库模块包括数据采集模块、发送模块、接收模块和中央控制模块;所述信息识别模块包括获取模块和筛选模块;所述信息存储模块包括数据转换单元、通信单元、云端存储器和反馈系统,所述防护模块包括无线入侵防护系统、防火墙系统模块。In order to achieve the above object, the present invention adopts the following technical scheme: a method for rapidly detecting and identifying specific information in large network traffic, comprising a processor, the processor is connected with a database module, an information identification module, an information storage module and A protection module, wherein the database module includes a data acquisition module, a sending module, a receiving module and a central control module; the information identification module includes an acquisition module and a screening module; the information storage module includes a data conversion unit, a communication unit, a cloud storage and a feedback system, the protection module includes a wireless intrusion protection system and a firewall system module.

在上述的在网络大流量中快速检测与识别特定信息的方法中,在所述数据库模块中,所述数据采集模块用于采集互联网上的数据,并对数据进行初步分类,并将相同类别的数据压缩处理后传输至发送服务器;所述发送模块接收数据采集模块发送的数据后,保存接收的数据并按照数据类别和接收时间建立发送队列表;所述接收模块按照数据类别进行分组,并对接收模块组进行编号,接收模块组按照数据分类,不同的接收模块组只接收同类别的数据,并保存接收的数据;所述中央控制模块采集接收模块的状态,并根据采集的状态建立接收队列表,接收队列表内保存各个接收模块的工作状态和繁忙程度。In the above-mentioned method for rapidly detecting and identifying specific information in large network traffic, in the database module, the data collection module is used to collect data on the Internet, preliminarily classify the data, and classify the data of the same category. After the data is compressed, it is transmitted to the sending server; after the sending module receives the data sent by the data acquisition module, it saves the received data and establishes a sending queue table according to the data category and the receiving time; The receiving module groups are numbered, and the receiving module groups are classified according to the data. Different receiving module groups only receive data of the same type and save the received data; the central control module collects the status of the receiving modules, and establishes a receiving team according to the collected status. List, the receiving queue table saves the working status and busyness of each receiving module.

在上述的在网络大流量中快速检测与识别特定信息的方法中,在所述信息识别模块中,所述获取模块用于获取网络信息集合;所述筛选模块用于依照指定的信息编号,在网络信息集合中筛选与指定的信息编号相匹配的发布信息。In the above-mentioned method for rapidly detecting and identifying specific information in large network traffic, in the information identification module, the acquisition module is used for acquiring a network information set; the screening module is used for, according to the specified information number, Filter the published information that matches the specified information number in the network information collection.

在上述的在网络大流量中快速检测与识别特定信息的方法中,在所述信息储存模块中,所述数据转换单元可将存储的信息压缩为电信号,并向所述通信单元发送请求信号,所述通信单元将请求信号发送至云端存储器,所述云端存储器接收请求信号,所述云端存储器接收上传请求并通过反馈系统将允许信息上传的信号反馈至通信单元,所述通信单元接收反馈信号后开始上传信息,达到数据保存的效果。In the above-mentioned method for rapidly detecting and identifying specific information in large network traffic, in the information storage module, the data conversion unit can compress the stored information into an electrical signal, and send a request signal to the communication unit , the communication unit sends the request signal to the cloud storage, the cloud storage receives the request signal, the cloud storage receives the upload request and feeds back the signal allowing information uploading to the communication unit through the feedback system, and the communication unit receives the feedback signal Then start uploading information to achieve the effect of data saving.

在上述的在网络大流量中快速检测与识别特定信息的方法中,所述数据库模块内还设置有数据冗余判断模块;数据冗余判断模块与接收模块和数据采集模块连接,对数据采集模块采集的数据进行冗余判断,若接收模块内保存的数据与数据采集模块采集的数据相同则将相同的数据丢弃。In the above-mentioned method for rapidly detecting and identifying specific information in large network traffic, the database module is further provided with a data redundancy judgment module; the data redundancy judgment module is connected with the receiving module and the data acquisition module, and the data acquisition module is The collected data is judged redundantly. If the data stored in the receiving module is the same as the data collected by the data acquisition module, the same data will be discarded.

在上述的在网络大流量中快速检测与识别特定信息的方法中,所述中央控制模块内还设置有电力控制模块,电力控制模块根据接收队列表保存的接收模块的状态和发送队列表的数据类别控制相应空闲的接收服务器处于待机状态。In the above-mentioned method for quickly detecting and identifying specific information in a large network traffic, the central control module is further provided with a power control module, and the power control module stores the state of the receiving module according to the receiving queue table and the data of the sending queue table The class controls the corresponding idle receiving server to be in the standby state.

在上述的在网络大流量中快速检测与识别特定信息的方法中,包括以下步骤:The above-mentioned method for rapidly detecting and identifying specific information in large network traffic includes the following steps:

S1、数据库的信息采集及构建:采集不同计算机或智能设备的IP地址,以及该计算机或智能设备属性数据组,将计算机或智能设备属性数据组内的所有元素处理后均转化为数字格式,将数字格式的计算机或智能设备属性数据组进行分类保存,从而构建数据库;S1. Information collection and construction of the database: collect the IP addresses of different computers or smart devices, as well as the computer or smart device attribute data group, and convert all elements in the computer or smart device attribute data group into digital format after processing. Attribute data groups of computers or smart devices in digital format are classified and saved to build a database;

S2、信息的快速检测以及识别:将获取的网络信息集合输入至数据库模块当中在网络信息集合中筛选与指定的信息编号相匹配的发布信息;S2. Rapid detection and identification of information: input the acquired network information set into the database module, and filter the published information matching the specified information number in the network information set;

S3、信息储存:数据转换单元可将存储的信息压缩为电信号,并向通信单元发送请求信号,通信单元将请求信号发送至云端存储器,云端存储器接收请求信号,云端存储器接收上传请求并通过反馈系统将允许信息上传的信号反馈至通信单元,通信单元接收反馈信号后开始上传信息,对数据进行保存,防止信息丢失;S3. Information storage: the data conversion unit can compress the stored information into an electrical signal, and send a request signal to the communication unit, the communication unit sends the request signal to the cloud storage, the cloud storage receives the request signal, and the cloud storage receives the upload request and passes the feedback The system feeds back the signal that allows information to be uploaded to the communication unit, and the communication unit starts to upload the information after receiving the feedback signal, and saves the data to prevent information loss;

S4、信息防护:防护模块可实时对网络安全进行防护,通过控制网卡上配置的IP地址,对防火墙所检测到的IP地址实时预警,并将预警信息在内网Web服务器进行日志记录备份。S4. Information protection: The protection module can protect network security in real time. By controlling the IP address configured on the network card, it can give real-time warning to the IP address detected by the firewall, and back up the warning information to the intranet web server for log records.

与现有的技术相比,本在网络大流量中快速检测与识别特定信息的方法的优点在于:通过前期对数据进行分类,并建立发送队列表,再对发送队列表进行循环侦测,让用户的信息具有很好的识别性,同时,不破坏或极少破坏用户信息的可读性和自然性,可以快速从众多类似信息中,找出归属于特定用户的信息,从而在获取到的大量同类信息时,利用信息指纹排准确找出特定用户的信息,可以大幅度提高互联网特定信息鉴别和提取的准确性;且通过设置防护模块对信息安全进行防护,避免信息丢失。Compared with the existing technology, the advantages of this method of rapidly detecting and identifying specific information in large network traffic are: classifying the data in the early stage, establishing a sending queue table, and then cyclically detecting the sending queue table, so that the The user's information is well identifiable, and at the same time, the readability and naturalness of the user's information are not damaged or seldom damaged, and the information belonging to a specific user can be quickly found from a large number of similar information, so that the obtained information can be When there is a large amount of similar information, using information fingerprints to accurately find out the information of a specific user can greatly improve the accuracy of identifying and extracting specific information on the Internet; and by setting up a protection module to protect information security and avoid information loss.

附图说明Description of drawings

图1为本发明提出的一种在网络大流量中快速检测与识别特定信息的方法的结构框图。FIG. 1 is a structural block diagram of a method for rapidly detecting and identifying specific information in a large network traffic according to the present invention.

具体实施方式Detailed ways

以下实施例仅处于说明性目的,而不是想要限制本发明的范围。The following examples are for illustrative purposes only and are not intended to limit the scope of the invention.

实施例Example

参照图1,一种在网络大流量中快速检测与识别特定信息的方法,包括处理器,处理器连接有数据库模块、信息识别模块、信息存储模块以及防护模块;其中数据库模块包括数据采集模块、发送模块、接收模块和中央控制模块,数据采集模块用于采集互联网上的数据,并对数据进行初步分类,并将相同类别的数据压缩处理后传输至发送服务器;发送模块接收数据采集模块发送的数据后,保存接收的数据并按照数据类别和接收时间建立发送队列表;接收模块按照数据类别进行分组,并对接收模块组进行编号,接收模块组按照数据分类,不同的接收模块组只接收同类别的数据,并保存接收的数据;中央控制模块采集接收模块的状态,并根据采集的状态建立接收队列表,接收队列表内保存各个接收模块的工作状态和繁忙程度;其中数据库模块内还设置有数据冗余判断模块;数据冗余判断模块与接收模块和数据采集模块连接,对数据采集模块采集的数据进行冗余判断,若接收模块内保存的数据与数据采集模块采集的数据相同则将相同的数据丢弃;中央控制模块内还设置有电力控制模块,电力控制模块根据接收队列表保存的接收模块的状态和发送队列表的数据类别控制相应空闲的接收服务器处于待机状态;Referring to Fig. 1, a method for rapidly detecting and identifying specific information in large network traffic includes a processor, and the processor is connected with a database module, an information identification module, an information storage module and a protection module; wherein the database module includes a data acquisition module, The sending module, the receiving module and the central control module, the data collection module is used to collect data on the Internet, preliminarily classify the data, and compress the data of the same category and transmit it to the sending server; the sending module receives the data sent by the data collection module. After the data, the received data is saved and the sending queue table is established according to the data type and receiving time; the receiving modules are grouped according to the data type, and the receiving module groups are numbered. The receiving module groups are classified according to the data, and different receiving module groups only receive the same category data, and save the received data; the central control module collects the status of the receiving module, and establishes a receiving queue table according to the collected status, and the receiving queue table saves the working status and busyness of each receiving module; the database module also sets There is a data redundancy judgment module; the data redundancy judgment module is connected with the receiving module and the data acquisition module, and performs redundant judgment on the data collected by the data acquisition module. If the data stored in the receiving module is the same as the data collected by the data acquisition module, it will be The same data is discarded; a power control module is also set in the central control module, and the power control module controls the corresponding idle receiving server to be in a standby state according to the state of the receiving module saved in the receiving queue table and the data type of the sending queue table;

信息识别模块包括获取模块和筛选模块,获取模块用于获取网络信息集合;筛选模块用于依照指定的信息编号,在网络信息集合中筛选与指定的信息编号相匹配的发布信息;The information identification module includes an acquisition module and a screening module, the acquisition module is used to acquire the network information set; the screening module is used to filter the published information matching the specified information number in the network information set according to the specified information number;

信息存储模块包括数据转换单元、通信单元、云端存储器和反馈系统,数据转换单元可将存储的信息压缩为电信号,并向通信单元发送请求信号,通信单元将请求信号发送至云端存储器,云端存储器接收请求信号,云端存储器接收上传请求并通过反馈系统将允许信息上传的信号反馈至通信单元,通信单元接收反馈信号后开始上传信息,达到数据保存的效果。The information storage module includes a data conversion unit, a communication unit, a cloud storage and a feedback system. The data conversion unit can compress the stored information into electrical signals and send a request signal to the communication unit, which sends the request signal to the cloud storage, and the cloud storage After receiving the request signal, the cloud storage receives the upload request and feeds back the signal allowing information uploading to the communication unit through the feedback system. After the communication unit receives the feedback signal, it starts to upload the information to achieve the effect of data preservation.

本发明中,在网络大流量中快速检测与识别特定信息的方法,包括以下步骤:In the present invention, the method for rapidly detecting and identifying specific information in large network traffic includes the following steps:

S1、数据库的信息采集及构建:采集不同计算机或智能设备的IP地址,以及该计算机或智能设备属性数据组,将计算机或智能设备属性数据组内的所有元素处理后均转化为数字格式,将数字格式的计算机或智能设备属性数据组进行分类保存,从而构建数据库;S1. Information collection and construction of the database: collect the IP addresses of different computers or smart devices, as well as the computer or smart device attribute data group, and convert all elements in the computer or smart device attribute data group into digital format after processing. Attribute data groups of computers or smart devices in digital format are classified and saved to build a database;

S2、信息的快速检测以及识别:将获取的网络信息集合输入至数据库模块当中在网络信息集合中筛选与指定的信息编号相匹配的发布信息;S2. Rapid detection and identification of information: input the acquired network information set into the database module, and filter the published information matching the specified information number in the network information set;

S3、信息储存:数据转换单元可将存储的信息压缩为电信号,并向通信单元发送请求信号,通信单元将请求信号发送至云端存储器,云端存储器接收请求信号,云端存储器接收上传请求并通过反馈系统将允许信息上传的信号反馈至通信单元,通信单元接收反馈信号后开始上传信息,对数据进行保存,防止信息丢失;S3. Information storage: the data conversion unit can compress the stored information into an electrical signal, and send a request signal to the communication unit, the communication unit sends the request signal to the cloud storage, the cloud storage receives the request signal, and the cloud storage receives the upload request and passes the feedback The system feeds back the signal that allows information to be uploaded to the communication unit, and the communication unit starts to upload the information after receiving the feedback signal, and saves the data to prevent information loss;

S4、信息防护:防护模块可实时对网络安全进行防护,通过控制网卡上配置的IP地址,对防火墙所检测到的IP地址实时预警,并将预警信息在内网Web服务器进行日志记录备份。S4. Information protection: The protection module can protect network security in real time. By controlling the IP address configured on the network card, it can give real-time warning to the IP address detected by the firewall, and back up the warning information to the intranet web server for log records.

以上仅为本发明的较佳实施例,并不用以限制本发明,凡在本发明的精神和原则之内,所作的任何修改、等同替换、改进等,均应包含在本发明的保护范围之内。The above are only preferred embodiments of the present invention and are not intended to limit the present invention. Any modification, equivalent replacement, improvement, etc. made within the spirit and principle of the present invention shall be included in the protection scope of the present invention. Inside.

Claims (7)

1. A method for rapidly detecting and identifying specific information in network large flow comprises a processor, and is characterized in that the processor is connected with a database module, an information identification module, an information storage module and a protection module, wherein the database module comprises a data acquisition module, a sending module, a receiving module and a central control module; the information identification module comprises an acquisition module and a screening module; the information storage module comprises a data conversion unit, a communication unit, a cloud storage and a feedback system, and the protection module comprises a wireless intrusion protection system and a firewall system.
2. The method for rapidly detecting and identifying the specific information in the large flow rate of the network according to claim 1, wherein in the database module, the data acquisition module is used for acquiring data on the internet, preliminarily classifying the data, compressing the data of the same category and transmitting the data to the sending server; after the sending module receives the data sent by the data acquisition module, the received data are stored, and a sending queue list is established according to the data type and the receiving time; the receiving modules are grouped according to data types, the receiving module groups are numbered, the receiving module groups are classified according to the data, different receiving module groups only receive the data of the same type, and the received data are stored; the central control module collects the states of the receiving modules, establishes a receiving queue list according to the collected states, and stores the working states and the busy degree of each receiving module in the receiving queue list.
3. The method for rapidly detecting and identifying specific information in large traffic volume of network according to claim 1, wherein in the information identification module, the obtaining module is used for obtaining network information set; the screening module is used for screening the release information matched with the specified information number in the network information set according to the specified information number.
4. The method according to claim 1, wherein in the information storage module, the data conversion unit compresses the stored information into an electrical signal and sends a request signal to the communication unit, the communication unit sends the request signal to a cloud storage, the cloud storage receives the request signal, the cloud storage receives an upload request and feeds back a signal allowing information to be uploaded to the communication unit through a feedback system, and the communication unit starts uploading the information after receiving the feedback signal, so that the effect of data storage is achieved.
5. The method for rapidly detecting and identifying the specific information in the large flow rate of the network according to claim 1, wherein a data redundancy judgment module is further arranged in the database module; the data redundancy judgment module is connected with the receiving module and the data acquisition module, redundancy judgment is carried out on data acquired by the data acquisition module, and if the data stored in the receiving module is the same as the data acquired by the data acquisition module, the same data is discarded.
6. The method according to claim 1, wherein a power control module is further disposed in the central control module, and the power control module controls the idle receiving servers to be in a standby state according to the state of the receiving module stored in the receiving queue table and the data type of the sending queue table.
7. The method for rapidly detecting and identifying the specific information in the large flow of the network according to claim 1, comprising the following steps:
s1, information acquisition and construction of the database: collecting IP addresses of different computers or intelligent equipment and an attribute data set of the computers or the intelligent equipment, converting all elements in the attribute data set of the computers or the intelligent equipment into a digital format after processing, and classifying and storing the attribute data set of the computers or the intelligent equipment in the digital format so as to construct a database;
s2, rapid detection and identification of information: inputting the acquired network information set into a database module to screen release information matched with the specified information number in the network information set;
s3, information storage: the data conversion unit can compress the stored information into an electric signal and send a request signal to the communication unit, the communication unit sends the request signal to the cloud storage, the cloud storage receives the request signal, the cloud storage receives the uploading request and feeds back a signal allowing information to be uploaded to the communication unit through the feedback system, the communication unit starts to upload the information after receiving the feedback signal and stores the data to prevent information loss;
s4, information protection: the protection module can protect network safety in real time, pre-warns the IP address detected by the firewall in real time by controlling the IP address configured on the network card, and performs log record backup on the pre-warning information in an intranet Web server.
CN202010231603.8A 2020-03-27 2020-03-27 Method for rapidly detecting and identifying specific information in network large flow Pending CN111431821A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010231603.8A CN111431821A (en) 2020-03-27 2020-03-27 Method for rapidly detecting and identifying specific information in network large flow

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010231603.8A CN111431821A (en) 2020-03-27 2020-03-27 Method for rapidly detecting and identifying specific information in network large flow

Publications (1)

Publication Number Publication Date
CN111431821A true CN111431821A (en) 2020-07-17

Family

ID=71549507

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010231603.8A Pending CN111431821A (en) 2020-03-27 2020-03-27 Method for rapidly detecting and identifying specific information in network large flow

Country Status (1)

Country Link
CN (1) CN111431821A (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113835877A (en) * 2021-08-19 2021-12-24 重庆恩谷信息科技有限公司 Remote data information storage system based on big data
CN114745609A (en) * 2022-03-12 2022-07-12 广东绿建联能源环境科技有限公司 Energy consumption monitoring system

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113835877A (en) * 2021-08-19 2021-12-24 重庆恩谷信息科技有限公司 Remote data information storage system based on big data
CN114745609A (en) * 2022-03-12 2022-07-12 广东绿建联能源环境科技有限公司 Energy consumption monitoring system
CN114745609B (en) * 2022-03-12 2023-01-24 广东绿建联能源环境科技有限公司 Energy consumption monitoring system

Similar Documents

Publication Publication Date Title
CN105553740B (en) Data-interface monitoring method and device
US20210357624A1 (en) Information processing method and device, and storage medium
CN102750326A (en) Log management optimization method of cluster system based on downsizing strategy
CN102411533A (en) Log-management optimizing method for clustered storage system
CN105787282A (en) Automatic standardization method and system for medical data dictionaries
CN111444072A (en) Abnormal identification method, device, computer equipment and storage medium of client
CN112350882A (en) Distributed network traffic analysis system and method
CN111431821A (en) Method for rapidly detecting and identifying specific information in network large flow
CN108540473A (en) A kind of data analysing method and data analysis set-up
CN113934720A (en) A data cleaning method, device and computer storage medium
CN110413478A (en) A method, device and medium for monitoring log processing
CN115103157A (en) Video analysis method and device based on edge cloud cooperation, electronic equipment and medium
CN204270451U (en) Alarm review system
CN115391279A (en) Log processing method and device, electronic equipment and storage medium
CN107766796A (en) A kind of facial-recognition security systems and method based on cloud computing
CN101510211A (en) Multimedia data processing system and method
CN110909380B (en) A kind of abnormal file access behavior monitoring method and device
CN114338346B (en) Alarm message processing method, device and electronic equipment
CN112559480A (en) Distributed data set computing method and system in parallel computing scene
CN117332373A (en) Pattern recognition system, pattern recognition method and storage medium
CN104284163A (en) A video analysis device and system
CN112487851A (en) Judicial place abnormal behavior monitoring method based on artificial intelligence video identification
CN109543584A (en) A kind of identification of intelligent behavior and analysis system
CN104486157A (en) Information system performance detecting method based on deep packet analysis
CN106709686A (en) Information intelligent acquisition system and method oriented to non-mail delivery

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
WD01 Invention patent application deemed withdrawn after publication

Application publication date: 20200717

WD01 Invention patent application deemed withdrawn after publication