CN113986589B - Fault-tolerant strategy selection method and system for intelligent edge computing gateway - Google Patents
Fault-tolerant strategy selection method and system for intelligent edge computing gateway Download PDFInfo
- Publication number
- CN113986589B CN113986589B CN202111177618.1A CN202111177618A CN113986589B CN 113986589 B CN113986589 B CN 113986589B CN 202111177618 A CN202111177618 A CN 202111177618A CN 113986589 B CN113986589 B CN 113986589B
- Authority
- CN
- China
- Prior art keywords
- session
- risk
- service session
- service
- task process
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000010187 selection method Methods 0.000 title claims abstract description 11
- 238000000034 method Methods 0.000 claims abstract description 123
- 230000008569 process Effects 0.000 claims abstract description 89
- 230000004913 activation Effects 0.000 claims description 20
- 238000004590 computer program Methods 0.000 claims description 7
- 238000004140 cleaning Methods 0.000 claims description 6
- 239000000725 suspension Substances 0.000 claims description 6
- 230000006399 behavior Effects 0.000 claims description 5
- 238000011217 control strategy Methods 0.000 claims description 2
- 230000009545 invasion Effects 0.000 claims 1
- 230000010485 coping Effects 0.000 abstract description 3
- 230000001186 cumulative effect Effects 0.000 description 6
- 238000010586 diagram Methods 0.000 description 6
- 230000006870 function Effects 0.000 description 6
- 230000005540 biological transmission Effects 0.000 description 5
- 238000004891 communication Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000006872 improvement Effects 0.000 description 1
- 238000010295 mobile communication Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/07—Responding to the occurrence of a fault, e.g. fault tolerance
- G06F11/0703—Error or fault processing not based on redundancy, i.e. by taking additional measures to deal with the error or fault not making use of redundancy in operation, in hardware, or in data representation
- G06F11/0706—Error or fault processing not based on redundancy, i.e. by taking additional measures to deal with the error or fault not making use of redundancy in operation, in hardware, or in data representation the processing taking place on a specific hardware platform or in a specific software environment
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/07—Responding to the occurrence of a fault, e.g. fault tolerance
- G06F11/0703—Error or fault processing not based on redundancy, i.e. by taking additional measures to deal with the error or fault not making use of redundancy in operation, in hardware, or in data representation
- G06F11/0766—Error or fault reporting or storing
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/07—Responding to the occurrence of a fault, e.g. fault tolerance
- G06F11/0703—Error or fault processing not based on redundancy, i.e. by taking additional measures to deal with the error or fault not making use of redundancy in operation, in hardware, or in data representation
- G06F11/079—Root cause analysis, i.e. error or fault diagnosis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/07—Responding to the occurrence of a fault, e.g. fault tolerance
- G06F11/0703—Error or fault processing not based on redundancy, i.e. by taking additional measures to deal with the error or fault not making use of redundancy in operation, in hardware, or in data representation
- G06F11/0793—Remedial or corrective actions
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Quality & Reliability (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Health & Medical Sciences (AREA)
- Biomedical Technology (AREA)
- Debugging And Monitoring (AREA)
- Computer And Data Communications (AREA)
Abstract
According to the fault-tolerant strategy selection method and system for the intelligent edge computing gatekeeper, provided by the embodiment of the application, the business session statistical log of the task process is determined, and the target business session analysis is carried out according to the business session statistical log, so that when the number of target business sessions in a set period is greater than a first set judgment value, the session risk prompt is carried out, the efficient and accurate analysis of the business session security risk under the whole business session process under the strategy use state is realized, and the credibility of the session risk prompt is ensured. Therefore, different fault-tolerant strategies can be selected for different task processes according to the session risk prompt, so that stability of related data security risk strategies in the subsequent service session process is ensured, and risk coping capacity of the data security risk strategies is improved.
Description
Technical Field
The application relates to the technical field of intelligent edge computing and gatekeepers, in particular to a fault-tolerant policy selection method and system for an intelligent edge computing gatekeeper.
Background
The network gate is an information safety device which uses a solid-state switch read-write medium with multiple control functions to connect two independent host systems. Because the two independent host systems are isolated through the network gate, no physical connection, logical connection and information transmission protocol exist between the systems, no information exchange according to the protocol exists, and no protocol ferry is only performed in the form of data files. However, when the gatekeeper is applied to the edge computing architecture, how to implement security risk processing of data information is a technical problem that is currently of great concern.
Disclosure of Invention
In order to improve the technical problems in the related art, the application provides a fault-tolerant strategy selection method and a fault-tolerant strategy selection system for an intelligent edge computing gateway.
In a first aspect, an embodiment of the present application provides a fault-tolerant policy selection method of an intelligent edge computing gatekeeper, which is applied to a fault-tolerant policy selection system in an edge computing environment, where the edge computing environment further includes an edge computing gatekeeper matched with a first task process and a second task process, the first task process is a target process corresponding to a policy activation state, and the second task process is a target process corresponding to a policy suspension state, where the method includes determining a service session statistics log of the task process, where the service session statistics log includes a statistics period, service session content, a session topic and a task process label, performing target service session analysis according to the service session statistics log, where the target service session is a service session corresponding to a session topic when switching to the policy activation state and a session topic corresponding to a policy suspension state, and performing a session risk prompt when the number of the target service session in a set period is greater than a first set decision value, and selecting a fault-tolerant policy for the first task process and the second task process according to the session prompt, where the fault-tolerant policy is security policy data policy.
In this way, by determining the service session statistics log of the task process and performing target service session analysis according to the service session statistics log, when the number of target service sessions in a set period is greater than a first set judgment value, session risk prompt is performed, so that efficient and accurate analysis of service session security risks under the whole service session flow in a policy use state is realized, and the credibility of session risk prompt is ensured. Therefore, different fault-tolerant strategies can be selected for different task processes according to the session risk prompt, so that stability of related data security risk strategies in the subsequent service session process is ensured, and risk coping capacity of the data security risk strategies is improved.
Optionally, the target service session analysis is performed according to the service session statistics logs, and the target service session analysis comprises the steps of searching whether a first type of statistics log of a service session exists when a second type of statistics log of any group of service sessions is determined, wherein the second type of statistics log is the service session statistics log of the second task process, the first type of statistics log is the service session statistics log of the first task process, if so, the second session subject in the second type of statistics log and the first session subject in the first type of statistics log are processed in a correlation mode, and if not, the second session subject and the first session subject indicate inconsistent session subjects, the service session is determined to be the target service session.
Optionally, the retrieving whether the first class statistics log of the service session exists includes:
The method comprises the steps of determining a corresponding statistical time interval according to the statistical time interval in the second type of statistical logs, wherein the statistical time interval takes the statistical time interval as a termination time interval and takes the quantitative difference of the statistical time interval and a set time interval step as a trigger time interval, and searching whether the first type of statistical log of the business session exists or not from the first type of statistical logs of the statistical time interval in the statistical time interval.
Optionally, when the number of the target service sessions in the set period is greater than a first set determination value, performing session risk prompting, including updating the buffered session risk prompting cumulative value according to a set manner when the target service sessions are analyzed, when the buffered session risk prompting cumulative value reaches a second set determination value, determining whether the number of the target service sessions in the set period taking the current period as a termination period is greater than the first set determination value according to the analyzed statistical period in the service session statistics log of the target service sessions, and when the number of the target service sessions in the set period taking the current period as the termination period is not greater than the first set determination value, continuing to analyze the target service sessions, and when the buffered session risk prompting cumulative value reaches the second set determination value, determining that the number of the target service sessions in the set period taking the current period as the termination period is greater than the first set determination value, performing session risk prompting.
Optionally, after the session risk prompt is performed, initializing a cached session risk prompt accumulated value.
Optionally, the session risk prompting comprises determining a service session security risk type, and performing risk prompting according to the service session security risk type.
Optionally, after the target service session analysis is performed according to the service session statistics log, the method further comprises adding risk keywords of the target service session in a risk information set for any analyzed target service session, wherein the risk keywords comprise a statistics period of the target service session in a first task process, a statistics period of a second task process, a session theme corresponding to the session theme when switching to a policy activation state and service session content, the risk keywords of each target service session in the risk information set are sorted according to a rule that the target service session is in a first task process from first to last in the statistics period of the target service session, the method further comprises searching a preset number of second service session statistics logs of the second service session before switching to the policy activation state according to the risk keywords of the first service session, the risk keywords of the first service session are the first risk keywords in the risk information set, the corresponding session theme when switching to the policy activation state is the same as the corresponding session theme when switching to the policy activation state, and the second service session security risk category is determined according to the policy security log of the second service session.
The method comprises the steps of selecting a set number of service session statistics logs of a second task process, wherein the set number is 3 to infinity, identifying a service session security risk type according to the service session statistics logs of the second service session in the second task process, wherein the method comprises the steps of searching the service session statistics logs of the second service session in the second task process, determining the service session security risk type as a first information risk type if the number of the second service session statistics logs of the second task process is not searched to be a first set value, wherein the first information risk type indicates that a service session occurrence information risk exists, determining the service session security risk type as a second information risk type if the number of the second service session in the service session statistics logs of the second task process is not searched to be a second set value, determining the service session security risk type as a third information risk type if the number of the second service session statistics logs of the second task process is not searched to be 3 to infinity, and determining the service session security risk type as a third information risk type if the number of the second service session statistics logs of the second service session in the second task process is not searched to be a second set value, and determining that a service session security risk type is associated with a service intrusion behavior exists.
Optionally, after identifying the service session security risk category, storing service session content of a second service session for which the service session statistics log of the second task process is not retrieved, and after performing the session risk prompt, cleaning the cached service session content of the second service session and terminating the risk prompt for the second service session when determining that the second service session is in the service session statistics log of the second task process for any second service session for which the service session statistics log of the second task process is not retrieved;
and after the session risk prompt is carried out, the method further comprises the steps of cleaning the cached service session content of the second target service session and terminating the risk prompt for the second service session when the period of time when the second service session is in the strategy activation state is determined to be greater than the set period of time judgment value for any second service session which does not retrieve the service session statistics log in the second task process.
In a second aspect, the present application further provides a fault-tolerant policy selection system, which includes a processor and a memory, where the processor is communicatively connected to the memory, and the processor is configured to read a computer program from the memory and execute the computer program to implement the method described above.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the application and together with the description, serve to explain the principles of the application.
Fig. 1 is a schematic hardware structure of a fault-tolerant policy selection system according to an embodiment of the present application.
Fig. 2 is a flow chart of a fault-tolerant policy selection method for an intelligent edge computing gatekeeper according to an embodiment of the present application.
Detailed Description
Reference will now be made in detail to exemplary embodiments, examples of which are illustrated in the accompanying drawings. When the following description refers to the accompanying drawings, the same numbers in different drawings refer to the same or similar elements, unless otherwise indicated. The implementations described in the following exemplary examples do not represent all implementations consistent with the application. Rather, they are merely examples of apparatus and methods consistent with aspects of the application as detailed in the accompanying claims.
It should be noted that the terms "first," "second," and the like in the description and the claims of the present application and the above figures are used for distinguishing between similar objects and not necessarily for describing a particular sequential or chronological order.
The method embodiments provided by the embodiments of the present application may be implemented in a fault tolerant policy selection system, a computer device or similar computing device. Taking the operation on the fault-tolerant policy selection system as an example, fig. 1 is a hardware structure block diagram of the fault-tolerant policy selection system implementing a fault-tolerant policy selection method of an intelligent edge computing gatekeeper according to an embodiment of the present application. As shown in fig. 1, the fault-tolerant policy selection system 10 may include one or more (only one is shown in fig. 1) processors 102 (the processors 102 may include, but are not limited to, a microprocessor MCU, a programmable logic device FPGA, etc. processing means) and a memory 104 for storing data, and optionally the fault-tolerant policy selection system may further include transmission means 106 for communication functions. It will be appreciated by those of ordinary skill in the art that the architecture shown in fig. 1 is merely illustrative and is not intended to limit the architecture of the fault tolerance policy selection system described above. For example, the fault tolerance policy selection system 10 may also include more or fewer components than shown in FIG. 1, or have a different configuration than shown in FIG. 1.
The memory 104 may be used to store a computer program, for example, a software program of an application software and a module, such as a computer program corresponding to a fault-tolerant policy selection method of an intelligent edge computing gateway in an embodiment of the present application, and the processor 102 executes the computer program stored in the memory 104 to perform various functional applications and data processing, that is, implement the method described above. Memory 104 may include high-speed random access memory, and may also include non-volatile memory, such as one or more magnetic storage devices, flash memory, or other non-volatile solid-state memory. In some examples, the memory 104 may further include memory remotely located with respect to the processor 102, which may be connected to the fault tolerance policy selection system 10 via a network. Examples of such networks include, but are not limited to, the internet, intranets, local area networks, mobile communication networks, and combinations thereof.
The transmission means 106 is arranged to receive or transmit data via a network. The network specific examples described above may include a wireless network provided by a communication provider of the fault tolerance policy selection system 10. In one example, the transmission device 106 includes a network adapter (Network Interface Controller, simply referred to as a NIC) that can connect to other network devices through a base station to communicate with the internet. In one example, the transmission device 106 may be a Radio Frequency (RF) module, which is used to communicate with the internet wirelessly.
Based on this, referring to fig. 2, fig. 2 is a flowchart of a fault-tolerant policy selection method of an intelligent edge computing gatekeeper according to an embodiment of the present invention, where the method is applied to a fault-tolerant policy selection system in an edge computing environment, and the edge computing environment further includes an edge computing gatekeeper matched with a first task process and a second task process, where the first task process is a target process corresponding to a policy activation state, and the second task process is a target process corresponding to a policy suspension state, and further may include a technical scheme described below.
And step 21, determining a business session statistical log of the task process, wherein the business session statistical log comprises a statistical period, business session contents, a session theme and a task process label.
And 22, analyzing the target service session according to the service session statistical log, wherein the target service session is a service session with inconsistent session theme corresponding to the service session when switching to the policy activation state and session theme corresponding to the service session when switching to the policy suspension state.
For an illustrative embodiment, the target service session analysis performed according to the service session statistics log recorded in step 22 may specifically include searching, when determining that a second type of statistics log of any one group of service sessions exists, whether a first type of statistics log of the service session exists, where the second type of statistics log is a service session statistics log of the second task process, and the first type of statistics log is a service session statistics log of the first task process, if so, processing a second session topic in the second type of statistics log and a first session topic in the first type of statistics log in an associated manner, and if the second session topic and the first session topic indicate inconsistent session topics, determining that the service session is a target service session. In this way, the first kind of statistical log is searched first, and then different judgment result analysis is carried out on the first kind of statistical log, so that the credibility and reliability of the target business session are determined.
For an exemplary embodiment, the searching recorded whether the first type of statistical log of the service session exists or not may specifically include determining a corresponding statistical time interval according to a statistical time interval in the second type of statistical log, wherein the statistical time interval uses the statistical time interval as a termination time interval and uses a quantitative difference between the statistical time interval and a set time interval step as a trigger time interval;
from the first kind of statistics logs of the statistics period within the statistics period interval, whether the first kind of statistics log of the business session exists is retrieved.
And step 23, when the number of the target service sessions in the set period is larger than a first set judgment value, performing session risk prompt, and selecting a fault-tolerant strategy for the first task process and the second task process according to the session risk prompt, wherein the fault-tolerant strategy is a data security wind control strategy.
For an illustrative embodiment, the step of performing the session risk prompting when the number of the target service sessions in the set period recorded in the step 23 is greater than the first set determination value may specifically include a step of 231 and a step of 232, when the target service session is analyzed, updating the buffered session risk prompting cumulative value according to a set manner, and a step of 232, when the buffered session risk prompting cumulative value reaches the second set determination value, determining whether the number of the target service sessions in the set period with the current period as the termination period is greater than the first set determination value according to the statistical period in the service session statistics log of the analyzed target service session, and when the number of the target service sessions in the set period with the current period as the termination period is not greater than the first set determination value, continuing to analyze the target service session, and when the buffered session risk prompting cumulative value reaches the second set determination value and the number of the target service sessions in the set period with the current period as the termination period is greater than the first set determination value.
For one illustrative embodiment, after performing the session risk reminder, the method may further include initializing a cached session risk reminder accumulated value.
For an illustrative embodiment, the prompting of the session risk specifically includes determining a security risk type of the service session, and prompting the risk according to the security risk type of the service session.
For an illustrative embodiment, after the target service session analysis is performed according to the service session statistics log, the method may further include adding, in a risk information set, risk keywords of the target service session for any one of the analyzed target service sessions, where the risk keywords include session topics corresponding to session topics of the target service session in a statistics period of a first task process, a statistics period of a second task process, and service session contents when switching to a policy activation state, where the risk keywords of each target service session in the risk information set are sorted according to a rule that the target service session is in a statistics period of the first task process from first to last.
For one illustrative embodiment, the determining the security risk category of the service session may specifically include retrieving a service session statistics log for a pre-set number of second service sessions that were switched to a policy activated state prior to the first service session based on a risk key for the first service session. In the embodiment of the application, the risk keywords of the first service session are first risk keywords in the risk information set, the session theme corresponding to the second service session when switching to the policy activation state is the same as the session theme corresponding to the first service session when switching to the policy activation state, and the service session security risk category is determined according to the service session statistics log of the second service session in the second task process. Therefore, the security risk types of the service session are counted according to the risk keywords of the service session, so that the efficiency of determining the security risk types of the service session can be improved, and the integrity of the security risk types of the service session can be ensured.
For one illustrative embodiment, the set number has a value of 3 to plus infinity. Based on this, the above-described identification of the traffic session security risk category according to the traffic session statistics log of the second traffic session at the second task process may specifically include retrieving the traffic session statistics log of the second traffic session at the second task process, determining the traffic session security risk category as a first information risk category if the number of the second traffic sessions of the traffic session statistics log at the second task process is not retrieved to be a first set value, the first information risk category indicating that there is a traffic session occurrence information risk, determining the traffic session security risk category as a second information risk category if the number of the second traffic sessions of the traffic session statistics log at the second task process is not retrieved to be a second set value, the second information risk category indicating that there is a traffic session information intrusion behavior, determining the traffic session security risk category as a third information risk category if the number of the traffic session statistics log at the second task process is not retrieved to be a value of 3 to infinity, and the third information risk category indicating that there is a traffic session association intrusion behavior.
For one illustrative embodiment, after identifying the business session security risk category, further comprising storing business session content for a second business session for which no business session statistics log at the second task process was retrieved.
Further, after the session risk prompting, the method further comprises the steps of cleaning the cached service session content of the second service session and terminating the risk prompting for the second service session when the second service session is determined to be in the service session statistics log of the second task process for any second service session in which the service session statistics log of the second task process is not retrieved. In this way, the efficiency of the session risk prompt can be improved.
Further, after the session risk prompting, the method may further include, for any second service session for which the service session statistics log in the second task process is not retrieved, cleaning the cached service session content of the second target service session and terminating the risk prompting for the second service session when it is determined that the period in which the second service session is in the policy-activated state is greater than the set period determination value. In this way, the efficiency of the session risk prompt can be improved.
In summary, by determining the service session statistics log of the task process and performing target service session analysis according to the service session statistics log, when the number of target service sessions in a set period is greater than a first set judgment value, session risk prompt is performed, so that efficient and accurate analysis of service session security risks under the whole service session flow in a policy use state is realized, and the credibility of session risk prompt is ensured. Therefore, different fault-tolerant strategies can be selected for different task processes according to the session risk prompt, so that stability of related data security risk strategies in the subsequent service session process is ensured, and risk coping capacity of the data security risk strategies is improved.
Further, there is also provided a readable storage medium having stored thereon a program which when executed by a processor implements the above-described method.
In the embodiments provided in the present application, it should be understood that the disclosed apparatus and method may be implemented in other manners. The apparatus and method embodiments described above are merely illustrative, for example, flow diagrams and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of apparatus, methods and computer program products according to various embodiments of the present application. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
In addition, functional modules in the embodiments of the present application may be integrated together to form a single part, or each module may exist alone, or two or more modules may be integrated to form a single part.
The functions, if implemented in the form of software functional modules and sold or used as a stand-alone product, may be stored in a computer-readable storage medium. Based on this understanding, the technical solution of the present application may be embodied essentially or in a part contributing to the prior art or in the form of a software product stored in a storage medium, comprising several instructions for causing a computer device (which may be a personal computer, a media service server 10, or a network device, etc.) to perform all or part of the steps of the method according to the embodiments of the present application. The storage medium includes a U disk, a removable hard disk, a Read-Only Memory (ROM), a random access Memory (RAM, random Access Memory), a magnetic disk, an optical disk, or other various media capable of storing program codes. It should be noted that, in this document, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising one does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises an element.
The above description is only of the preferred embodiments of the present application and is not intended to limit the present application, but various modifications and variations can be made to the present application by those skilled in the art. Any modification, equivalent replacement, improvement, etc. made within the spirit and principle of the present application should be included in the protection scope of the present application.
Claims (7)
1. The fault-tolerant policy selection method for the intelligent edge computing gatekeeper is characterized by being applied to a fault-tolerant policy selection system in an edge computing environment, wherein the edge computing environment further comprises the edge computing gatekeeper matched with a first task process and a second task process, the first task process is a target process corresponding to a policy activation state, and the second task process is a target process corresponding to a policy suspension state, and the method comprises the following steps:
Determining a business session statistical log of a task process, wherein the business session statistical log comprises a statistical period, business session content, a session theme and a task process label;
performing target service session analysis according to the service session statistical log, wherein the target service session is a service session with inconsistent session theme corresponding to the service session when switching to a policy activation state and session theme corresponding to the service session when switching to a policy suspension state;
When the number of the target service sessions in a set period is larger than a first set judgment value, session risk prompt is carried out, and a fault-tolerant strategy is selected for the first task process and the second task process according to the session risk prompt, wherein the fault-tolerant strategy is a data security wind control strategy;
the target service session analysis is performed according to the service session statistics log, including:
searching whether a first type of statistical log of the business session exists or not when a second type of statistical log of any group of business session is determined, wherein the second type of statistical log is the business session statistical log of the second task process, and the first type of statistical log is the business session statistical log of the first task process;
if so, associating and processing a second session topic in the second category statistical log with a first session topic in the first category statistical log;
if the second session theme is inconsistent with the first session theme indication, determining that the service session is a target service session;
the session risk prompting comprises determining the security risk type of the service session, and prompting the risk according to the security risk type of the service session;
after the target service session analysis is performed according to the service session statistics log, the method further comprises:
For any analyzed target service session, adding a risk keyword of the target service session in a risk information set, wherein the risk keyword comprises a session theme of a session theme corresponding to the target service session in a statistics period of a first task process, a statistics period of a second task process and a strategy activation state when switching to the strategy activation state and service session content, and the risk keywords of each target service session in the risk information set are sorted according to a rule that the target service session is in a statistics period of the first task process from first to last;
the determining the security risk category of the service session comprises the following steps:
According to the risk keywords of the first service session, searching a service session statistics log of a preset number of second service sessions switched to a strategy activation state before the first service session, wherein the risk keywords of the first service session are first risk keywords in the risk information set, and session topics corresponding to the second service session when the second service session is switched to the strategy activation state are the same as session topics corresponding to the first service session when the first service session is switched to the strategy activation state;
And determining the security risk type of the service session according to the service session statistical log of the second service session in the second task process.
2. The method of claim 1, wherein said retrieving whether a first type of statistics log for the business session exists comprises:
Determining a corresponding statistical time interval according to the statistical time interval in the second type of statistical log, wherein the statistical time interval takes the statistical time interval as a termination time interval and takes the quantitative difference between the statistical time interval and a set time interval step as a trigger time interval;
from the first kind of statistics logs of the statistics period within the statistics period interval, whether the first kind of statistics log of the business session exists is retrieved.
3. The method of claim 1, wherein performing session risk prompting when the number of target service sessions in the set period is greater than a first set determination value comprises:
When the target service session is analyzed, updating the cached session risk prompt accumulated value according to a set mode;
When the accumulated value of the session risk prompt reaches a second set judgment value, determining whether the number of the target service sessions in a set time interval taking the current time interval as a termination time interval is larger than a first set judgment value according to the analyzed statistical time interval in the service session statistical log of the target service sessions, continuously analyzing the target service sessions when the number of the target service sessions in the set time interval taking the current time interval as the termination time interval is not larger than the first set judgment value, and carrying out session risk prompt when the accumulated value of the session risk prompt reaches the second set judgment value and the number of the target service sessions in the set time interval taking the current time interval as the termination time interval is larger than the first set judgment value.
4. The method of claim 3, further comprising initializing a cached session risk reminder aggregate value after the session risk reminder is performed.
5. The method of claim 1, wherein the set number has a value of 3 to positive infinity, and wherein identifying a traffic session security risk category based on traffic session statistics logs of the second traffic session at the second task process comprises:
Retrieving a service session statistics log of the second service session at the second task process;
if the number of the second business sessions of the business session statistics log in the second task process is not searched to be a first set value, determining the business session security risk type to be a first information risk type;
if the number of the second service sessions in the service session statistics log of the second task process is not searched to be a second set value, determining the service session security risk type to be a second information risk type, wherein the second information risk type indicates that the service session information invasion behavior exists;
and if the value of the number of the second business sessions of the business session statistical log of the second task process is not retrieved and is 3 to positive infinity, determining the business session security risk type as a third information risk type, wherein the third information risk type indicates that the business session association intrusion behavior exists.
6. The method of claim 5, further comprising storing business session content for a second business session for which no business session statistics log at the second task process was retrieved after the identifying the business session security risk category;
After the session risk prompt is carried out, the method further comprises the steps of for any second service session which does not retrieve the service session statistics log of the second task process, when determining that the second service session is in the service session statistics log of the second task process, cleaning the cached service session content of the second service session, and terminating the risk prompt for the second service session;
And after the session risk prompt is carried out, the method further comprises the steps of cleaning the cached service session content of the second service session and terminating the risk prompt for the second service session when the period of time when the second service session is in the strategy activation state is determined to be greater than the set period of time judgment value for any second service session which does not retrieve the service session statistical log in the second task process.
7. A fault tolerant policy selection system comprising a processor and a memory, said processor being communicatively coupled to said memory, said processor being operable to read a computer program from said memory and execute it to implement the method of any of the preceding claims 1-6.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111177618.1A CN113986589B (en) | 2021-10-09 | 2021-10-09 | Fault-tolerant strategy selection method and system for intelligent edge computing gateway |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111177618.1A CN113986589B (en) | 2021-10-09 | 2021-10-09 | Fault-tolerant strategy selection method and system for intelligent edge computing gateway |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN113986589A CN113986589A (en) | 2022-01-28 |
| CN113986589B true CN113986589B (en) | 2024-12-20 |
Family
ID=79737983
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202111177618.1A Active CN113986589B (en) | 2021-10-09 | 2021-10-09 | Fault-tolerant strategy selection method and system for intelligent edge computing gateway |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113986589B (en) |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109313687A (en) * | 2016-01-24 | 2019-02-05 | 赛义德·卡姆兰·哈桑 | AI-based computer security |
| CN113159901A (en) * | 2021-04-29 | 2021-07-23 | 天津狮拓信息技术有限公司 | Method and device for realizing financing lease service session |
Family Cites Families (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20070168537A1 (en) * | 2006-01-18 | 2007-07-19 | Archan Misra | Method for intelligent and automated transmission of local context in converged signaling |
| WO2012001667A1 (en) * | 2010-07-01 | 2012-01-05 | Nunez Di Croce Mariano | Automated security assessment of business-critical systems and applications |
| US10003607B1 (en) * | 2016-03-24 | 2018-06-19 | EMC IP Holding Company LLC | Automated detection of session-based access anomalies in a computer network through processing of session data |
| WO2017194080A1 (en) * | 2016-05-09 | 2017-11-16 | Nokia Solutions And Networks Oy | Policy control with mobile edge computing |
| CN108540492A (en) * | 2018-04-27 | 2018-09-14 | 新华三信息安全技术有限公司 | A kind of message processing method |
| CN110417757B (en) * | 2019-07-10 | 2020-12-08 | 广州博依特智能信息科技有限公司 | Industrial data storage system based on edge computing gateway |
-
2021
- 2021-10-09 CN CN202111177618.1A patent/CN113986589B/en active Active
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109313687A (en) * | 2016-01-24 | 2019-02-05 | 赛义德·卡姆兰·哈桑 | AI-based computer security |
| CN113159901A (en) * | 2021-04-29 | 2021-07-23 | 天津狮拓信息技术有限公司 | Method and device for realizing financing lease service session |
Also Published As
| Publication number | Publication date |
|---|---|
| CN113986589A (en) | 2022-01-28 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109600258B (en) | Industrial protocol message recording device and method | |
| CN109347827B (en) | Method, device, equipment and storage medium for predicting network attack behavior | |
| CN111625841B (en) | Virus processing method, device and equipment | |
| WO2015016821A1 (en) | Determining topic relevance of an email thread | |
| CN101167063A (en) | Communication control device and communication control system | |
| CN112118249B (en) | Security protection method and device based on log and firewall | |
| CN108449349B (en) | Method and device for preventing malicious domain name attack | |
| CN111444408A (en) | Network search processing method and device and electronic equipment | |
| US20170149800A1 (en) | System and method for information security management based on application level log analysis | |
| US20160205118A1 (en) | Cyber black box system and method thereof | |
| CN102780681A (en) | URL (Uniform Resource Locator) filtering system and URL filtering method | |
| KR20090005367A (en) | Method of operation of event monitor, computer readable medium and work item event monitor | |
| KR20090002889A (en) | Apparatus and method for sampling security events based on the content of security events | |
| CN113986589B (en) | Fault-tolerant strategy selection method and system for intelligent edge computing gateway | |
| CN115001724B (en) | Network threat intelligence management method, device, computing equipment and computer readable storage medium | |
| CN107766737B (en) | Database auditing method | |
| CN110460593B (en) | Network address identification method, device and medium for mobile traffic gateway | |
| CN110191097A (en) | Detection method, system, equipment and the storage medium of login page safety | |
| CN114140127A (en) | Payment processing method and system based on block chain | |
| KR101361243B1 (en) | Apparatus and Method for Tenant-aware Security Management in Multi-Tenancy system | |
| CN112436969A (en) | Internet of things equipment management method, system, equipment and medium | |
| CN113987005B (en) | Production data management method and cloud platform for edge computing | |
| CN111625700A (en) | Anti-grabbing method, device, equipment and computer storage medium | |
| CN107391551B (en) | Web service data analysis method and system based on data mining | |
| CN110752996A (en) | Message forwarding method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |