[go: up one dir, main page]

CN119854164B - Risk monitoring method and device - Google Patents

Risk monitoring method and device

Info

Publication number
CN119854164B
CN119854164B CN202411993799.9A CN202411993799A CN119854164B CN 119854164 B CN119854164 B CN 119854164B CN 202411993799 A CN202411993799 A CN 202411993799A CN 119854164 B CN119854164 B CN 119854164B
Authority
CN
China
Prior art keywords
risk
data
risk value
power grid
preset
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202411993799.9A
Other languages
Chinese (zh)
Other versions
CN119854164A (en
Inventor
周实奇
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Mobile Communications Group Co Ltd
China Mobile Group Guangdong Co Ltd
Original Assignee
China Mobile Communications Group Co Ltd
China Mobile Group Guangdong Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Mobile Communications Group Co Ltd, China Mobile Group Guangdong Co Ltd filed Critical China Mobile Communications Group Co Ltd
Priority to CN202411993799.9A priority Critical patent/CN119854164B/en
Publication of CN119854164A publication Critical patent/CN119854164A/en
Application granted granted Critical
Publication of CN119854164B publication Critical patent/CN119854164B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/08Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/14Network analysis or design
    • H04L41/145Network analysis or design involving simulating, designing, planning or modelling of a network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/14Network analysis or design
    • H04L41/147Network analysis or design for predicting network behaviour
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y04INFORMATION OR COMMUNICATION TECHNOLOGIES HAVING AN IMPACT ON OTHER TECHNOLOGY AREAS
    • Y04SSYSTEMS INTEGRATING TECHNOLOGIES RELATED TO POWER NETWORK OPERATION, COMMUNICATION OR INFORMATION TECHNOLOGIES FOR IMPROVING THE ELECTRICAL POWER GENERATION, TRANSMISSION, DISTRIBUTION, MANAGEMENT OR USAGE, i.e. SMART GRIDS
    • Y04S10/00Systems supporting electrical power generation, transmission or distribution
    • Y04S10/50Systems or methods supporting the power network operation or management, involving a certain degree of interaction with the load-side end user applications

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Environmental & Geological Engineering (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

本申请公开了一种风险监测方法及装置,涉及计算机技术领域,其中方法包括:首先获取节点设备对应的算力并网过程数据并从算力并网过程数据中选取预设时间段内的待分析节点数据;通过预设风险预测模型对待分析节点数据进行处理,生成节点设备对应的初始风险值;依据算力并网过程数据对初始风险值进行调整,得到满足预设风险条件的目标风险值;基于目标风险值对节点设备进行风险监测,确定节点设备在算力并网过程中对应的风险等级。与目前现有技术相比,本申请有效降低风险损失,减少人工参与,降低风险管理的人力成本,同时提高风险管理的效率和质量,为算力并网的安全和稳定提供了有力保障。

This application discloses a risk monitoring method and apparatus, relating to the field of computer technology. The method includes: firstly, acquiring computing power grid connection process data corresponding to node devices and selecting node data to be analyzed within a preset time period from the computing power grid connection process data; processing the node data to be analyzed using a preset risk prediction model to generate an initial risk value corresponding to the node device; adjusting the initial risk value based on the computing power grid connection process data to obtain a target risk value that meets preset risk conditions; and performing risk monitoring on the node device based on the target risk value to determine the risk level corresponding to the node device during the computing power grid connection process. Compared with existing technologies, this application effectively reduces risk losses, reduces manual intervention, lowers the labor costs of risk management, and improves the efficiency and quality of risk management, providing strong protection for the security and stability of computing power grid connection.

Description

Risk monitoring method and device
Technical Field
The present application relates to the field of computer technologies, and in particular, to a risk monitoring method and apparatus.
Background
The computational power grid connection is a key technology based on computational power measurement, general computation scheduling, trusted transaction and the like, aims to fully exert the advantages of the computational power grid, and is widely used for converging multiple computational power, so as to promote an innovative technical system and a service mode of computational power popularization and efficient service. The method utilizes a block chain and other decentralization technology to perform unified registration and management on idle computing power resources, multiparty computing power resources and computing power services, and realizes distributed computing power unified operation.
At present, risk monitoring is performed on the calculation power grid-connected process, and risk judgment is properly performed at a high risk place or a high risk place mainly through manual experience, so that the purpose of performing risk monitoring on the calculation power grid-connected process is achieved.
However, under the conditions of complex network environment and more node devices, the risk condition of all the node devices cannot be judged in time by using the risk monitoring mode, so that risk monitoring of each node device cannot be realized, and the efficiency and quality of power grid connection are affected.
Disclosure of Invention
In view of this, the present application provides a risk monitoring method and apparatus, and aims to solve the technical problems that in the prior art, under the conditions of complex network environment and more node devices, risk situations of all node devices cannot be timely determined, and further risk monitoring cannot be performed on each node device, and efficiency and quality of computing power grid connection are affected.
In a first aspect, the present application provides a risk monitoring method, comprising:
acquiring computing power grid-connected process data corresponding to node equipment and selecting node data to be analyzed in a preset time period from the computing power grid-connected process data;
Processing the node data to be analyzed through a preset risk prediction model to generate an initial risk value corresponding to the node equipment;
Adjusting the initial risk value according to the computing power grid-connected process data to obtain a target risk value meeting a preset risk condition;
And performing risk monitoring on the node equipment based on the target risk value, and determining a corresponding risk level of the node equipment in the calculation grid-connection process.
In a second aspect, the present application provides a risk monitoring apparatus comprising:
The acquisition module is configured to acquire the computing power grid-connected process data corresponding to the node equipment and select the node data to be analyzed in a preset time period from the computing power grid-connected process data;
the generation module is configured to process the node data to be analyzed through a preset risk prediction model and generate an initial risk value corresponding to the node equipment;
The adjustment module is configured to adjust the initial risk value according to the computing power grid-connected process data to obtain a target risk value meeting a preset risk condition;
And the monitoring module is configured to monitor the risk of the node equipment based on the target risk value and determine the corresponding risk level of the node equipment in the calculation grid-connection process.
In a third aspect, the present application provides a computer readable storage medium having stored thereon a computer program which, when executed by a processor, implements the risk monitoring method of the first aspect.
In a fourth aspect, the present application provides an electronic device comprising a storage medium, a processor and a computer program stored on the storage medium and executable on the processor, the processor implementing the risk monitoring method of the first aspect when executing the computer program.
In a fifth aspect, the application provides a computer program product comprising a computer program which, when executed by a processor, implements the risk monitoring method of the first aspect.
According to the technical scheme, the risk monitoring method and the risk monitoring device provided by the application are characterized by comprising the steps of firstly obtaining computing power grid-connected process data corresponding to node equipment, selecting node data to be analyzed in a preset time period from the computing power grid-connected process data, processing the node data to be analyzed through a preset risk prediction model to generate an initial risk value corresponding to the node equipment, adjusting the initial risk value according to the computing power grid-connected process data to obtain a target risk value meeting a preset risk condition, carrying out risk monitoring on the node equipment based on the target risk value, and determining a risk grade corresponding to the node equipment in the computing power grid-connected process. Compared with the prior art, the method and the device have the advantages that the node data to be analyzed in the preset time period of the node equipment are subjected to the preset risk prediction model to obtain the initial risk value corresponding to the node equipment, the initial risk value is adjusted based on the calculation power grid-connection process data corresponding to the node equipment to obtain the target risk value meeting the preset risk condition, the risk monitoring is carried out on the node equipment based on the target risk value, various risks in the calculation power grid-connection process can be more accurately identified and evaluated, the risk monitoring can be accurately carried out on each node equipment participating in the calculation power grid-connection process, so that the risk loss in the calculation power grid-connection process can be effectively reduced, the manual participation can be reduced, the labor cost of risk management is reduced, the efficiency and the quality of the risk management are improved, and powerful guarantee is provided for the safety and stability of the calculation power grid-connection.
The foregoing description is only an overview of the present application, and is intended to be implemented in accordance with the teachings of the present application in order that the same may be more clearly understood and to make the same and other objects, features and advantages of the present application more readily apparent.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the application and together with the description, serve to explain the principles of the application.
In order to more clearly illustrate the embodiments of the application or the technical solutions of the prior art, the drawings which are used in the description of the embodiments or the prior art will be briefly described, and it will be obvious to a person skilled in the art that other drawings can be obtained from these drawings without inventive effort.
Fig. 1 shows a schematic flow chart of a risk monitoring method according to an embodiment of the present application;
fig. 2 shows a schematic flow chart of a risk monitoring method according to an embodiment of the present application;
fig. 3 shows a schematic structural diagram of a risk monitoring device according to an embodiment of the present application.
Detailed Description
Embodiments of the present application will be described in more detail below with reference to the accompanying drawings. It should be noted that, without conflict, the embodiments of the present application and features of the embodiments may be combined with each other.
In order to solve the technical problems that in the prior art, under the conditions of complex network environment and more node devices, the risk situation of all the node devices cannot be judged in time, and then risk monitoring can not be carried out on each node device, and the computing power grid-connected efficiency and quality are affected. The present embodiment provides a risk monitoring method, as shown in fig. 1, including:
And 101, acquiring computing power grid-connected process data corresponding to the node equipment and selecting node data to be analyzed in a preset time period from the computing power grid-connected process data.
In the embodiment of the present application, node Devices (Node Devices) are basic components of network communication and distributed computing systems, which may be any form of physical or virtual Devices, having certain computing, storage and network communication capabilities for performing specific tasks or services. In different application scenarios, the node devices play different roles, specifically, the node devices may include server nodes, client nodes, edge nodes, storage nodes, computing nodes, blockchain nodes, sensor nodes, and the like, and accordingly, the server nodes are high-performance computing devices in a data center or an enterprise, and are responsible for processing a large amount of data, running complex applications or providing services, such as database servers, web servers, mail servers, and the like. A client node is a device used by an end user, such as a personal computer, smart phone, tablet, etc., that is typically used to access network resources, run applications, or interact with a server. The edge nodes are devices located at the edge of the network, such as routers, switches, internet of things (IoT) devices and the like, which are responsible for processing local data, performing preliminary data processing and filtering, relieving the pressure of a central server and improving response speed. Storage nodes are devices dedicated to storing data, such as Network Attached Storage (NAS), storage servers in a Storage Area Network (SAN), or storage nodes in a distributed file system. Computing nodes focus on devices for computing tasks, often found in high-performance computing (HPC) clusters, virtual machines in cloud computing environments, for performing parallel computing tasks, scientific computing, big data analysis, and so forth. The blockchain node is in the blockchain network, and the node equipment is responsible for verifying the transaction, maintaining the consistency of a blockchain account book and participating in a consensus mechanism so as to ensure the safety and stability of the network. The sensor nodes are small-sized sensor devices in an internet of things (IoT) system, which serve as nodes and are responsible for collecting environmental data, monitoring the state of the physical world and transmitting the data to a central node or cloud platform.
In some examples, power grid-tie (Computing Power Grid) is a concept that connects computing resources scattered throughout the world via a network to form a unified, schedulable pool of computing resources. This approach is similar to power grid-connection, i.e., connecting multiple power producer grids together to form a larger power network to improve resource utilization efficiency and system stability. In the computing power grid connection, computing resources such as personal computers, data centers and edge computing nodes can be used as power stations, and large-scale computing tasks can be completed together by contributing to own computing capacity through the Internet.
For the embodiment, the computing power grid-connected process data can comprise equipment state data, network state data, data state data and user behavior data of the node equipment, and specifically, the equipment state data can comprise running states, performance parameters, load conditions and the like of hardware facilities such as a server, network equipment and storage equipment. Therefore, whether the equipment operates normally or not can be judged, and whether the risks of overload, faults and the like exist or not. The network status data mainly comprises key indexes such as network traffic, bandwidth utilization, network delay, packet loss rate and the like. The network is a framework for computing grid connection, and any network abnormality can influence the stability and performance of the whole system, so that the stability and performance condition of the equipment can be judged. The data state data includes the integrity, confidentiality and availability of data. The system monitors the transmission, storage and access processes of the data, and accordingly, whether the risk of data leakage, tampering or illegal access exists can be detected. User behavior data includes user operational behaviors, abnormal behavior patterns including, for example, frequent login failures, illegal access attempts, etc., which may be potential security threats, from which potential risks may be assessed.
It should be noted that, in the power calculation and grid connection process, the power calculation and grid connection time can be divided into a plurality of time periods, and correspondingly, the preset time period can be the time period required to be monitored in the current power calculation and grid connection process.
In some examples, the node data to be analyzed is node process data selected from the computational grid-connected process data for subsequent analysis.
And 102, processing the node data to be analyzed through a preset risk prediction model, and generating an initial risk value corresponding to the node equipment.
In the embodiment of the application, a convolutional neural network (Convolutional Neural Networks, CNN) can be selected as a predictive large model by a preset risk prediction model, and the convolutional neural network is a feedforward neural network which comprises convolutional calculation and has a depth structure, and is one of representative algorithms of deep learning. Specifically, the convolutional neural network has a characteristic learning capability, and can perform translation invariant classification on input information according to a hierarchical structure, and is also called a 'translation invariant artificial neural network'. Convolutional neural networks are constructed by simulating biological vision mechanisms, perform supervised learning and unsupervised learning, are applied to computer vision at the earliest time, and are widely applied to the fields of natural language processing and the like. The convolutional neural network is mainly divided into an input layer, an implicit layer and an output layer. The output accuracy of the convolutional neural network can be remarkably improved by adjusting the network structure, increasing the training data amount, using more effective optimization algorithms and the like. In addition, preprocessing of input data, generalization ability of a model, and the like may also affect output accuracy.
In some examples, the initial risk value may be a risk value obtained after the data to be analyzed passes through a preset risk prediction model, and it should be noted that, in the embodiments of the present application, the risk values are all percentage values, that is, the risk values are all less than 1.
And step 103, adjusting the initial risk value according to the calculation power grid-connected process data to obtain a target risk value meeting the preset risk condition.
For the embodiment, the initial risk value obtained through the preset risk prediction model needs to be further adjusted to obtain a more accurate target risk value, and the current computing power grid-connected risk of the node equipment is judged through the target risk value.
And 104, performing risk monitoring on the node equipment based on the target risk value, and determining a corresponding risk level of the node equipment in the calculation grid-connection process.
Compared with the prior art, the method and the device have the advantages that the node data to be analyzed in the preset time period of the node equipment are subjected to the preset risk prediction model to obtain the initial risk value corresponding to the node equipment, the initial risk value is adjusted based on the calculation power grid-connection process data corresponding to the node equipment to obtain the target risk value meeting the preset risk condition, the risk monitoring is carried out on the node equipment based on the target risk value, various risks in the calculation power grid-connection process can be more accurately identified and evaluated, the risk monitoring can be accurately carried out on each node equipment participating in the calculation power grid-connection process, the risk loss in the calculation power grid-connection process can be effectively reduced, the manual participation can be reduced, the labor cost of risk management is reduced, the efficiency and the quality of the risk management are improved, and powerful guarantee is provided for the safety and stability of the calculation power grid-connection.
To further illustrate the implementation of the method of this embodiment, this embodiment provides a specific method as shown in fig. 2, which includes:
Step 201, acquiring computing power grid-connected process data corresponding to node equipment, and classifying the computing power grid-connected process data according to a preset category to obtain a plurality of computing power grid-connected process sub-data.
In the embodiment of the application, the plurality of computing power grid-connected process sub-data obtained by classification according to the preset category can comprise equipment state data, network state data, data state data and user behavior data.
For risk monitoring of the node device a in the power grid-connection process, the power grid-connection process data a corresponding to the node device a needs to be acquired first, and then the power grid-connection process data a is classified according to a preset category to obtain device state data a, network state data a, data state data a and user behavior data a.
Step 202, generating fitting curves respectively corresponding to a plurality of computing power grid-connected process sub-data, and determining node data to be analyzed based on the fitting curves.
The fitting curve is time-varying along with the calculation force grid-connection process.
Optionally, step 202 may specifically include selecting a target fitting curve within a preset time period from the fitting curves, merging the target fitting curves to obtain target image data corresponding to the node device, marking a device sequence identifier corresponding to the node device on the target image data, and determining the marked target image data as node data to be analyzed.
In embodiments of the present application, the associated sequence identification identifier (Association Sequence Identifier) may be a unique identifier used to identify and track a series of related events, actions, or data in data mining, sequence pattern recognition, or specific business processes.
For example, based on step 201, a fitting curve 1 corresponding to the device state data a, a fitting curve 2 corresponding to the network state data a, a fitting curve 3 corresponding to the data state data a, and a fitting curve 4 corresponding to the user behavior data a are generated, the fitting curve 1, the fitting curve 2, the fitting curve 3, and the fitting curve 4 are intercepted and combined into the same blank picture according to a preset time length, and an associated sequence identification mark a is configured in the blank picture, so as to obtain the data a to be analyzed corresponding to the node device a.
And 203, processing the node data to be analyzed through a preset risk prediction model, and generating an initial risk value corresponding to the node equipment.
Illustratively, based on step 202, the data a to be analyzed is obtained by a preset risk prediction model to obtain an initial risk value a corresponding to the node device a.
And 204, adjusting the initial risk value according to the calculation power grid-connected process data to obtain a target risk value meeting the preset risk condition.
Optionally, the plurality of computing power grid-connected process sub-data includes device state data, network state data, data state data and user behavior data, and correspondingly, step 204 may specifically include adjusting the initial risk value according to the device state data, the network state data, the data state data and the user behavior data to obtain a target risk value satisfying a preset risk condition.
Further, step 204 specifically further includes generating a device state risk value, a network state risk value, a data security risk value, and a user behavior risk value corresponding to the node device based on the device state data, the network state data, the data state data, and the user behavior risk data, and adjusting the initial risk value according to the device state risk value, the network state risk value, the data security risk value, and the user behavior risk value to obtain a target risk value satisfying a preset risk condition.
In the embodiment of the present application, the device state risk value corresponding to the node device may be determined by the formula one, where the formula one is specifically shown as follows:
In the formula one, ld j t is the real-time power load occupation amount of the jth node device, lc j t is the power rated load of the jth node device, lc j is the real-time refrigeration device load of the jth node device, lct is the refrigeration device rated load of the ith node device, and pT is the failure number.
It should be noted that, the number of faults is taken as an exponential amplification factor, and when the fault frequency is increased, the value of F M(Sj*Wj) can be greatly increased at the first time, so that the calculated value of the final risk value F j (T) is greatly increased, thereby being beneficial to quickly performing fault maintenance reaction and quickly eliminating the risk.
Correspondingly, the network state risk value corresponding to the node device can be determined through a formula II, and the formula II is specifically shown as follows:
in the formula II, kt is the real-time bandwidth utilization rate within a preset time length T, ws is the real-time network flow, uk is the network delay fluctuation dispersion, fv is the average packet loss rate, and K is the lowest bandwidth utilization rate threshold.
It should be noted that, when the real-time bandwidth utilization is high, but the implemented network traffic is low, the power saving device has a high possibility of being problematic.
Further, the data security risk value and the user behavior risk value corresponding to the node device may be determined by the formula three and the formula four, where the formula three and the formula four are specifically shown as follows:
in the formulas three and four, s is a preset coefficient, (which can be set according to experience), dw is a data integrity rate, dm is a data encryption level, cl is the number of login failures, cn is the number of illegal attempts, cp is the frequency of illegal attempts, and ct is the average interval time of illegal attempts.
It should be noted that, in the embodiment of the present application, cn cp is an exponential amplification term, which can perform a rapid reaction when facing a sudden attack tide, and the corresponding encryption level 1 is the highest, if the data integrity rate is small, the probability of abnormality is considered to be larger, so that the higher the encryption level is, the larger the risk calculation fluctuation of D j is, the stronger the reaction is, the risk calculation flexibility and agility are improved, and the number of risk alarms can be reduced when the encryption level is lower, thereby reducing unnecessary risk early warning actions and reducing the cost.
Further, the adjustment of the initial risk value according to the device state risk value, the network state risk value, the data security risk value and the user behavior risk value may be performed by a fifth formula, where the fifth formula is specifically shown as follows:
F j(T)=Zj(T)*ln(e+fM(Sj*Wj)+Dj*Cj) (equation five)
In the fifth formula, F j (T) is a final risk value of the jth node device within a preset time period T, that is, a target risk value, Z j (T) is a risk probability value of the jth node device within the preset time period T, and F M (x) is a target logic function.
It should be noted that, F j (T) is obtained by multiplying the risk probability value by the coefficient, and calculating the coefficient to integrate the device state risk and the network state risk, the data security risk and the user behavior risk.
In the embodiment of the present application, step 204 specifically further includes determining a target logic function corresponding to the node device according to the device state risk value and the network state risk value, and adjusting the initial risk value according to the device state risk value, the network state risk value, the data security risk value, the user behavior risk value and the target logic function to obtain a target risk value satisfying a preset risk condition.
Correspondingly, the step 204 specifically further comprises determining the first preset logic function as a target logic function when the product of the equipment state risk value and the network state risk value is judged to be greater than a preset risk threshold value, and determining the second preset logic function as the target logic function when the product of the equipment state risk value and the network state risk value is judged to be less than or equal to the preset risk threshold value.
Wherein the first preset logic function is different from the second preset logic function.
In the embodiment of the present application, when the value of S j*Wj is greater than or equal to the preset risk threshold, which indicates that the equipment state risk and the network state risk are greater, the first preset logic function is determined to be the target logic function, and specifically, the first preset logic function is shown in the following formula six:
when the product of the equipment state risk value and the network state risk value exceeds the rated value, the risk is larger, and F M (x) is amplified to ensure the rising amplitude of F j (T) Multiple times of
Correspondingly, when the value of S j*Wj is smaller than the preset risk threshold, it is indicated that the equipment state risk and the network state risk are both in a controllable range, and the second preset logic function is determined as the target logic function, where the preset risk threshold is obtained empirically.
Specifically, the second preset logic function is shown in the following formula seven:
fM (x) =0 (equation seven)
Step 205, risk monitoring is performed on the node equipment based on the target risk value, and corresponding risk levels of the node equipment in the calculation grid-connection process are determined.
Optionally, after step 205, the method of the embodiment further includes determining influence range information corresponding to the risk level and generating alarm information corresponding to the node device if the risk level is determined to be greater than the preset risk level threshold.
The alarm information comprises risk level and influence range information.
In the embodiment of the application, with the rapid development of technologies such as cloud computing, big data and the like, computing power grid connection has become an important means for improving the utilization rate of computing resources and reducing the operation cost. The computational power grid connection is a key technology based on computational power measurement, general computation scheduling, trusted transaction and the like, aims to fully exert the advantages of the computational power grid, and is widely used for converging multiple computational power, so as to promote an innovative technical system and a service mode of computational power popularization and efficient service. The method utilizes a block chain and other decentralization technology to perform unified registration and management on idle computing power resources, multiparty computing power resources and computing power services, and realizes distributed computing power unified operation.
Correspondingly, the goal of the calculation power grid connection is to promote the realization of the integration supply of social calculation power, construct a novel calculation network service capability system, support integrated service, gradually promote the calculation power to become social-level service which is the same as hydropower and can be accessed at one point and used immediately. At present, when the calculation power grid connection is used for risk management and control, the risk is reduced from the encryption technology, the safety communication and the operation level, and when the calculation power grid connection is implemented, the advanced encryption technology can be used for ensuring the safety of data in the transmission process, and the safety communication protocol such as TLS/SSL is introduced for improving the safety of network transmission, meanwhile, the strict identity authentication mechanism is required to be implemented by adopting identity authentication and access control, so that only authorized users can access and use calculation power resources, access rights of different levels are set, and the access control is carried out according to the requirements of the users and the safety level.
Optionally, in the aspect of resource scheduling and load balancing in operation, an intelligent resource scheduling algorithm is introduced, so that efficient utilization and load balancing of computing resources are ensured. And the dynamic adjustment is carried out according to the task demands and the resource states, so that the resource waste and overload are avoided. A perfect log management mechanism is established, all key operations and security events are recorded, a basis is provided for risk tracing, a detailed emergency response plan is formulated, possible security events are responded and treated quickly, and a backup and recovery mechanism is established, so that normal operation of a computing network can be recovered quickly when faults or attacks occur. However, various risk problems existing in the computing grid-connected process are gradually highlighted, such as equipment failure, network congestion, data leakage and the like, and the traditional risk management and control method often depends on manual experience and rule judgment, so that complex and changeable network environments are difficult to deal with.
Compared with the prior art, the method and the device have the advantages that the node data to be analyzed in the preset time period of the node equipment are subjected to the preset risk prediction model to obtain the initial risk value corresponding to the node equipment, the initial risk value is adjusted based on the calculation power grid-connection process data corresponding to the node equipment to obtain the target risk value meeting the preset risk condition, the risk monitoring is carried out on the node equipment based on the target risk value, various risks in the calculation power grid-connection process can be more accurately identified and evaluated, the risk monitoring can be accurately carried out on each node equipment participating in the calculation power grid-connection process, the risk loss in the calculation power grid-connection process can be effectively reduced, the manual participation can be reduced, the labor cost of risk management is reduced, the efficiency and the quality of the risk management are improved, and powerful guarantee is provided for the safety and stability of the calculation power grid-connection.
Further, as a specific implementation of the method shown in fig. 1 and fig. 2, the present embodiment provides a risk monitoring apparatus, as shown in fig. 3, including an obtaining module 31, a generating module 32, an adjusting module 33, and a monitoring module 34.
The acquiring module 31 is configured to acquire computing power grid-connected process data corresponding to the node equipment and select node data to be analyzed in a preset time period from the computing power grid-connected process data;
the generating module 32 is configured to process the node data to be analyzed through a preset risk prediction model, and generate an initial risk value corresponding to the node equipment;
the adjusting module 33 is configured to adjust the initial risk value according to the computing power grid-connected process data, so as to obtain a target risk value meeting a preset risk condition;
The monitoring module 34 is configured to perform risk monitoring on the node device based on the target risk value, and determine a corresponding risk level of the node device in a computing power grid connection process.
In some examples of this embodiment, the obtaining module 31 is specifically configured to obtain the computing power grid-connected process data corresponding to the node device and classify the computing power grid-connected process data according to a preset category to obtain a plurality of computing power grid-connected process sub-data, generate fitting curves corresponding to the computing power grid-connected process sub-data respectively, and determine the node data to be analyzed based on the fitting curves, where the fitting curves are time-varying along with the computing power grid-connected process.
In some examples of this embodiment, the obtaining module 31 is specifically further configured to select a target fitting curve within the preset time period from the fitting curves, perform merging processing on the target fitting curve to obtain target image data corresponding to the node device, mark a device sequence identifier corresponding to the node device on the target image data, and determine the marked target image data as the node data to be analyzed.
In some examples of this embodiment, the plurality of computing power grid-connected process sub-data includes device state data, network state data, data state data, and user behavior data, and the corresponding adjustment module 33 is specifically configured to adjust the initial risk value according to the device state data, the network state data, the data state data, and the user behavior data to obtain a target risk value that meets a preset risk condition.
In some examples of this embodiment, the adjusting module 33 is specifically further configured to generate, based on the device state data, the network state data, the data state data, and the user behavior data, a device state risk value, a network state risk value, a data security risk value, and a user behavior risk value corresponding to the node device, and adjust the initial risk value according to the device state risk value, the network state risk value, the data security risk value, and the user behavior risk value, so as to obtain a target risk value that meets a preset risk condition.
In some examples of this embodiment, the adjusting module 33 is specifically further configured to determine a target logic function corresponding to the node device according to the device state risk value and the network state risk value, and adjust the initial risk value according to the device state risk value, the network state risk value, the data security risk value, the user behavior risk value and the target logic function to obtain a target risk value that meets a preset risk condition.
In some examples of this embodiment, the adjustment module 33 is specifically further configured to determine a first preset logic function as the target logic function if the product of the device state risk value and the network state risk value is determined to be greater than a preset risk threshold, and determine a second preset logic function as the target logic function if the product of the device state risk value and the network state risk value is determined to be less than or equal to a preset risk threshold, where the first preset logic function is different from the second preset logic function.
In some examples of this embodiment, the monitoring module 34 is further configured to determine, if the risk level is determined to be greater than a preset risk level threshold, information of an influence range corresponding to the risk level, and generate alarm information corresponding to the node device, where the alarm information includes the risk level and the information of the influence range.
It should be noted that, for other corresponding descriptions of each functional unit related to the risk monitoring device provided in this embodiment, reference may be made to corresponding descriptions in fig. 1 and fig. 2, and no further description is given here.
Based on the above-described methods shown in fig. 1 to 2, correspondingly, the present embodiment further provides a computer-readable storage medium, on which a computer program is stored, which when executed by a processor, implements the above-described methods shown in fig. 1 to 2.
Based on such understanding, the technical solution of the present application may be embodied in the form of a software product, which may be stored in a non-volatile storage medium (may be a CD-ROM, a U-disk, a mobile hard disk, etc.), and includes several instructions for causing a computer device (may be a personal computer, a server, or a network device, etc.) to execute the method of each implementation scenario of the present application.
Based on the method shown in fig. 1 to 2 and the virtual device embodiment shown in fig. 3, in order to achieve the above object, an embodiment of the present application further provides an electronic device, such as a personal computer, a server, a notebook computer, a smart phone, a smart robot, and other smart terminals, where the device includes a storage medium and a processor, where the storage medium is used to store a computer program, and where the processor is used to execute the computer program to implement the method shown in fig. 1 to 2.
Optionally, the entity device may further include a user interface, a network interface, a camera, a Radio Frequency (RF) circuit, a sensor, an audio circuit, a WI-FI module, and so on. The user interface may include a Display screen (Display), an input unit such as a Keyboard (Keyboard), etc., and the optional user interface may also include a USB interface, a card reader interface, etc. The network interface may optionally include a standard wired interface, a wireless interface (e.g., WI-FI interface), etc.
It will be appreciated by those skilled in the art that the above-described physical device structure provided in this embodiment is not limited to this physical device, and may include more or fewer components, or may combine certain components, or may be a different arrangement of components.
The storage medium may also include an operating system, a network communication module. The operating system is a program that manages the physical device hardware and software resources described above, supporting the execution of information handling programs and other software and/or programs. The network communication module is used for realizing communication among all components in the storage medium and communication with other hardware and software in the information processing entity equipment.
Based on the above-mentioned methods shown in fig. 1 to 2, the embodiments of the present application further provide a computer program product, where the computer program product includes a computer program, and when the computer program is executed by a processor, the method shown in fig. 1 to 2 is implemented, and when the computer program is executed by the processor, the method implemented by the computer program is referred to in various embodiments of the present application and will not be repeated herein.
From the above description of the embodiments, it will be apparent to those skilled in the art that the present application may be implemented by means of software plus necessary general hardware platforms, or may be implemented by hardware. Compared with the prior art, the method and the device have the advantages that the node data to be analyzed in the preset time period of the node equipment are subjected to the preset risk prediction model to obtain the initial risk value corresponding to the node equipment, the initial risk value is adjusted based on the calculation power grid-connection process data corresponding to the node equipment to obtain the target risk value meeting the preset risk condition, the risk monitoring is carried out on the node equipment based on the target risk value, various risks in the calculation power grid-connection process can be more accurately identified and evaluated, the risk monitoring can be accurately carried out on each node equipment participating in the calculation power grid-connection process, the risk loss in the calculation power grid-connection process can be effectively reduced, the manual participation can be reduced, the labor cost of risk management is reduced, the efficiency and the quality of the risk management are improved, and powerful guarantee is provided for the safety and stability of the calculation power grid-connection.
It should be noted that in this document, relational terms such as "first" and "second" and the like are used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Moreover, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising one does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises an element.
The foregoing is only a specific embodiment of the application to enable those skilled in the art to understand or practice the application. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the generic principles defined herein may be applied to other embodiments without departing from the spirit or scope of the application. Thus, the present application is not intended to be limited to the embodiments shown herein but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.

Claims (10)

1.一种风险监测方法,其特征在于,包括:1. A risk monitoring method, characterized in that it includes: 获取节点设备对应的算力并网过程数据并从所述算力并网过程数据中选取预设时间段内的待分析节点数据;Acquire the computing power grid connection process data corresponding to the node devices and select the node data to be analyzed within a preset time period from the computing power grid connection process data; 通过预设风险预测模型对所述待分析节点数据进行处理,生成所述节点设备对应的初始风险值;The data of the node to be analyzed is processed by a preset risk prediction model to generate the initial risk value corresponding to the node device; 依据所述算力并网过程数据对所述初始风险值进行调整,得到满足预设风险条件的目标风险值;The initial risk value is adjusted based on the computing power grid connection process data to obtain a target risk value that meets the preset risk conditions; 基于所述目标风险值对所述节点设备进行风险监测,确定所述节点设备在算力并网过程中对应的风险等级。Based on the target risk value, risk monitoring is performed on the node device to determine the risk level of the node device during the computing power grid connection process. 2.根据权利要求1所述的方法,其特征在于,所述获取节点设备对应的算力并网过程数据并从所述算力并网过程数据中选取预设时间段内的待分析节点数据,包括:2. The method according to claim 1, characterized in that, acquiring the computing power grid connection process data corresponding to the node device and selecting the node data to be analyzed within a preset time period from the computing power grid connection process data includes: 获取节点设备对应的算力并网过程数据并对所述算力并网过程数据按照预设类别进行分类处理,得到多个算力并网过程子数据;The computing power grid connection process data corresponding to the node device is obtained and classified according to a preset category to obtain multiple computing power grid connection process sub-data. 生成所述多个算力并网过程子数据分别对应的拟合曲线,并基于所述拟合曲线确定所述待分析节点数据,所述拟合曲线是跟随算力并网过程进行的时间变化的。The fitting curves corresponding to the sub-data of the multiple computing power grid connection process are generated respectively, and the data of the node to be analyzed is determined based on the fitting curves. The fitting curves follow the time changes of the computing power grid connection process. 3.根据权利要求2所述的方法,其特征在于,基于所述拟合曲线确定所述待分析节点数据,包括:3. The method according to claim 2, characterized in that determining the node data to be analyzed based on the fitted curve includes: 从所述拟合曲线中选取所述预设时间段内的目标拟合曲线,对所述目标拟合曲线进行合并处理,得到所述节点设备对应的目标图像数据;Select the target fitting curve within the preset time period from the fitting curves, merge the target fitting curves, and obtain the target image data corresponding to the node device; 对所述目标图像数据标记所述节点设备对应的设备序列标识,将标记后的目标图像数据确定为所述待分析节点数据。The target image data is labeled with the device sequence identifier corresponding to the node device, and the labeled target image data is determined as the node data to be analyzed. 4.根据权利要求2所述的方法,其特征在于,所述多个算力并网过程子数据包括:设备状态数据、网络状态数据、数据状态数据和用户行为数据;4. The method according to claim 2, wherein the plurality of computing power grid connection process sub-data includes: device status data, network status data, data status data, and user behavior data; 所述依据所述算力并网过程数据对所述初始风险值进行调整,得到满足预设风险条件的目标风险值,包括:The step of adjusting the initial risk value based on the computing power grid connection process data to obtain a target risk value that meets preset risk conditions includes: 依据所述设备状态数据、所述网络状态数据、所述数据状态数据和所述用户行为数据对所述初始风险值进行调整,得到满足预设风险条件的目标风险值。The initial risk value is adjusted based on the device status data, the network status data, the data status data, and the user behavior data to obtain a target risk value that meets the preset risk conditions. 5.根据权利要求4所述的方法,其特征在于,所述依据所述设备状态数据、所述网络状态数据、所述数据状态数据和所述用户行为数据对所述初始风险值进行调整,得到满足预设风险条件的目标风险值,包括:5. The method according to claim 4, characterized in that, adjusting the initial risk value based on the device status data, the network status data, the data status data, and the user behavior data to obtain a target risk value that meets preset risk conditions includes: 基于所述设备状态数据、所述网络状态数据、所述数据状态数据和所述用户行为数据,生成所述节点设备对应的设备状态风险值、网络状态风险值、数据安全风险值和用户行为风险值;Based on the device status data, the network status data, the data status data, and the user behavior data, generate device status risk value, network status risk value, data security risk value, and user behavior risk value corresponding to the node device; 依据所述设备状态风险值、所述网络状态风险值、所述数据安全风险值和所述用户行为风险值对所述初始风险值进行调整,得到满足预设风险条件的目标风险值。The initial risk value is adjusted based on the device status risk value, the network status risk value, the data security risk value, and the user behavior risk value to obtain a target risk value that meets the preset risk conditions. 6.根据权利要求5所述的方法,其特征在于,所述依据所述设备状态风险值、所述网络状态风险值、所述数据安全风险值和所述用户行为风险值对所述初始风险值进行调整,得到满足预设风险条件的目标风险值,包括:6. The method according to claim 5, characterized in that, adjusting the initial risk value based on the device status risk value, the network status risk value, the data security risk value, and the user behavior risk value to obtain a target risk value that meets preset risk conditions includes: 依据所述设备状态风险值和所述网络状态风险值,确定所述节点设备对应的目标逻辑函数;Based on the device status risk value and the network status risk value, determine the target logical function corresponding to the node device; 依据所述设备状态风险值、所述网络状态风险值、所述数据安全风险值、所述用户行为风险值和所述目标逻辑函数对所述初始风险值进行调整,得到满足预设风险条件的目标风险值。The initial risk value is adjusted based on the device status risk value, the network status risk value, the data security risk value, the user behavior risk value, and the target logic function to obtain a target risk value that meets the preset risk conditions. 7.根据权利要求6所述的方法,其特征在于,所述依据所述设备状态风险值和所述网络状态风险值,确定所述节点设备对应的目标逻辑函数,包括:7. The method according to claim 6, wherein determining the target logical function corresponding to the node device based on the device state risk value and the network state risk value includes: 在判断所述设备状态风险值和所述网络状态风险值的乘积大于预设风险阈值的情况下,将第一预设逻辑函数确定为所述目标逻辑函数;If the product of the device status risk value and the network status risk value is greater than a preset risk threshold, the first preset logic function is determined as the target logic function. 在判断所述设备状态风险值和所述网络状态风险值的乘积小于或等于预设风险阈值的情况下,将第二预设逻辑函数确定为所述目标逻辑函数,其中,所述第一预设逻辑函数与所述第二预设逻辑函数不相同。If the product of the device status risk value and the network status risk value is less than or equal to a preset risk threshold, the second preset logic function is determined as the target logic function, wherein the first preset logic function is different from the second preset logic function. 8.根据权利要求1至7中任一项所述的方法,其特征在于,在所述基于所述目标风险值对所述节点设备进行风险监测,确定所述节点设备在算力并网过程中对应的风险等级之后,所述方法还包括:8. The method according to any one of claims 1 to 7, characterized in that, after performing risk monitoring on the node device based on the target risk value and determining the risk level corresponding to the node device during the computing power grid connection process, the method further includes: 在判断所述风险等级大于预设风险等级阈值的情况下,确定所述风险等级对应的影响范围信息,生成所述节点设备对应的告警信息,其中,所述告警信息中包括所述风险等级和所述影响范围信息。If the risk level is determined to be greater than a preset risk level threshold, the impact range information corresponding to the risk level is determined, and alarm information corresponding to the node device is generated, wherein the alarm information includes the risk level and the impact range information. 9.一种风险监测装置,其特征在于,包括:9. A risk monitoring device, characterized in that it comprises: 获取模块,被配置为获取节点设备对应的算力并网过程数据并从所述算力并网过程数据中选取预设时间段内的待分析节点数据;The acquisition module is configured to acquire computing power grid connection process data corresponding to the node device and select node data to be analyzed within a preset time period from the computing power grid connection process data; 生成模块,被配置为通过预设风险预测模型对所述待分析节点数据进行处理,生成所述节点设备对应的初始风险值;The generation module is configured to process the data of the node to be analyzed through a preset risk prediction model to generate the initial risk value corresponding to the node device; 调整模块,被配置为依据所述算力并网过程数据对所述初始风险值进行调整,得到满足预设风险条件的目标风险值;The adjustment module is configured to adjust the initial risk value based on the computing power grid connection process data to obtain a target risk value that meets preset risk conditions; 监测模块,被配置为基于所述目标风险值对所述节点设备进行风险监测,确定所述节点设备在算力并网过程中对应的风险等级。The monitoring module is configured to perform risk monitoring on the node device based on the target risk value, and determine the risk level of the node device during the computing power grid connection process. 10.一种计算机程序产品,所述计算机程序产品包括计算机程序,其特征在于,所述计算机程序被处理器执行时实现如权利要求1至8中任意一项所述的方法。10. A computer program product comprising a computer program, characterized in that, when executed by a processor, the computer program implements the method as described in any one of claims 1 to 8.
CN202411993799.9A 2024-12-31 2024-12-31 Risk monitoring method and device Active CN119854164B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202411993799.9A CN119854164B (en) 2024-12-31 2024-12-31 Risk monitoring method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202411993799.9A CN119854164B (en) 2024-12-31 2024-12-31 Risk monitoring method and device

Publications (2)

Publication Number Publication Date
CN119854164A CN119854164A (en) 2025-04-18
CN119854164B true CN119854164B (en) 2025-11-18

Family

ID=95370011

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202411993799.9A Active CN119854164B (en) 2024-12-31 2024-12-31 Risk monitoring method and device

Country Status (1)

Country Link
CN (1) CN119854164B (en)

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116090818A (en) * 2022-12-23 2023-05-09 天翼云科技有限公司 Method, device, electronic equipment and medium for determining computing power resource scheduling risk
CN117113304A (en) * 2023-07-11 2023-11-24 中国银行股份有限公司 Resource interaction method, device, computer equipment and storage medium

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8621636B2 (en) * 2009-12-17 2013-12-31 American Express Travel Related Services Company, Inc. Systems, methods, and computer program products for collecting and reporting sensor data in a communication network
CN115617606A (en) * 2022-09-30 2023-01-17 烟台杰瑞石油装备技术有限公司 Equipment monitoring method and system, electronic equipment and storage medium

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116090818A (en) * 2022-12-23 2023-05-09 天翼云科技有限公司 Method, device, electronic equipment and medium for determining computing power resource scheduling risk
CN117113304A (en) * 2023-07-11 2023-11-24 中国银行股份有限公司 Resource interaction method, device, computer equipment and storage medium

Also Published As

Publication number Publication date
CN119854164A (en) 2025-04-18

Similar Documents

Publication Publication Date Title
Qu et al. A survey on the development of self-organizing maps for unsupervised intrusion detection
Wang et al. Edge-based communication optimization for distributed federated learning
Wang et al. An exhaustive research on the application of intrusion detection technology in computer network security in sensor networks
Ortet Lopes et al. Towards effective detection of recent DDoS attacks: A deep learning approach
Qi et al. Using the internet of things E‐government platform to optimize the administrative management mode
CN118590289B (en) A network anomaly detection method based on federated learning and deep learning
Khan et al. A pilot study and survey on methods for anomaly detection in online social networks
US10726123B1 (en) Real-time detection and prevention of malicious activity
Kanagala Effective cyber security system to secure optical data based on deep learning approach for healthcare application
Guo et al. Learning to upgrade internet information security and protection strategy in big data era
Upendran et al. Optimization based classification technique for intrusion detection system
CN119996345A (en) Dynamic network traffic optimization system and method based on artificial intelligence
CN109871711B (en) Risk control model and method for ocean big data sharing and distribution
Su et al. Detection DDoS of attacks based on federated learning with digital twin network
Gujar AI-enhanced intrusion detection systems for strengthening critical infrastructure security
Gao et al. A light-weight trust mechanism for cloud-edge collaboration framework
Jin Analysis on NSAW Reminder Based on Big Data Technology
CN116760747A (en) Intelligent detection method and device for network information security
Borah et al. An enhanced intrusion detection system based on clustering
Wadate et al. Edge-based intrusion detection using machine learning over the iot network
CN119854164B (en) Risk monitoring method and device
CN112632532B (en) User abnormal behavior detection method based on deep forest in edge calculation
Li et al. A new intrusion detection system based on rough set theory and fuzzy support vector machine
Dai et al. K‐Modes Clustering Algorithm Based on Weighted Overlap Distance and Its Application in Intrusion Detection
Li et al. Web application-layer DDoS attack detection based on generalized Jaccard similarity and information entropy

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant