Website security protection capability scheduling method and system based on workflow

Abstract

The invention discloses a website security protection capability scheduling method and system based on workflow, and belongs to the field of data processing methods specially suitable for supervision. The scheduling method comprises the steps of S1, sorting out all security resource pool capabilities, S2, carrying out hierarchical classification on the security resource pool capabilities, S3, carrying out pre-tagging on the security resource pool capabilities, S4, carrying out decision tree chain pre-initialization on website security protection, S5, matching a machine learning algorithm, dynamically adjusting left and right opportunity weight values of each node, gradually forming risk effective parameters of each node of each client; and S6, based on the stage data of website security protection, organizing network security protection data in a predetermined time period, and providing a target customer prediction result. According to the method, the working efficiency of security resource scheduling is improved, the problem that data of the security resource pool are not shared is solved, the security resource searching time is shortened, and the hit efficiency of the security resources is improved.

Description

technical field [0001] The invention relates to the field of data processing methods specially suitable for supervision, in particular to a scheduling method and system for website security protection capabilities based on workflow. Background technique [0002] With the development of the Internet, network communication technology and network interception technology are also developing rapidly, and new attack technologies emerge in an endless stream. While bringing convenience to consumers, the risks are becoming more and more obvious. In addition to the unilateral risks of traditional cyber attacks, high interaction risks, large-scale personal information leakage risks, government and financial data leakage, and risks of tampering have increasingly strong impacts on mass consumers. [0003] The use scheduling and data sharing between multiple security resource capabilities in the prior art still remain at the level of "going it alone". For the responsibility of "website se...

AI Technical Summary

Problems solved by technology

[0003] The use scheduling and data sharing between multiple security resource capabilities in the prior art still remain at the level of "going it alone". For the responsibility of "website security" protection for target customers, host vulnerability scanning can only detect Deployed hosts perform vulnerability detection. Web vulnerability scanning can only detect exposed surface risk vulnerabilities. Website security can only monitor Trojans and tamper detection. The above methods still remain at the superposition of security resource capabilities one by one, artificial security resource capabilities In terms of scheduling, it is difficult to meet the needs of current security development, resulting in at least the following problems in the existing technology:

[0004] 1. When serving target customers, security resource capabilities are transitionally dependent on manual scheduling, lacking systematic automatic scheduling tools and algorithms. 2. A series of security resource capability collections can only be retrieved one by one and then matched with security resources based on the search results capabilities, resulting in low matching efficiency, and the threat cannot be retrieved quickly and efficiently when being attacked. Third, security resource capabilities are not classified and graded, and forced to use one-by-one retrieval and matching security resource capabilities, and scheduling is out of order. Fourth, data with multiple security resource capabilities The results are independent, and data sharing cannot be formed. Fifth, it is impossible to form an effective historical risk surface for each customer, and it is more difficult to estimate potential risks.

Images