CN112367224A - Terminal monitoring device, system and method - Google Patents

Terminal monitoring device, system and method Download PDF

Info

Publication number
CN112367224A
CN112367224A CN202011255639.6A CN202011255639A CN112367224A CN 112367224 A CN112367224 A CN 112367224A CN 202011255639 A CN202011255639 A CN 202011255639A CN 112367224 A CN112367224 A CN 112367224A
Authority
CN
China
Prior art keywords
monitoring
terminal
safety
module
parameter
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202011255639.6A
Other languages
Chinese (zh)
Inventor
王向群
王齐
姚启桂
董之微
原义栋
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
State Grid Corp of China SGCC
Global Energy Interconnection Research Institute
Electric Power Research Institute of State Grid Liaoning Electric Power Co Ltd
Beijing Smartchip Microelectronics Technology Co Ltd
Original Assignee
State Grid Corp of China SGCC
Global Energy Interconnection Research Institute
Electric Power Research Institute of State Grid Liaoning Electric Power Co Ltd
Beijing Smartchip Microelectronics Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by State Grid Corp of China SGCC, Global Energy Interconnection Research Institute, Electric Power Research Institute of State Grid Liaoning Electric Power Co Ltd, Beijing Smartchip Microelectronics Technology Co Ltd filed Critical State Grid Corp of China SGCC
Priority to CN202011255639.6A priority Critical patent/CN112367224A/en
Publication of CN112367224A publication Critical patent/CN112367224A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/10Active monitoring, e.g. heartbeat, ping or trace-route
    • GPHYSICS
    • G16INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR SPECIFIC APPLICATION FIELDS
    • G16YINFORMATION AND COMMUNICATION TECHNOLOGY SPECIALLY ADAPTED FOR THE INTERNET OF THINGS [IoT]
    • G16Y30/00IoT infrastructure
    • G16Y30/10Security thereof
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/12Network monitoring probes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/12Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks

Abstract

The invention discloses a terminal monitoring device, a system and a method, wherein the device comprises: the management module comprises a parameter receiving unit, the parameter receiving unit is used for receiving an externally input parameter configuration instruction, generating a configuration file according to the parameter configuration instruction and sending the configuration file to the monitoring module; and the monitoring module is used for receiving the configuration file and setting monitoring parameters according to the configuration file to monitor the terminal safety state. By implementing the invention, a management module and a monitoring module are arranged, the management module receives a parameter configuration instruction to generate a configuration file, and the monitoring module receives the configuration file to generate a monitoring parameter for safety monitoring. Therefore, when the device operates in different environments, different instructions can be received to generate monitoring parameters, so that the device can adapt to different software and hardware environments, the terminal can be effectively protected, the normal operation of terminal services is guaranteed, and the adaptability of terminal safety monitoring is improved.

Description

Terminal monitoring device, system and method
Technical Field
The invention relates to the technical field of network security, in particular to a terminal monitoring device, system and method.
Background
The power internet of things is a second network which is developed by being fused with a power grid, is a new communication technology which comprehensively applies 'cloud thing moving intelligence' and the like, is mutually permeated and deeply fused with a new generation power system, is connected with people, machines and things in each link of energy power production and consumption on line in real time, is a new generation information communication system which comprehensively bears and has services of power grid production operation, enterprise operation management, external customer service and the like, and is infrastructure for supporting high-efficiency, economic and safe operation of the energy internet in China. According to the preliminary planning of the top-level design of the full-service ubiquitous power Internet of things, the typical architecture of the Internet of things of a company in the future is divided into a terminal layer, a network layer, a platform layer and an application layer, and the full-service of the company is covered.
The development of the power internet of things and the change of the safety situation provide new requirements for network safety, particularly the safety of an internet of things terminal layer. The scale of the nodes and data of the intelligent terminal of the internet of things far exceeds the defense capacity of the traditional safety architecture, and the safety problem of the intelligent terminal of the internet of things brings great challenges to the construction and popularization of the internet of things. At present, the development of the internet of things is still in the initial stage, the safety protection capability is very weak, and the intelligent terminal of the internet of things generally faces the risks of various loopholes, backdoors, attack, easy large-area infection, communication data stealing and tampering and the like. However, the existing research for terminal security monitoring is less, and the existing terminal monitoring content is single in solidification and cannot adapt to different environments.
Disclosure of Invention
In view of this, embodiments of the present invention provide a terminal monitoring device, system and method to solve the technical problem of single content solidification of the existing terminal security monitoring.
The technical scheme provided by the invention is as follows:
a first aspect of an embodiment of the present invention provides a terminal security monitoring device, where the device includes: the monitoring system comprises a monitoring module, a management module and a control module, wherein the management module comprises a parameter receiving unit, the parameter receiving unit is used for receiving an externally input parameter configuration instruction, generating a configuration file according to the parameter configuration instruction and sending the configuration file to the monitoring module; and the monitoring module is used for receiving the configuration file and setting monitoring parameters according to the configuration file to monitor the safety state of the terminal.
Optionally, the monitoring parameters include: monitoring the switching of the items, monitoring the threshold value of the content and any one or more of the acquisition periods.
Optionally, the monitored terminal security state includes any one or more of a login state, a hardware running state, a network connection state, a process running state, and a network traffic state.
Optionally, the monitoring module is further configured to send the security event to the management part for output when the security event is monitored.
Optionally, the management module further includes: and the adjusting unit is used for monitoring the running state of the monitoring module and changing the monitoring parameters in real time according to the running state.
Optionally, the management module further includes: and the link confirmation unit is used for sending heartbeat messages with the external equipment at preset intervals and maintaining the link with the external equipment.
Optionally, the management module further includes: and the upgrading unit is used for receiving an upgrading file input from the outside and updating the monitoring module according to the upgrading file.
A second aspect of an embodiment of the present invention provides a terminal security monitoring system, including: the terminal device includes the terminal safety monitoring device according to any one of the first aspect and the first aspect of the embodiments of the present invention, and the terminal device receives a parameter configuration instruction sent by the management platform, and configures monitoring parameters according to the parameter configuration instruction.
Optionally, the management platform is configured to receive a security event and a heartbeat packet sent by the terminal device, and send an upgrade file to the terminal device.
A third aspect of the embodiments of the present invention provides a terminal security monitoring method, where the method includes: receiving a parameter configuration instruction; generating monitoring parameters according to the parameter configuration instruction; and monitoring the terminal safety state according to the monitoring parameters.
The technical scheme of the invention has the following advantages:
the terminal safety monitoring device provided by the embodiment of the invention is provided with the management module and the monitoring module, wherein the management module can receive an externally input parameter configuration instruction to generate a configuration file, and the monitoring module can receive the configuration file to generate a monitoring parameter and carry out safety monitoring according to the monitoring parameter. Therefore, the terminal safety monitoring device provided by the embodiment of the invention can receive different instructions to generate monitoring parameters when the terminal safety monitoring device operates in different environments, so that the monitoring device can realize safety monitoring when the terminal safety monitoring device operates in different environments, can adapt to different software and hardware environments, can effectively perform safety protection on the terminal, simultaneously guarantees the normal operation of terminal services, and improves the adaptability of terminal safety monitoring.
According to the terminal safety monitoring device provided by the embodiment of the invention, the monitoring module can be responsible for specific monitoring of the terminal equipment, so that the monitoring function is realized; the management module is responsible for parameter configuration, heartbeat maintenance, remote upgrading and dynamic adjustment of monitoring parameters, and the management, maintenance and monitoring functions are achieved, so that the terminal can be monitored safely more effectively. Meanwhile, the monitoring device can be conveniently and flexibly configured according to different software and hardware environments when deployed on site by setting the parameter receiving unit. This monitoring devices can be long-range optimize the renewal to monitoring module through setting up the upgrading module, makes things convenient for the maintenance in later stage more. The management module monitors the occupation state of the terminal equipment and the hardware resources of the monitoring module periodically through the adjusting unit, and can dynamically adjust the parameters of the monitoring function so as to ensure the normal operation of the service system.
According to the terminal safety monitoring system provided by the embodiment of the invention, the terminal safety monitoring device is arranged in the terminal equipment, and the parameters in the terminal safety monitoring device are configured according to the parameter configuration instruction issued by the management platform, so that the safety monitoring of the terminal is realized. Therefore, the terminal safety monitoring system can find the terminal equipment in time when the terminal equipment has a safety event, and the normal operation of the terminal equipment is guaranteed.
The terminal safety monitoring method provided by the embodiment of the invention can receive the externally input parameter configuration instruction to generate the monitoring parameter, and realize the monitoring of the terminal safety state according to the monitoring parameter. Therefore, the terminal safety monitoring method provided by the embodiment of the invention can receive different instructions to generate monitoring parameters, so that safety monitoring can be realized in different environments, different software and hardware environments can be adapted, safety protection can be more effectively performed on the terminal, normal operation of terminal services is guaranteed, and the adaptability of terminal safety monitoring is improved.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, and it is obvious that the drawings in the following description are some embodiments of the present invention, and other drawings can be obtained by those skilled in the art without creative efforts.
Fig. 1 is a block diagram of a terminal security monitoring apparatus according to an embodiment of the present invention;
fig. 2 is a block diagram of a terminal security monitoring device according to another embodiment of the present invention;
fig. 3 is a block diagram of a terminal security monitoring system according to an embodiment of the present invention;
fig. 4 is a flowchart of a terminal security monitoring method in an embodiment of the present invention.
Detailed Description
The technical solutions of the present invention will be described clearly and completely with reference to the accompanying drawings, and it should be understood that the described embodiments are some, but not all embodiments of the present invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
In the description of the present invention, it should be noted that the terms "center", "upper", "lower", "left", "right", "vertical", "horizontal", "inner", "outer", etc., indicate orientations or positional relationships based on the orientations or positional relationships shown in the drawings, and are only for convenience of description and simplicity of description, but do not indicate or imply that the device or element being referred to must have a particular orientation, be constructed and operated in a particular orientation, and thus, should not be construed as limiting the present invention. Furthermore, the terms "first," "second," and "third" are used for descriptive purposes only and are not to be construed as indicating or implying relative importance.
In the description of the present invention, it should be noted that, unless otherwise explicitly specified or limited, the terms "mounted," "connected," and "connected" are to be construed broadly, e.g., as meaning either a fixed connection, a removable connection, or an integral connection; can be mechanically or electrically connected; the two elements may be directly connected or indirectly connected through an intermediate medium, or may be communicated with each other inside the two elements, or may be wirelessly connected or wired connected. The specific meanings of the above terms in the present invention can be understood in specific cases to those skilled in the art.
In addition, the technical features involved in the different embodiments of the present invention described below may be combined with each other as long as they do not conflict with each other.
An embodiment of the present invention provides a terminal safety monitoring device, as shown in fig. 1, the terminal safety monitoring device includes: the management module 10 is in communication connection with the monitoring module 20, the management module 10 comprises a parameter receiving unit 11, and the parameter receiving unit 11 is used for receiving an externally input parameter configuration instruction, generating a configuration file according to the parameter configuration instruction and sending the configuration file to the monitoring module 20; and the monitoring module 20 is configured to receive the configuration file, and set monitoring parameters according to the configuration file to monitor the terminal security state. Alternatively, the connection between the management module 10 and the monitoring module 20 may be implemented by using a Transmission Control Protocol (TCP), or may also be implemented by using other communication Transmission protocols. After receiving the parameter configuration instruction, the parameter receiving unit 11 may analyze the parameter to obtain the parameter therein, and write the parameter into the configuration file for the monitoring module 20 to read.
The terminal safety monitoring device provided by the embodiment of the invention is provided with the management module and the monitoring module, wherein the management module can receive an externally input parameter configuration instruction to generate a configuration file, and the monitoring module can receive the configuration file to generate a monitoring parameter and carry out safety monitoring according to the monitoring parameter. Therefore, the terminal safety monitoring device provided by the embodiment of the invention can receive different instructions to generate monitoring parameters when the terminal safety monitoring device operates in different environments, so that the monitoring device can realize safety monitoring when the terminal safety monitoring device operates in different environments, can adapt to different software and hardware environments, can effectively perform safety protection on the terminal, simultaneously guarantees the normal operation of terminal services, and improves the adaptability of terminal safety monitoring.
In an embodiment, the terminal safety monitoring device can be used for an electric power terminal device, that is, the terminal safety monitoring device can be deployed in an electric power terminal to monitor an electric power internet of things terminal, and meanwhile, the electric power terminal device can be a terminal adopting any processor architecture; when the terminal safety monitoring device is used in different power terminal equipment, different parameter configuration instructions need to be sent to the monitoring device. In addition, the terminal safety monitoring device can also be used in other terminal equipment to realize the monitoring of terminals in different fields.
In one embodiment, as shown in fig. 2, the content detected by the monitoring module 20 includes: any one or more of a login state, a hardware running state, a network connection state, a process running state, and a network traffic state. In a specific embodiment, the terminal security inspection apparatus may be used as a server, and the monitoring module 20 may monitor whether a user performs a login operation, whether an illegal user logs in, and the like; the hardware running state comprises whether each hardware in the terminal monitored by the monitoring device runs normally, whether running faults occur or not and the like; the network connection state comprises whether the terminal monitored by the monitoring device and external network communication are normal or not; the process running state comprises whether each process in the terminal monitored by the monitoring device runs normally, and the network flow state comprises the flow of each process in the terminal monitored by the monitoring device, so that the normal running of each process is ensured. Specifically, different monitoring contents can be set for different terminals monitored by the monitoring device.
In an embodiment, when the monitoring module monitors the above contents, if it is found that a certain monitored content is abnormal, a security event may be generated, and the security event is sent to the management module through the socket. A security event refers to any event that attempts to change a security state (e.g., change access control measures, change security levels, change user passwords, etc.).
In one embodiment, monitoring the parameter includes: monitoring the switching of the items, monitoring the threshold value of the content and any one or more of the acquisition periods. The threshold value of the monitoring content comprises a CPU, a memory occupancy rate threshold value, a network flow size threshold value and the like; the acquisition period comprises parameters such as a CPU memory acquisition period, a network port state monitoring period, a network card flow acquisition period and the like. When the monitoring device monitors different terminals, different monitoring parameters can be set according to the parameter configuration instruction.
In one embodiment, as shown in fig. 2, the management module 10 further includes: and the adjusting unit 12, the adjusting unit 12 is configured to monitor an operation state of the monitoring module 20, and change the monitoring parameter in real time according to the operation state. Specifically, the adjusting unit 12 may periodically monitor the operation state of the monitoring module 20, and if the hardware resource occupied by the monitoring module 20 exceeds the threshold, the management module 10 may change the monitoring parameter through the adjusting unit 12, such as closing part of the function items, or increasing the acquisition period, or changing the safety threshold, so as to ensure the normal operation of the service system. Meanwhile, the adjusting unit 12 may also monitor the operation state of the terminal monitored by the hardware monitoring device, and when the sum of the hardware resources occupied by the monitoring module 20 and the service part in the terminal exceeds a threshold, the adjusting unit 12 may also change a monitoring parameter, for example, may modify a configuration file, or change a safety threshold, to ensure the normal operation of the whole terminal.
In one embodiment, as shown in fig. 2, the management module 10 further includes: and the link confirmation unit 13, where the link confirmation unit 13 is configured to send a heartbeat message with the external device every preset time, and maintain a link with the external device. Specifically, the link confirmation unit 13 in the management module 10 may periodically send a heartbeat message to an external device, such as a management platform, where the heartbeat message includes information such as an IP address and an ID number of a monitoring terminal of a monitoring device, and is used for identifying the terminal by the management platform. Meanwhile, the sending of the heartbeat message can also maintain the link between the terminal and the management platform.
In one embodiment, as shown in fig. 2, the management module 10 further includes: and the upgrading unit 14, wherein the upgrading unit 14 is used for receiving an upgrading file input from the outside and updating the monitoring module 20 according to the upgrading file. Specifically, the upgrade unit 14 may receive an upgrade file sent by an external device, such as a management platform, and verify, decrypt, and determine the version of the upgrade file, so as to determine that the version of the upgrade file is higher than the original version of the monitoring module 20, and update and restart the program in the monitoring module 20 according to the upgrade file, and at the same time, update the version number of the monitoring module 20.
According to the terminal safety monitoring device provided by the embodiment of the invention, the monitoring module can be responsible for specific monitoring of the terminal equipment, so that the monitoring function is realized; the management module is responsible for parameter configuration, heartbeat maintenance, remote upgrading and dynamic adjustment of monitoring parameters, and the management, maintenance and monitoring functions are achieved, so that the terminal can be monitored safely more effectively. Meanwhile, the monitoring device can be conveniently and flexibly configured according to different software and hardware environments when deployed on site by setting the parameter receiving unit. This monitoring devices can be long-range optimize the renewal to monitoring module through setting up the upgrading module, makes things convenient for the maintenance in later stage more. The management module monitors the occupation state of the terminal equipment and the hardware resources of the monitoring module periodically through the adjusting unit, and can dynamically adjust the parameters of the monitoring function so as to ensure the normal operation of the service system.
An embodiment of the present invention further provides a terminal security monitoring system, as shown in fig. 3, including: the terminal device 100 includes the terminal security monitoring apparatus described in the above embodiment, and the terminal device 100 receives the parameter configuration instruction sent by the management platform 200, and configures the monitoring parameter according to the parameter configuration instruction. Specifically, the management platform 200 may serve as a client, a user may input a parameter configuration instruction through the management platform 200, and the management platform 200 sends the parameter configuration instruction to the terminal security monitoring device in the terminal device 100, so as to complete configuration of parameters in the terminal security monitoring device, and implement security monitoring of the terminal.
According to the terminal safety monitoring system provided by the embodiment of the invention, the terminal safety monitoring device is arranged in the terminal equipment, and the parameters in the terminal safety monitoring device are configured according to the parameter configuration instruction issued by the management platform, so that the safety monitoring of the terminal is realized. Therefore, the terminal safety monitoring system can find the terminal equipment in time when the terminal equipment has a safety event, and the normal operation of the terminal equipment is guaranteed.
In an embodiment, when the monitoring module 20 monitors that a security event occurs in the terminal device 100, the corresponding security event may be sent to the management platform 200 through the management module 10, and prompt the user to protect the terminal device. Meanwhile, the management module 10 may periodically send a heartbeat message to the management platform 200 for maintaining the link between the terminal and the platform, where the heartbeat message includes information such as an IP address and an ID number of the terminal, and is used for identifying the terminal device by the management platform. In addition, the user can also send the upgrade file to the management module 10 through the management platform 200, so as to update the monitoring module 20.
An embodiment of the present invention further provides a terminal security monitoring method, as shown in fig. 4, the terminal security monitoring method includes the following steps:
step S101: receiving a parameter configuration instruction; specifically, a terminal security monitoring device may be arranged in a terminal device that needs to perform security monitoring, and a monitoring module and a management module may be arranged in the terminal security monitoring device, where the management module is configured to receive a parameter configuration instruction sent by an external device, such as a management platform.
Step S102: generating monitoring parameters according to the parameter configuration instruction; specifically, after the management module receives the parameter configuration instruction, the management module can analyze the parameter to obtain the parameter therein, and write the parameter into the configuration file for the monitoring module to read.
Step S103: and monitoring the safety state of the terminal according to the monitoring parameters. Specifically, the monitoring module may read parameters in the configuration file to generate monitoring parameters, such as parameters of a switch of a monitoring project, a threshold of monitoring content, an acquisition period, and the like, and implement security monitoring of the content, such as a login state, a hardware running state, a network connection state, a process running state, a network traffic state, and the like, according to the parameters.
The terminal safety monitoring method provided by the embodiment of the invention can receive the externally input parameter configuration instruction to generate the monitoring parameter, and realize the monitoring of the terminal safety state according to the monitoring parameter. Therefore, the terminal safety monitoring method provided by the embodiment of the invention can receive different instructions to generate monitoring parameters, so that safety monitoring can be realized in different environments, different software and hardware environments can be adapted, safety protection can be more effectively performed on the terminal, normal operation of terminal services is guaranteed, and the adaptability of terminal safety monitoring is improved.
Although the present invention has been described in detail with respect to the exemplary embodiments and the advantages thereof, those skilled in the art will appreciate that various changes, substitutions and alterations can be made to the embodiments without departing from the spirit and scope of the invention as defined by the appended claims. For other examples, one of ordinary skill in the art will readily appreciate that the order of the process steps may be varied while maintaining the scope of the present invention.
Moreover, the scope of the present application is not intended to be limited to the particular embodiments of the process, machine, manufacture, composition of matter, means, methods and steps described in the specification. As one of ordinary skill in the art will readily appreciate from the disclosure of the present invention, processes, machines, manufacture, compositions of matter, means, methods, or steps, presently existing or later to be developed, that perform substantially the same function or achieve substantially the same result as the corresponding embodiments described herein may be utilized according to the present invention. Accordingly, the appended claims are intended to include within their scope such processes, machines, manufacture, compositions of matter, means, methods, or steps.

Claims (10)

1. A terminal safety monitoring device is characterized by comprising: a monitoring module and a management module, wherein,
the management module comprises a parameter receiving unit, the parameter receiving unit is used for receiving an externally input parameter configuration instruction, generating a configuration file according to the parameter configuration instruction and sending the configuration file to the monitoring module;
and the monitoring module is used for receiving the configuration file and setting monitoring parameters according to the configuration file to monitor the safety state of the terminal.
2. The terminal safety monitoring device according to claim 1, wherein the monitoring parameters include: monitoring the switching of the items, monitoring the threshold value of the content and any one or more of the acquisition periods.
3. The terminal security monitoring device according to claim 1, wherein the monitored terminal security status includes any one or more of a login status, a hardware operation status, a network connection status, a process operation status and a network traffic status.
4. The terminal safety monitoring device according to claim 1, wherein the monitoring module is further configured to send a safety event to the management part for output when the monitoring module monitors the safety event.
5. The terminal safety monitoring device according to claim 1, wherein the management module further comprises: and the adjusting unit is used for monitoring the running state of the monitoring module and changing the monitoring parameters in real time according to the running state.
6. The terminal safety monitoring device according to claim 1, wherein the management module further comprises: and the link confirmation unit is used for sending heartbeat messages with the external equipment at preset intervals and maintaining the link with the external equipment.
7. The terminal safety monitoring device according to claim 1, wherein the management module further comprises: and the upgrading unit is used for receiving an upgrading file input from the outside and updating the monitoring module according to the upgrading file.
8. A terminal safety monitoring system, comprising: the terminal equipment comprises the terminal safety monitoring device as claimed in any one of claims 1 to 7, and the terminal equipment receives a parameter configuration instruction sent by the management platform and configures monitoring parameters according to the parameter configuration instruction.
9. The terminal security monitoring system according to claim 8, wherein the management platform is configured to receive a security event and a heartbeat packet sent by the terminal device, and send an upgrade file to the terminal device.
10. A terminal safety monitoring method is characterized by comprising the following steps:
receiving a parameter configuration instruction;
generating monitoring parameters according to the parameter configuration instruction;
and monitoring the terminal safety state according to the monitoring parameters.
CN202011255639.6A 2020-11-11 2020-11-11 Terminal monitoring device, system and method Pending CN112367224A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202011255639.6A CN112367224A (en) 2020-11-11 2020-11-11 Terminal monitoring device, system and method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202011255639.6A CN112367224A (en) 2020-11-11 2020-11-11 Terminal monitoring device, system and method

Publications (1)

Publication Number Publication Date
CN112367224A true CN112367224A (en) 2021-02-12

Family

ID=74514332

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202011255639.6A Pending CN112367224A (en) 2020-11-11 2020-11-11 Terminal monitoring device, system and method

Country Status (1)

Country Link
CN (1) CN112367224A (en)

Citations (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101789890A (en) * 2010-02-05 2010-07-28 上海宝信软件股份有限公司 Configuration-based agent monitoring system capable of automatically realizing update and monitoring method thereof
CN104268060A (en) * 2014-10-17 2015-01-07 浪潮电子信息产业股份有限公司 Data center monitoring system capable of realizing custom extension of monitoring items
CN105450619A (en) * 2014-09-28 2016-03-30 腾讯科技(深圳)有限公司 Method, device and system of protection of hostile attacks
CN106209482A (en) * 2016-09-13 2016-12-07 郑州云海信息技术有限公司 A kind of data center monitoring method and system
CN106506262A (en) * 2016-10-19 2017-03-15 中国铁道科学研究院电子计算技术研究所 Information technoloy equipment monitor control index extended method and IT comprehensive monitoring systems
CN106886477A (en) * 2017-02-20 2017-06-23 郑州云海信息技术有限公司 Threshold setting method and device are monitored in a kind of cloud system
CN107402871A (en) * 2017-03-28 2017-11-28 阿里巴巴集团控股有限公司 Terminal capabilities monitoring method and device, monitoring document handling method and device
CN107465568A (en) * 2017-07-06 2017-12-12 长城计算机软件与系统有限公司 A kind of monitoring method and monitoring system for terminal
CN108683549A (en) * 2018-06-08 2018-10-19 湖北鑫英泰系统技术股份有限公司 A kind of network security applied in electric power monitoring system monitors system
CN109413642A (en) * 2018-11-22 2019-03-01 中邮科通信技术股份有限公司 Terminal security detection and monitoring system method
CN110162978A (en) * 2019-05-16 2019-08-23 合肥优尔电子科技有限公司 A kind of terminal security risk assessment management method, apparatus and system
CN111200526A (en) * 2019-12-31 2020-05-26 中国建设银行股份有限公司 Monitoring system and method of network equipment

Patent Citations (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101789890A (en) * 2010-02-05 2010-07-28 上海宝信软件股份有限公司 Configuration-based agent monitoring system capable of automatically realizing update and monitoring method thereof
CN105450619A (en) * 2014-09-28 2016-03-30 腾讯科技(深圳)有限公司 Method, device and system of protection of hostile attacks
CN104268060A (en) * 2014-10-17 2015-01-07 浪潮电子信息产业股份有限公司 Data center monitoring system capable of realizing custom extension of monitoring items
CN106209482A (en) * 2016-09-13 2016-12-07 郑州云海信息技术有限公司 A kind of data center monitoring method and system
CN106506262A (en) * 2016-10-19 2017-03-15 中国铁道科学研究院电子计算技术研究所 Information technoloy equipment monitor control index extended method and IT comprehensive monitoring systems
CN106886477A (en) * 2017-02-20 2017-06-23 郑州云海信息技术有限公司 Threshold setting method and device are monitored in a kind of cloud system
CN107402871A (en) * 2017-03-28 2017-11-28 阿里巴巴集团控股有限公司 Terminal capabilities monitoring method and device, monitoring document handling method and device
CN107465568A (en) * 2017-07-06 2017-12-12 长城计算机软件与系统有限公司 A kind of monitoring method and monitoring system for terminal
CN108683549A (en) * 2018-06-08 2018-10-19 湖北鑫英泰系统技术股份有限公司 A kind of network security applied in electric power monitoring system monitors system
CN109413642A (en) * 2018-11-22 2019-03-01 中邮科通信技术股份有限公司 Terminal security detection and monitoring system method
CN110162978A (en) * 2019-05-16 2019-08-23 合肥优尔电子科技有限公司 A kind of terminal security risk assessment management method, apparatus and system
CN111200526A (en) * 2019-12-31 2020-05-26 中国建设银行股份有限公司 Monitoring system and method of network equipment

Similar Documents

Publication Publication Date Title
Rehmani et al. Software defined networks-based smart grid communication: A comprehensive survey
Li et al. EHOPES: Data-centered Fog platform for smart living
CN109922160A (en) A kind of terminal security cut-in method, apparatus and system based on electric power Internet of Things
US8756411B2 (en) Application layer security proxy for automation and control system networks
Hadeli et al. Leveraging determinism in industrial control systems for advanced anomaly detection and reliable security configuration
CN111917727A (en) Electric power Internet of things safety intelligent image transmission system and method based on 5G and WiFi
CN105490839B (en) A kind of alarm method and device of website data safety
CN105745869A (en) Security gateway for a regional/home network
Wendzel et al. Cyber security of smart buildings
CN107888613B (en) Management system based on cloud platform
Khan et al. Secure communication architecture for dynamic energy management in smart grid
CN111696335A (en) Centralized meter for automated metering management of power distribution services
Mai et al. Uncharted networks: A first measurement study of the bulk power system
Mai et al. IEC 60870-5-104 network characterization of a large-scale operational power grid
US20150035681A1 (en) Point-to-Multipoint Polling in a Monitoring System for an Electric Power Distribution System
US20180262502A1 (en) Method for operating an industrial network and industrial network
CN112367224A (en) Terminal monitoring device, system and method
CN108933707B (en) Safety monitoring system and method for industrial network
KR101898486B1 (en) Information collection and analysis system for industrial network monitor and remote control
CN111866003B (en) Risk assessment method and device for terminal
CN113728239B (en) Detecting energy consumption fraud in power distribution services
CN111917182B (en) Method and system for directly transmitting data of double main stations of low-voltage distribution network
KR101448091B1 (en) Wireless Sensor Network Security Method with Security Attack Detection and Security System using the same
Iskhakov et al. Analysis of vulnerabilities in low-power wide-area networks by example of the LoRaWAN
CN111357244B (en) Method for providing data packets from a CAN bus, control device and system having a CAN bus

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20210212

RJ01 Rejection of invention patent application after publication