Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Sensitive information detection method and terminal

A technology of sensitive information and detection methods, applied in the field of network security, can solve the problems of unavailability of services, misjudgment of data, and high rate of misjudgment, saving storage space and cost, improving accuracy and efficiency, and improving accuracy. Effect

Active Publication Date: 2021-12-10
FUJIAN TIANQUAN EDUCATION TECH LTD
View PDF6 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

At present, the size of Tomcat logs generated by the company in one day can reach the TB (Terabyte, terabyte) level. When the log size is very large, it will be very time-consuming to retrieve from such a huge amount of data.
If multiple users are querying at the same time, the memory resources in the backend of Elasticsearch will be exhausted, making the service unavailable
[0007] 2. The writing of ELK regular matching grammar is complicated, and the misjudgment rate is high
Developers use ELK to query user sensitive information, and they have to write regular expressions to query each time. At the same time, there is a lack of auxiliary verification methods, which leads to misjudgment of the matched data.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Sensitive information detection method and terminal
  • Sensitive information detection method and terminal
  • Sensitive information detection method and terminal

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0105] Please refer to figure 1 , 3 , a detection method for sensitive information in this embodiment, comprising:

[0106] S0. Receive a log collection instruction, where the log collection instruction includes a plurality of server information;

[0107] determining multiple servers according to the multiple server information;

[0108] Obtaining server logs from the plurality of servers in real time;

[0109] storing the server log in a log cluster according to a preset format;

[0110] Specifically, such as image 3 As shown, use FileBeat (log collection tool) to obtain Tomcat logs from multiple servers in real time, and store Tomcat logs in the Kafka cluster (a log cluster) in a preset format, such as displaying the log level at the beginning of each Tomcat log , occurrence time, category name and other information;

[0111] S1. Receive a detection request for sensitive information, where the detection request includes a log cluster;

[0112] S2. Stream-read the serve...

Embodiment 2

[0117] Please refer to figure 1 , 3 , on the basis of Embodiment 1, this embodiment further defines how to perform detection based on the read server log, specifically:

[0118] The detection in S2 based on the read server log using a preset regular matching expression includes:

[0119] Obtaining a hash value corresponding to each server log according to the read server log;

[0120] Specifically, call the hashCode() method for each read Tomcat log to obtain the hash value corresponding to each Tomcat log;

[0121] performing a division operation on the hash value and the first preset value to obtain a division result;

[0122] Wherein, the first preset value can be flexibly set according to actual needs. In this embodiment, the first preset value is 5, that is, the Tomcat log is sampled by 1 / 5;

[0123] Specifically, divide the hash value by 5 to obtain a division result;

[0124] Judging whether the remainder in the result of the division operation is a second preset v...

Embodiment 3

[0138] Please refer to figure 1 , 3 , on the basis of Embodiment 1 or Embodiment 2, this embodiment further defines how to perform auxiliary verification of initial sensitive information, specifically:

[0139] Such as image 3 As shown, the S3 is specifically:

[0140] Obtain the information type corresponding to the initial sensitive information;

[0141] Wherein, the information type includes ID number information, mobile phone number information, email address information and bank card number information;

[0142] Acquiring an auxiliary verification method corresponding to the information type according to the information type corresponding to the initial sensitive information;

[0143] Among them, the auxiliary verification method corresponding to the information type includes an auxiliary verification method of an ID card number, an auxiliary verification method of a mobile phone number, an auxiliary verification method of an email address, and an auxiliary verificat...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a sensitive information detection method and terminal, and the method comprises the steps: receiving a detection request of sensitive information, wherein the detection request comprises a log cluster; reading server logs in the log cluster in a streaming manner according to the detection request, and detecting by using a preset regular matching expression based on the read server logs to obtain initial sensitive information; performing auxiliary verification on the initial sensitive information to obtain an auxiliary verification result, and judging whether the auxiliary verification result is successful or not: if so, determining the initial sensitive information as final sensitive information, and if not, determining the initial sensitive information as non-sensitive information; performing statistics on the final sensitive information according to a preset time period to obtain a statistical result, thereby improving the accuracy and efficiency of detecting the user sensitive information in the server log.

Description

technical field [0001] The invention relates to the technical field of network security, in particular to a sensitive information detection method and a terminal. Background technique [0002] Tomcat is an open source lightweight Web (World Wide Web) application server based on the Java language (a computer language), and is widely used in small and medium-sized systems and occasions with small concurrency. At the same time, it is also a free and open source Servlet (Server Applet, small service program) container, which can realize the loading of JavaWeb (using Java technology to solve the technology stack in the related Web Internet field) program. The logs generated during the running of the Java Web service deployed in Tomcat are usually referred to as Tomcat logs. This log is an important basis for developers to troubleshoot and troubleshoot when a network service fails. [0003] However, due to the lack of network security awareness of individual developers, some unne...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L29/08
CPCH04L63/1425H04L67/02Y02D10/00
Inventor 刘德建王张浩陈宏
Owner FUJIAN TIANQUAN EDUCATION TECH LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products