CN-122002004-A - Engineering video monitoring safety management method and system

Abstract

The invention discloses an engineering video monitoring safety management method and system, which comprises the steps of constructing an engineering video monitoring data grading system, configuring an operation authority base line of each grade of data, collecting an operation log of the engineering video monitoring system in real time and storing the operation log in a blockchain, constructing a multidimensional behavior characteristic model based on the operation authority base line and historical operation data, comparing the collected operation log with the multidimensional behavior characteristic model, identifying abnormal operation behaviors according to an abnormal early warning rule, generating abnormal early warning, and executing grading response on the generated abnormal early warning. The method and the system distinguish videos with different risk levels by combining manual presetting and AI dynamic marking through a sensitive grading system, and then match character authority base lines, limit operation from an access source, avoid low-authority users from touching high-sensitivity videos in an unauthorized manner, effectively reduce the risk of important data leakage, identify obvious violations such as unauthorized and the like through a multidimensional model, and early warn a small number of hidden operations for many times in advance.

Inventors

• CHENG XIAOFEI
• ZHOU FANG
• LI YULONG
• JIANG ZHICHEN
• HU RUI
• LI JIAN
• ZENG JINFU
• Mo Wangyi
• QIN LIUYUN
• LI YUAN
• WEI SHILEI
• Ji Peichen

Assignees

• 南方电网互联网服务有限公司

Dates

Publication Date

20260508

Application Date

20251208

Claims (10)

1. 1. The engineering video monitoring safety management method is characterized by comprising the following steps of: S1, constructing an engineering video monitoring data hierarchy, and configuring an operation authority base line of each level of data; s2, collecting an operation log of the engineering video monitoring system in real time and storing the operation log in a blockchain; s3, constructing a multidimensional behavior feature model based on the operation authority base line and historical operation data; S4, comparing the collected operation log with a multidimensional behavior feature model, and identifying abnormal operation behaviors according to an abnormal early warning rule to generate an abnormal early warning; S5, performing grading response on the generated abnormal early warning.
2. 2. The method for managing engineering video surveillance safety according to claim 1, wherein in step S1, the method further comprises making a data sensitivity level standard and performing multi-level classification marking, specifically: Marking videos related to confidential areas or critical operations as a primary level of sensitivity; marking the video related to personnel operation or important production links as a secondary sensitivity level; Marking videos related to a public activity area and needing privacy protection as three-level sensitivity levels; and marking the open area video without sensitive information as four-level sensitive grades.
3. 3. The engineering video monitoring safety management method according to claim 2, wherein in step S1, when video monitoring data is marked in a multi-level classification manner, a preset rule is adopted to perform basic marking, dynamic marking is performed in combination with AI identification, and a classification result mark is generated and stored; The basic marks comprise equipment area mapping marks and batch rule configuration marks; When dynamic marking is carried out, if the facial features of people or the operation of core equipment is detected, the sensitivity level of the video is automatically increased, and if no people or core equipment is detected, the sensitivity level of the video is automatically reduced.
4. 4. The method for monitoring and managing safety of engineering video according to claim 3, wherein before storing the grading result mark in step S1, the grading result is embedded into the video file as a metadata field and is bound with the video metadata, and when the grading result mark is changed, the grade before and after the change and the change reason are automatically recorded.
5. 5. The engineering video monitoring safety management method according to claim 1, wherein the constructing of the multidimensional behavior feature model in step S3 is specifically: Screening the total operation logs in the set period, and aggregating according to the user-role-operation dimension to form a user behavior sequence; establishing a personalized baseline and a cumulative effect baseline for each character to form a multi-dimensional reference standard; The personalized baseline is constructed based on historical operation data of the corresponding user or role and is used for representing the conventional operation behavior mode of the user or role; The cumulative effect baseline is constructed based on the operation total amount threshold value in a preset period and is used for detecting the cumulative effect of the operation amount.
6. 6. The method for managing engineering video surveillance security according to claim 5, wherein in step S4, the comparing includes: Judging whether the real-time operation violates the operation authority base line defined in the step S1; comparing personalized baselines, namely judging the deviation degree of real-time operation and the personalized baselines of corresponding users or roles; And (3) comparing the cumulative effect baselines, namely judging whether the real-time operation leads to the fact that the total operation amount in the period exceeds the threshold value of the cumulative effect baselines.
7. 7. The method for engineering video surveillance security management of claim 6, further comprising, When the authority baselines are compared, the examination item comprises one or more of the following: Whether the operator role has the right to access the target video sensitivity level, whether the operation type is allowed, and whether the operation time is within the allowed period; if any of the above inspection items fails, marking as authority violation exception; When the personalized baselines are compared, the inspection items comprise operation frequency, operation time period and operation objects, and the deviation degree score is calculated according to the inspection items; when the accumulated effect baselines are compared, the check items comprise period accumulated quantity, trend increasing rate and sensitive operation accumulated, accumulated quantity reaches a threshold value to mark accumulated early warning, and threshold value exceeding is marked to mark accumulated overrun abnormality.
8. 8. The method according to claim 1, wherein the step S5 includes risk assessment of the identified abnormal operation behavior and generation of hierarchical early warning information, specifically: respectively assigning weights for authority violation anomalies, personalized baseline deviation degrees and accumulated effect anomalies, calculating total anomaly scores, and dividing early warning grades according to the total anomaly scores; When the early warning condition is met, the system automatically generates an early warning event and synchronously pushes the early warning event to the large real-time monitoring screen.
9. 9. An engineering video monitoring security management system, comprising: The storage module is used for storing video data, operation authority baselines, behavior characteristic model parameters and operation logs stored based on block chains; The acquisition module is used for acquiring the operation behavior data of the video monitoring system in real time; and the multidimensional anomaly detection module is used for analyzing the collected operation behavior data in real time based on the behavior characteristic model so as to identify abnormal operation.
10. 10. The engineering video surveillance security management system of claim 9, wherein the multi-dimensional anomaly detection module comprises: A baseline calculation unit for generating a personalized operation baseline and a cumulative effect baseline for each user or character; the multi-dimensional comparison unit is used for respectively comparing the real-time operation with an operation authority base line, a personalized operation base line and an accumulated effect base line; and the anomaly scoring unit is used for scoring risks in triggering the operation of the comparison rule, judging the risk level according to the total anomaly score and generating corresponding early warning.

Description

Engineering video monitoring safety management method and system Technical Field The invention relates to the technical field of engineering video monitoring, in particular to an engineering video monitoring safety management method and system. Background The engineering video monitoring safety management integrated with operation log audit is an engineering safety management mode which takes video picture monitoring and operation behavior tracing into consideration, can collect picture dynamic of a key area of an engineering site in real time, and automatically records operation behaviors related to a monitoring system to form a traceable operation log. By combining the real-time early warning of the video picture with the audit analysis of the operation log, the visual management and control of the engineering site safety risk can be realized, and the self data safety of the monitoring system is also ensured. The abnormality detection of the existing log audit system is mostly based on a fixed threshold value, and a personalized standard is not built by combining the roles and the historical behaviors of the user, so that a low-authority user can gradually steal sensitive information through a small number of operations, and abnormal alarm lag is caused. For example, the fixed threshold is set to be downloaded more than 10 times a day, namely early warning is performed, but if a low-authority user downloads only one piece of client information at a time, the early warning can be triggered only after 10 days are accumulated, so that abnormal warning is not timely enough, and safety risks exist. Disclosure of Invention In order to overcome the defects of the prior art, the invention aims to provide an engineering video monitoring safety management method and system, which are used for managing sensitive videos in a grading way by constructing a video data grading system and setting a multidimensional behavior characteristic model so as to realize more flexible and timely abnormal identification and intercept hidden malicious operations in advance. The technical scheme adopted by the invention for solving the technical problems is that the engineering video monitoring safety management method comprises the following steps: S1, constructing an engineering video monitoring data hierarchy, and configuring an operation authority base line of each level of data; s2, collecting an operation log of the engineering video monitoring system in real time and storing the operation log in a blockchain; s3, constructing a multidimensional behavior feature model based on the operation authority base line and historical operation data; S4, comparing the collected operation log with a multidimensional behavior feature model, and identifying abnormal operation behaviors according to an abnormal early warning rule to generate an abnormal early warning; S5, performing grading response on the generated abnormal early warning. As a further improvement of the invention, the method further comprises the steps of formulating a data sensitivity level standard and carrying out multi-level classification marking in step S1, wherein the method specifically comprises the following steps: Marking videos related to confidential areas or critical operations as a primary level of sensitivity; marking the video related to personnel operation or important production links as a secondary sensitivity level; Marking videos related to a public activity area and needing privacy protection as three-level sensitivity levels; and marking the open area video without sensitive information as four-level sensitive grades. In step S1, when the video monitoring data is marked in a multi-stage classification mode, a preset rule is adopted to carry out basic marking, and dynamic marking is carried out by combining with AI identification, so that a classification result mark is generated and stored; The basic marks comprise equipment area mapping marks and batch rule configuration marks; When dynamic marking is carried out, if the facial features of people or the operation of core equipment is detected, the sensitivity level of the video is automatically increased, and if no people or core equipment is detected, the sensitivity level of the video is automatically reduced. As a further improvement of the invention, before the grading result mark is stored in the step S1, the grading result is embedded into the video file as a metadata field and is bound with the video metadata, and when the grading result mark is changed, the grade before and after the change and the change reason are automatically recorded. As a further improvement of the invention, the multi-dimensional behavior feature model is constructed in the step S3, specifically: Screening the total operation logs in the set period, and aggregating according to the user-role-operation dimension to form a user behavior sequence; establishing a personalized baseline and a cumulative effect baseline for e