CN109379390A - A network security baseline generation method based on full flow - Google Patents
A network security baseline generation method based on full flow Download PDFInfo
- Publication number
- CN109379390A CN109379390A CN201811589819.0A CN201811589819A CN109379390A CN 109379390 A CN109379390 A CN 109379390A CN 201811589819 A CN201811589819 A CN 201811589819A CN 109379390 A CN109379390 A CN 109379390A
- Authority
- CN
- China
- Prior art keywords
- data
- network
- security baseline
- network security
- layer protocol
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 19
- 238000013480 data collection Methods 0.000 claims description 15
- 238000004458 analytical method Methods 0.000 claims description 12
- 230000002688 persistence Effects 0.000 claims description 8
- 239000000284 extract Substances 0.000 claims description 6
- 238000007405 data analysis Methods 0.000 claims description 4
- 238000000605 extraction Methods 0.000 claims description 4
- 238000012545 processing Methods 0.000 claims description 4
- 230000005540 biological transmission Effects 0.000 claims description 2
- 230000004044 response Effects 0.000 claims description 2
- 230000002159 abnormal effect Effects 0.000 claims 1
- 238000012986 modification Methods 0.000 description 4
- 230000004048 modification Effects 0.000 description 4
- 238000004891 communication Methods 0.000 description 3
- 238000012423 maintenance Methods 0.000 description 3
- 230000000694 effects Effects 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 238000010276 construction Methods 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000001514 detection method Methods 0.000 description 1
- 230000007717 exclusion Effects 0.000 description 1
- 239000004744 fabric Substances 0.000 description 1
- 238000007689 inspection Methods 0.000 description 1
- 230000008092 positive effect Effects 0.000 description 1
- 238000003672 processing method Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
- Small-Scale Networks (AREA)
Abstract
The network security baseline generation method based on full flow that the invention discloses a kind of, this method is by being acquired network full flow data, parsing, handle, it generates format data and is stored in distributed data base, then format data the operation such as polymerize to, analyzed, being counted, network security baseline is generated, which can be used for identifying network intrusions behavior.More comprehensively network security baseline can be generated in network security baseline generation method proposed by the present invention based on full flow, the security baseline in whole region network can be quickly generated on a large scale, and it can modify to fast and flexible network security baseline, versatility with application can be widely used in various network environments.It needs to rely on the problem of business expert, Internet security expert and network O&M Collaboration participate in traditional network security baseline generation method in addition, avoiding, greatly reduces the technical threshold of network security baseline generation.
Description
Technical field
The present invention relates to network security baseline more particularly to a kind of network security baseline generation methods based on full flow.
Background technique
Under the overall background that internet is grown rapidly, more and more network security problem exposures are undoubtedly.With major enterprise
Industry security incident takes place frequently, and network security management becomes the hot topic of social concerns.Network security baseline, which generates, is used as network
Important link in safety management is incorporated in a large amount of communication networks for using IP based network and computer technology extensively at present
The industries such as the telecommunications of network and information system, electric power, finance.Network security baseline is for improving the communication network and letter of these industries
The safety of breath system plays important fundamental role.
Network security baseline, which refers to, guarantees that is, the grid cell needs to the minimum safe of a grid cell
The most basic safety requirements met.Sorts of systems, the minimum peace of equipment in network security Baseline Profiles, that is, grid cell
Full configuration requirement.Network security baseline is the specification that enterprises relevant departments should uniformly follow, can be applied to design and construction,
The each stage for the network units Life cycle such as detection, daily maintenance, compliance inspection, logout that network.In network security pipe
Reason field, how to balance cost input and risk is always a problem, and the proposition of network security baseline plays and ensures this
A metastable effect of balance.The building and implementation of network security baseline can make all systems in communication network, the peace of equipment
Full protection reaches unified, minimum requirements level of security, convenient for safeguarding and management, and the general safety that can be improved network is anti-
Shield is horizontal, reduces security risk.
Traditional network security baseline generates thinking: for applied in existing net mainstream network equipment, safety equipment, behaviour
Make system, the application system of data and critical network unit, middleware, clearly needs to defer to guarantee the operation of its basic security
Basic security configuration requirement and parameter threshold.This network security baseline method for building up need security expert, business expert and
Safe operation maintenance personnel collaboration participates in, all kinds of security baseline threshold values of manual setting and condition.This mode has threshold height, difficult behaviour
The problems such as work, not flexible, error-prone.
Summary of the invention
In order to overcome the disadvantages mentioned above of the prior art, the present invention provides a kind of, and the network security baseline based on full flow is raw
At method, this method generates format data and is stored in point by being acquired, parse to network full flow data, handle
In cloth database, then format data the operation such as polymerize to, analyzed, being counted, generating network security baseline, the network
Security baseline can be used for identifying network intrusions behavior, specifically, the following steps are included:
S1. network data deep analysis: bypass acquisition is carried out to network packet by interchanger mirror port, and to part
Application layer protocol carries out deep analysis, extracts common data content and certain applications layer depth parsing data in network message
Information generates format data;
S2. data cleansing and extraction: data cleansing is carried out to the format data generated after acquisition and/or parsing, is removed
It repeats or the data of exception, common data content is all extracted, for the application layer data content that partial depth parses,
Extract its application layer key message;
S3. distributed persistence: the data information full dose extracted is imported into distributed data base and carries out persistence, this is
It is subsequently used for generating the basic data of network security baseline;
S4. receive parameter input: receive user's input includes initial time stamp, ending time stamp and application layer protocol class
Security baseline including type generates parameter;
S5. data aggregate: according to the initial time stamp and ending time stamp parameter of user's input, from distributed data base
The basic data in the time range is extracted, according to network layer protocol, the application layer protocol, the source address ip, mesh in basic data
The address ip, the source address mac and purpose mac address information generate aggregated data collection A, further according to the application layer protocol of user's input
Polymeric configuration generates the aggregated data collection B of specified application layer protocol again on the basis of aggregated data collection A;
S6. data analysis and calculating: every data of aggregated data collection B, which passes through the spliced character string of all fields, to be passed through
Secure Hash Algorithm (SHA1) generates unique identifier ID, and the aggregated data collection B of the subsidiary ID is persisted to distributed data
In library, that is, form the network security baseline of specified application layer protocol.
Further, the step S1 network data deep analysis includes following sub-step:
S11. equipment Serial Number is obtained, and creates processing subprocess, the shared drive reallocated with subprocess, in shared
It deposits buffer area and opens write permission;
S12. subprocess is initialized;
S13. packet capturing interface is initialized, and opens packet capturing thread;
S14. initialization storage thread, and open storage thread;
S15. disk thread is removed in initialization, is opened and is removed disk function;
S16. subprocess is monitored, restarts subprocess if having unexpected turn off.
Further, in the step S1 network data deep analysis, common data content includes: timestamp, source ip
Location, the address purpose ip, source port number, destination slogan, the source address mac, the address purpose mac, network layer protocol and application layer association
View.
Further, in the step S5 data aggregate, if the application layer protocol of user's input is IEC104 agreement, gather
Close request common body address, response common body address, type of message, class of the data set B by the IEC104 data in basic data
Type mark and transmission reason generate.
Further, in the step S6 data analysis and calculating, if having the application layer in distributed data base originally
The security baseline of agreement can then be automatically based upon unique identifier ID and be updated to these data or perfect, and user can also be
A specified security baseline data are inserted separately into or deleted on the basis of this.
This method has a characteristic that
1) full-automatic: can one-touch automation generation baseline, the time model of network security baseline need to be only arranged in user
It encloses, clicks baseline and generate button, that is, may wait for the foundation of baseline results.
2) based on powerful big data processing capacity, the network peace of the whole network full flow can accessible all webs' watch: be established
Full baseline.
3) efficiently precisely: being based on big data distributed computation ability, be capable of the creation of second grade completion network security baseline simultaneously
With high accuracy.
4) alterability: after network security baseline is established, user can the manual modification on baseline at any time.
Compared with prior art, the positive effect of the present invention is:
1) more comprehensively network security baseline can be generated;
2) security baseline in whole region network can be quickly generated on a large scale;
3) network security baseline can be modified to fast and flexible;
4) there is the versatility of application, various network environments can be widely used in;
5) it avoids in traditional network security baseline generation method and needs to rely on business expert, Internet security expert and net
The problem of collaboration of network operation maintenance personnel participates in, greatly reduces the technical threshold of network security baseline generation.
Detailed description of the invention
Examples of the present invention will be described by way of reference to the accompanying drawings, in which:
Fig. 1 is the flow chart of network security baseline realization principle;
Fig. 2 is the work step flow chart of network data deep analysis.
Specific embodiment
For a clearer understanding of the technical characteristics, objects and effects of the present invention, this hair of Detailed description of the invention is now compareed
Bright specific embodiment.
The present invention proposes a kind of network security baseline generation method based on full flow, specifically, as shown in Figure 1, including
Following steps:
S1. network data deep analysis: bypass acquisition is carried out to network packet by interchanger mirror port, and to part
Application layer protocol carries out deep analysis, extracts common data content and certain applications layer depth parsing data in network message
Information generates format data;
S2. data cleansing and extraction: data cleansing is carried out to the format data generated after acquisition and/or parsing, is removed
It repeats or the data of exception, common data content is all extracted, for the application layer data content that partial depth parses,
Extract its application layer key message;
S3. distributed persistence: the data information full dose extracted is imported into distributed data base and carries out persistence, this is
It is subsequently used for generating the basic data of network security baseline;
S4. receive parameter input: receive user's input includes initial time stamp, ending time stamp and application layer protocol class
Security baseline including type generates parameter;
S5. data aggregate: according to the initial time stamp and ending time stamp parameter of user's input, from distributed data base
The basic data in the time range is extracted, according to network layer protocol, the application layer protocol, the source address ip, mesh in basic data
The address ip, the source address mac and purpose mac address information generate aggregated data collection A, further according to the application layer protocol of user's input
Polymeric configuration generates the aggregated data collection B of specified application layer protocol again on the basis of aggregated data collection A;
S6. data analysis and calculating: every data of aggregated data collection B, which passes through the spliced character string of all fields, to be passed through
Secure Hash Algorithm (SHA1) generates unique identifier ID, and the aggregated data collection B of the subsidiary ID is persisted to distributed data
In library, that is, form the network security baseline of specified application layer protocol.
In a specific embodiment of the present invention, it for step S2 data cleansing and extraction, is parsed about partial depth
The specific processing method of application layer data content are as follows: log content information is then extracted for syslog agreement, is then mentioned for ssl agreement
TLS version information is taken, resource type, nslookup, A IP like, the reversed domain name of PRT class, SRV class are then extracted for dns agreement and taken
Title, the SRV class of being engaged in use the information such as domain name, host name where agreement, SRV.
In a specific embodiment of the present invention, for step S3 distribution persistence, distributed data base be can be used
Elasticsearch carries out persistence processing with the data information full dose for will extract.
The above is only a preferred embodiment of the present invention, it should be understood that the present invention is not limited to described herein
Form should not be regarded as an exclusion of other examples, and can be used for other combinations, modifications, and environments, and can be at this
In the text contemplated scope, modifications can be made through the above teachings or related fields of technology or knowledge.And those skilled in the art institute into
Capable modifications and changes do not depart from the spirit and scope of the present invention, then all should be in the protection scope of appended claims of the present invention
It is interior.
Claims (5)
1. a kind of network security baseline generation method based on full flow, which comprises the following steps:
S1. network data deep analysis: bypass acquisition is carried out to network packet by interchanger mirror port, and to certain applications
Layer protocol carries out deep analysis, extracts common data content and certain applications layer depth parsing data letter in network message
Breath generates format data;
S2. data cleansing and extraction: data cleansing is carried out to the format data generated after acquisition and/or parsing, removes repetition
Or abnormal data, common data content is all extracted, for the application layer data content that partial depth parses, is extracted
Its application layer key message;
S3. distributed persistence: the data information full dose extracted is imported into distributed data base and carries out persistence;
S4. receive parameter input: receive user's input includes that initial time stamp, ending time stamp and application layer protocol type exist
Interior security baseline generates parameter;
S5. it data aggregate: according to the initial time stamp and ending time stamp parameter of user's input, is extracted from distributed data base
Basic data in the time range, according to network layer protocol, the application layer protocol, the source address ip, purpose ip in basic data
Address, the source address mac and purpose mac address information generate aggregated data collection A, are gathering further according to the application layer protocol of user's input
Polymeric configuration generates the aggregated data collection B of specified application layer protocol again on the basis of conjunction data set A;
S6. data analysis and calculating: every data of aggregated data collection B is by the spliced character string of all fields by safety
Hash algorithm generates unique identifier ID, and the aggregated data collection B of the subsidiary ID is persisted in distributed data base, that is, is formed
The network security baseline of specified application layer protocol.
2. a kind of network security baseline generation method based on full flow according to claim 1, which is characterized in that described
Step S1 network data deep analysis includes following sub-step:
S11. equipment Serial Number is obtained, and creates processing subprocess, the shared drive reallocated with subprocess is slow to shared drive
It rushes area and opens write permission;
S12. subprocess is initialized;
S13. packet capturing interface is initialized, and opens packet capturing thread;
S14. initialization storage thread, and open storage thread;
S15. disk thread is removed in initialization, is opened and is removed disk function;
S16. subprocess is monitored, restarts subprocess if having unexpected turn off.
3. a kind of network security baseline generation method based on full flow according to claim 1, which is characterized in that described
In step S1 network data deep analysis, common data content includes: timestamp, the source address ip, the address purpose ip, source port
Number, destination slogan, the source address mac, the address purpose mac, network layer protocol and application layer protocol.
4. a kind of network security baseline generation method based on full flow according to claim 1, which is characterized in that described
In step S5 data aggregate, if the application layer protocol of user's input is IEC104 agreement, aggregated data collection B is by basic data
The request common body addresses of IEC104 data, response common body address, type of message, type identification and transmission reason it is raw
At.
5. a kind of network security baseline generation method based on full flow according to claim 1, which is characterized in that described
It, can be certainly if having the security baseline of the application layer protocol in distributed data base originally in the analysis of step S6 data and calculating
Dynamic to be updated based on unique identifier ID to these data or perfect, user can also be inserted separately into or delete on this basis
One specified security baseline data.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811589819.0A CN109379390B (en) | 2018-12-25 | 2018-12-25 | Network security baseline generation method based on full flow |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811589819.0A CN109379390B (en) | 2018-12-25 | 2018-12-25 | Network security baseline generation method based on full flow |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN109379390A true CN109379390A (en) | 2019-02-22 |
| CN109379390B CN109379390B (en) | 2021-04-27 |
Family
ID=65371770
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201811589819.0A Active CN109379390B (en) | 2018-12-25 | 2018-12-25 | Network security baseline generation method based on full flow |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109379390B (en) |
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110311838A (en) * | 2019-07-24 | 2019-10-08 | 北京神州绿盟信息安全科技股份有限公司 | A kind of method and device of security service traffic statistics |
| CN111130859A (en) * | 2019-12-10 | 2020-05-08 | 中国电子科技网络信息安全有限公司 | A method for generating industrial control network topology map based on full flow |
| CN111414394A (en) * | 2020-03-31 | 2020-07-14 | 上海观安信息技术股份有限公司 | Power grid company compliance checking and tracking method and system |
| CN112116078A (en) * | 2020-09-22 | 2020-12-22 | 工业互联网创新中心(上海)有限公司 | An artificial intelligence-based information security baseline learning method |
| CN112968842A (en) * | 2021-03-11 | 2021-06-15 | 东莞深证通信息技术有限公司 | Novel network flow acquisition and analysis method and system |
| CN114844831A (en) * | 2022-03-18 | 2022-08-02 | 奇安信科技集团股份有限公司 | Method, device and equipment for routing edit data of behavior safety baseline |
| CN116074113A (en) * | 2023-03-06 | 2023-05-05 | 成都市以太节点科技有限公司 | Security protection method, device and storage medium based on business process constraint |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8730946B2 (en) * | 2007-10-18 | 2014-05-20 | Redshift Internetworking, Inc. | System and method to precisely learn and abstract the positive flow behavior of a unified communication (UC) application and endpoints |
| CN105141604A (en) * | 2015-08-19 | 2015-12-09 | 国家电网公司 | Method and system for detecting network security threat based on trusted business flow |
| CN107360118A (en) * | 2016-05-09 | 2017-11-17 | 中国移动通信集团四川有限公司 | A kind of advanced constant threat attack guarding method and device |
| CN107566372A (en) * | 2017-09-06 | 2018-01-09 | 南京南瑞集团公司 | The secure data optimization of collection method that feature based value is fed back under big data environment |
| JP2018100968A (en) * | 2016-12-19 | 2018-06-28 | 学校法人慶應義塾 | Flow measuring device, flow measuring method, and flow measuring program |
| CN108833397A (en) * | 2018-06-08 | 2018-11-16 | 武汉思普崚技术有限公司 | A kind of big data safety analysis plateform system based on network security |
-
2018
- 2018-12-25 CN CN201811589819.0A patent/CN109379390B/en active Active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8730946B2 (en) * | 2007-10-18 | 2014-05-20 | Redshift Internetworking, Inc. | System and method to precisely learn and abstract the positive flow behavior of a unified communication (UC) application and endpoints |
| CN105141604A (en) * | 2015-08-19 | 2015-12-09 | 国家电网公司 | Method and system for detecting network security threat based on trusted business flow |
| CN107360118A (en) * | 2016-05-09 | 2017-11-17 | 中国移动通信集团四川有限公司 | A kind of advanced constant threat attack guarding method and device |
| JP2018100968A (en) * | 2016-12-19 | 2018-06-28 | 学校法人慶應義塾 | Flow measuring device, flow measuring method, and flow measuring program |
| CN107566372A (en) * | 2017-09-06 | 2018-01-09 | 南京南瑞集团公司 | The secure data optimization of collection method that feature based value is fed back under big data environment |
| CN108833397A (en) * | 2018-06-08 | 2018-11-16 | 武汉思普崚技术有限公司 | A kind of big data safety analysis plateform system based on network security |
Non-Patent Citations (1)
| Title |
|---|
| 李威等: "《基于流量分析的工业控制系统网络安全基线确定方法研究》", 《科技通报》 * |
Cited By (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110311838A (en) * | 2019-07-24 | 2019-10-08 | 北京神州绿盟信息安全科技股份有限公司 | A kind of method and device of security service traffic statistics |
| CN111130859A (en) * | 2019-12-10 | 2020-05-08 | 中国电子科技网络信息安全有限公司 | A method for generating industrial control network topology map based on full flow |
| CN111130859B (en) * | 2019-12-10 | 2022-03-18 | 中国电子科技网络信息安全有限公司 | A method for generating industrial control network topology map based on full flow |
| CN111414394A (en) * | 2020-03-31 | 2020-07-14 | 上海观安信息技术股份有限公司 | Power grid company compliance checking and tracking method and system |
| CN112116078A (en) * | 2020-09-22 | 2020-12-22 | 工业互联网创新中心(上海)有限公司 | An artificial intelligence-based information security baseline learning method |
| CN112968842A (en) * | 2021-03-11 | 2021-06-15 | 东莞深证通信息技术有限公司 | Novel network flow acquisition and analysis method and system |
| CN114844831A (en) * | 2022-03-18 | 2022-08-02 | 奇安信科技集团股份有限公司 | Method, device and equipment for routing edit data of behavior safety baseline |
| CN114844831B (en) * | 2022-03-18 | 2024-02-27 | 奇安信科技集团股份有限公司 | Editing data routing method, device and equipment for behavior security base line |
| CN116074113A (en) * | 2023-03-06 | 2023-05-05 | 成都市以太节点科技有限公司 | Security protection method, device and storage medium based on business process constraint |
| CN116074113B (en) * | 2023-03-06 | 2023-08-15 | 成都市以太节点科技有限公司 | Security protection method, device and storage medium based on business process constraint |
Also Published As
| Publication number | Publication date |
|---|---|
| CN109379390B (en) | 2021-04-27 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109379390A (en) | A network security baseline generation method based on full flow | |
| CN106411578B (en) | A kind of web publishing system and method being adapted to power industry | |
| EP3152869B1 (en) | Real-time model of states of monitored devices | |
| US9846780B2 (en) | Automated vulnerability intelligence generation and application | |
| Ko et al. | Progger: An efficient, tamper-evident kernel-space logger for cloud data provenance tracking | |
| Lin et al. | Timing-based anomaly detection in SCADA networks | |
| US10567409B2 (en) | Automatic and scalable log pattern learning in security log analysis | |
| US11431792B2 (en) | Determining contextual information for alerts | |
| US8984633B2 (en) | Automated security analytics platform with visualization agnostic selection linked portlets | |
| CN111241104A (en) | Operation auditing method and device, electronic equipment and computer-readable storage medium | |
| CN103563302A (en) | Network asset information management | |
| CN104871171B (en) | Distributed mode is found | |
| Wang et al. | A centralized HIDS framework for private cloud | |
| US8973132B2 (en) | Automated security analytics platform with pluggable data collection and analysis modules | |
| WO2022193855A1 (en) | Task state updating method and apparatus, device, and medium | |
| KR102128008B1 (en) | Method and apparatus for processing cyber threat information | |
| CN111274276A (en) | Operation auditing method and device, electronic equipment and computer-readable storage medium | |
| CN105071966A (en) | Log information management method and log extraction server | |
| Li et al. | An approach to model network exploitations using exploitation graphs | |
| CN113672912A (en) | Network Security Monitoring System Based on Computer Hardware Indication and Behavior Analysis | |
| CN112347066B (en) | Log processing method and device, server and computer readable storage medium | |
| CN116340536A (en) | Operation and maintenance knowledge graph construction method, device, equipment, medium and program product | |
| US8166143B2 (en) | Methods, systems and computer program products for invariant representation of computer network information technology (IT) managed resources | |
| JP2016170568A (en) | Log management control system and log management control method | |
| Aldwairi et al. | Flukes: Autonomous log forensics, intelligence and visualization tool |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |