CN110266723A - A kind of safety of cloud service methods of risk assessment - Google Patents

A kind of safety of cloud service methods of risk assessment Download PDF

Info

Publication number
CN110266723A
CN110266723A CN201910609486.1A CN201910609486A CN110266723A CN 110266723 A CN110266723 A CN 110266723A CN 201910609486 A CN201910609486 A CN 201910609486A CN 110266723 A CN110266723 A CN 110266723A
Authority
CN
China
Prior art keywords
index
risk
technology
data
cloud computing
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201910609486.1A
Other languages
Chinese (zh)
Inventor
姜茸
马自飞
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Yunnan University of Finance and Economics
Original Assignee
Yunnan University of Finance and Economics
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Yunnan University of Finance and Economics filed Critical Yunnan University of Finance and Economics
Priority to CN201910609486.1A priority Critical patent/CN110266723A/en
Publication of CN110266723A publication Critical patent/CN110266723A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/14Network analysis or design
    • H04L41/145Network analysis or design involving simulating, designing, planning or modelling of a network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/123Applying verification of the received information received data contents, e.g. message integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1433Vulnerability analysis
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/145Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/1458Denial of Service
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Virology (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)

Abstract

The invention discloses a kind of safety of cloud service methods of risk assessment, belong to field of cloud computer technology, in conjunction with three safety problem of each level of cloud service, security target and each safe practice aspects, to show which kind of technology is able to solve which kind of security risk problem to reach expected security target, and then establish cloud service technical security risk indicator system.Since the data got from cloud service provider have the problems such as subjectivity is strong, data are few, entropy weight theory in conjunction with multi-category support vector machines and is constructed safety of cloud service risk evaluation model by the present invention, accurate result has been obtained by instance analysis, demonstrate the assessment models be it is feasible, effectively.And elaborate advantage existing for the assessment models, it can be referred to for industry, push the development and application of cloud computing.

Description

A kind of safety of cloud service methods of risk assessment
Technical field
The invention belongs to field of cloud computer technology, and in particular to a kind of safety of cloud service methods of risk assessment.
Background technique
Cloud computing is one of the hot topic of current information technical field, is all circles such as industrial circle, academia, government equal ten It embodies the thought of " network is exactly computer " by point focus of attention, by a large amount of computing resources, storage resource and software resource It links together, forms the shared virtual IT resource pool of huge size, provided for remote client computer and " come as soon as called, wave it Go " and seem that the IT of " ability is unlimited " is serviced.As long as user propose demand, service i.e. from " cloud " end sail come, not only not by The limitation of time, region, user do not have to also worry the problems such as whether resources are enough such as calculate, store, as long as payment on demand, so that it may To obtain the cloud resource of " inexhaustible " whenever and wherever possible.The development of cloud computing is faced with many critical problems, And safety problem is stood in the breach, with popularizing for cloud service application, importance presentation gradually rises trend, it has also become restricts cloud Calculate the central factor of development.IDC (Internet data center) it is primary about " user think cloud computing mode adjustment and What problem is " investigation in, safety ranks first with 74.6%, it is seen then that safety problem has become that " the cloud computing epoch are most The problem for needing to crack.Gartner mechanism, U.S. investigation result in 2009 shows that the CTO of 70% or more interviewed enterprise thinks The first cause of cloud computing is not used to be the worry there are Information Security and privacy in the recent period.In addition to this, in recent years, entirely The major well-known cloud service provider of ball also frequently occurs all kinds of security incidents, and details are as shown in table 1.It can be seen that each cloud service How the safety problem of quotient solves and avoids these peaces to oneself causing the interests for also compromising user while economic loss The generation of full problem, not only becomes enterprise, government, user's concern, also becomes the hot spot of research therewith.Cloud computing Security risk be related to many aspects, technology is one side therein, in terms of traditional network security, each technology Can combined use evade security risk, still, for the cloud computing newly to emerge, what technology can reduce risk using? no Can which technology be risk be brought using? this, which is one, is worth the problem of thinking is with research, carries out in-depth study to it, can Perfect and abundant availability risk management and cloud computing theory system are applied or are referred to for government, enterprise, user, to push The development and application of cloud computing.
1. safety of cloud service accident of table
Presently, there are research contents and achievement be substantially summarized as the following:
1. proposing various Evaluation of Information System Security Risk methods, and in the information systems such as application is arrived school, enterprise.
Gong Jun et al. proposes a kind of to the Information Security Risk Evaluation Model based on FAHP, and the model is applied in school In the net of garden, reality is met by case verification result.Treasure et al. 2 documents are paid to be proposed respectively based on fuzzy theory and nerve net The appraisal procedure of network, the Information Security Risk Assessment Methods based on Bayesian network, with the appraisal procedure to information system into Row assessment is effective.It pays 3 documents of sand et al. and proposes the information system based on entropy weight theory and fuzzy set theory respectively and comment Estimate method, based on fuzzy reasoning and multiple neural network in Evaluation of Information System Security Risk method, based on grey fuzzy Theoretical Evaluation of Information System Security Risk method, by instance analysis, verifying these methods can accurately believe quantitative evaluation Cease system risk.Chen Song et al. proposes a kind of process of Evaluation of Information System Security Risk, to improve the accurate of risk assessment Property.Yu et al. has done purpose, target, risk assessment operation flow according to the environment of role, structure and information system detailed Analysis, proposes the method for the Evaluation of Information System Security Risk of commercial presence process.
2. safety problem or risk and one general countermeasure of proposition under cloud computing environment.
Lu Xianyu has only carried out brief analysis to security risk that may be present under cloud computing environment, proposes and is let out by data The 5 aspect bring security risks such as dew, virtualization, identity and access management, do not propose countermeasure or solution for risk Method.There are loophole, resource-sharing, loss of data or leakage etc. 11 for the interface or API that Jiang Zhengwei et al. proposes cloud service Aspect meeting bring security risk, and countermeasure is provided for each security risk.Lin Zhaoji et al. is for cloud computing Existing feature elaborates that cloud computing is deposited in terms of server security, data safety, application service safety, management and monitoring four Safety problem, and propose a cloud computing security model.Zhang Wei rectifies et al. from cloud computing provider, network, employee, law The safety problem that cloud era corporate information is faced is elaborated with four aspects of policy, and proposes countermeasure and suggestion.Gartner Mechanism structure has proposed 7 Risks existing for the cloud computings such as data isolation, data-privacy, superuser access.Coalfire exists The big cloud computing security risk of Data Position, data ownership etc. 10 is proposed in report in 2012.Report of the CSA in 2013 In indicate cloud computing there are the threats of the aspect of leaking data, loss of data etc. 9.
3. with the methods of traditional analytic hierarchy process (AHP), Grey-fuzzy Theory, neural network or theory to cloud computing safety Risk is done simple quantitative or qualitative analysis and is ground and makes internal disorder or usurp.
CSALIU Peiyu et al. thinks that cloud computing is faced with numerous safety problems, and summarize 8 kinds of security threats with And corresponding risk factors, finally propose a kind of cloud computing security risk assessment model based on analytic hierarchy process (AHP).Zhou Zixi Et al. make a search mainly for the confidentialities of data, and excavated the security risk of data confidentiality, be based on to propose The data confidentiality risk evaluation model of data-flow analysis, this method can effectively identify in cloud computing environment destroy service and The behavior of data confidentiality.Wang Zhaocheng analyzes evaluation index in need of consideration, emphasis in cloud computing information security risk evaluation Information assets assessment identification process is discussed, the Information Security Risk quantitative calculation method based on cloud computing is given.Liu is identical People proposes a kind of cloud computing macroscopic view security risk assessment analysis method, and this method effectively discloses to be faced under cloud computing environment Special, macroscopical risk.Han Qiyun is directed to the safety problem that is faced of cloud computing, has summed up 8 classes and has threatened criterion and right The 39 kinds of deterrents answered construct Analytic Hierarchy Process Model, and analyzed using analytic hierarchy process (AHP), propose a kind of base Information Security Risk Evaluation Model under cloud computing environment is shown experimentally that the risk model has certain practical valence Value.Pass through the content concluded, it can be seen that studying obtained achievement, there are a little deficiencies:
1. the research in terms of cloud computing security evaluation uses analytic hierarchy process (AHP), fuzzy theory, neural network, fault tree point more The methods of analysis method, but research achievement is less, and the achievement that oneself has is only capable of referring to, and can not be applied in example and these methods are deposited In defect, as shown in table 2.
2 appraisal procedure defect of table
Appraisal procedure Disadvantage
Fault Tree Analysis The fault tree building of quantification difficult, complication system is difficult and calculating process is more complex
Analytic hierarchy process (AHP) It is required that evaluator's ability is strong and there are subjectivities
Fuzzy comprehensive evaluation method Membership function determination does not have systematic method and there are subjectivities
Artificial neural network Structure determination is complicated, and optimization is difficult, be easy to cause local optimum and overfitting problem
2. user is passively to receive cloud service bring risk, but most of cloud computings are pacified in cloud service process Research in all directions is carried out from the angle of user, having and not yet illustrate research angle, so that achievement is lack of pertinence, Even if using can not ensure the interests of user.
3. most achievements are not associated with cloud computing feature and service mode carries out in-depth study, only from illustrating in a certain respect Safety problem existing for cloud computing and there are a large amount of subjective factors, and simple qualitative or quantitative research is carried out, lack real Example verifying, so that Evaluated effect is unobvious.
4. in the research achievement of cloud computing security risk assessment, in terms of the technical factor for relationship cloud service risk do not occur Research, also without corresponding risk indicator system and assessment models.
Summary of the invention
The present invention provides a kind of safety of cloud service methods of risk assessment.From the angle of cloud service provider, in conjunction with cloud computing The characteristics of and service mode to its further in-depth study of safety, the characteristics of according to cloud computing platform three layers of service mode, Each layer of major Safety and risk are summed up, then illustrates the relevant technologies that can reduce risk and safe mesh Mark, after triplicity under condensed cloud computing environment technical risk principal element, and construct cloud computing technology security risk assessment Then index system establishes the assessment models based on entropy weight theory and support vector machines, and by case verification, which is to have Effect, and then elaborate advantage existing for the model.
Its technical solution are as follows:
A kind of safety of cloud service methods of risk assessment, comprising the following steps:
Step 1, cloud computing security risk index system are established
According to the principal element of technical risk under cloud computing environment, equipment protection technology can be reduced with monitoring of tools technology Cloud computing technology security risk index system can be obtained in its induction-arrangement by installation security risk;
Step 2, quantification of targets data acquisition
In cloud computing technology security risk index system, including general objective layer, first class index layer, two-level index layer;Wherein First class index layer is divided into hardware resource risk, data safety risk, virtualization security risk, interface security risk and resource point With 5 indexs of security risk, two-level index includes equipment protection technology, monitoring of tools technology, intrusion detection and DDoS prevention skill Art, searching ciphertext and processing technique, data destroying technology, backup and recovery technology, data check technology, fault-toleranr technique, Data encryption technology, data segmentation technique, data isolation technology, distributed proccessing, authentication and access control technology, Secure virtual machine technology, antivirus protection technology, security audit technology, interface and API protection technique, scheduling of resource and distribution technique And 19 evaluation indexes of multi-tenant technology.This 19 evaluation indexes are qualitatively, in order to accurately carry out cloud at present Calculate security risk assessment, it is necessary to quantify to this 19 evaluation indexes, quantization is exactly to its value of imparting.It is commented according to cloud computing The characteristics of risk indicator estimated, selects application risk inspection table to carry out quantization marking for each index, according to the content of research with Cloud computing security risk level is divided into 5 grades, and provides detection risk table by theme.
Each index meaning is as follows:
Equipment protection technology: the technology can protect hardware device involved by cloud computing center (server, cable Deng), guarantee that it runs well and works, to reduce the risks such as service disruption, loss of data caused by due to equipment fault.
Monitoring of tools technology: the technology can guarantee that physical equipment will not be occurred by artificial damage and timely discovering device Failure, cause the risks such as equipment damage, service disruption due to interior employee or other staff abuse one's power to reduce.
Data destroying technology: the technology can be not thorough user's deletion and remaining data are thorough because exiting cloud service Bottom is removed, to reduce the risks such as leaking data.
Backup and recovery technology: the technology can back up user data on time, and timely when needed, quickly extensive It is multiplexed user data, to reduce because of loss of data caused by the reasons such as equipment fault, natural calamity or the risks such as unavailable.
Data check technology: the technology can timely find the incomplete situation of user data, thus reduction factor evidence Partial loss etc. and caused by data are imperfect or not available risk.
Authentication and access control technology: the technology can guarantee the data of user's Lawful access oneself and use to have ordered Service, can not access, obtain or using other users data and service, thus caused by reducing and being accessed etc. because of illegal authorization The risks such as leaking data, data tampering.
Data encryption technology: the technology can encrypt the data in transmission, storage, deposit data with ciphertext form Guaranteeing the safety of data, to reduce because of illicit interception and attack, illegal authorization access and data are let out caused by stealing etc. The risks such as reveal, distort.
Intrusion detection and DDos precautionary technology: whether the technology can find to have in cloud system in time violates security strategy Behavior and the sign attacked, while attack and intrusion behavior can be taken precautions against, so that reduction enters because of DDos attack, illegally Service disruption caused by equal behaviors is invaded, unavailable and data is serviced and the risks such as is stolen, reveals.
Data segmentation technique: if the data of user are divided into stem portion by the technology, being respectively stored on different servers, To guarantee that malicious person can not obtain user's partial data, guarantee the safety of data, to reduce because stealing, unauthorized access etc. is made At the risks such as leaking data.
Secure virtual machine technology: the technology can guarantee the safety that software and fictitious host computer are blurred in cloud computing platform, prevent Only generation the problems such as unauthorized access, rogue attacks loophole, to reduce the risks such as service disruption, leaking data.
Antivirus protection technology: the technology can timely find, be isolated and killing cloud platform in virus, to reduce The risks such as service caused by because of the virus infection due to is unavailable, leaking data, data are unavailable.
Interface and API protection technique: the technology can protect fragile, unsafe interface and API, to reduce because not The interface and API of safety are eavesdropped or are attacked and caused data interception, steals, reveals and service the risks such as unavailable.
Data isolation technology: the technology can guarantee the isolated storage in cloud between data and data, to reduce number According to risks such as leakages.
Distributed proccessing: the technology makes user that oneself data are modified or deleted in cloud, it can be ensured that institute Some copies are all modified, to reduce data because of the risks such as inconsistent or unavailable caused by after modification.
Searching ciphertext and processing technique: the technology can guarantee safety of the data encrypted in processing, use process Property and can be by quick-searching, to reduce the risks such as leaking data caused by data are stolen etc. in use.
Scheduling of resource and distribution technique: the technology be able to solve in real time, dynamic expansion the problems such as, thus reduce because service Service disruption, resource caused by situations such as device increase and decrease, user's increase and decrease such as can not distribute at the risks in time.
Fault-toleranr technique: the technology is able to solve the Fault-Tolerant Problems such as cloud computing system, software, so that can restore after accident State to before generation accident, to reduce, loss of data, corrupted data, data are unavailable and service disruption or unavailable Risk.
Multi-tenant technology: the technology can guarantee thousands of users data, application, money when using the same cloud platform The safety such as source, to reduce because resource consumption is excessive, the risks such as service disruption, leaking data caused by unauthorized access etc..
Security audit technology: safe design is the important technical of system Security Construction, can be under cloud computing environment Activity or behavior checked and verified, to reduce because of the brings risk such as unauthorized access, illegal operation.
Step 3, the index weight value based on entropy weight calculate
Based on the data that above-mentioned detection risk table obtains, the weight of each index is calculated using entropy weight method, thus really The weight of fixed each index, i.e. significance level;
Step 4, support vector machines assessment
Support vector machines is applied into cloud computing security evaluation, and is unfolded around more classification and nonlinear problem, it is right Cloud computing is assessed safely.
Further, step 3 specifically:
1. calculating feature specific gravity
If the initial data got is the matrix of a m*n, i.e. Rm*n, wherein m is the number for participating in the cloud service provider of evaluation Amount, n are the quantity of evaluation index.
If under jth item index, the index value that i-th of evaluation object is got accounts for the specific gravity of all evaluation object index total values For pij,
So:
2. calculating entropy
The relatively important entropy of jth item index are as follows:
Wherein, 0≤ej≤ 1, entropy is bigger, illustrates that risk indicator factor is smaller to the contribution of cloud computing risk assessment.
3. calculating each index weight value
After obtaining the entropy of each index, 1-e can be usedjValue measure the power of each risk factors, and carried out normalizing At change
Reason, obtains the weight of each evaluation index are as follows:
Wherein,The then index weight value vector of each index weights composition are as follows:
4. the index value of Calculation Estimation index
By index weights vector and Rm*nTransposed matrix RTMultiplication obtains the index value matrix of evaluation index, it may be assumed that
Rjj*RT (5)
Further, step 4 specifically:
An optimal separating hyper plane is constructed, optimal separating hyper plane can correctly separate two classes, and make score Class interval is maximum;
On the one hand: for two classification problems
If there are the data sample set (x of linear separabilityi, yi), i=1,2 ..., n, xi∈Rd, yi∈ {+1, -1 }, linearly The general type of discriminant function is that then to there is an Optimal Separating Hyperplane as follows by f (x)=ω x+b:
ω x+b=0 (6)
Discriminant function is normalized, meets all samples of two classes all | f (x) | >=1, nearest from classifying face at this time F (x)=1 of sample, it is desirable that classifying face can correctly classify to all samples, that is, meet:
yi[(ω·xi)+b] -1 >=0, i=1,2 ..., n (7)
Class interval is equal at this timeInterval maximum is equivalent to | | ω | |2It is minimum.Meet formula (7) and makesMost Small classifying face is exactly optimal classification surface.
Therefore, the constrained optimization problem that optimal classification surface problem can be expressed as, i.e., asked under the constraint of formula (7) as The minimum value of minor function:
For this purpose, the Lagrange function being defined as follows:
In formula, αi>=0 is Lagrange multiplier.For the minimum value for asking formula (9), respectively to ω, b, αiIt seeks partial differential and enables it Be equal to 0, obtain
According to the constraint condition of formula (7) and (10), the Solve problems of above-mentioned optimal classification surface can be converted to following The dual problem of convex quadratic programming optimizing:
In formula, αiCorresponding Lagrange multiplier.This is a quadratic function optimization problem, existence and unique solution.IfFor Optimal solution then has:
In formula,The sample being not zero, as supporting vector, therefore the weight coefficient vector of optimal classification surface is supporting vector Linear combination;b*It is classification threshold, it can be by constraint condition αi[yi(ω·xi+ b) -1]=0 solution.
The optimal classification function obtained after the solution above problem are as follows:
The problem of for linearly inseparable, can introduce relaxation factor ξ and punishment parameter C, this allows for formula (8) change Are as follows:
It the problem of for linearly inseparable, can be by introducing a Nonlinear Mapping φ, by the data sample of the input space Originally it is mapped to high-dimensional feature space, optimal classification surface is then constructed in feature space, using appropriate in optimal classification surface Kernel function k (xi, xj) and meet Mercer condition, so that it may the linear classification after realizing a certain nonlinear transformation.
Similarly, classification function can be obtained:
On the other hand: for more classification problems
What above-mentioned the problem of classifying primarily directed to two, was unfolded, but practical problem is often polytypic problem.When making When handling more classification problems with support vector machines, it is necessary to construct suitable multi classifier.
Further, classified using One-against-one.
Beneficial effects of the present invention:
Three safety problem, security target and each safe practice aspects of each level of present invention combination cloud service, thus It show which kind of technology is able to solve which kind of security risk problem to reach expected security target, and then establishes cloud service technical security Risk indicator system.Since the data got from cloud service provider have the problems such as subjectivity is strong, data are few, the present invention is by entropy weight Theory is in conjunction with multi-category support vector machines and constructs safety of cloud service risk evaluation model, has obtained standard by instance analysis It is true as a result, demonstrate the assessment models be it is feasible, effectively.And elaborate advantage existing for the assessment models, it can be for Industry reference, pushes the development and application of cloud computing.
Detailed description of the invention
Fig. 1 is cloud service level;
Fig. 2 is cloud computing technology security risk index system;
Fig. 3 is optimal separating hyper plane schematic diagram;
Fig. 4 is cloud computing security risk metrology step;
Fig. 5 is prediction result figure.
Specific embodiment
Present invention will be explained in further detail with specific embodiment with reference to the accompanying drawing.
Cloud service can totally be divided into three levels as shown in Figure 1:, wherein be located at bottom is IaaS (infrastructure Service), the resources such as cloud service provider will be calculated, be stored are supplied to user as service, and user can obtain cheap and complete Kind resource;What it is positioned at middle layer is PaaS (platform services), and cloud service provider is supplied to Software Development Platform as service User, user may have access to and use without individually purchase and deployment software development platform, by Internet;Positioned at top layer It is SaaS (software services), various software deployments beyond the clouds, are then supplied to user by cloud service provider in a manner of service.
It is as shown in Figure 2: to be a multi-level index system, cloud computing technology security risk is by hardware resource risk, number It is codetermined according to security risk, virtualization security risk, interface security risk and resource allocation security risk, it may be assumed that cloud computing Technical security risk (B)={ hardware resource risk (B1), data safety risk (B2), virtualize security risk (B3), interface peace Full blast danger (B4), resource allocation security risk (B5)}.Wherein,
Hardware resource risk is related to 2 factors of equipment protection technology and monitoring of tools technology, it may be assumed that hardware resource risk (B1)={ b1_1,b1_2}
Data safety risk is related to 11 factors such as intrusion detection and DDos precautionary technology, it may be assumed that data safety risk (B2)={ b2_1,b2_2,b2_3,b2_4,b2_5,b2_6,b2_7,b2_8,b2_9,b2_10,b2_11}
Virtualization security risk is related to 2 factors such as secure virtual machine technology, it may be assumed that virtualization security risk (B3)= {b3_1,b3_2}
Interface security risk is related to 2 factors such as security audit technology, it may be assumed that interface security risk (B4)={ b4_1, b4_2}
Resource allocation security risk is related to 2 factors such as multi-tenant technology, it may be assumed that resource allocation security risk (B5)= {b5_1,b5_2}
It is as shown in Figure 3: to be the content of support vector machines core the most, exactly construct an optimal separating hyper plane, most Excellent Optimal Separating Hyperplane can correctly separate two classes, and make class interval maximum, to distinguish classification.
As shown in Figure 4: the step of measurement cloud takes security risk mainly has, and is faced first by analyzing each level of cloud service Safety problem and target, solve these problems with technology required for target, to obtain cloud service risk measure index body Then system obtains quantized value corresponding to index by risk investigation table, finally the method based on comentropy and support vector machines The security risk faced to cloud service is measured.
In Fig. 5, the svmtrain function and 10 groups of training samples carried using the tool box libsvm is to support vector machines Classifier be trained, obtain model.Finally, performance model predicts the security level of 2 groups of test samples, prediction etc. Unanimously with actual grade (3,2), accuracy rate reaches 100% to grade.
According to step shown in Fig. 4, it is as follows that case application is unfolded:
Step 1, cloud computing security risk index system are established
Establish cloud computing security risk index system as shown in Figure 2.
Step 2, quantification of targets data acquisition
The marking of technical security risk indicator is carried out using cloud service provider of the detection risk table to 12 different scales, is got Following data.
3 expert A of table gives a mark to the index of cloud service provider A
B1-1 B1-2 B2-1 B2-2 B2-3 B2-4 B2-5 B2-6 B2-7 B2-8
7.0 5.0 2.5 4.8 3.0 1.5 5.6 4.0 2.0 3.5
B2-9 B2-10 B2-11 B3-1 B3-2 B4-1 B4-2 B5-1 B5-2
7.0 6.0 3.5 6.0 4.2 5.4 5.0 4.5 3.5
4 expert B of table gives a mark to the index of cloud service provider B
B1-1 B1-2 B2-1 B2-2 B2-3 B2-4 B2-5 B2-6 B2-7 B2-8
1.5 2.0 3.5 3.0 3.0 2.5 2.3 2.0 2.0 2.0
B2-9 B2-10 B2-11 B3-1 B3-2 B4-1 B4-2 B5-1 B5-2
3.5 3.5 3.0 2.5 3.0 1.5 2.8 3.0 3.0
5 expert C of table gives a mark to the index of cloud service provider C
6 expert D of table gives a mark to the index of cloud service provider D
B1-1 B1-2 B2-1 B2-2 B2-3 B2-4 B2-5 B2-6 B2-7 B2-8
9.0 8.0 6.0 8.0 7.0 7.8 6.5 8.0 5.5 6.8
B2-9 B2-10 B2-11 B3-1 B3-2 B4-1 B4-2 B5-1 B5-2
7.0 7.5 8.7 7.0 8.0 8.5 7.0 7.0 8.0
7 expert E of table gives a mark to the index of cloud service provider E
B1-1 B1-2 B2-1 B2-2 B2-3 B2-4 B2-5 B2-6 B2-7 B2-8
4.0 1.0 3.0 1.0 3.5 3.0 2.0 2.5 2.5 3.0
B2-9 B2-10 B2-11 B3-1 B3-2 B4-1 B4-2 B5-1 B5-2
1.5 3.0 2.5 3.0 2.0 1.0 3.0 2.0 2.5
8 expert F of table gives a mark to the index of cloud service provider F
B1-1 B1-2 B2-1 B2-2 B2-3 B2-4 B2-5 B2-6 B2-7 B2-8
7.0 8.0 5.5 8.5 6.5 6.5 6.0 6.0 8.0 6.5
B2-9 B2-10 B2-11 B3-1 B3-2 B4-1 B4-2 B5-1 B5-2
7.0 8.0 7.0 8.5 6.0 6.0 5.0 7.0 6.0
9 expert G of table gives a mark to the index of cloud service provider G
B1-1 B1-2 B2-1 B2-2 B2-3 B2-4 B2-5 B2-6 B2-7 B2-8
0.5 1.0 1.0 1.0 1.0 3.0 1.0 1.3 2.0 1.0
B2-9 B2-10 B2-11 B3-1 B3-2 B4-1 B4-2 B5-1 B5-2
1.0 2.0 1.0 0.5 2.0 2.0 1.0 0.5 1.0
10 expert H of table gives a mark to the index of cloud service provider H
B1-1 B1-2 B2-1 B2-2 B2-3 B2-4 B2-5 B2-6 B2-7 B2-8
9.0 9.5 9.0 9.0 9.5 9.5 8.5 9.5 9.5 9.0
B2-9 B2-10 B2-11 B3-1 B3-2 B4-1 B4-2 B5-1 B5-2
9.0 9.5 9.0 9.0 9.5 9.5 9.0 9.5 9.0
11 expert I of table gives a mark to the index of cloud service provider I
B1-1 B1-2 B2-1 B2-2 B2-3 B2-4 B2-5 B2-6 B2-7 B2-8
0.5 0.5 1.0 1.5 0.5 1.5 0.5 1.5 1.0 1.0
B2-9 B2-10 B2-11 B3-1 B3-2 B4-1 B4-2 B5-1 B5-2
1.0 1.0 2.0 1.0 1.0 0.5 1.0 1.0 1.5
12 expert J of table gives a mark to the index of cloud service provider J
B1-1 B1-2 B2-1 B2-2 B2-3 B2-4 B2-5 B2-6 B2-7 B2-8
9.0 8.5 9.0 9.5 9.0 9.5 9.0 9.0 9.5 9.0
B2-9 B2-10 B2-11 B3-1 B3-2 B4-1 B4-2 B5-1 B5-2
9.0 9.5 9.0 9.0 9.0 9.5 9.0 9.0 9.0
13 expert K of table gives a mark to the index of cloud service provider K
B1-1 B1-2 B2-1 B2-2 B2-3 B2-4 B2-5 B2-6 B2-7 B2-8
3.0 4.0 2.0 4.0 4.5 6.5 5.5 6.0 4.0 7.0
B2-9 B2-10 B2-11 B3-1 B3-2 B4-1 B4-2 B5-1 B5-2
5.5 4.5 4.0 4.0 5.0 2.5 3.5 5.0 4.0
14 expert L of table gives a mark to the index of cloud service provider L
B1-1 B1-2 B2-1 B2-2 B2-3 B2-4 B2-5 B2-6 B2-7 B2-8
2.0 3.0 2.5 4.5 4.0 3.0 5.0 3.5 2.0 2.0
B2-9 B2-10 B2-11 B3-1 B3-2 B4-1 B4-2 B5-1 B5-2
5.0 2.0 3.0 2.0 4.0 1.0 3.0 3.5 2.5
2) above-mentioned data are obtained into following initial data after arranging.
15 initial data of table
Step 3, the index weight value based on entropy weight calculate
1) after calculating above-mentioned five matrixes by formula (1), formula (2), the entropy of each index is obtained are as follows:
e1=[0.8952,0.8961]
e2=[0.9193,0.9202,0.9238,0.9281,0.9234,0.9330,0.9128,0.9196,0.9301, 0.9349,0.9312]
e3=[0.9136,0.9360]
e4=[0.8809,0.9314]
e5=[0.9211,0.9288]
2) according to entropy obtained above, after being calculated by formula (3), formula (4), obtain the weight of each index to Amount:
β1=[0.5022,0.4978]
β2=[0.0980,0.0969,0.0925,0.0873,0.0930,0.0814,0.1059,0.0976,0.0849, 0.0790,0.0835]
β3=[0.5745,0.4255]
β4=[0.6345,0.3655]
β5=[0.5256,0.4744]
3) after calculating weight vectors by formula (5), corresponding index value is obtained, as follows:
R1=[6.0044,1.7489,3.7511,8.5022,2.5066,7.4978,0.7489,9.2489,0.5000, 8.7511,3.4978,2.4978]
R2=[3.8789,2.7373,4.5072,7.1067,2.4967,6.8702,1.3839,9.1765,1.1235, 9.1846,4.8304,3.3028]
R3=[5.2341,2.7127,4.2873,7.4255,2.5745,7.4363,1.1383,9.2127,1.0000, 9.0000,4.4255,2.8510]
R4=[5.2538,1.9751,5.1345,7.9517,1.7310,5.6345,1.6345,9.3172,0.6827, 9.3172,2.8655,1.7310]
R5=[4.0256,3.0000,4.7628,7.4744,2.2372,6.5256,0.7372,9.2628,1.2372, 9.0000,4.5256,3.0256]
4) These parameters value is arranged, obtains set of data samples, as shown in table 16.
16 set of data samples of table
B1 B2 B3 B4 B5 Security level
A 6.0044 3.8789 5.2341 5.2538 4.0256 3
B 1.7489 2.7373 2.7127 1.9751 3.0000 2
C 3.7511 4.5072 4.2873 5.1345 4.7628 3
D 8.5022 7.1067 7.4255 7.9517 7.4744 4
E 2.5066 2.4967 2.5745 1.7310 2.2372 2
F 7.4978 6.8702 7.4363 5.6345 6.5256 4
G 0.7489 1.3839 1.1383 1.6345 0.7372 1
H 9.2489 9.1765 9.2127 9.3172 9.2628 5
I 0.5000 1.1235 1.0000 0.6827 1.2372 1
J 8.7511 9.1846 9.0000 9.3172 9.0000 5
K 3.4978 4.8304 4.4255 2.8655 4.5256 3
L 2.4978 3.3028 2.8510 1.7310 3.0256 2
Step 4, support vector machines assessment
1) grade classification
Herein using the tool box Libsvm of the exploitations such as Taiwan Univ. professor Lin Zhiren[34]It, will be above-mentioned as calculation tool 12 groups of data are divided into two groups, and A, B, C, D, E, F, G, H, I, J remove this as test sample data as training sample data, K, L Except, the security level of cloud service is divided into low, lower, medium, higher, high 5 classes, represents each grade with 1,2,3,4,5 respectively, As shown in table 17.
17 risk class of table divides and mark
Mark 1 2 3 4 5
Grade It is low It is lower It is medium It is higher It is high
Therefore the above-mentioned data by quantification treatment are divided into different security levels, as shown in table 18.
18 sample type of table and grade
2) kernel functional parameter calculates
It because needing to carry out calculations of classifying herein, and selects RBF as kernel function more, therefore penalty parameter c and core letter need to be calculated Number parameter g optimal values, with improve classification accuracy, so use training sample data collection as calculating c, g initial data, It is calculated using cross-validation method, the value for finally obtaining c, g when training sample classification accuracy reaches 100% is respectively as follows: c= 0.000976563, g=0.000976563.
3) training and prediction
Classification of the svmtrain function and 10 groups of training samples carried using the tool box libsvm to support vector machines Device is trained, and obtains model model.Finally, being predicted with security level of the model to 2 groups of test samples, prediction etc. Unanimously with actual grade (3,2), accuracy rate reaches 100% to grade, and classification results are as shown in Fig. 5.
Safety of cloud service methods of risk assessment of the invention, the domestic and international research for summarising safety of cloud service evaluation field are existing Shape, according to summary gone out presently, there are and urgently the problem of, and summarize current cloud computing safe practice and can reduce The two is combined technical risk under condensed cloud computing environment by safety problem existing for which kind of risk and each level of cloud service mode Principal element, to construct index system.Then application risk application form obtain data, then with entropy weight theory and support to The method that amount machine combines falls into 5 types safety of cloud service grade, and constructs multi-category support vector machines security evaluation mould Type, by instance analysis, the prediction security level and practical security level of cloud service provider are completely the same, to prove that the model is Effectively, feasible.
The foregoing is only a preferred embodiment of the present invention, the scope of protection of the present invention is not limited to this, it is any ripe Know those skilled in the art within the technical scope of the present disclosure, the letter for the technical solution that can be become apparent to Altered or equivalence replacement are fallen within the protection scope of the present invention.

Claims (4)

1. a kind of safety of cloud service methods of risk assessment, which comprises the following steps:
Step 1, cloud computing security risk index system are established
According to the principal element of technical risk under cloud computing environment, equipment protection technology and monitoring of tools technology can reduce facility peace Its induction-arrangement is arrived cloud computing technology security risk index system by full blast danger;
Step 2, quantification of targets data acquisition
In cloud computing technology security risk index system, including general objective layer, first class index layer, two-level index layer;Wherein level-one Indicator layer is divided into hardware resource risk, data safety risk, virtualization security risk, interface security risk and resource allocation peace 5 indexs in full blast danger, two-level index includes equipment protection technology, monitoring of tools technology, intrusion detection and DDoS precautionary technology, close Text retrieval adds with processing technique, data destroying technology, backup and recovery technology, data check technology, fault-toleranr technique, data Secret skill art, data segmentation technique, data isolation technology, distributed proccessing, authentication and access control technology, virtual machine Safe practice, antivirus protection technology, security audit technology, interface and API protection technique, scheduling of resource and distribution technique and more 19 evaluation indexes of tenant's technology;This 19 evaluation indexes are qualitatively, in order to accurately carry out cloud computing peace at present Full risk assessment, it is necessary to this 19 evaluation indexes be quantified, quantization is exactly to its value of imparting;Wind according to cloud computing assessment The characteristics of dangerous index, selects application risk inspection table to carry out quantization marking for each index, will according to the content and theme of research Cloud computing security risk level is divided into 5 grades, and provides detection risk table;
Step 3, the index weight value based on entropy weight calculate
Based on the data that above-mentioned detection risk table obtains, the weight of each index is calculated using entropy weight method, so that it is determined that often The weight of a index, i.e. significance level;
Step 4, support vector machines assessment
Support vector machines is applied into cloud computing security evaluation, and is around more classification and nonlinear problem expansion, to cloud meter Safety is calculated to be assessed.
2. safety of cloud service methods of risk assessment according to claim 1, which is characterized in that step 3 specifically:
1. calculating feature specific gravity
If the initial data got is the matrix of a m*n, i.e. Rm*n, wherein m is the quantity for participating in the cloud service provider of evaluation, n For the quantity of evaluation index;
If under jth item index, the specific gravity that the index value that i-th of evaluation object is got accounts for all evaluation object index total values is pij, so:
2. calculating entropy
The relatively important entropy of jth item index are as follows:
Wherein, 0≤ej≤ 1, entropy is bigger, illustrates that risk indicator factor is smaller to the contribution of cloud computing risk assessment;
3. calculating each index weight value
After obtaining the entropy of each index, 1-e is usedjValue measure the power of each risk factors, and be normalized, Obtain the weight of each evaluation index are as follows:
Wherein,The then index weight value vector of each index weights composition are as follows:
4. the index value of Calculation Estimation index
By index weights vector and Rm*nTransposed matrix RTMultiplication obtains the index value matrix of evaluation index, it may be assumed that
Rjj*RT (5)。
3. safety of cloud service methods of risk assessment according to claim 1, which is characterized in that step 4 specifically:
An optimal separating hyper plane is constructed, optimal separating hyper plane correctly separates two classes, and makes class interval most Greatly;
1) for two classification problems
If there are the data sample set (x of linear separabilityi,yi), i=1,2 ..., n, xi∈Rd,yi∈ {+1, -1 }, linear discriminant The form of function is that then to there is an Optimal Separating Hyperplane as follows by f (x)=ω x+b:
ω x+b=0 (6)
Discriminant function is normalized, meets all samples of two classes all | f (x) | >=1, sample nearest from classifying face at this time F (x)=1, it is desirable that classifying face can correctly classify to all samples, that is, meet:
yi[(ω·xi)+b] -1 >=0, i=1,2 ..., n (7)
Class interval is equal at this timeInterval maximum is equivalent to | | ω | |2It is minimum;Meet formula (7) and makesThe smallest point Class face is exactly optimal classification surface;
Therefore, optimal classification surface problem representation is asked under the constraint of formula (7) as minor function at following constrained optimization problem Minimum value:
For this purpose, the Lagrange function being defined as follows:
In formula, αi>=0 is Lagrange multiplier;For the minimum value for asking formula (9), respectively to ω, b, αiSeek partial differential and enable them etc. In 0, obtain
According to the constraint condition of formula (7) and (10), it converts the Solve problems of above-mentioned optimal classification surface to following convex secondary rule Draw the dual problem of optimizing:
In formula, αiCorresponding Lagrange multiplier;This is a quadratic function optimization problem, existence and unique solution;IfIt is optimal Solution, then have:
In formula,The sample being not zero, as supporting vector, therefore the weight coefficient vector of optimal classification surface is the line of supporting vector Property combination;b*It is classification threshold, by constraint condition αi[yi(ω·xi+ b) -1]=0 solution;
The optimal classification function obtained after the solution above problem are as follows:
The problem of for linearly inseparable, introduces relaxation factor ξ and punishment parameter C, this, which allows for formula (8), becomes:
The data sample of the input space is mapped to by the problem of for linearly inseparable by introducing a Nonlinear Mapping φ Then high-dimensional feature space constructs optimal classification surface in feature space, kernel function k appropriate is used in optimal classification surface (xi,xj) and meet Mercer condition, the linear classification after can be achieved with a certain nonlinear transformation;
Similarly, i.e.,
Obtain classification function:
2) for more classification problems
What above-mentioned the problem of classifying primarily directed to two, was unfolded, but practical problem is often polytypic problem;When using branch When holding the vector machine more classification problems of processing, it is necessary to construct suitable multi classifier.
4. safety of cloud service methods of risk assessment according to claim 3, which is characterized in that carried out using One-against-one Classification.
CN201910609486.1A 2019-07-08 2019-07-08 A kind of safety of cloud service methods of risk assessment Pending CN110266723A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910609486.1A CN110266723A (en) 2019-07-08 2019-07-08 A kind of safety of cloud service methods of risk assessment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910609486.1A CN110266723A (en) 2019-07-08 2019-07-08 A kind of safety of cloud service methods of risk assessment

Publications (1)

Publication Number Publication Date
CN110266723A true CN110266723A (en) 2019-09-20

Family

ID=67924865

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910609486.1A Pending CN110266723A (en) 2019-07-08 2019-07-08 A kind of safety of cloud service methods of risk assessment

Country Status (1)

Country Link
CN (1) CN110266723A (en)

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111461558A (en) * 2020-04-04 2020-07-28 中国人民解放军海军工程大学 Key data safety destruction evaluation method
CN112561305A (en) * 2020-12-10 2021-03-26 上海对外经贸大学 Enterprise data privacy protection evaluation method based on hierarchical model
CN112785154A (en) * 2021-01-22 2021-05-11 西安交通大学 Safety evaluation method of cloud ERP system
CN112862468A (en) * 2021-02-01 2021-05-28 湖南大学 Export tax refunding and financing method, equipment and medium based on block chain
CN112948823A (en) * 2021-03-19 2021-06-11 中国人民解放军国防科技大学 Data leakage risk assessment method
CN113965389A (en) * 2021-10-26 2022-01-21 天元大数据信用管理有限公司 Network security management method, equipment and medium based on firewall log
CN115208675A (en) * 2022-07-18 2022-10-18 中国建设银行股份有限公司 Cloud asset configuration security processing method and system, storage medium and electronic equipment
CN115878111A (en) * 2022-09-26 2023-03-31 北京犬安科技有限公司 Method and system for realizing TARA data multiplexing for threat analysis and risk assessment

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102001560A (en) * 2010-12-15 2011-04-06 南京市特种设备安全监督检验研究院 Vertical lift safety evaluation method
CN103136587A (en) * 2013-03-07 2013-06-05 武汉大学 Power distribution network operating state classification recognition method based on support vector machine
CN104036112A (en) * 2014-04-24 2014-09-10 河海大学 Fault diagnosis method based on support vector machine and expert system
CN104636449A (en) * 2015-01-27 2015-05-20 厦门大学 Distributed type big data system risk recognition method based on LSA-GCC
CN104883369A (en) * 2015-05-29 2015-09-02 天津大学 Cloud configuration safety assessment method
CN105896545A (en) * 2016-06-16 2016-08-24 国网江苏省电力公司电力科学研究院 Accident chain mode based distributed power flow controller location method
CN107862455A (en) * 2017-11-02 2018-03-30 国网天津市电力公司 A kind of subjective and objective mixing appraisal procedure of power system cloud platform construction
KR20180060044A (en) * 2016-11-28 2018-06-07 주식회사 나라시스템 Security System for Cloud Computing Service

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102001560A (en) * 2010-12-15 2011-04-06 南京市特种设备安全监督检验研究院 Vertical lift safety evaluation method
CN103136587A (en) * 2013-03-07 2013-06-05 武汉大学 Power distribution network operating state classification recognition method based on support vector machine
CN104036112A (en) * 2014-04-24 2014-09-10 河海大学 Fault diagnosis method based on support vector machine and expert system
CN104636449A (en) * 2015-01-27 2015-05-20 厦门大学 Distributed type big data system risk recognition method based on LSA-GCC
CN104883369A (en) * 2015-05-29 2015-09-02 天津大学 Cloud configuration safety assessment method
CN105896545A (en) * 2016-06-16 2016-08-24 国网江苏省电力公司电力科学研究院 Accident chain mode based distributed power flow controller location method
KR20180060044A (en) * 2016-11-28 2018-06-07 주식회사 나라시스템 Security System for Cloud Computing Service
CN107862455A (en) * 2017-11-02 2018-03-30 国网天津市电力公司 A kind of subjective and objective mixing appraisal procedure of power system cloud platform construction

Non-Patent Citations (4)

* Cited by examiner, † Cited by third party
Title
KHORSHED, M. T.等: "A survey on gaps, threat remediation challenges and some thoughts for proactive attack detection in cloud computing"", 《FUTURE GENERATION COMPUTER SYSTEMS》 *
姜茸等: ""云计算安全风险因素挖掘及应对策略"", 《现代情报》 *
姜茸等: ""云计算技术安全风险评估研究"", 《电子技术应用》 *
孙文兵: ""支持向量机在水资源质量分类评价中的应用"", 《邵阳学院学报(自然科学版)》 *

Cited By (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111461558A (en) * 2020-04-04 2020-07-28 中国人民解放军海军工程大学 Key data safety destruction evaluation method
CN111461558B (en) * 2020-04-04 2022-04-22 中国人民解放军海军工程大学 Key data safety destruction evaluation method
CN112561305A (en) * 2020-12-10 2021-03-26 上海对外经贸大学 Enterprise data privacy protection evaluation method based on hierarchical model
CN112785154A (en) * 2021-01-22 2021-05-11 西安交通大学 Safety evaluation method of cloud ERP system
CN112862468A (en) * 2021-02-01 2021-05-28 湖南大学 Export tax refunding and financing method, equipment and medium based on block chain
CN112862468B (en) * 2021-02-01 2024-03-22 湖南大学 Block chain-based export tax refund financing method, equipment and medium
CN112948823A (en) * 2021-03-19 2021-06-11 中国人民解放军国防科技大学 Data leakage risk assessment method
CN113965389A (en) * 2021-10-26 2022-01-21 天元大数据信用管理有限公司 Network security management method, equipment and medium based on firewall log
CN113965389B (en) * 2021-10-26 2024-05-03 天元大数据信用管理有限公司 Network security management method, device and medium based on firewall log
CN115208675A (en) * 2022-07-18 2022-10-18 中国建设银行股份有限公司 Cloud asset configuration security processing method and system, storage medium and electronic equipment
CN115878111A (en) * 2022-09-26 2023-03-31 北京犬安科技有限公司 Method and system for realizing TARA data multiplexing for threat analysis and risk assessment
CN115878111B (en) * 2022-09-26 2024-02-06 北京犬安科技有限公司 Threat analysis and risk assessment TARA data multiplexing implementation method and system

Similar Documents

Publication Publication Date Title
CN110266723A (en) A kind of safety of cloud service methods of risk assessment
CN103782303B (en) System and method for the detection based on unsigned of malice process
CN109446817A (en) A kind of detection of big data and auditing system
Makarova Determining the choice of attack methods approach
Bhogal et al. A review on big data security and handling
CN112637108B (en) Internal threat analysis method and system based on anomaly detection and emotion analysis
CN111563254A (en) Threat risk processing method and apparatus for product, computer system and medium
Meriah et al. A survey of quantitative security risk analysis models for computer systems
Pamuji et al. Linear regression for prediction of excessive permissions database account traffic
CN115080291A (en) Container abnormal behavior processing method and device
Shaorong et al. Research on campus network security protection system framework based on cloud data and intrusion detection algorithm
Zaburko et al. Information security risk assessment using the AHP method
Tse et al. Risks facing smart city information security in Hangzhou
Chen et al. RF-SVM based awareness algorithm in intelligent network security situation awareness system
Kavak et al. The impact of information security management guide utilization on technological and institutional information security measures in university libraries in Türkiye
Wang et al. Network computer security hidden dangers and vulnerability mining technology
Kim et al. A study on analyzing risk scenarios about vulnerabilities of security monitoring system: focused on information leakage by insider
Geetha Rani et al. A Survey of Recent Cloud Computing Data Security and Privacy Disputes and Defending Strategies
Zhu et al. Quantitative safety assessment method of industrial control system based on reduction factor
Zhang Information security risk assessment based on cloud computing and bp neural network
Yang et al. Research on Quantitative Evaluation Method of Network Security in Substation Power Monitoring System
US20230188542A1 (en) Enhancing hybrid traditional neural networks with liquid neural network units for cyber security and offense protection
Arki et al. A Security Framework for Cloud Data Storage (CDS) Based on Agent
Zheng The Classification and Classification of Big Data Based on the Internet of Things
Dong et al. A Privacy-Preserving Electricity Theft Detection (PETD) Scheme for Smart Grid

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20190920