WO2012034304A1 - A vulnerability fixing method based on hierarchical vulnerability threat evaluation - Google Patents

A vulnerability fixing method based on hierarchical vulnerability threat evaluation Download PDF

Info

Publication number
WO2012034304A1
WO2012034304A1 PCT/CN2010/078492 CN2010078492W WO2012034304A1 WO 2012034304 A1 WO2012034304 A1 WO 2012034304A1 CN 2010078492 W CN2010078492 W CN 2010078492W WO 2012034304 A1 WO2012034304 A1 WO 2012034304A1
Authority
WO
WIPO (PCT)
Prior art keywords
vulnerability
attack
score
qualitative
value
Prior art date
Application number
PCT/CN2010/078492
Other languages
French (fr)
Chinese (zh)
Inventor
张玉清
刘奇旭
付安民
Original Assignee
中国科学院研究生院
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中国科学院研究生院 filed Critical 中国科学院研究生院
Publication of WO2012034304A1 publication Critical patent/WO2012034304A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/577Assessing vulnerabilities and evaluating computer system security

Definitions

  • the invention mainly belongs to the field of vulnerability threat assessment, and relates to a vulnerability repairing method, in particular to a vulnerability repairing method based on a hierarchical vulnerability threat assessment. Background technique
  • Vulnerabilities are defects of computer information systems that are intentionally or unintentionally generated in the process of demand, design, implementation, configuration, operation, etc. These defects exist in different forms in various levels and links of computer information systems, and are used by malicious subjects. , it will cause damage to the computer information system, thus affecting the operation of the normal service built on the computer information system. In recent years, most of the security threats such as computer viruses, worms, Trojans, and hackers that are harmful to China's politics, economy, and society have been exploited by malicious entities to spread, destroy, and steal.
  • the vulnerability threat assessment method can distinguish a large number of vulnerabilities according to their vulnerability according to the relevant attributes of the vulnerability, so as to ensure that the most serious vulnerabilities are fixed first.
  • the qualitative rating is based on the vulnerability threat rating factor, which identifies a threat level for the vulnerability, for example: high, medium, and low levels; quantitative scores determine a threat score for the vulnerability based on the established rating factors, for example, ranging from 0-10 Any integer between.
  • Most vendors represented by Microsoft conduct qualitative assessments of product vulnerabilities from different perspectives and ultimately determine the threat level of the vulnerability. Microsoft divides the vulnerability into four levels: emergency, important, medium, and low based on the degree of harm.
  • the Common Vulnerability Scoring System (CVSS), proposed by the National Egyptian American Council in 2004, is a quantitative vulnerability threat assessment method designed to establish a common vulnerability threat assessment system. The value is high and low, and the vulnerabilities are repaired in order. Based on the basic characteristics of the vulnerability, CVSS quantitatively evaluates the vulnerability of the vulnerability as a score between 0 and 10, and then sequentially repairs the vulnerability according to the score.
  • the object of the present invention is to propose a vulnerability repairing method based on hierarchical vulnerability threat assessment. This approach combines the advantages of both qualitative and quantitative vulnerability assessment methods to make the vulnerability as detailed as possible, thus helping users to fix a large number of vulnerabilities.
  • the solution of the present invention is: First, qualitatively rating the vulnerability according to the degree of influence of the vulnerability on the security attribute of the target system information; and then, based on the qualitative results of the vulnerability and various conditions in the utilization process of the vulnerability, The vulnerability degree is further quantitatively scored, and finally the vulnerability is sequentially repaired according to the level of the vulnerability.
  • the qualitative rating and qualitative scoring process use different evaluation factors to evaluate the vulnerability.
  • the invention includes two levels of qualitative rating and quantitative rating, and its architecture is shown in FIG.
  • the qualitative rating in the present invention analyzes the degree of influence of the vulnerability on the information security attribute of the target system, and then obtains a qualitative rating level of the vulnerability.
  • the specific methods of qualitative assessment are as follows:
  • mapping relationship between "confidentiality”, “integrity” and “availability” and vulnerability threats can be described as similar to the forms in Tables 1 to 4.
  • the key elements in Table 1 are as follows:
  • Integrity means ensuring that information such as files is not altered by unauthorized entities and that it is reliable to change the information by authorized users. There are three possible values for integrity impact: full, partial, and none. The value methods are shown in Table 3.
  • Availability means that resources can be obtained at any time as needed.
  • the availability impact also contains three possible values: full, partial and none. The value methods are shown in Table 4.
  • Qualitative grade score is a natural number ranging from 0-9, which is determined by the combination of confidentiality influence, integrity impact and usability impact. It is the intermediate result of the qualitative rating process. Confidentiality impact, integrity impact and availability sexual influences have three possible values of "complete, partial, and no", so the combination of the three effects has a total of 27 possible values, namely the situation in 27 of Table 1.
  • Table 1 contains three qualitative rating levels: High, Medium, and Low. Table 1 lists the value of 10 combinations of qualitative grades with scores of 6, 7, 8, and 9 as “high”; and the values of 13 combinations of qualitative scores of 2, 3, 4, and 5 The rating is "medium”; the value of the four combinations with a qualitative score of 0 and 1 is rated as "low”.
  • Some attackers may modify or leak certain system files.
  • a full attacker can modify any file on the target system.
  • Some attackers can reduce or disrupt the performance of resources.
  • a full attacker can make a resource completely unavailable.
  • the quantitative score in the present invention combines the attacker's attack process in the exploitation of the vulnerability, and combines the intermediate result "qualitative rating” with the “attack utilization score” in the qualitative rating process to further the vulnerability threat degree. Quantitative score.
  • the specific method of quantitative scoring is as follows:
  • attack conditions required for the vulnerability to be exploited such as attack scope, attack complexity, attack authentication times, user interaction attributes, and so on.
  • the attack conditions in the exploitation process are the key factors that restrict the successful exploitation of the vulnerability.
  • the "attack utilization score" of the vulnerability is obtained by some calculation method, such as formula (1).
  • Attack utilization score 2x attack range X attack complexity X authentication times X user interaction formula (1)
  • Quantitative score score qualitative grade score + attack utilization score formula (2) Specifically, in the quantitative scoring process, the formula The value of "attack range”, “attack complexity”, “number of authentications” and “user interaction” in (1) can be described as a form similar to Table 5 - Table 9. The key elements covered in Table 5 are described below:
  • the scope of the attack indicates the location of the target host where the attack can exploit the vulnerability. The farther the attacker can attack the host, the greater the threat of the vulnerability.
  • the value method is shown in Table 6.
  • Attack complexity is used to measure how easily an attacker wants to exploit the vulnerability. The lower the difficulty of the conditions required for an attack, the greater the threat of the vulnerability. There are three possible values for attack complexity: high, medium, and low. Values are shown in Table 7. Shown.
  • the number of attack authentications indicates the number of times an attacker wants to exploit a vulnerability to authenticate the target. The fewer times an attacker is required to authenticate, the greater the vulnerability. There are three possible values for the number of attack authentications: None, Single, and Multiple. The value is shown in Table 8.
  • the user interaction attribute indicates whether the attacker needs the participation of the victim user in the attack process to finally complete the use of the vulnerability. For example, the user can click on a certain webpage or file to trigger the vulnerability.
  • a small program that is specifically addressed to a specific vulnerability or security issue that specifically addresses the vulnerability or security issue often referred to as a patch (or patch).
  • the vulnerability is fixed by downloading and installing a patch for the vulnerability.
  • security tools such as anti-virus software and intrusion detection systems.
  • the method of the present invention can make the vulnerability more detailed as much as possible based on the intuitive degree of vulnerability threat, so that the high-risk vulnerability can be repaired in time.
  • the effects of the present invention are illustrated in Table 10 by two specific vulnerability instances CVE-2008-4250 and CVE-2010-0108, wherein the CVE-2008-4250 vulnerability is the chief culprit in the "sweeping wave” worm outbreak, which is the most Harmful vulnerability.
  • the vulnerability assessment method used in the China National Security Vulnerability Library (http://www.nipc.org.cn) is a typical qualitative rating method that gives these two vulnerabilities an "emergency" threat level;
  • the vulnerability assessment method used in the library (http://nvd.nist.gov) is a typical method of quantitative scoring, CVSS, which gives the two vulnerabilities a "10.0" score. It is concluded that the China National Security Vulnerability Database and the vulnerability assessment methods used in the US National Vulnerability Database cannot distinguish the difference in threat levels between the two vulnerabilities.
  • the method of the present invention respectively assigns the two vulnerabilities "high / 10.00” and "high / 9.80", wherein “high” is a qualitative rating result, “10.00” and “ 9.80” are quantitative score results, that is, intuitive to ordinary users It is recognized that the vulnerability has a "high” threat level, and it can distinguish the two vulnerabilities more clearly.
  • CVE-2008-4250 is more threatening than CVE-2010-0108, thus helping network administrators to do An accurate repair order is judged to fix the vulnerability.
  • the hierarchical vulnerability assessment method combined with qualitative rating and quantitative scoring determines vulnerability fixes, which can be used for both domestic and international qualitative and quantitative vulnerability threat assessment methods. "The situation opens up a new situation, making high-risk loopholes repaired in time. Therefore, the present invention is of great significance for safeguarding the network security of our country.
  • Figure 1 is an architectural diagram of the present invention
  • FIG. 3 is a flow chart showing the specific implementation of the quantitative scoring portion of the present invention. detailed description
  • the present invention comprises two parts, a qualitative rating and a quantitative rating.
  • the two parts of the present invention are further described in detail below with reference to the accompanying drawings in conjunction with Tables 1 - 9 and CVE numbered CVE-2008-4250.
  • the vulnerability numbered CVE-2008-4250 describes a buffer overflow vulnerability in a Windows system when a server service receives a specially crafted RPC request. A remote attacker could exploit this vulnerability to execute arbitrary programs on the target.
  • the specific implementation process of the vulnerability vulnerability rating method of the present invention for the CVE-2008-4250 vulnerability includes the following steps:
  • Step 201 Analyze the impact of the vulnerability on confidentiality. Because the vulnerability can cause an attacker to execute arbitrary programs on the target, an attacker can use the vulnerability to read comprehensive data about the system. According to Table 2, the "confidential impact" of the vulnerability is considered “complete”.
  • Step 202 Analyze the impact of the vulnerability on integrity. Also because the vulnerability can cause an attacker to execute arbitrary programs on the target, an attacker can exploit the vulnerability to modify any file on the target system. According to Table 3, the "integrity impact" of the vulnerability is considered “complete”.
  • Step 203 Analyze the impact of the vulnerability on availability. Similarly, because the vulnerability can cause an attacker to execute any program on the target, the attacker can completely stop the target service by exploiting the vulnerability, thereby making the resource completely useless. According to Table 4, the vulnerability's "availability impact" value is "complete".
  • Step 204 Determine a qualitative level score.
  • Step 205 Determine a qualitative rating level.
  • the "qualitative level score" of CVE-2008-4250 is obtained as “9".
  • the qualitative rating process for CVE-2008-4250 ends.
  • the specific implementation process of the vulnerability quantitative scoring method of the present invention for the CVE-2008-4250 vulnerability includes the following steps:
  • Step 301 Determine the attack range.
  • the "remote” attacker mentioned in the CVE-2008-4250 description may exploit this vulnerability to execute arbitrary programs on the target. Therefore, according to Table 6, the "attack range” of the vulnerability is “remote”. By querying Table 5, you can get the value of "remote” as 1.0.
  • Step 302 Determine the attack complexity.
  • the vulnerability mentioned in the description of CVE-2008-4250 is a buffer overflow.
  • the attacker may arbitrarily launch an attack without any special access conditions and specialization issues. . Therefore, according to Table 7, the "attack complexity" of the vulnerability is taken as “low”. By querying Table 5, the value of "low” is 0.71.
  • Step 303 Determine the number of attack authentications.
  • CVE-2008-4250 is a vulnerability in the Windows system server service, and the server does not require user authentication when it is used, so the attacker does not need to be authenticated during the attack.
  • the "number of authentications" for this vulnerability is “none”.
  • the value of "None” is 0.704.
  • Step 304 Determine user interaction.
  • CVE-2008-4250 is a buffer overflow vulnerability in Windows Server Services, so an attacker can complete the attack process without user interaction during the attack.
  • the "user interaction" of the vulnerability is “not required”.
  • the value of "not required” is 1.0 by querying Table 5.
  • Step 305 Calculate the attack utilization score.
  • Step 306 Calculate the quantitative score score. Based on the results of steps 204 and 305: CVE-2008-4250 has a "Qualitative Score Score” of "9” and an “Attack Use Score” of 1.00. The final “Quantitative Score Score” is obtained according to formula (2). At 10.00, the process of quantitative scoring for CVE-2008-4250 ended.
  • the vulnerability score is 10, identify it as the most dangerous vulnerability and fix it first.
  • Microsoft provided the patch with the number MS08-067 for the vulnerability, and the system administrator downloaded and automatically installed the patch to fix the vulnerability.
  • the download address for the patch is: http : //www. microsoft, com/technet/ security/Bul letin/ms08-067. mspx.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Computing Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)
  • Storage Device Security (AREA)

Abstract

A vulnerability fixing method based on hierarchical vulnerability threat evaluation is disclosed. The method includes: 1) retrieving a plurality of information security properties of the target system, a vulnerability to be test, and the required attack conditions during a process of using the vulnerability; 2) attacking the vulnerability and recording the values of required attack conditions during the process of being used and the degree of loss caused by successful utilization; 3) obtaining a qualitative grade score of the vulnerability according to the loss degree; 4) obtaining an attack utilization score of the vulnerability according to the values for the required attack conditions; 5) obtaining a quantitative grade score of the vulnerability according to the attack utilization score and the qualitative scoring score; 6) determining the processing order for the vulnerability according to the quantitative grade score of the vulnerability and fixes them. The method combines the advantage of the qualitative and quantitative vulnerability evaluation methods.

Description

一种基于层次化漏洞威胁评估的漏洞修复方法 技术领域  A vulnerability repair method based on hierarchical vulnerability threat assessment
本发明主要属于漏洞威胁评估领域, 涉及一种漏洞修复方法, 特别涉及到一种基于层次 化漏洞威胁评估的漏洞修复方法。 背景技术  The invention mainly belongs to the field of vulnerability threat assessment, and relates to a vulnerability repairing method, in particular to a vulnerability repairing method based on a hierarchical vulnerability threat assessment. Background technique
漏洞是计算机信息系统在需求、 设计、 实现、 配置、 运行等过程中, 有意或无意产生的 缺陷, 这些缺陷以不同形式存在于计算机信息系统的各个层次和环节之中, 一旦被恶意主体 所利用, 就会对计算机信息系统造成损害, 从而影响构建于计算机信息系统之上正常服务的 运行。 近年来, 对我国政治、 经济和社会造成危害的计算机病毒、 蠕虫、 木马和黑客攻击等 安全威胁, 绝大多数都是恶意主体通过漏洞达到传播、 破坏、 窃密等目的的。  Vulnerabilities are defects of computer information systems that are intentionally or unintentionally generated in the process of demand, design, implementation, configuration, operation, etc. These defects exist in different forms in various levels and links of computer information systems, and are used by malicious subjects. , it will cause damage to the computer information system, thus affecting the operation of the normal service built on the computer information system. In recent years, most of the security threats such as computer viruses, worms, Trojans, and hackers that are harmful to China's politics, economy, and society have been exploited by malicious entities to spread, destroy, and steal.
随着漏洞数量的日趋增加, 攻击行为的日趋复杂, 防火墙、 入侵监测系统等网络安全设 备并不能完全抵御各种各样的攻击形式, 这使得及时了解并修复已知漏洞变得尤为重要。 如 果用户对漏洞的危害程度不能很好的区分, 那么最先修复的漏洞很可能是无关紧要, 而最后 安装补丁的却是高危漏洞, 就可能导致整个网络暴露于危险之中。 漏洞威胁评估方法能够根 据漏洞的有关属性, 将大量的漏洞根据其危害程度区分开来, 进而保证危害最为严重的漏洞 优先得到修复。  As the number of vulnerabilities increases, the attack behavior becomes more and more complex. Network security devices such as firewalls and intrusion detection systems cannot fully resist various forms of attacks. This makes it especially important to understand and fix known vulnerabilities in a timely manner. If the user's vulnerability to the vulnerability is not well differentiated, then the first vulnerability fixed is likely to be irrelevant, and the final patch is a high-risk vulnerability that could expose the entire network to danger. The vulnerability threat assessment method can distinguish a large number of vulnerabilities according to their vulnerability according to the relevant attributes of the vulnerability, so as to ensure that the most serious vulnerabilities are fixed first.
目前, 国内外存在两种类型的漏洞评级方法: 定性评级和定量评分。 定性评级即根据漏 洞威胁评级要素, 给漏洞确定一个威胁级别, 例如: 高、 中、 低三个级别; 定量评分则根据 既定的评分因素, 给漏洞确定一个威胁分值, 例如范围在 0-10之间的任意整数。 以微软为代 表的大多数厂商都是从各自不同的角度对产品漏洞进行定性的评估, 最终确定漏洞的威胁级 别。 微软根据危害程度将漏洞划分为紧急、 重要、 中、 低四个级别。 美国基础设施顾问委员 会 NIAC(National Iranian American Council)于 2004年提出的 CVSS(Common Vulnerability Scoring System), 是一种定量的漏洞威胁评估方法, 旨在建立一种通用的漏洞威胁评估系统, 然后根据分值高低, 对漏洞进行顺序修复。 CVSS 根据漏洞的基本特征, 将漏洞的危害程度 定量的评定为一个介于 0-10之间的分值, 然后根据分值高低, 对漏洞进行顺序修复。  Currently, there are two types of vulnerability rating methods at home and abroad: qualitative and quantitative. The qualitative rating is based on the vulnerability threat rating factor, which identifies a threat level for the vulnerability, for example: high, medium, and low levels; quantitative scores determine a threat score for the vulnerability based on the established rating factors, for example, ranging from 0-10 Any integer between. Most vendors represented by Microsoft conduct qualitative assessments of product vulnerabilities from different perspectives and ultimately determine the threat level of the vulnerability. Microsoft divides the vulnerability into four levels: emergency, important, medium, and low based on the degree of harm. The Common Vulnerability Scoring System (CVSS), proposed by the National Iranian American Council in 2004, is a quantitative vulnerability threat assessment method designed to establish a common vulnerability threat assessment system. The value is high and low, and the vulnerabilities are repaired in order. Based on the basic characteristics of the vulnerability, CVSS quantitatively evaluates the vulnerability of the vulnerability as a score between 0 and 10, and then sequentially repairs the vulnerability according to the score.
定性评级能够直观的给出漏洞的威胁程度, 定量评分能够把漏洞根据其危害程度细分。 然而正是定性和定量这两种不同的漏洞威胁评估方法, 导致了目前漏洞评估 "各自为政" 的 局面; 同时现有的技术均是将所有评级要素结合在一起并直接得出最终的评级或评分结果, 而这种非层次化的漏洞评估方法在一定程度上无法将漏洞更加细致的划分。 因此, 结合定性 评级和定性评分的优点, 制定先定性评级后定量评分的层次化的漏洞威胁评估方法得到一分 值, 然后根据漏洞分值高低, 对漏洞进行顺序修复, 是十分必要的。 发明内容 Qualitative ratings provide an intuitive indication of the vulnerability level of the vulnerability, and quantitative scoring can break down the vulnerability based on its level of harm. However, it is the qualitative and quantitative two different vulnerability assessment methods that lead to the current “follow-up” situation of vulnerability assessment. At the same time, the existing technology combines all the rating elements and directly derives the final rating or rating. As a result, this non-hierarchical vulnerability assessment method cannot, to a certain extent, divide the vulnerability into more detailed. Therefore, combining qualitative The advantages of rating and qualitative scoring, the establishment of a hierarchical vulnerability assessment method for quantitative scoring after a prioritized rating is scored, and then it is necessary to sequentially repair the vulnerability according to the level of the vulnerability. Summary of the invention
本发明的目的在于提出一种基于层次化漏洞威胁评估的漏洞修复方法。 该方法能够结合 定性和定量两种漏洞评估方法的优点, 尽可能的将漏洞更加细致的划分, 进而为用户在修复 大量漏洞时提供帮助。  The object of the present invention is to propose a vulnerability repairing method based on hierarchical vulnerability threat assessment. This approach combines the advantages of both qualitative and quantitative vulnerability assessment methods to make the vulnerability as detailed as possible, thus helping users to fix a large number of vulnerabilities.
针对上述问题, 本发明的解决方案是: 首先, 根据漏洞对目标系统信息安全属性的影响 程度对漏洞进行定性的评级; 然后, 基于漏洞定性评级结果和漏洞在利用过程中的各种条件, 对漏洞危害程度作进一步的定量评分, 最后根据漏洞分值高低, 对漏洞进行顺序修复。 其中 定性评级和定性评分过程分别选用不同的评估要素对漏洞进行威胁评估。  In view of the above problems, the solution of the present invention is: First, qualitatively rating the vulnerability according to the degree of influence of the vulnerability on the security attribute of the target system information; and then, based on the qualitative results of the vulnerability and various conditions in the utilization process of the vulnerability, The vulnerability degree is further quantitatively scored, and finally the vulnerability is sequentially repaired according to the level of the vulnerability. The qualitative rating and qualitative scoring process use different evaluation factors to evaluate the vulnerability.
本发明包括定性评级和定量评分两个层次, 其体系结构如图 1所示。 本发明中的定性评 级通过分析漏洞对目标系统信息安全属性的影响程度, 进而得到漏洞定性评级级别。 定性评 级的具体方法如下:  The invention includes two levels of qualitative rating and quantitative rating, and its architecture is shown in FIG. The qualitative rating in the present invention analyzes the degree of influence of the vulnerability on the information security attribute of the target system, and then obtains a qualitative rating level of the vulnerability. The specific methods of qualitative assessment are as follows:
1 ) 分析漏洞在被利用成功之后, 目标系统 "机密性"、 "完整性"、 "可用性"等信息 安全属性的损失程度。 漏洞利用成功之后对目标信息安全属性的影响是评估漏洞威胁的最重 要的因素。  1) Analyze the degree of loss of information security attributes such as "confidentiality", "integrity", and "availability" of the target system after it is successfully exploited. The impact on the security attributes of the target information after successful exploits is the most important factor in assessing the vulnerability threat.
2)根据目标系统 "机密性"、 "完整性"、 "可用性"等属性受影响的程度, 得出该漏 洞的 "定性等级分值" 。  2) According to the degree to which the attributes such as "confidentiality", "integrity" and "availability" of the target system are affected, the "qualitative rating" of the leak is obtained.
3 )根据 "定性等级分值"进而得到 "定性评级级别结果", 例如 "高"、 "中"和 "低" 三个级别。  3) According to the "Qualitative Ratings" and then the "Qualitative Rating Level Results", such as "High", "Medium" and "Low".
具体的, "机密性"、 "完整性"和 "可用性"与漏洞威胁的映射关系可以描述为类似 于表 1-表 4的形式, 表 1中涉及到的关键内容介绍如下:  Specifically, the mapping relationship between "confidentiality", "integrity" and "availability" and vulnerability threats can be described as similar to the forms in Tables 1 to 4. The key elements in Table 1 are as follows:
1 )机密性指只有授权的实体才可以访问信息。 机密性影响有三种可能的取值: 完全、 部 分和无, 取值方法如表 2所示。  1) Confidentiality means that only authorized entities can access information. There are three possible values for confidentiality effects: full, partial, and none. The value methods are shown in Table 2.
2)完整性意为确保文件等信息内容不会被未授权实体所更改, 并且确保被授权用户所更 改信息是可靠的。 完整性影响有三种可能的取值: 完全、 部分和无, 取值方法如表 3所示。  2) Integrity means ensuring that information such as files is not altered by unauthorized entities and that it is reliable to change the information by authorized users. There are three possible values for integrity impact: full, partial, and none. The value methods are shown in Table 3.
3 )可用性则说明资源能够根据需要随时获取, 可用性影响同样包含三种可能的取值: 完 全、 部分和无, 取值方法如表 4所示。  3) Availability means that resources can be obtained at any time as needed. The availability impact also contains three possible values: full, partial and none. The value methods are shown in Table 4.
4)定性等级分值是一个范围在 0-9的自然数, 由机密性影响、 完整性影响和可用性影响 三者组合项的取值共同决定, 是定性评级过程的中间结果。 机密性影响、 完整性影响和可用 性影响三者均有 "完全、 部分、 无"三种可能的取值, 因此的三种影响的组合项则共有 27种 可能的取值, 即表 1中的 27中情况。 4) Qualitative grade score is a natural number ranging from 0-9, which is determined by the combination of confidentiality influence, integrity impact and usability impact. It is the intermediate result of the qualitative rating process. Confidentiality impact, integrity impact and availability Sexual influences have three possible values of "complete, partial, and no", so the combination of the three effects has a total of 27 possible values, namely the situation in 27 of Table 1.
5 ) 定性评级级别是漏洞定性评级过程的最终结果。 表 1中包含 "高" 、 "中"和 "低" 三种定性评级级别。表 1将定性等级分值为 6、 7、 8、 9的 10种组合项取值情况评级为 "高"; 将定性等级分值为 2、 3、 4、 5的 13种组合项取值情况评级为 "中" ; 将定性等级分值为 0、 1的 4种组合项取值情况评级为 "低" 。  5) Qualitative rating levels are the end result of the qualitative rating process for vulnerabilities. Table 1 contains three qualitative rating levels: High, Medium, and Low. Table 1 lists the value of 10 combinations of qualitative grades with scores of 6, 7, 8, and 9 as "high"; and the values of 13 combinations of qualitative scores of 2, 3, 4, and 5 The rating is "medium"; the value of the four combinations with a qualitative score of 0 and 1 is rated as "low".
表 1 漏洞定性评级级别映射表  Table 1 Vulnerability Qualitative Rating Level Mapping Table
Figure imgf000005_0001
表 2 机密性影响取值方法
Figure imgf000005_0001
Table 2 Confidentiality influence value method
影响程度 影响程度描述  Degree of influence
无 对系统的机密性没有造成影响。  None has no effect on the confidentiality of the system.
部分 攻击者有可能访问某些系统文件。  Some attackers have access to certain system files.
完全 攻击者能够阅读系统的全部数据(内存、 文件等)。 表 3 完整性影响取值方法 A full attacker can read all the data (memory, files, etc.) of the system. Table 3 Integrity impact method
影响程度 影响程度描述  Degree of influence
无 对系统的完整性没有造成影响。  None has no effect on the integrity of the system.
部分 攻击者可能修改或泄漏某些系统文件。  Some attackers may modify or leak certain system files.
完全 攻击者能够在目标系统上修改任意文件。  A full attacker can modify any file on the target system.
表 4 可用性影响取值方法  Table 4 Availability Impact Method
影响程度 影响程度描述  Degree of influence
无 对系统的可用性没有影响。  None has no effect on the availability of the system.
部分 攻击者能够使得资源有性能的降低或者中断。  Some attackers can reduce or disrupt the performance of resources.
完全 攻击者能够使资源完全不可用。  A full attacker can make a resource completely unavailable.
本发明中定量的评分即通过分析攻击者在利用漏洞进行攻击过程, 并将定性评级过程中 的中间结果 "定性等级分值" 与 "攻击利用分值"相结合, 对漏洞威胁程度作进一步的定量 评分。 定量评分的具体方法如下:  The quantitative score in the present invention combines the attacker's attack process in the exploitation of the vulnerability, and combines the intermediate result "qualitative rating" with the "attack utilization score" in the qualitative rating process to further the vulnerability threat degree. Quantitative score. The specific method of quantitative scoring is as follows:
1 ) 分析漏洞在被利用过程之中, 所需要的各种攻击条件, 例如攻击范围、 攻击复杂度、 攻击认证次数、 用户交互属性等等。 漏洞在利用过程中的攻击条件是制约漏洞成功利用的关 键因素。  1) Analyze the various attack conditions required for the vulnerability to be exploited, such as attack scope, attack complexity, attack authentication times, user interaction attributes, and so on. The attack conditions in the exploitation process are the key factors that restrict the successful exploitation of the vulnerability.
2) 根据漏洞被攻击时所需要的攻击条件攻击, 通过某种计算方法, 例如公式 (1 ) , 得 出漏洞的 "攻击利用分值" 。  2) According to the attack conditions required for the vulnerability to be attacked, the "attack utilization score" of the vulnerability is obtained by some calculation method, such as formula (1).
3 ) 基于定性评级过程中的 "定性等级分值" , 通过某种计算方法, 例如公式 (2) , 将 "攻击利用分值"与 "定性等级分值"相结合, 最终得到 "定量评分分值" 。  3) Based on the "qualitative grade score" in the qualitative rating process, through a certain calculation method, such as formula (2), combine "attack utilization score" with "qualitative grade score", and finally get "quantitative score Value ".
攻击利用分值 = 2x攻击范围 X攻击复杂度 X认证次数 X用户交互 公式 (1 ) 定量评分分值 =定性等级分值 +攻击利用分值 公式 (2) 具体的, 在定量评分过程中, 公式(1 ) 中 "攻击范围"、 "攻击复杂度"、 "认证次数" 和 "用户交互" 的取值方式可以描述为类似于表 5-表 9的形式。 表 5中涉及到的关键内容介 绍如下:  Attack utilization score = 2x attack range X attack complexity X authentication times X user interaction formula (1) Quantitative score score = qualitative grade score + attack utilization score formula (2) Specifically, in the quantitative scoring process, the formula The value of "attack range", "attack complexity", "number of authentications" and "user interaction" in (1) can be described as a form similar to Table 5 - Table 9. The key elements covered in Table 5 are described below:
1 )攻击范围说明攻击可以利用漏洞进行攻击的目标主机的位置, 可以攻击主机的位置越 远, 那么该漏洞的威胁就越大。 攻击范围有三种可能的取值: 本地、 邻接和远程, 取值方法 如表 6所示。  1) The scope of the attack indicates the location of the target host where the attack can exploit the vulnerability. The farther the attacker can attack the host, the greater the threat of the vulnerability. There are three possible values for the attack scope: local, adjacency, and remote. The value method is shown in Table 6.
2)攻击复杂度用来度量攻击者想要利用该漏洞所需要条件的难易程度。攻击所需要条件 的难度越低, 漏洞威胁越大。 攻击复杂度有三种可能的取值: 高、 中和低, 取值方法如表 7 所示。 2) Attack complexity is used to measure how easily an attacker wants to exploit the vulnerability. The lower the difficulty of the conditions required for an attack, the greater the threat of the vulnerability. There are three possible values for attack complexity: high, medium, and low. Values are shown in Table 7. Shown.
3 )攻击认证次数说明了攻击者想要利用漏洞必须对目标进行认证的次数, 攻击者被要求 认证的次数越少, 漏洞威胁越大。 攻击认证次数有三种可能的取值: 无、 单次和多次, 取值 方法如表 8所示。  3) The number of attack authentications indicates the number of times an attacker wants to exploit a vulnerability to authenticate the target. The fewer times an attacker is required to authenticate, the greater the vulnerability. There are three possible values for the number of attack authentications: None, Single, and Multiple. The value is shown in Table 8.
4)用户交互属性说明了攻击者在攻击过程中, 是否需要受害用户的参与才能最终完成漏 洞的利用过程, 例如用户点击某个网页或者文件才能触发漏洞。 用户交互属性有两种可能的 取值: 需要和不需要, 不需要用户交互的漏洞威胁更大, 取值方法如表 9所示。  4) The user interaction attribute indicates whether the attacker needs the participation of the victim user in the attack process to finally complete the use of the vulnerability. For example, the user can click on a certain webpage or file to trigger the vulnerability. There are two possible values for user interaction attributes: need and not, and the vulnerability of the user interaction is more threatening. The value method is shown in Table 9.
表 5 漏洞攻击利用属性取值表  Table 5 vulnerability attack utilization attribute value table
Figure imgf000007_0001
Figure imgf000007_0001
Figure imgf000007_0002
Figure imgf000007_0002
最后, 根据漏洞分值高低, 对漏洞进行顺序修复。 针对某一个具体的漏洞或安全问题发布的专门解决该漏洞或安全问题的小程序, 通常称 为补丁 (或修补程序) 。 通过下载并安装针对该漏洞的补丁即可完成漏洞的修复。 对于尚未 发布补丁的漏洞, 可以通过升级杀毒软件、 入侵检测系统等安全工具, 来增强系统的安全性。 Finally, the vulnerabilities are sequentially repaired based on the vulnerability score. A small program that is specifically addressed to a specific vulnerability or security issue that specifically addresses the vulnerability or security issue, often referred to as a patch (or patch). The vulnerability is fixed by downloading and installing a patch for the vulnerability. For vulnerabilities that have not been patched, you can enhance the security of your system by upgrading security tools such as anti-virus software and intrusion detection systems.
本发明的积极效果为:  The positive effects of the present invention are:
本发明的方法可以在直观的给出漏洞威胁程度的基础之上尽可能的将漏洞更加细致的划 分, 从而使高危的漏洞得到及时修复。 表 10中通过两个具体的漏洞实例 CVE-2008-4250和 CVE-2010-0108说明本发明的效果, 其中 CVE-2008-4250漏洞正是导致 "扫荡波"蠕虫爆发 的罪魁祸首, 是最具危害性的漏洞。  The method of the present invention can make the vulnerability more detailed as much as possible based on the intuitive degree of vulnerability threat, so that the high-risk vulnerability can be repaired in time. The effects of the present invention are illustrated in Table 10 by two specific vulnerability instances CVE-2008-4250 and CVE-2010-0108, wherein the CVE-2008-4250 vulnerability is the chief culprit in the "sweeping wave" worm outbreak, which is the most Harmful vulnerability.
中国国家安全漏洞库 (http://www.nipc.org.cn) 中采用的漏洞评估方法是一种典型的定性 评级的方法, 赋予这两个漏洞以 "紧急" 的威胁级别; 美国国家漏洞库 (http://nvd.nist.gov) 中采用的漏洞评估方法是一种典型的定量评分的方法—— CVSS ,并赋予这两个漏洞以 " 10.0 " 的分值。 由此得出, 中国国家安全漏洞库和美国国家漏洞库中采用的漏洞评估方法都无法区 分出这两个漏洞的威胁程度差异。本发明的方法分别赋予这两个漏洞 "高 /10.00 "和"高 /9.80 ", 其中 "高"为定性的评级结果, " 10.00 "和 " 9.80 "为定量的评分结果, 即在普通用户直观 的认知到该漏洞具有 "高" 的威胁级别的同时, 又能够更加细致的区分出这两个漏洞中 CVE-2008-4250比 CVE-2010-0108更具有威胁性, 从而帮助网络管理员做出准确的修复顺序 判断, 对漏洞进行修复。  The vulnerability assessment method used in the China National Security Vulnerability Library (http://www.nipc.org.cn) is a typical qualitative rating method that gives these two vulnerabilities an "emergency" threat level; The vulnerability assessment method used in the library (http://nvd.nist.gov) is a typical method of quantitative scoring, CVSS, which gives the two vulnerabilities a "10.0" score. It is concluded that the China National Security Vulnerability Database and the vulnerability assessment methods used in the US National Vulnerability Database cannot distinguish the difference in threat levels between the two vulnerabilities. The method of the present invention respectively assigns the two vulnerabilities "high / 10.00" and "high / 9.80", wherein "high" is a qualitative rating result, "10.00" and " 9.80" are quantitative score results, that is, intuitive to ordinary users It is recognized that the vulnerability has a "high" threat level, and it can distinguish the two vulnerabilities more clearly. CVE-2008-4250 is more threatening than CVE-2010-0108, thus helping network administrators to do An accurate repair order is judged to fix the vulnerability.
随着漏洞数量的不断增加及各种基于漏洞攻击的出现, 定性评级和定量评分相结合的层 次化漏洞威胁评估方法确定漏洞修复, 能够为目前国内外定性和定量两种漏洞威胁评估方法 "各自为政" 的形势打开一种新的局面, 使得高危漏洞得到及时修复。 因此本发明对保障我 国的网络安全具有重大意义。  With the increasing number of vulnerabilities and the emergence of various vulnerability-based attacks, the hierarchical vulnerability assessment method combined with qualitative rating and quantitative scoring determines vulnerability fixes, which can be used for both domestic and international qualitative and quantitative vulnerability threat assessment methods. "The situation opens up a new situation, making high-risk loopholes repaired in time. Therefore, the present invention is of great significance for safeguarding the network security of our country.
表 10 本发明方法与现有方法比较  Table 10 Comparison of the method of the present invention with existing methods
Figure imgf000008_0001
附图说明
Figure imgf000008_0001
DRAWINGS
图 1是本发明的体系结构图;  Figure 1 is an architectural diagram of the present invention;
图 2是本发明中定性评级部分具体实施流程图;  2 is a flow chart of a specific implementation of the qualitative rating portion of the present invention;
图 3是本发明中定量评分部分具体实施流程图。 具体实施方式 Figure 3 is a flow chart showing the specific implementation of the quantitative scoring portion of the present invention. detailed description
本发明包含定性评级和定量评分两个部分, 下面参照附图并结合表 1-表 9及 CVE编号为 CVE-2008-4250的漏洞,对本发明的两个部分分别作进一步详细描述。编号为 CVE-2008-4250 的漏洞, 描述了 Windows系统中服务器服务在收到特制的 RPC 请求时存在的缓冲区溢出漏 洞, 远程攻击者可能利用此漏洞在目标上执行任意程序。  The present invention comprises two parts, a qualitative rating and a quantitative rating. The two parts of the present invention are further described in detail below with reference to the accompanying drawings in conjunction with Tables 1 - 9 and CVE numbered CVE-2008-4250. The vulnerability numbered CVE-2008-4250 describes a buffer overflow vulnerability in a Windows system when a server service receives a specially crafted RPC request. A remote attacker could exploit this vulnerability to execute arbitrary programs on the target.
如图 2所示, 本发明的漏洞定性评级方法对 CVE-2008-4250漏洞具体的实施流程包含以 下步骤:  As shown in FIG. 2, the specific implementation process of the vulnerability vulnerability rating method of the present invention for the CVE-2008-4250 vulnerability includes the following steps:
步骤 201 :分析漏洞对机密性的影响。由于该漏洞能够导致攻击者在目标上执行任意程序, 因此, 攻击者通过利用该漏洞能够阅读系统的全面数据。 根据表 2, 该漏洞的 "机密性影响" 取值为 "完全" 。  Step 201: Analyze the impact of the vulnerability on confidentiality. Because the vulnerability can cause an attacker to execute arbitrary programs on the target, an attacker can use the vulnerability to read comprehensive data about the system. According to Table 2, the "confidential impact" of the vulnerability is considered "complete".
步骤 202: 分析漏洞对完整性的影响。 同样由于该漏洞能够导致攻击者在目标上执行任意 程序, 因此, 攻击者通过利用该漏洞能够在目标系统上修改任意文件。 根据表 3, 该漏洞的 "完整性影响"取值为 "完全" 。  Step 202: Analyze the impact of the vulnerability on integrity. Also because the vulnerability can cause an attacker to execute arbitrary programs on the target, an attacker can exploit the vulnerability to modify any file on the target system. According to Table 3, the "integrity impact" of the vulnerability is considered "complete".
步骤 203 : 分析漏洞对可用性的影响。类似的由于该漏洞能够导致攻击者在目标上执行任 意程序, 因此, 攻击者通过利用该漏洞能够使得目标服务彻底的停止, 进而使得资源完全不 能使用。 根据表 4, 该漏洞的 "可用性影响"取值为 "完全" 。  Step 203: Analyze the impact of the vulnerability on availability. Similarly, because the vulnerability can cause an attacker to execute any program on the target, the attacker can completely stop the target service by exploiting the vulnerability, thereby making the resource completely useless. According to Table 4, the vulnerability's "availability impact" value is "complete".
步骤 204: 确定定性等级分值。 通过步骤 201、 202和 203的结果, 得出机密性影响、 完 整性影响和可用性影响三者组合项的取值为: "完全-完全-完全"。 根据表 1, 该情况符合表 1的第 1种取值情况, 因此 CVE-2008-4250的 "定性等级分值"为 "9" 。  Step 204: Determine a qualitative level score. Through the results of steps 201, 202 and 203, it is concluded that the value of the combination of confidentiality, integrity and availability is: "complete-complete-complete". According to Table 1, the situation is in accordance with the first value of Table 1, so the "Qualitative Rating Score" of CVE-2008-4250 is "9".
步骤 205 : 确定定性评级级别。 根据步骤 204的结果, 得到 CVE-2008-4250的 "定性等 级分值"为 " 9" 。 再次查询表 1, 得到 CVE-2008-4250的 "定性评级级别"为 "高" 。 针对 CVE-2008-4250的定性评级过程结束。 如图 3所示, 本发明的漏洞定量评分方法对 CVE-2008-4250漏洞的具体实施流程包括以 下步骤:  Step 205: Determine a qualitative rating level. According to the result of step 204, the "qualitative level score" of CVE-2008-4250 is obtained as "9". Look up Table 1 again to get the "Qualitative Rating Level" of CVE-2008-4250 as "High". The qualitative rating process for CVE-2008-4250 ends. As shown in FIG. 3, the specific implementation process of the vulnerability quantitative scoring method of the present invention for the CVE-2008-4250 vulnerability includes the following steps:
步骤 301 : 确定攻击范围。 CVE-2008-4250描述中提到 "远程"攻击者可能利用此漏洞在 目标上执行任意程序。 因此, 根据表 6, 该漏洞的 "攻击范围"取值为 "远程" 。 通过查询 表 5可以得到 "远程" 的取值为 1.0  Step 301: Determine the attack range. The "remote" attacker mentioned in the CVE-2008-4250 description may exploit this vulnerability to execute arbitrary programs on the target. Therefore, according to Table 6, the "attack range" of the vulnerability is "remote". By querying Table 5, you can get the value of "remote" as 1.0.
步骤 302: 确定攻击复杂度。 CVE-2008-4250描述中提到该漏洞是一个缓冲区溢出, 而对 于缓冲区溢出漏洞, 目标系统一旦确定, 攻击者就可能随意发起一个攻击, 攻击时不存在任 何专门访问条件和专业化问题。 因此, 根据表 7, 该漏洞的 "攻击复杂度"取值为 "低" 。 通过查询表 5得到 "低" 的取值为 0.71 Step 302: Determine the attack complexity. The vulnerability mentioned in the description of CVE-2008-4250 is a buffer overflow. For the buffer overflow vulnerability, once the target system is determined, the attacker may arbitrarily launch an attack without any special access conditions and specialization issues. . Therefore, according to Table 7, the "attack complexity" of the vulnerability is taken as "low". By querying Table 5, the value of "low" is 0.71.
步骤 303 : 确定攻击认证次数。 CVE-2008-4250是 Windows系统服务器服务中存在的一 个漏洞, 而服务器在使用时不要求用户认证, 因此攻击者在攻击过程中不需要进行认证。 根 据表 8, 该漏洞的 "认证次数"取值为 "无" 。 通过查询表 5得到 "无" 的取值为 0.704 步骤 304: 确定用户交互。 CVE-2008-4250是 Windows服务器服务中存在的一个缓冲区 溢出漏洞, 因此攻击者在攻击过程中不需要用户的交互即可完成攻击过程。 根据表 9, 该漏 洞的 "用户交互"取值为 "不需要" 。 通过查询表 5得到 "不需要" 的取值为 1.0  Step 303: Determine the number of attack authentications. CVE-2008-4250 is a vulnerability in the Windows system server service, and the server does not require user authentication when it is used, so the attacker does not need to be authenticated during the attack. According to Table 8, the "number of authentications" for this vulnerability is "none". By querying Table 5, the value of "None" is 0.704. Step 304: Determine user interaction. CVE-2008-4250 is a buffer overflow vulnerability in Windows Server Services, so an attacker can complete the attack process without user interaction during the attack. According to Table 9, the "user interaction" of the vulnerability is "not required". The value of "not required" is 1.0 by querying Table 5.
步骤 305 : 计算攻击利用分值。 通过步骤 301、 302、 303、 304的结果, 根据公式 (1 )得 出 "攻击利用分值" 的值为 2* 1.0*0.71 *0.704*1.0=1.00 (小数点后精确到 2位) 。  Step 305: Calculate the attack utilization score. According to the results of steps 301, 302, 303, and 304, the value of "attack utilization score" obtained according to formula (1) is 2*1.0*0.71 *0.704*1.0=1.00 (accurate to 2 digits after the decimal point).
步骤 306: 计算定量评分分值。 基于步骤 204和 305的结果: CVE-2008-4250的 "定性等 级分值"为 "9", "攻击利用分值"的值为 1.00, 根据公式 (2)得到最终的 "定量评分分 值"为 10.00, 针对 CVE-2008-4250的定量评分的过程结束。  Step 306: Calculate the quantitative score score. Based on the results of steps 204 and 305: CVE-2008-4250 has a "Qualitative Score Score" of "9" and an "Attack Use Score" of 1.00. The final "Quantitative Score Score" is obtained according to formula (2). At 10.00, the process of quantitative scoring for CVE-2008-4250 ended.
最后, 由于该漏洞分值为 10, 将其确定为最危险漏洞, 优先对该漏洞进行修复。 微软为 该漏洞提供了编号为 MS08-067的补丁, 系统管理员下载并自动安装该补丁即可修复漏洞。补 丁下载地址为: http : //www. microsoft, com/technet/ security/Bul letin/ms08-067. mspx。  Finally, because the vulnerability score is 10, identify it as the most dangerous vulnerability and fix it first. Microsoft provided the patch with the number MS08-067 for the vulnerability, and the system administrator downloaded and automatically installed the patch to fix the vulnerability. The download address for the patch is: http : //www. microsoft, com/technet/ security/Bul letin/ms08-067. mspx.

Claims

权 利 要 求 书 Claim
1 . 一种基于层次化漏洞威胁评估的漏洞修复方法, 其步骤为:  A vulnerability repair method based on a hierarchical vulnerability assessment, the steps of which are:
1 ) 提取目标系统的若干信息安全属性、一待测漏洞和漏洞在利用过程所需要的攻击条件; 1) extracting several information security attributes of the target system, a vulnerability to be tested, and the attack conditions required for the exploit process;
2) 对待测漏洞进行攻击, 记录该待测漏洞被利用过程中所需攻击条件的取值, 以及该待 测漏洞被利用成功后对所选信息安全属性造成的损失程度; 2) Attacking the vulnerability to be tested, recording the value of the attack condition required during the exploitation of the vulnerability to be tested, and the degree of loss to the selected information security attribute after the vulnerability is successfully exploited;
3 ) 根据记录的所选信息安全属性造成的损失程度, 得到该待测漏洞的定性等级分值; 3) obtaining a qualitative grade score of the vulnerability to be tested according to the degree of loss caused by the recorded security attribute of the selected information;
4) 根据记录的所需攻击条件的取值, 得到该待测漏洞的攻击利用分值; 4) According to the value of the required attack condition recorded, the attack utilization score of the vulnerability to be tested is obtained;
5 ) 根据所述攻击利用分值和所述定性等级分值, 得到该待测漏洞的定量评分分值; 5) obtaining a quantitative score value of the vulnerability to be tested according to the attack utilization score and the qualitative rank score;
6) 根据待测漏洞的定量评分分值确定漏洞的处理顺序, 对漏洞进行修复。 6) Determine the processing order of the vulnerability based on the quantitative score of the vulnerability to be tested, and fix the vulnerability.
2. 如权利要求 1所述的方法,其特征在于所述信息安全属性包括:机密性、完整性、可用性; 其中: 机密性损失程度的取值分别为: 完全、 部分、 无, 完整性损失程度的取值分别为: 完全、 部分、 无, 可用性损失程度的取值分别为: 完全、 部分、 无。  2. The method according to claim 1, wherein the information security attribute comprises: confidentiality, integrity, availability; wherein: the value of the degree of confidentiality loss is: complete, partial, none, loss of integrity The values of the degree are: full, partial, none, and the degree of loss of availability is: full, partial, none.
3. 如权利要求 1或 2所述的方法, 其特征在于将所述定性等级分值划分为若干区间, 每一取 值区间对应一定性级别; 然后根据所述定性等级分值返回该待测漏洞对应的定性级别。 3. The method according to claim 1 or 2, wherein the qualitative level score is divided into a plurality of intervals, each value interval corresponding to a certain level; and then the test is returned according to the qualitative level score The qualitative level corresponding to the vulnerability.
4. 如权利要求 3所述的方法, 其特征在于所述定性级别包括高级、 中级、 低级。 4. The method of claim 3 wherein the qualitative level comprises a high level, an intermediate level, and a low level.
5. 如权利要求 1或 2所述的方法, 其特征在于所述所需的攻击条件包括: 攻击范围、攻击复 杂度、 攻击认证次数、 用户交互; 其中, 攻击范围的属性包括: 本地 、 邻接、 远程, 且 每一属性对应一取值; 攻击复杂度的属性包括: 高、 中、 低, 且每一属性对应一取值; 攻 击认证次数的属性包括: 无、单次、多次, 且每一属性对应一取值; 用户交互的属性包括: 需要 、 不需要, 且每一属性对应一取值。  The method of claim 1 or 2, wherein the required attack conditions include: an attack scope, an attack complexity, an attack authentication number, and a user interaction; wherein the attributes of the attack scope include: local, adjacency Remote, and each attribute corresponds to a value; the attributes of the attack complexity include: high, medium, and low, and each attribute corresponds to a value; the attributes of the attack authentication number include: none, single, multiple, and Each attribute corresponds to a value; the attributes of the user interaction include: required, not required, and each attribute corresponds to a value.
6. 如权利要求 5所述的方法, 其特征在于属性值的取值范围为 0.000〜1.000; 所述定性等级 分值取值范围为 0〜9。  6. The method according to claim 5, wherein the attribute value ranges from 0.000 to 1.000; and the qualitative level score ranges from 0 to 9.
7. 如权利要求 6所述的方法, 其特征在于所述攻击范围的属性取值分别为: 0.395、 0.646、 1.000; 所述攻击复杂度的属性取值分别为: 0.350、 0.610、 0.710; 所述攻击认证次数的 属性取值分别为: 0.704、 0.560、 0.450; 所述用户交互的属性取值分别为: 0.800/1.000。 The method according to claim 6, wherein the attributes of the attack range are: 0.395, 0.646, 1.000; and the attributes of the attack complexity are: 0.350, 0.610, 0.710; The attributes of the attack authentication times are 0.704, 0.560, and 0.450. The attributes of the user interaction are 0.800/1.000.
8. 如权利要求 7 所述的方法, 其特征在于得到该待测漏洞的攻击利用分值的公式为: 攻击利用分值 = 2x攻击范围 X攻击复杂度 X认证次数 X用户交互。 8. The method according to claim 7, wherein the formula for obtaining the attack utilization score of the vulnerability to be tested is: attack utilization score = 2x attack range X attack complexity X authentication times X user interaction.
9. 如权利要求 8 所述的方法, 其特征在于得到该待测漏洞的定量评分分值的公式为: 定量评分分值 =定性等级分值 +攻击利用分值。  9. The method according to claim 8, wherein the formula for obtaining the quantitative score of the vulnerability to be tested is: a quantitative score score = a qualitative grade score + an attack utilization score.
10. 如权利要求 5所述的方法, 其特征在于所述邻接包括: 蓝牙、 本地以太网。 10. The method of claim 5 wherein the adjacency comprises: Bluetooth, local Ethernet.
PCT/CN2010/078492 2010-09-14 2010-11-08 A vulnerability fixing method based on hierarchical vulnerability threat evaluation WO2012034304A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201010281035.9 2010-09-14
CN 201010281035 CN101950338A (en) 2010-09-14 2010-09-14 Bug repair method based on hierarchical bug threat assessment

Publications (1)

Publication Number Publication Date
WO2012034304A1 true WO2012034304A1 (en) 2012-03-22

Family

ID=43453837

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2010/078492 WO2012034304A1 (en) 2010-09-14 2010-11-08 A vulnerability fixing method based on hierarchical vulnerability threat evaluation

Country Status (2)

Country Link
CN (1) CN101950338A (en)
WO (1) WO2012034304A1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9258321B2 (en) 2012-08-23 2016-02-09 Raytheon Foreground Security, Inc. Automated internet threat detection and mitigation system and associated methods
US9392003B2 (en) 2012-08-23 2016-07-12 Raytheon Foreground Security, Inc. Internet security cyber threat reporting system and method

Families Citing this family (27)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102413011B (en) * 2011-11-18 2015-09-30 北京奇虎科技有限公司 A kind of method and system of LAN safety assessment
CN103177213B (en) * 2011-12-20 2016-01-20 腾讯科技(深圳)有限公司 A kind of software vulnerability restorative procedure and system
CN103198013B (en) * 2013-02-27 2015-11-04 中国信息安全测评中心 Based on the software security Forecasting Methodology of loss amount
CN105763575B (en) * 2016-05-17 2019-05-10 北京智言金信信息技术有限公司 A kind of loophole control method based on Vuln Status
CN106649429B (en) * 2016-08-25 2019-09-17 北京知道未来信息技术有限公司 A kind of loophole hazard rating fast evaluation method and device based on multidimensional statistics
CN106790190B (en) * 2016-12-30 2019-11-19 北京神州绿盟信息安全科技股份有限公司 A kind of Vulnerability Management system and method
CN107194259B (en) * 2017-04-14 2019-06-28 华中科技大学 A kind of loophole severity comprehensive estimation method and system based on attack process
CN107292178B (en) * 2017-05-12 2020-12-01 北京计算机技术及应用研究所 Security vulnerability threat quantification method based on multi-level influence factors
US10678954B2 (en) * 2017-09-21 2020-06-09 GM Global Technology Operations LLC Cybersecurity vulnerability prioritization and remediation
CN107967427A (en) * 2017-12-11 2018-04-27 北京奇虎科技有限公司 Monitor the method, apparatus and terminal device of loophole attack
CN110489970B (en) * 2018-05-14 2023-05-02 阿里巴巴集团控股有限公司 Vulnerability detection method, device and system
CN109376537B (en) * 2018-11-06 2020-09-15 杭州安恒信息技术股份有限公司 Asset scoring method and system based on multi-factor fusion
CN110472839A (en) * 2019-07-25 2019-11-19 上海电力大学 Thermal power plant's control system Information Security Evaluation system based on SA-PSO-AHP
CN110807196B (en) * 2019-10-30 2022-02-11 国汽(北京)智能网联汽车研究院有限公司 Car networking leak public survey system
CN111147491B (en) * 2019-12-26 2022-11-22 深信服科技股份有限公司 Vulnerability repairing method, device, equipment and storage medium
CN110830518B (en) * 2020-01-08 2020-05-08 浙江乾冠信息安全研究院有限公司 Traceability analysis method and device, electronic equipment and storage medium
CN111290963A (en) * 2020-03-03 2020-06-16 思客云(北京)软件技术有限公司 Method, apparatus and computer-readable storage medium for classifying source code defects
CN111818007B (en) * 2020-05-13 2021-08-31 中国科学院软件研究所 Vulnerability repair income priority evaluation method based on quantum genetic algorithm and electronic device
CN111666573A (en) * 2020-06-04 2020-09-15 杭州安恒信息技术股份有限公司 Method and device for evaluating vulnerability grade of website system and computer equipment
CN111800427B (en) * 2020-07-08 2022-04-29 华北电力科学研究院有限责任公司 Internet of things equipment evaluation method, device and system
CN112131574A (en) * 2020-09-16 2020-12-25 上海中通吉网络技术有限公司 Method, system and equipment for determining information security vulnerability level
CN112862236A (en) * 2020-12-28 2021-05-28 中国信息安全测评中心 Security vulnerability processing method and device
CN113268738B (en) * 2021-05-08 2022-10-04 上海智能网联汽车技术中心有限公司 Intelligent automobile information security vulnerability assessment method and system
CN113709097B (en) * 2021-07-05 2022-09-23 北京邮电大学 Network risk sensing method and defense method
CN113626825A (en) * 2021-07-21 2021-11-09 南京星云数字技术有限公司 Security vulnerability management and control method, device, equipment and computer readable medium
CN113806736B (en) * 2021-08-23 2023-08-29 北京天融信网络安全技术有限公司 Vulnerability detection method, system and storage medium based on mimicry intrusion
CN113821802B (en) * 2021-09-30 2024-05-07 中国电子信息产业集团有限公司第六研究所 Security risk assessment method and device, electronic equipment and storage medium

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1581089A (en) * 2003-08-04 2005-02-16 联想(北京)有限公司 Invasion detecting method
CN1761208A (en) * 2005-11-17 2006-04-19 郭世泽 System and method for evaluating security and survivability of network information system
CN101420442A (en) * 2008-12-11 2009-04-29 北京航空航天大学 Network security risk evaluation system based on game theory
CN101526984A (en) * 2009-03-16 2009-09-09 腾讯科技(北京)有限公司 Method for patching bugs and device thereof

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
AU4833300A (en) * 1999-05-14 2000-12-05 L-3 Communications Corporation Apparatus and methods for analyzing multiple network security vulnerabilities
CN101674302A (en) * 2009-09-25 2010-03-17 联想网御科技(北京)有限公司 Method and device for conducting security identification on information system

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1581089A (en) * 2003-08-04 2005-02-16 联想(北京)有限公司 Invasion detecting method
CN1761208A (en) * 2005-11-17 2006-04-19 郭世泽 System and method for evaluating security and survivability of network information system
CN101420442A (en) * 2008-12-11 2009-04-29 北京航空航天大学 Network security risk evaluation system based on game theory
CN101526984A (en) * 2009-03-16 2009-09-09 腾讯科技(北京)有限公司 Method for patching bugs and device thereof

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9258321B2 (en) 2012-08-23 2016-02-09 Raytheon Foreground Security, Inc. Automated internet threat detection and mitigation system and associated methods
US9392003B2 (en) 2012-08-23 2016-07-12 Raytheon Foreground Security, Inc. Internet security cyber threat reporting system and method

Also Published As

Publication number Publication date
CN101950338A (en) 2011-01-19

Similar Documents

Publication Publication Date Title
WO2012034304A1 (en) A vulnerability fixing method based on hierarchical vulnerability threat evaluation
US11405359B2 (en) Network firewall for mitigating against persistent low volume attacks
JP7084778B2 (en) Systems and methods for cloud-based detection, exploration and elimination of targeted attacks
US10587647B1 (en) Technique for malware detection capability comparison of network security devices
US8646072B1 (en) Detecting misuse of trusted seals
US8997190B2 (en) Using metadata in security tokens to prevent coordinated gaming in a reputation system
Scarfone et al. The common configuration scoring system (ccss): Metrics for software security configuration vulnerabilities
US20080028470A1 (en) Systems and Methods for Vulnerability Detection and Scoring with Threat Assessment
JP6001781B2 (en) Unauthorized access detection system and unauthorized access detection method
US9455994B1 (en) Techniques for intelligently executing a digital signature
CN108369541B (en) System and method for threat risk scoring of security threats
RU2661533C1 (en) System and method of detecting the signs of computer attacks
CN113660224A (en) Situation awareness defense method, device and system based on network vulnerability scanning
US10812466B2 (en) Using trusted platform module to build real time indicators of attack information
Duncan et al. Security implications of running windows software on a Linux system using Wine: a malware analysis study
LeMay et al. The common misuse scoring system (CMSS): Metrics for software feature misuse vulnerabilities
US9275231B1 (en) Method and apparatus for securing a computer using an optimal configuration for security software based on user behavior
Mohammadmoradi et al. Making whitelisting-based defense work against badusb
Auliar et al. Security in iot-based smart homes: A taxonomy study of detection methods of mirai malware and countermeasures
CN112217762B (en) Malicious encrypted traffic identification method and device based on purpose
CN113824678B (en) System, method, and non-transitory computer readable medium for processing information security events
CN114372269A (en) Risk assessment method based on system network topological structure
Collins et al. A Model for Opportunistic Network Exploits: The Case of P2P Worms.
Kumar et al. A review on 0-day vulnerability testing in web application
Obradovic Cybersecurity of IoT systems: analyzing security vulnerabilities in a cloud supported embedded system environment

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 10857160

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 10857160

Country of ref document: EP

Kind code of ref document: A1