CN103996006B - A kind of method and apparatus of Evaluation of Information System Security Risk - Google Patents
A kind of method and apparatus of Evaluation of Information System Security Risk Download PDFInfo
- Publication number
- CN103996006B CN103996006B CN201310050945.XA CN201310050945A CN103996006B CN 103996006 B CN103996006 B CN 103996006B CN 201310050945 A CN201310050945 A CN 201310050945A CN 103996006 B CN103996006 B CN 103996006B
- Authority
- CN
- China
- Prior art keywords
- behavior
- weights
- threat
- calling
- information system
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/03—Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
- G06F2221/034—Test or assess a computer or a system
Landscapes
- Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Computing Systems (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The invention discloses a kind of methods of Evaluation of Information System Security Risk, construction threatens behavior pattern library, the calling behavior of information system record is matched with the threat behavior in behavior pattern library is threatened, each decision content for calling behavior matched is obtained, threat behavior weights are determined according to each decision content for calling behavior matched;The weights of behavior weights combination fragility, the weights of Compensation measures will be threatened to obtain risk class;The present invention also discloses a kind of devices of Evaluation of Information System Security Risk, scheme through the invention, it is capable of being measured to information system security risk for various dimensions, compensate for the deficiency of availability risk evaluation quantization, improve the accuracy and credibility of Threat verdict, and the key problem of Risk of Information System quantization can be solved so that user is capable of the risk status of more convenient objective understanding information system operation, makes information system security risk that can perceive.
Description
Technical field
The present invention relates to information security technology more particularly to a kind of method and apparatus of Evaluation of Information System Security Risk.
Background technology
With making rapid progress for IT technologies, the entire national economic development all be unable to do without the operation and support of information system, such as
What ensures that the operation of these information system security becomes the most important thing;Foundation《2006-2020 national information development strategies》It wants
Ask, to reinforce national information efficient public security system construction comprehensively, it is desirable that each tissue adheres to active defense, comprehensive precaution, explore and
The information-based inherent law with information security is held, information security challenge is actively coped with.
To realize information security activeization, be critical to solve how evaluation information system safety hazards or in early days perceive wind
The situation of danger.Risk status is again related to all many factors, includes mainly:Outside information system fragility sexual factor itself, system
The factors such as deterrent, control measure and Compensation measures;These factors interact again, influence each other.
The prior art mainly passes through following three kinds of modes evaluation information system safety hazards:One, from angle is threatened, i.e.,
The security incident amount of relevant device is judged, daily record of the Main Analysis from safety equipment and information technoloy equipment, and therefrom extracts wind
The high daily record of dangerous grade is judged;Two, from fragility angle, i.e., to the relevant network facilities of carrying information system, master
Machine resource, code resource etc. carry out Evaluation of vulnerability, to obtain the height of risk status;Three, in conjunction with threat, fragility and money
Production value carries out overall merit.
Existing risk evaluation system is mainly reflected in the following aspects there are larger defect and deficiency:
Or one, evaluation index relies on single factors or too complicated, true risk status can not be all reacted;From prestige
Side of body angle sets out and can more actually react outside world situation, but since extraneous threat is large number of, source is complicated, existing
Novel attack and there is very old attack, and attack applicability and be also required to accurately screen, therefore it is inclined generally to will appear risk status
High evaluation is unfavorable for threatening disposition and the development of Compensation measures;It can really reflect information system from fragility angle
The loophole situation of system, but since fragility is static, to form risk and be the need for threatening attack participation, therefore often go out
Existing risk status evaluation distortion, is unfavorable in effective resource input to risk control, cost is excessive;From threat, fragility
Risk status level can be reflected by comparing with assets value progress overall merit, but this overall merit is due to being related to said three-dimensional body
System, and three factors are the relationship of multi-to-multi, mapping relations and calculating complex, are difficult to realize in real use.
Two, current appraisement system is often concerned only with risk threats, fragility and assets value, and often ignores very heavy
The Compensation measures link wanted, and an important factor for Compensation measures link is actually risk control.
Invention content
In view of this, the main purpose of the present invention is to provide a kind of method of Evaluation of Information System Security Risk and dresses
It sets, is capable of being measured to information system security risk for various dimensions.
In order to achieve the above objectives, the technical proposal of the invention is realized in this way:
A kind of method of Evaluation of Information System Security Risk provided by the invention, this method include:
Construction threatens behavior pattern library, by the calling behavior of information system record and threatens the threat row in behavior pattern library
To be matched, each decision content for calling behavior matched is obtained, is determined according to each decision content for calling behavior matched
Threat behavior weights;
The weights of behavior weights combination fragility, the weights of Compensation measures will be threatened to obtain risk class.
In said program, construction threat behavior pattern library is:It is each specifically to threaten behavior as principle of classification
It includes more than one by triple that the threat behavior of type, which maps a system function to call collection, each system function calling collection,
<Module No., function number, detailed rules and regulations number>Come the calling behavior of the system application programming interface api function indicated, all threats
Behavior composition threatens behavior pattern library.
In said program, it is described by information system record call behavior and the threat behavior that threatens in behavior pattern library into
Row matches:The format of the calling behavior of transitional information system record is triple<Module No., function number, detailed rules and regulations number>Lattice
Formula matches transformed calling behavior with the threat behavior in behavior pattern library is threatened.
In said program, the decision content for obtaining each calling behavior matched is:Each calling row in statistical match
For appearance mean value, the decision content of each calling behavior is obtained according to the appearance mean value of each calling behavior.
It is described that the weights of behavior weights combination fragility, the weights of Compensation measures will be threatened to obtain risk in said program
Grade is:According to the risk class formula of the weights including threatening behavior weights, the weights of fragility, Compensation measures, wind is obtained
Dangerous grade;
Risk class (V)={ [(A × 2 Log2=Round1The+B×2Vul+C×2Con)/3]}×Asset(value)
Wherein, The represents threat behavior weights;Vul represents the weights of fragility;Con represents the weights of Compensation measures;
Round functions are by formulation digit, and the function that logarithm rounds up, Round1 indicates to retain 1 decimal;Asset(value)
Represent assets value;A is the coefficient of threat behavior weights;B is the coefficient of the weights of fragility;C is the weights of Compensation measures
Coefficient.
A kind of device of Evaluation of Information System Security Risk provided by the invention, the device include:Constructing module, matching mould
Block, decision content acquisition module, determining module, risk class acquisition module;Wherein,
The constructing module threatens behavior pattern library for constructing;
The matching module calls behavior and the threat behavior in threat behavior pattern library for record information system
It is matched, and each calling behavior matched is sent to decision content acquisition module;
The decision content acquisition module, for obtaining each decision content for calling behavior matched;
The determining module, for determining threat behavior weights according to the decision content;
The risk class acquisition module, for the weights of behavior weights combination fragility, the power of Compensation measures will to be threatened
Value obtains risk class.
In said program, the constructing module, specifically for specifically to threaten behavior as principle of classification, each type
Threat behavior map system function and call collection, it includes more than one by triple that each system function, which calls collection,<Mould
Block number, function number, detailed rules and regulations number>Calling behavior come the API calls indicated, all threat behavior compositions threaten behavior pattern
Library.
In said program, the matching module, the format for being specifically used for the calling behavior of transitional information system record is three
Tuple<Module No., function number, detailed rules and regulations number>Format, by transformed calling behavior with threaten the threat row in behavior pattern library
To be matched.
In said program, the risk class acquisition module is specifically used for according to including threatening behavior weights, fragility
Weights, Compensation measures weights risk class formula, obtain risk class;
Risk class (V)={ [(A × 2 Log2=Round1The+B×2Vul+C×2Con)/3]}×Asset(value)
Wherein, The represents threat behavior weights;Vul represents the weights of fragility;Con represents the weights of Compensation measures;
Round functions are by formulation digit, and the function that logarithm rounds up, Round1 indicates to retain 1 decimal;Asset(value)
Represent assets value;A is the coefficient of threat behavior weights;B is the coefficient of the weights of fragility;C is the weights of Compensation measures
Coefficient.
The present invention provides a kind of method and apparatus of Evaluation of Information System Security Risk, construction threatens behavior pattern library,
The calling behavior of information system record is matched with the threat behavior in behavior pattern library is threatened, obtains each tune matched
With the decision content of behavior, threat behavior weights are determined according to each decision content for calling behavior matched;Behavior weights will be threatened
Risk class is obtained in conjunction with the weights of fragility, the weights of Compensation measures;So, it is possible various dimensions to information system security wind
Danger is measured, and is compensated for the deficiency of availability risk evaluation quantization, is improved the accuracy and credibility of Threat verdict, simultaneously
Solve the key problem of Risk of Information System quantization so that user being capable of the more convenient objective wind for understanding information system operation
Dangerous situation makes information system security risk that can perceive.
Description of the drawings
Fig. 1 is the method flow schematic diagram of Evaluation of Information System Security Risk provided by the invention;
Fig. 2 is the structural schematic diagram in threat behavior pattern library provided by the invention;
Fig. 3 is the structural schematic diagram of the device of Evaluation of Information System Security Risk provided by the invention.
Specific implementation mode
The present invention basic thought be:Construction threatens behavior pattern library, by the calling behavior of information system record and threat
Threat behavior in behavior pattern library is matched, and each decision content for calling behavior matched is obtained, each according to what is matched
The decision content of calling behavior determines threat behavior weights;The weights of behavior weights combination fragility, the power of Compensation measures will be threatened
Value obtains risk class.
Below by drawings and the specific embodiments, the present invention is described in further detail.
The present invention realizes a kind of method of Evaluation of Information System Security Risk, as shown in Figure 1, this method includes following
Step:
Step 101:Construction threatens behavior pattern library;
Specifically, specifically to threaten behavior as principle of classification, as shown in Fig. 2, the threat behavior A mappings of each type
One system function calls collection S, each system function to call collection S including more than one by triple<Module No., function number,
Detailed rules and regulations number>Calling behavior come the API calls indicated, the system function call known to the calling behavior that collection S includes
Threat behavior, all threat behavior A composition threatens behavior pattern libraries;
The specific threat behavior includes:Wiretapping type, long-range spy's class, premeditated divulge a secret class, hacker attacks class, system/
Network over loading class etc..
Step 102:The calling behavior of information system record is matched with the threat behavior in behavior pattern library is threatened;
Specifically, the format of the calling behavior of transitional information system record is triple<Module No., function number, detailed rules and regulations number>
Format, transformed calling behavior is matched with the threat behavior in behavior pattern library is threatened.
Step 103:Obtain each decision content for calling behavior matched;
Specifically, each appearance mean value for calling behavior in statistical match, obtains according to the appearance mean value of each calling behavior
Each decision content for calling behavior;Here, the decision content is success attack number or the attack frequency of failure;
The decision content that the appearance mean value according to each calling behavior obtains each calling behavior is:In going out for each calling behavior
In existing mean value, the attack result of each calling behavior is counted, using the attack result as decision content;
The attack result is success attack number or the attack frequency of failure.
Step 104:Threat behavior weights are determined according to each decision content for calling behavior matched;
Specifically, when the decision content of the calling behavior matched is more than pre-set threshold value, the calling row is marked
For threat behavior, to count all calling behavior quantity for being labeled as threat behavior, determining threat behavior weights.
Step 105:The weights of behavior weights combination fragility, the weights of Compensation measures will be threatened to obtain risk class;
Specifically, public according to the risk class of the weights including threatening behavior weights, the weights of fragility, Compensation measures
Formula obtains risk class;
Risk class (V)={ [(A × 2 Log2=Round1The+B×2Vul+C×2Con)/3]}×Asset(value)
Wherein, The represents threat behavior weights;Vul represents the weights of fragility;Con represents the weights of Compensation measures;
Round functions are by formulation digit, and the function that logarithm rounds up, Round1 indicates to retain 1 decimal;Asset(value)
Represent assets value;A is the coefficient of threat behavior weights;B is the coefficient of the weights of fragility;C is the weights of Compensation measures
Coefficient;According to the foundation judged in the world weights, can be set as here:A=0.7, B=0.5, C=0.8;
The weights of the fragility are generally determined according to the loophole rank evaluated in international vulnerability database (CVE);
The weights of the Compensation measures are generally assigned according to the strength of Compensation measures (validity avoided risk)
Value, numerical value is higher, and the effect avoided risk is better.
In order to realize the above method, the present invention also provides a kind of device of Evaluation of Information System Security Risk, the devices one
As be arranged using Linux Server provide API service hardware device on, as shown in figure 3, the device includes:Constructing module
31, matching module 32, decision content acquisition module 33, determining module 34, risk class acquisition module 35;Wherein,
The constructing module 31 threatens behavior pattern library for constructing;
The matching module 32 calls behavior and the threat row in threat behavior pattern library for record information system
To be matched, and each calling behavior matched is sent to decision content acquisition module 33;
The decision content acquisition module 33, for obtaining each decision content for calling behavior matched;
The determining module 34, for determining threat behavior weights according to the decision content;
The risk class acquisition module 35, for the weights of behavior weights combination fragility, Compensation measures will to be threatened
Weights obtain risk class.
The constructing module 31, specifically for specifically to threaten behavior as principle of classification, the threat row of each type
It includes more than one by triple to call collection, each system function calling collection for one system function of mapping<Module No., function
Number, detailed rules and regulations number>Calling behavior come the API calls indicated, the system function have called the calling behavior concentrated and include
The threat behavior known, all threat behavior compositions threaten behavior pattern library.
The matching module 32, the format for being specifically used for the calling behavior of transitional information system record is triple<Module
Number, function number, detailed rules and regulations number>Format, transformed calling behavior is carried out with the threat behavior in behavior pattern library is threatened
Match.
The risk class acquisition module 35, specifically for according to including threatening the weights of behavior weights, fragility, making up
The risk class formula of the weights of measure obtains risk class;
Risk class (V)={ [(A × 2 Log2=Round1The+B×2Vul+C×2Con)/3]}×Asset(value)
Wherein, The represents threat behavior weights;Vul represents the weights of fragility;Con represents the weights of Compensation measures;
Round functions are by formulation digit, and the function that logarithm rounds up, Round1 indicates to retain 1 decimal;Asset(value)
Represent assets value;A is the coefficient of threat behavior weights;B is the coefficient of the weights of fragility;C is the weights of Compensation measures
Coefficient;According to the foundation judged in the world weights, can be set as here:A=0.7, B=0.5, C=0.8.
The foregoing is only a preferred embodiment of the present invention, is not intended to limit the scope of the present invention.
Claims (6)
1. a kind of method of Evaluation of Information System Security Risk, which is characterized in that this method includes:
Construction threatens behavior pattern library, by information system record call behavior and the threat behavior that threatens in behavior pattern library into
Row matching obtains the decision content for respectively calling behavior matched, and threat is determined according to each decision content for calling behavior matched
Behavior weights;
The weights of behavior weights combination fragility, the weights of Compensation measures will be threatened to obtain risk class;
Wherein, the decision content for obtaining each calling behavior matched is:Each appearance for calling behavior in statistical match is equal
Value, the decision content of each calling behavior is obtained according to the appearance mean value of each calling behavior;
Wherein, the weights acquisition risk class by the weights for threatening behavior weights combination fragility, Compensation measures is:According to
Including threaten behavior weights, the weights of fragility, Compensation measures weights risk class formula, obtain risk class;
Risk class (V)={ [(A × 2 Log2=Round1The+B×2Vul+C×2Con)/3]}×Asset(value)
Wherein, The represents threat behavior weights;Vul represents the weights of fragility;Con represents the weights of Compensation measures;Round
Function is by formulation digit, and the function that logarithm rounds up, Round1 indicates to retain 1 decimal;Asset (value) is represented
Assets value;A is the coefficient of threat behavior weights;B is the coefficient of the weights of fragility;C is the coefficient of the weights of Compensation measures.
2. according to the method described in claim 1, it is characterized in that, construction threat behavior pattern library is:With specific prestige
Side of body behavior maps a system function and collection, each system function is called to call as principle of classification, the threat behavior of each type
Collection all includes more than one by triple<Module No., function number, detailed rules and regulations number>Come the system application programming interface API indicated
The calling behavior of function, all threat behavior compositions threaten behavior pattern library.
3. according to the method described in claim 2, it is characterized in that, the calling behavior by information system record is gone with threat
Carrying out matching for the threat behavior in pattern base is:The format of the calling behavior of transitional information system record is triple<Module
Number, function number, detailed rules and regulations number>Format, transformed calling behavior is carried out with the threat behavior in behavior pattern library is threatened
Match.
4. a kind of device of Evaluation of Information System Security Risk, which is characterized in that the device includes:Constructing module, matching module,
Decision content acquisition module, determining module, risk class acquisition module;Wherein,
The constructing module threatens behavior pattern library for constructing;
The matching module calls behavior to be carried out with the threat behavior in behavior pattern library is threatened for record information system
Matching, and each calling behavior matched is sent to decision content acquisition module;
The decision content acquisition module, for obtaining each decision content for calling behavior matched;
The determining module, for determining threat behavior weights according to the decision content;
The risk class acquisition module, for the weights of behavior weights combination fragility, the weights of Compensation measures will to be threatened to obtain
Obtain risk class;
Wherein, the decision content acquisition module, each appearance mean value for calling behavior being specifically used in statistical match, according to each tune
The decision content of each calling behavior is obtained with the appearance mean value of behavior;
Wherein, the risk class acquisition module, specifically for according to including threatening the weights of behavior weights, fragility, making up
The risk class formula of the weights of measure obtains risk class;
Risk class (V)={ [(A × 2 Log2=Round1The+B×2Vul+C×2Con)/3]}×Asset(value)
Wherein, The represents threat behavior weights;Vul represents the weights of fragility;Con represents the weights of Compensation measures;Round
Function is by formulation digit, and the function that logarithm rounds up, Round1 indicates to retain 1 decimal;Asset (value) is represented
Assets value;A is the coefficient of threat behavior weights;B is the coefficient of the weights of fragility;C is the coefficient of the weights of Compensation measures.
5. device according to claim 4, which is characterized in that the constructing module is specifically used for going with specific threat
Collection, each system function is called to call collection to map a system function as the threat behavior of principle of classification, each type
Including more than one by triple<Module No., function number, detailed rules and regulations number>Calling behavior come the API calls indicated is owned
Threat behavior composition threatens behavior pattern library.
6. device according to claim 5, which is characterized in that the matching module is specifically used for transitional information system and remembers
The format of the calling behavior of record is triple<Module No., function number, detailed rules and regulations number>Format, by transformed calling behavior and prestige
Threat behavior in side of body behavior pattern library is matched.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310050945.XA CN103996006B (en) | 2013-02-17 | 2013-02-17 | A kind of method and apparatus of Evaluation of Information System Security Risk |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310050945.XA CN103996006B (en) | 2013-02-17 | 2013-02-17 | A kind of method and apparatus of Evaluation of Information System Security Risk |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN103996006A CN103996006A (en) | 2014-08-20 |
| CN103996006B true CN103996006B (en) | 2018-09-04 |
Family
ID=51310168
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201310050945.XA Active CN103996006B (en) | 2013-02-17 | 2013-02-17 | A kind of method and apparatus of Evaluation of Information System Security Risk |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103996006B (en) |
Families Citing this family (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105844169B (en) * | 2015-01-15 | 2019-09-13 | 中国移动通信集团安徽有限公司 | Information security measure and device |
| CN106407813B (en) * | 2016-05-17 | 2020-04-07 | 北京摄星科技有限公司 | Heterogeneous vulnerability scanner data normalization processing device and method |
| CN106656996B (en) * | 2016-11-09 | 2020-09-15 | 航天科工智慧产业发展有限公司 | Information security risk assessment method |
| CN107239707B (en) * | 2017-06-06 | 2020-09-29 | 国家电投集团河南电力有限公司 | Threat data processing method for information system |
| CN108776861A (en) * | 2018-04-27 | 2018-11-09 | 中国铁路总公司 | Railway Communication safety risk estimating method and device |
| CN110839000B (en) * | 2018-08-15 | 2022-02-08 | 中国信息通信研究院 | Method and device for determining security level of network information system |
| CN109684366A (en) * | 2018-12-20 | 2019-04-26 | 国家计算机网络与信息安全管理中心 | A kind of knowledge base group volume method for industrial control system risk assessment |
| CN112565296A (en) * | 2020-12-24 | 2021-03-26 | 深信服科技股份有限公司 | Security protection method and device, electronic equipment and storage medium |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101017458A (en) * | 2007-03-02 | 2007-08-15 | 北京邮电大学 | Software safety code analyzer based on static analysis of source code and testing method therefor |
| CN101374051A (en) * | 2008-08-22 | 2009-02-25 | 中国航天科工集团第二研究院七○六所 | Method for evaluating information system risk base on multi-element fusion |
| CN102238038A (en) * | 2011-07-26 | 2011-11-09 | 北京神州绿盟信息安全科技股份有限公司 | Network equipment security evaluation method and device |
| CN102799954A (en) * | 2012-07-18 | 2012-11-28 | 中国信息安全测评中心 | Method and system for multi-objective optimization applied to risk assessment |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8103601B2 (en) * | 2006-06-12 | 2012-01-24 | Projectioneering, LLC | Complexity systems management method |
-
2013
- 2013-02-17 CN CN201310050945.XA patent/CN103996006B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101017458A (en) * | 2007-03-02 | 2007-08-15 | 北京邮电大学 | Software safety code analyzer based on static analysis of source code and testing method therefor |
| CN101374051A (en) * | 2008-08-22 | 2009-02-25 | 中国航天科工集团第二研究院七○六所 | Method for evaluating information system risk base on multi-element fusion |
| CN102238038A (en) * | 2011-07-26 | 2011-11-09 | 北京神州绿盟信息安全科技股份有限公司 | Network equipment security evaluation method and device |
| CN102799954A (en) * | 2012-07-18 | 2012-11-28 | 中国信息安全测评中心 | Method and system for multi-objective optimization applied to risk assessment |
Non-Patent Citations (1)
| Title |
|---|
| 基于行为的病毒检测系统的设计与实现;李江涛;《中国优秀硕士学位论文全文数据库(信息科技辑)》;20080815(第8期);正文第19,20,22,23页 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN103996006A (en) | 2014-08-20 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN103996006B (en) | A kind of method and apparatus of Evaluation of Information System Security Risk | |
| CN108055119B (en) | Safety excitation method and system based on block chain in crowd sensing application | |
| CN108347430A (en) | Network invasion monitoring based on deep learning and vulnerability scanning method and device | |
| CN102158879B (en) | Essential factor lost score data processing method and equipment | |
| CN110620759A (en) | Network security event hazard index evaluation method and system based on multidimensional correlation | |
| CN106295349A (en) | Risk Identification Method, identification device and the anti-Ore-controlling Role that account is stolen | |
| CN103875003A (en) | System and method for whitelisting applications in a mobile network environment | |
| KR20170137138A (en) | Address matching based risk identification method and apparatus | |
| CN103793650A (en) | Static analysis method and static analysis device for Android application program | |
| CN113947215A (en) | Federal learning management method and device, computer equipment and storage medium | |
| CN102299918A (en) | Network transaction safety system and method thereof | |
| Saad et al. | Dine and dash: Static, dynamic, and economic analysis of in-browser cryptojacking | |
| CN109583056A (en) | A kind of network-combination yarn tool performance appraisal procedure and system based on emulation platform | |
| CN110445772B (en) | Internet host scanning method and system based on host relationship | |
| CN107360047A (en) | Network safety evaluation method based on CIA attributes | |
| CN109167832B (en) | Electronic commerce system based on cloud computing | |
| CN109684837A (en) | A kind of mobile application malware detection method and system towards electric power enterprise | |
| CN116595554B (en) | Method and device for realizing government affair data security analysis based on multiple dimensions | |
| CN115640305B (en) | Fair and reliable federal learning method based on blockchain | |
| CN115767515B (en) | Encryption sharing method and system for base station-free real-time noise big data | |
| CN109873836A (en) | A kind of methods of risk assessment and device of data | |
| CN112001812B (en) | Intelligent water affair comprehensive management system, method and storage medium | |
| CN103200184A (en) | Evaluation method for mobile terminal security | |
| CN110991906B (en) | Cloud system information security risk assessment method | |
| CN114553517A (en) | Nonlinear weighted network security assessment method, device, equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |