CN106611126A - Loophole severity assessment and repair method - Google Patents
Loophole severity assessment and repair method Download PDFInfo
- Publication number
- CN106611126A CN106611126A CN201611250431.9A CN201611250431A CN106611126A CN 106611126 A CN106611126 A CN 106611126A CN 201611250431 A CN201611250431 A CN 201611250431A CN 106611126 A CN106611126 A CN 106611126A
- Authority
- CN
- China
- Prior art keywords
- leak
- seriousness
- influence
- static
- dynamic
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
Abstract
The invention discloses a loophole severity assessment and repair method comprising the steps of extracting M loopholes of a target host, and computing a static severity assessment result according to at least one piece of significant attribute information of each loophole; when the static severity assessment results of the N loopholes of the M loopholes are the same, computing a dynamic severity quantitative score of each loophole of the M loopholes; when the dynamic severity quantitative scores of the P loopholes of the N loopholes are the same, acquiring a timing sequence impact factor of each loophole of the P loopholes, and determining the loophole with the maximum timing sequence impact factor to be the loophole with the highest priority. According to the method provided by the invention, the problem that the repair priority of loophole cannot be determined is fundamentally solved, and accordingly the loophole can be repaired, the situation that a computer system has a potential major hazard is avoided, and security of the computer system is improved.
Description
Technical field
The present invention relates to leak seriousness evaluation areas, more particularly to a kind of leak seriousness assessment and method for repairing and mending.
Background technology
With the development of internet, netizen's scale and network popularity rate are presented the trend of cumulative year after year, but are accompanied by
The high outburst of the safety problem for emerging in an endless stream, wherein leak is one of the major reason for jeopardizing network security.Leak refers to calculating
The defect that machine system is produced at aspects such as demand, designs, these defects be present in computer system at all levels and link it
In, once being utilized by attacker, great harm will be produced to computer system, affect its normal operation.In leak quantity
Under the situation for increasingly increasing, how the seriousness of leak is estimated, and repairs leak on this basis and just seem to have and attach most importance to
Will.
Seriousness assessment to leak at present is all based on greatly the relating attribute of known bugs, is commented using qualitative or quantitative
Estimate method to characterize leak seriousness.Qualitative evaluation method mainly carries out grading division, such as American National to leak
Grading of the vulnerability database to leak is divided into high, medium and low;Microsoft according to leak association attributes by leak be divided into it is serious, important, medium,
It is low.Quantitative evaluating method is mainly characterized by way of score value to the seriousness of leak, such as general leak scoring system
The severity score of leak is divided into 0.0~10.0 by system, and the higher potential hazard for representing leak of score value is bigger.
The qualitative assessment and the result of qualitative evaluation of the current repairing sequence reference to leak leak, will preferentially repair that
The more serious leak of a little quantitative analyses and qualitative analyses assessment result.But when qualitative assessment result in prior art and qualitative
When assessment result is identical, according to which kind of sequentially repairing leak, solution is not provided in prior art, this causes right at present
The seriousness of leak is assessed and there is larger defect based on this technology for carrying out leak reparation, it is impossible to thoroughly assess clear and definite leak
The order of severity so that determine that repairing priority is repaired, and to computer system potential significant damage is produced.
The content of the invention
It is an object of the invention to overcome the above-mentioned deficiency in the presence of prior art, there is provided a kind of leak seriousness assessment
And method for repairing and mending, further determined with the order of severity of thorough clear and definite leak and repair priority, fundamentally solve leak repairing
The problem that priority cannot determine, carries out leak repairing, it is to avoid produce potential significant damage to computer system, in terms of improving
Calculation machine security of system.
On the one hand, the embodiment of the present invention provides a kind of leak seriousness appraisal procedure, and methods described includes:
M leak of destination host is extracted, each leak is calculated according at least one important attribute information of each leak
Static seriousness assessment result;
When the static seriousness assessment result for having N number of leak in M leak is identical, each in N number of leak is calculated
The quantitative score value of dynamic seriousness of leak;
When the quantitative score value of dynamic seriousness for having P leak in N number of leak is identical, in obtaining the P leak
The sequential factor of influence of each leak, the maximum leak of sequential factor of influence is defined as to repair the leak of highest priority;
Wherein, the sequential factor of influence is used to characterize the time of leak generation, and sequential factor of influence is bigger, then leak is sent out
The raw time is more early;P is less than or equal to N, and N is less than or equal to M, and M, N and P are integer, and P is more than or equal to 2.
In one embodiment, when the static seriousness assessment result of the M leak is differed, by menace level
The corresponding leak of highest static state seriousness assessment result is defined as repairing the leak of highest priority.
In one embodiment, when the quantitative score value of dynamic seriousness of N number of leak is differed, by the dynamic
The quantitative score value highest leak of seriousness is defined as repairing the leak of highest priority.
In one embodiment, at least one important attribute information of each leak includes menace influence index and attack
Using influence index;
At least one important attribute information according to each leak calculates the static seriousness assessment knot of each leak
Really, including:
The quantitative score value of static seriousness of each leak is calculated according to below equation;
The quantitative score value of static seriousness=(attack and utilize influence index+menace influence index)/2;
Danger classes according to corresponding to the quantitative score value of the static seriousness determines that the static seriousness of each leak is commented
Estimate result.
Further, the menace influence index includes confidentiality influence index, integrity influence index and availability
Influence index;
Determining the value of the menace influence index includes:
Judge that the confidentiality influence index, integrity influence index and the availability impact index of each leak are respective
Grade, the Three Estate that will determine that out is combined into class set to be checked;
The corresponding fraction of the class set to be checked is searched in default mapping association table, as the menace shadow
Snap target value;
Wherein, the grade of confidentiality influence index is divided into from high to low:It is high, medium and low;The grade of integrity influence index by
It is high to Low to be divided into:It is high, medium and low;The grade of availability impact index is divided into from high to low:It is high, medium and low;The confidentiality affects
Index, integrity influence index and availability impact index three each index take each any one grade and constitute one etc.
Level set, the predetermined different fractions of each class set correspondence one constitute the mapping association table.
The attack is calculated using the value of influence index by following formula:
Attack and utilize the certification of complexity * using influence index=a* utilization ways *;
Wherein, a is weight factor, attacks approach, attacks the attribute character of complexity and certification for leak;
Attack approach is divided into:Locally, LAN, telecommunication network, the quantization value being corresponding in turn to is:0.395、0.646、
1.0;
Attack complexity to be divided into from the difficult to the easy:High, medium and low, the quantization value being corresponding in turn to is:0.35、0.61、0.71;
Certification is divided into:Repeatedly, once, do not need, the quantization value being corresponding in turn to is:0.45、0.56、0.704.
Optionally, a=20.
In one embodiment, the quantitative score value of the dynamic seriousness is calculated by below equation:
The quantitative score value of dynamic seriousness=b* popularity factor of influence+c* generation environment factors of influence;
Wherein, b and c is weight factor, and the value of the popular factor of influence is should in January in current time
Type leak outburst rate, the value of generation environment factor of influence is that the leak associates the leakage of manufacturer in January in current time
Hole incidence rate.
Optionally, b=6, c=4.
On the other hand, the embodiment of the present invention also provides a kind of leak seriousness assessment patch system, including:
Extraction module, for extracting M leak of destination host;
Static seriousness evaluation module, at least one important attribute information according to each leak each leak is calculated
Static seriousness assessment result;
First dynamic seriousness evaluation module, for when the static seriousness assessment result phase for having N number of leak in M leak
Meanwhile, calculate the quantitative score value of dynamic seriousness of each leak in N number of leak;
Second dynamic seriousness evaluation module, for quantitatively dividing when the dynamic seriousness for having P leak in N number of leak
When being worth identical, the sequential factor of influence of each leak in the P leak is obtained, the maximum leak of sequential factor of influence is determined
To repair the leak of highest priority;Wherein, the sequential factor of influence be used for characterize leak generation time, sequential affect because
Son is bigger, then the time that leak occurs is more early;P is less than or equal to N, and N is less than or equal to M, and M, N and P are integer, and P is more than or equal to
2;
Module is repaired, for repairing to the leak of the repairing highest priority.
Compared with prior art, beneficial effects of the present invention:
The embodiment of the present invention combines the advantage of leak seriousness qualitative evaluation and qualitative assessment and provides the static state of leak to be commented
Estimate result, when static evaluation result is identical, contrast leak dynamic evaluation result, quantitative score value is set in dynamic evaluation result and is entered
Row assessment, and the sequential influence factor of leak generation is had also combined, the seriousness such that it is able to thorough clear and definite leak further determines
Priority is repaired, leak repairing is carried out.The present invention can fundamentally solve what the priority of leak repairing cannot thoroughly determine
Problem, it is to avoid potential significant damage is produced to computer system, the safety of computer system is substantially increased.
Description of the drawings:
Fig. 1 is the evaluation system structure chart of the present invention;
Fig. 2 is that the static seriousness evaluation part in the present invention is embodied as flow chart;
Fig. 3 is that the dynamic seriousness evaluation part in the present invention is embodied as flow chart.
Specific embodiment
With reference to specific embodiment, the present invention is described in further detail.But this should not be interpreted as the present invention
The scope of above-mentioned theme is only limitted to below example, and all technologies realized based on present invention belong to the model of the present invention
Enclose.
The embodiment of the present invention illustrates a kind of leak seriousness appraisal procedure schematic diagram, and methods described includes:
S101, M leak for extracting destination host, according at least one important attribute information of each leak each is calculated
The static seriousness assessment result of leak;
S102, when the static seriousness assessment result for having N number of leak in M leak is identical, in calculating N number of leak
The quantitative score value of dynamic seriousness of each leak;
S103, when the quantitative score value of dynamic seriousness for having P leak in N number of leak is identical, obtain it is described P leak
The sequential factor of influence of each leak in hole, the maximum leak of sequential factor of influence is defined as to repair the leakage of highest priority
Hole;
Wherein, the sequential factor of influence is used to characterize the time of leak generation, and sequential factor of influence is bigger, then leak is sent out
The raw time is more early, and vice versa;P is less than or equal to N, and N is less than or equal to M, and M, N and P are integer, and P is more than or equal to 2.
The embodiment of the present invention combines the advantage of leak seriousness qualitative evaluation and qualitative assessment and provides the static state of leak to be commented
Estimate result, when static evaluation result is identical, contrast leak dynamic evaluation result, quantitative score value is set in dynamic evaluation result and is entered
Row assessment, and the sequential influence factor of leak generation is had also combined, the seriousness such that it is able to thorough clear and definite leak further determines
Priority is repaired, leak repairing is carried out.The present invention can fundamentally solve what the priority of leak repairing cannot thoroughly determine
Problem, it is to avoid potential significant damage is produced to computer system, the safety of computer system is substantially increased.
Specifically, in one example, when the static seriousness assessment result of the M leak is differed, will be tight
The corresponding leak of weight grade highest static state seriousness assessment result is defined as repairing the leak of highest priority.In another example
In, when the quantitative score value of dynamic seriousness of N number of leak is differed, by the quantitative score value highest of the dynamic seriousness
Leak is defined as repairing the leak of highest priority.
Based on this, the present invention can thoroughly clear and definite leak the order of severity so that determine repairing priority, substantially covers institute
There is something special, fundamentally solves the problems, such as the priority of leak repairing and cannot thoroughly determine, subsequently carry out leak repairing to facilitate,
Avoid producing potential significant damage to computer system, to improve computer system security.The present invention solves existing skill
When qualitative assessment result is identical with qualitative evaluation result in art, it is impossible to it is determined that according to which kind of sequentially repairing the problem of leak.
On the basis of above-mentioned each embodiment, at least one important attribute information of each leak includes in the present embodiment
Menace influence index and attack utilize influence index;It is described to calculate every according at least one important attribute information of each leak
The static seriousness assessment result of individual leak, including:
A, the quantitative score value of static seriousness that each leak is calculated according to below equation;
The quantitative score value of static seriousness=(attack and utilize influence index+menace influence index)/2;
B, the danger classes according to corresponding to the quantitative score value of the static seriousness determine the static seriousness of each leak
Assessment result.
Specifically, the menace influence index includes confidentiality influence index, integrity influence index and availability shadow
Snap mark, determining the value of the menace influence index includes:
C, judge the confidentiality influence index, integrity influence index and the availability impact index of each leak each
Grade, the Three Estate that will determine that out is combined into class set to be checked;
D, in default mapping association table the corresponding fraction of the class set to be checked is searched, as the menace
The value of influence index;
Wherein, the grade of confidentiality influence index is divided into from high to low:It is high, medium and low;The grade of integrity influence index by
It is high to Low to be divided into:It is high, medium and low;The grade of availability impact index is divided into from high to low:It is high, medium and low;The confidentiality affects
Index, integrity influence index and availability impact index three each index take each any one grade and constitute one etc.
Level set, each class set one predetermined different fraction (such as the integer between 0~10) of correspondence constitute the mapping association table.
Here, the user that confidentiality affects expression legal is endowed can be with the right of access target system;Integrity affects
Represent that the data in goal systems can be changed by validated user, will not wantonly be distorted by disabled user;Availability impact represents mesh
Resource in mark system has on demand the attribute that can be used.
Confidentiality influence index grade it is high, medium and low, successively represent goal systems data can completely be obtained by malice main body
, some data of goal systems can be obtained by malice main body, malice main body cannot obtain the data of goal systems substantially.
Integrity influence index grade it is high, medium and low, successively represent goal systems data can arbitrarily be repaiied by malice main body
Change, some data of goal systems can cannot be changed the data of goal systems substantially by the modification of malice main body, malice main body.
Availability impact index grade it is high, medium and low, successively represent malice main body the resource in goal systems can be become
What completely unavailable, malice main body can reduce that the resource utilization of goal systems, malice main body substantially cannot be to goal systems can
Worked the mischief with property.The confidentiality influence index, integrity influence index and the availability of each leak can determine whether based on this
The respective grade of influence index.
In the present embodiment, the span of the menace influence index is set to the integer between 0~10, and it is by secret
Property influence index, integrity influence index, availability impact index are together decided on.
The attack is calculated using the value of influence index by following formula:
Attack and utilize the certification of complexity * using influence index=a* utilization ways *;
Wherein, a is weight factor, and symbol * represents multiplying, attacks approach, is leak using complexity and certification
Attribute character;
Attack approach is divided into:Locally, LAN, telecommunication network, the quantization value being corresponding in turn to is:0.395、0.646、
1.0:
It is divided into from the difficult to the easy using complexity:High, medium and low, the quantization value being corresponding in turn to is:0.35、0.61、0.71;
Certification is divided into:Repeatedly, once, do not need, the quantization value being corresponding in turn to is:0.45、0.56、0.704.This enforcement
In example, a=20.Above formula parameters value is empirical value, and inventor verifies repeatedly through actual research and development, above value
Calculate and attack the most accurate using influence index, and then the quantitative score value of static seriousness is calculated the most accurately, it is final to cause
Static seriousness assessment result is more accurate, so as to the repairing priority for more accurately determining leak.
Here, utilization ways refer to that leak is to goal systems by local network or LAN or telecommunication network
Attacked.Refer to that leak needs the complexity by external condition using complexity.Certification refers to that leak is utilized needs
The authority of acquisition, repeatedly represents that malice main body needs certification more than once when attacking, and once represents malice main body when attacking
Need once certification, it is not necessary to represent that malice main body need not be authenticated when attacking.Attack way is can determine whether and obtained accordingly
Footpath, using complexity and certification these three leaks attribute character concrete value.
By judging to be calculated after the value attacked using influence index and menace influence index with upper type, will attack
Hit and averaged divided by 2 again using the value summation of influence index and menace influence index, it is tight using the meansigma methodss as static state
The quantitative score value of principal characteristic, determines that the static state of each leak is tight further according to the danger classes corresponding to the quantitative score value of the static seriousness
Principal characteristic assessment result (i.e. qualitative evaluation result).Danger classes can be associated with the quantitative score value of static seriousness and pre-build lookup
Table, danger classes includes critical, urgent, middle danger, low danger in the present embodiment, altogether level Four, and critical corresponding score value is 10.0, promptly
Correspondence score value interval 9.9-7.0, middle danger correspondence score value interval 6.9-4.0, low danger correspondence score value interval 3.9-1.0.The present embodiment
In be calculated after the quantitative score value of static seriousness of each leak, tabled look-up assigning degrees of hazard according to the score value, obtain qualitative
Assessment result, as the static seriousness assessment result of each final leak.
Specifically, the quantitative score value of the dynamic seriousness is calculated by below equation:
The quantitative score value of dynamic seriousness=b* popularity factor of influence+c* generation environment factors of influence;
Wherein, b and c is weight factor, and symbol * represents multiplying, and the value of the popular factor of influence is distance
The type leak outburst rate in January in current time, the value of generation environment factor of influence is in current time in January
The leak associates the leak incidence rate of manufacturer.In the present embodiment, b=6, c=4.Above formula parameters value is experience
Value, inventor verifies that the quantitative score value of above exploitation dynamic seriousness is the most accurate, final to cause through actual research and development repeatedly
More accurately determine the repairing priority of leak.
Each embodiment of the invention is further described with reference to instantiation.
The embodiment of the present invention proposes a kind of leak repairing method based on static and dynamic seriousness comprehensive assessment.First
The leak and association attributes of destination host are extracted, and then sets up a leak seriousness evaluation index algorithm model, calculate leak
Static seriousness assessment result, including the qualitative assessment result and qualitative evaluation result of leak;When the static state of multiple leaks it is tight
When principal characteristic assessment result is identical, the dynamic seriousness of leak is calculated, assessment result is characterized in quantitative mode, in identical dynamic
The priority of leak repairing is distinguished in assessment result with sequential disturbance degree.The present embodiment not only combines traditional static leak
Appraisal procedure, and combine current leak developing state and produce impact, for leak repairing provide important reference with
Help.
The present invention assesses leak in terms of static seriousness and dynamic seriousness two, and static seriousness assessment is combined
The advantage of qualitative assessment and qualitative evaluation, dynamic evaluation then combines leak developing state at present, and leak is analyzed, this quiet
State seriousness is assessed and the method for dynamic seriousness assessment can provide important reference for the priority of user's repairing leak.Pin
To determining the problem for repairing priority based on vulnerability assessment result, in the embodiment of the present invention, first according to the leak of destination host
And association attributes carries out static evaluation to the seriousness of leak, so as to the qualitative assessment result that must be springed a leak, then according to quantitative
Assessment result carries out grading division to leak;Then whether there is identical static evaluation result in the leak for judging current evaluation,
From high to low leak is repaired successively if the Quantitative scoring according to static evaluation result without if, if identical
Static evaluation result, then calculate the dynamic evaluation result of these leaks;Dynamic evaluation result is made up of two parts, and a part is
The qualitative assessment result of state a, part is that dynamic sequential affects result, when the dynamic qualitative assessment result of leak is different,
Then according to dynamic qualitative assessment result leak is repaired from high to low, if dynamic qualitative assessment result is identical,
Then contrasting dynamic sequential affects result, so that it is determined that the priority of leak repairing.
Fig. 1 is the evaluation system structure chart of the present invention;Fig. 2 is that the static seriousness evaluation part in the present invention is embodied as
Flow chart;Fig. 3 is that the dynamic seriousness evaluation part in the present invention is embodied as flow chart.
The evaluation system structure chart of the present invention is as shown in figure 1, main body is by the assessment of static seriousness and dynamic seriousness assessment
Two parts are constituted.The concrete grammar of wherein static seriousness assessment is as follows:
The leak and correlation attribute information of destination host are extracted, the static seriousness vulnerability assessment knot of the leak for obtaining is calculated
Fruit refers to as main leak repairing;
" confidentiality impact ", " integrity impact ", " availability impact " attribute information according to leak draws menace shadow
Loud corresponding grade;
Related " confidentiality impact ", " integrity impact ", " availability impact " value, with threat
Property affect corresponding grade as shown in Table 1 and Table 2, be specifically described as follows:
1) confidentiality affect to represent legal user is endowed can be with the right of access target system, its grade value point
For high, medium and low.
2) integrity affects the data in expression goal systems to be changed by validated user, will not wantonly be usurped by disabled user
Change, its value is divided into high, medium and low.
3) availability impact represents that the resource in goal systems has on demand the attribute that can be used, and its value is divided into
It is high, medium and low;It is concrete as shown in table 1.
4) span that menace affects is set to the integer between 0~10, and it is by confidentiality impact, integrity shadow
Ring, the common value of availability impact determines that specific value is as shown in table 2.
The confidentiality of table 1 affects, integrity affects, the grade value table of availability impact
The menace of table 2 affects value mapping table
Value is unordered in the set of table 2, as long as the value for representing three impact attributes meets.For example, machine is worked as
It is height that close property affects value, and it is height that integrity affects value, and during utilizability impact value is, then the scoring that menace affects is
9, it is high when utilizability affects value, confidentiality affects value for height, when integrity impact value is middle, what menace affected
Scoring is also 9, and others are by that analogy.
Attack to utilize and affect by utilization ways, using the value of three attributes of complexity and certification the calculating acquisition that is multiplied.Phase
The utilization ways answered, the value using complexity and certification and attack specific as follows using the calculating for affecting:
1) utilization ways refer to that leak is that goal systems are entered by local network or LAN or telecommunication network
Row is attacked, value be divided into locally, local, remotely.
2) refer to that leak needs the complexity by external condition using complexity, value is divided into high, medium and low.
3) certification refers to that leak is utilized the authority for needing to obtain, value is divided into repeatedly, once, do not need, concrete value
Selection as shown in table 3, correspondence is specific, and to quantify value result as shown in table 4.
4) calculated according to formula (1) and attacked using impact:
Attack and utilize the certification of complexity *, formula (1) using impact=20* utilization ways *;It is latter that its result takes arithmetic point
Position.
Table 3 is attacked and utilizes influence index value table
Table 4 is attacked and quantifies table using influence index
After completing said process, the quantitative score value of static seriousness is calculated according to formula (2):
The quantitative score value of static seriousness=(attacking using the impact of impacts+menace)/2, formula (2);Wherein, it is static serious
Property quantitative score value from 1.0~10.0, score value is higher to represent that danger classes is higher, score value corresponding qualitative gradings result such as table 5.
The static seriousness qualitative evaluation result table of table 5
Dynamic seriousness assessment affects two parts to constitute by dynamic seriousness qualitative assessment and sequential, and dynamic seriousness is quantitative
Assessment is affected to be determined with environmental effect by popular, specific as follows:
1) it is popular to affect to be outburst accounting of the leak to be assessed in nearly middle of the month this type leak.
2) environmental effect is that accounting is broken out in nearly middle of the month in leak association manufacturer to be assessed.
3) dynamic seriousness qualitative assessment is calculated according to formula (3):
Dynamic seriousness qualitative assessment=6* popularity shadow+4* ring environmental effect, formula (3);Its score value be 0.0~
10.0, as a result take 2 significant digits.
Sequential affects the discovery time for referring to leak, in static seriousness assessment result and dynamic seriousness qualitative assessment knot
Under the premise of fruit identical, it is found that earlier leak has preferential patch level.Final leak repairing order will be according to leak
Static seriousness assessment result, dynamic seriousness assessment result and sequential affect synthetic determination.The concrete effect of the present invention will
Illustrate, select leak CVE-2014-6345 to say with CVE-2014-4115, CVE-2014-4122, CVE-2014-4116
It is bright.
CVE-2014-6345 and CVE-2014-4155 is contrasted first, can be obtained according to above-mentioned static seriousness assessment result
Go out, the qualitative assessment result of CVE-2014-6345 is 4.3, and qualitative evaluation result is middle danger, and CVE-2014-4155's quantitatively comments
It is 7.0 to estimate result, and qualitative evaluation result is urgent, so according to static seriousness assessment result elder generation patching bugs CVE-2014-
4155;CVE-2014-6345 is identical with the assessment result of CVE-2014-4122 static state seriousness, is all qualitative assessment result
It is 5.3, qualitative evaluation result is middle danger, and then calculates respective dynamic seriousness assessment result, wherein CVE-2014-6345's
Qualitative assessment result is 0.78 for the qualitative assessment result of 0.79, CVE-2014-4122, so according to dynamic seriousness assessment knot
The first patching bugs CVE-2014-6345 of fruit;The assessment result of CVE-2014-6345 and CVE-2014-4116 static state seriousness
It is identical, be all qualitative assessment result be 5.3, qualitative evaluation result is middle danger, and the quantitative result of dynamic seriousness assessment is all
0.79, affect so as to calculate respective sequential, wherein CVE-2014-4116 is first found than CVE-2014-6345, so CVE-
2014-4116 has the priority higher than CVE-2014-6345, so first repairing leak CVE-2014-4116.In order to directly perceived
Effectiveness of the invention is illustrated, will be contrasted with existing authoritative method, specific result is shown as shown in table 6,7,8.The present invention's
Static and dynamic seriousness assessment result not only combines traditional method, but also grows with each passing hour, and reflection leak is in current environment
Seriousness, to leak repairing with important reference value.
The static seriousness assessment result of the present invention of table 6 and existing method comparison sheet
The qualitative assessment result table of the dynamic seriousness of the present invention of table 7
The quantitative score value of the dynamic seriousness of leak number the inventive method
CVE-2014-6345 0.79
CVE-2014-4122 0.78
The dynamic seriousness assessment result table of the present invention of table 8
CNNVD in table 6 is the abbreviation of China national information security vulnerability database, and wherein result is exactly accordingly commenting to leak
Estimate result;NVD is the abbreviation of American National vulnerability database, and wherein result is exactly the corresponding assessment result to leak;CVSS is general
Leak marking system, wherein result are exactly the corresponding assessment result to leak.
The embodiment of the present invention assesses two parts comprising static seriousness assessment and dynamic seriousness, below in conjunction with the accompanying drawings with
And table 1- tables 8 and leak CVE-2014-6345, two parts of the present invention are described in further detail.
As shown in Fig. 2 specifically including to the static seriousness assessment result implementing procedure of leak CVE-2014-6345 following
Step:
Step 201:The confidentiality of analysis leak affects, integrity affects, availability impact, determines each influence index
Influence degree, because the leak is likely to cause leakage of information, but will not produce impact, while to system to system integrity
Availability be safe from harm, so the value of three is { in, low, low }.
Step 202:The confidentiality for determining leak affects, integrity affects, the influence degree of availability impact in, it is low,
It is low }, the scoring that further determining menace according to table 2 affects is 2.
Step 203:The utilization ways of analysis leak, because attack of the malice main body to goal systems need not obtain Intranet
Or local access, so it is attacked by telecommunication network, according to table 4 and then to utilization ways quantization value is carried out
For 1.0.
Step 204:The utilization complexity of analysis leak, because malice main body needs to be sent out by certain access consideration
Attack is played, so being 0.61 according to table 4 and then to carrying out quantifying value using complexity using complexity in being.
Step 205:Analysis authentication attribute, because leak is utilized without the need for authentication, is carried out according to table 4 and then to certification
It is 0.704 to quantify value.
Step 206:Determine the utilization ways of leak, using complexity, certification, according to formula (1) so that it is determined that leak
Attack using affect be 8.6.
Step 207:Affected according to the menace of the leak and attacked using affecting, according to its static seriousness of formula (2)
Qualitative assessment result is 5.3.
Step 208:According to the static seriousness qualitative assessment result of the leak, its static seriousness qualitative evaluation knot can be obtained
Fruit is middle danger.
As shown in figure 3, the dynamic seriousness appraisal procedure of the present invention is mainly commented in the static seriousness for having multiple leaks
Estimate what result identical situation was carried out, in order to describe specific implementing procedure, said as example with leak CVE-2014-6345
It is bright, it is as follows:
Step 301, when the static seriousness assessment result of multiple leaks is identical, calculates each dynamic seriousness, such as
Above-mentioned leak CVE-2014-6345 and leak CVE-2014-4116, the static seriousness assessment result phase of the two leaks
Together, so calculating respective dynamic seriousness.
Step 302, analyzes the popular impact of leak, here with leak CVE-2014-6345 explanations, according to NVD to leakage
The description in hole, this leak is belonging to leakage of information type, according to the April that China national information security leak (CNNVD) is issued
Part information security leak circular, the outburst accounting in the leak April of the type is 10.18%, so the popular shadow of the leak
It is 0.1018 to ring value.
Step 303, analyzes the environmental effect of leak, and leak CVE-2014-6345 associations are Microsoft, according to Chinese state
Family information security breaches (CNNVD) issue April information security leak circular, Microsoft association leak April it is quick-fried
It is 4.52% to send out accounting, so the leak environmental effect value is 0.0452.
Step 304, according to the popular impact of leak and environmental effect and formula (3) leak CVE-2014-6345 is obtained
Dynamic seriousness qualitative assessment result be 0.79.
Step 305, when the dynamic seriousness qualitative assessment result of multiple leaks is identical, calculating respective sequential affects,
Leak CVE-2014-6345 and leak CVE-2014-4116 described above, the two leak dynamic quantitative seriousness assessment results
It is also identical, according to records of the NVD to two leaks, leak CVE-2014-4116 sends out earlier than leak CVE-2014-6345
It is existing, so leak CVE-2014-4116 has the priority repaired, it is repaired.
The embodiment of the present invention also proposes a kind of leak seriousness assessment patch system, including extraction module, static seriousness
Evaluation module, the first dynamic seriousness evaluation module, the second dynamic seriousness evaluation module and repairing module (not shown);Its
In,
The extraction module, for extracting M leak of destination host;
The static seriousness evaluation module, at least one important attribute information according to each leak each is calculated
The static seriousness assessment result of leak;
Described first dynamic seriousness evaluation module, for when the static seriousness assessment knot for having N number of leak in M leak
When really identical, the quantitative score value of dynamic seriousness of each leak in N number of leak is calculated;
Described second dynamic seriousness evaluation module, for determining when the dynamic seriousness for having P leak in N number of leak
When amount score value is identical, the sequential factor of influence of each leak in the P leak is obtained, by the leak that sequential factor of influence is maximum
It is defined as repairing the leak of highest priority;Wherein, the sequential factor of influence is used to characterize the time of leak generation, sequential shadow
The sound factor is bigger, then the time that leak occurs is more early;P is less than or equal to N, and N is less than or equal to M, and M, N and P are integer, and P is more than
Equal to 2;
The repairing module, for repairing to the leak of the repairing highest priority.
Specifically, in one example, when the static seriousness assessment result of the M leak is differed, will be tight
The corresponding leak of weight grade highest static state seriousness assessment result is defined as repairing the leak of highest priority.
In another example, it is when the quantitative score value of dynamic seriousness of N number of leak is differed, the dynamic is tight
The quantitative score value highest leak of principal characteristic is defined as repairing the leak of highest priority.
On the basis of above-mentioned each embodiment, at least one important attribute information of each leak includes in the present embodiment
Menace influence index and attack utilize influence index, the static seriousness evaluation module specifically for:
A, the quantitative score value of static seriousness that each leak is calculated according to below equation;
The quantitative score value of static seriousness=(attack and utilize influence index+menace influence index)/2;
B, the danger classes according to corresponding to the quantitative score value of the static seriousness determine the static seriousness of each leak
Assessment result.
Further, the menace influence index includes confidentiality influence index, integrity influence index and availability
Influence index, determining the value of the menace influence index includes:
C, judge the confidentiality influence index, integrity influence index and the availability impact index of each leak each
Grade, the Three Estate that will determine that out is combined into class set to be checked;
D, in default mapping association table the corresponding fraction of the class set to be checked is searched, as the menace
The value of influence index.
Wherein, the grade of confidentiality influence index is divided into from high to low:It is high, medium and low;The grade of integrity influence index by
It is high to Low to be divided into:It is high, medium and low;The grade of availability impact index is divided into from high to low:It is high, medium and low;The confidentiality affects
Index, integrity influence index and availability impact index three each index take each any one grade and constitute one etc.
Level set, the predetermined different fractions of each class set correspondence one constitute the mapping association table.
The attack is calculated using the value of influence index by following formula:
Attack and utilize the certification of complexity * using influence index=a* utilization ways *;
Wherein, a is weight factor, and symbol * represents multiplying;Attack approach, it is leak using complexity and certification
Attribute character;In the present embodiment, a=20.
Specifically, attack approach is divided into:Locally, LAN, telecommunication network, the quantization value being corresponding in turn to is:0.395、
0.646、1.0;It is divided into from the difficult to the easy using complexity:High, medium and low, the quantization value being corresponding in turn to is:0.35、0.61、
0.71;Certification is divided into:Repeatedly, once, do not need, the quantization value being corresponding in turn to is:0.45、0.56、0.704.
In one example, the described first dynamic seriousness evaluation module according to below equation specifically for calculating described dynamic
The quantitative score value of state seriousness:
The quantitative score value of dynamic seriousness=b* popularity factor of influence+c* generation environment factors of influence;
Wherein, b and c is weight factor, and symbol * represents multiplying, and the value of the popular factor of influence is distance
The type leak outburst rate in January in current time, the value of generation environment factor of influence is in current time in January
The leak associates the leak incidence rate of manufacturer.In the present embodiment, b=6, c=4.
It should be noted that, the system embodiment is made with said method embodiment based on same design, and and said method
Embodiment is corresponded, and specifically refer to the detailed description in preceding method embodiment, and here is omitted.
The embodiment of the present invention combines the advantage of leak seriousness qualitative evaluation and qualitative assessment and provides the static state of leak to be commented
Estimate result, when static evaluation result is identical, contrast leak dynamic evaluation result, quantitative score value is set in dynamic evaluation result and is entered
Row assessment, and the sequential influence factor of leak generation is had also combined, the seriousness such that it is able to thorough clear and definite leak further determines
Priority is repaired, leak repairing is carried out.The present invention can fundamentally solve what the priority of leak repairing cannot thoroughly determine
Problem, it is to avoid potential significant damage is produced to computer system, the safety of computer system is substantially increased.
Embodiments of the invention can be provided as method, system or computer program.Therefore, the present invention can be using hard
Part embodiment, software implementation or the form with reference to the embodiment in terms of software and hardware.And, the present invention can be adopted one
Individual or multiple computer-usable storage medium (including but not limited to disk storages for wherein including computer usable program code
Device and optical memory etc.) on implement computer program form.
The present invention is the flow process with reference to method according to embodiments of the present invention, equipment (system) and computer program
Figure and/or block diagram are describing.It should be understood that can be by computer program instructions flowchart and/or each stream in block diagram
The combination of journey and/or square frame and flow chart and/or the flow process in block diagram and/or square frame.These computer programs can be provided
The processor of general purpose computer, special-purpose computer, Embedded Processor or other programmable data processing devices is instructed to produce
A raw machine so that produced for reality by the instruction of computer or the computing device of other programmable data processing devices
The device of the function of specifying in present one flow process of flow chart or one square frame of multiple flow processs and/or block diagram or multiple square frames.
These computer program instructions may be alternatively stored in can guide computer or other programmable data processing devices with spy
In determining the computer-readable memory that mode works so that the instruction being stored in the computer-readable memory is produced to be included referring to
Make the manufacture of device, the command device realize in one flow process of flow chart or one square frame of multiple flow processs and/or block diagram or
The function of specifying in multiple square frames.
These computer program instructions also can be loaded in computer or other programmable data processing devices so that in meter
Series of operation steps is performed on calculation machine or other programmable devices to produce computer implemented process, so as in computer or
The instruction performed on other programmable devices is provided for realizing in one flow process of flow chart or multiple flow processs and/or block diagram one
The step of function of specifying in individual square frame or multiple square frames.
The specific embodiment of the present invention has been described in detail above in conjunction with accompanying drawing, but the present invention is not restricted to
Embodiment is stated, in the case of the spirit and scope without departing from claims hereof, those skilled in the art can make
Go out various modifications or remodeling.
Claims (10)
1. a kind of leak seriousness appraisal procedure, it is characterised in that methods described includes:
M leak of destination host is extracted, the quiet of each leak is calculated according at least one important attribute information of each leak
State seriousness assessment result;
When the static seriousness assessment result for having N number of leak in M leak is identical, each leak in N number of leak is calculated
The quantitative score value of dynamic seriousness;
When the quantitative score value of dynamic seriousness for having P leak in N number of leak is identical, each in the P leak is obtained
The sequential factor of influence of leak, the maximum leak of sequential factor of influence is defined as to repair the leak of highest priority;
Wherein, the sequential factor of influence is used to characterize the time of leak generation, and sequential factor of influence is bigger, then leak occurs
Time is more early;P is less than or equal to N, and N is less than or equal to M, and M, N and P are integer, and P is more than or equal to 2.
2. leak seriousness appraisal procedure according to claim 1, it is characterised in that when the static state of the M leak it is tight
When principal characteristic assessment result is differed, the corresponding leak of menace level highest static state seriousness assessment result is defined as repairing
The leak of highest priority.
3. leak seriousness appraisal procedure according to claim 1, it is characterised in that when the dynamic of N number of leak it is tight
When the quantitative score value of principal characteristic is differed, the quantitative score value highest leak of the dynamic seriousness is defined as repairing highest priority
Leak.
4. leak seriousness appraisal procedure according to claim 1, it is characterised in that each leak it is at least one important
Attribute information includes that menace influence index and attack utilize influence index;
At least one important attribute information according to each leak calculates the static seriousness assessment result of each leak, bag
Include:
The quantitative score value of static seriousness of each leak is calculated according to below equation;
The quantitative score value of static seriousness=(attack and utilize influence index+menace influence index)/2;
Danger classes according to corresponding to the quantitative score value of the static seriousness determines the static seriousness assessment knot of each leak
Really.
5. leak seriousness appraisal procedure according to claim 4, it is characterised in that the menace influence index includes
Confidentiality influence index, integrity influence index and availability impact index;
Determining the value of the menace influence index includes:
Judge that the confidentiality influence index, integrity influence index and the availability impact index of each leak are respective etc.
Level, the Three Estate that will determine that out is combined into class set to be checked;
The corresponding fraction of the class set to be checked is searched in default mapping association table, affects to refer to as the menace
Target value;
Wherein, the grade of confidentiality influence index is divided into from high to low:It is high, medium and low;The grade of integrity influence index by height to
It is low to be divided into:It is high, medium and low;The grade of availability impact index is divided into from high to low:It is high, medium and low;The confidentiality influence index,
Integrity influence index and availability impact index three each index take each any one grade and constitute a grade collection
Close, the predetermined different fractions of each class set correspondence one constitute the mapping association table.
6. leak seriousness appraisal procedure according to claim 5, it is characterised in that the attack is using influence index
Value is calculated by following formula:
Attack and utilize the certification of complexity * using influence index=a* utilization ways *;
Wherein, a is weight factor, attacks approach, attacks the attribute character of complexity and certification for leak;
Attack approach is divided into:Locally, LAN, telecommunication network, the quantization value being corresponding in turn to is:0.395、0.646、1.0;
Attack complexity to be divided into from the difficult to the easy:High, medium and low, the quantization value being corresponding in turn to is:0.35、0.61、0.71;
Certification is divided into:Repeatedly, once, do not need, the quantization value being corresponding in turn to is:0.45、0.56、0.704.
7. leak seriousness appraisal procedure according to claim 6, it is characterised in that a=20.
8. the leak seriousness appraisal procedure according to claim 6 or 7, it is characterised in that the dynamic seriousness is quantitative
Score value is calculated by below equation:
The quantitative score value of dynamic seriousness=b* popularity factor of influence+c* generation environment factors of influence;
Wherein, b and c is weight factor, and the value of the popular factor of influence is the type in January in current time
Leak outburst rate, the value of generation environment factor of influence is the leak of the leak association manufacturer in January in current time
Raw rate.
9. leak seriousness appraisal procedure according to claim 8, it is characterised in that b=6, c=4.
10. a kind of leak seriousness assesses patch system, it is characterised in that include:
Extraction module, for extracting M leak of destination host;
Static seriousness evaluation module, at least one important attribute information according to each leak the quiet of each leak is calculated
State seriousness assessment result;
First dynamic seriousness evaluation module, has the static seriousness assessment result of N number of leak identical for working as in M leak
When, calculate the quantitative score value of dynamic seriousness of each leak in N number of leak;
Second dynamic seriousness evaluation module, for when the quantitative score value phase of dynamic seriousness for having P leak in N number of leak
Meanwhile, the sequential factor of influence of each leak in the P leak is obtained, the maximum leak of sequential factor of influence is defined as repairing
Mend the leak of highest priority;Wherein, the sequential factor of influence is used to characterize the time of leak generation, and sequential factor of influence is got over
Greatly, then the time that leak occurs is more early;P is less than or equal to N, and N is less than or equal to M, and M, N and P are integer, and P is more than or equal to 2;
Module is repaired, for repairing to the leak of the repairing highest priority.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201611250431.9A CN106611126A (en) | 2016-12-22 | 2016-12-22 | Loophole severity assessment and repair method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201611250431.9A CN106611126A (en) | 2016-12-22 | 2016-12-22 | Loophole severity assessment and repair method |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN106611126A true CN106611126A (en) | 2017-05-03 |
Family
ID=58636249
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201611250431.9A Pending CN106611126A (en) | 2016-12-22 | 2016-12-22 | Loophole severity assessment and repair method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN106611126A (en) |
Cited By (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107196955A (en) * | 2017-06-15 | 2017-09-22 | 北京理工大学 | The network system active defense method analyzed based on vulnerability correlation |
| CN108363926A (en) * | 2017-10-19 | 2018-08-03 | 北京安天网络安全技术有限公司 | A kind of loophole defence method and system |
| CN109547401A (en) * | 2017-09-21 | 2019-03-29 | 通用汽车环球科技运作有限责任公司 | Cyberspace vulnerability is prioritized and repairs |
| CN110287703A (en) * | 2019-06-10 | 2019-09-27 | 百度在线网络技术(北京)有限公司 | The method and device of vehicle safety risk supervision |
| CN111147491A (en) * | 2019-12-26 | 2020-05-12 | 深信服科技股份有限公司 | Vulnerability repairing method, device, equipment and storage medium |
| CN111800427A (en) * | 2020-07-08 | 2020-10-20 | 华北电力科学研究院有限责任公司 | Internet of things equipment evaluation method, device and system |
| CN111967021A (en) * | 2020-08-27 | 2020-11-20 | 山东英信计算机技术有限公司 | Vulnerability processing method, device and equipment and computer readable storage medium |
| CN112069503A (en) * | 2020-08-05 | 2020-12-11 | 长沙市到家悠享网络科技有限公司 | Task management method, device and storage medium |
| CN112131574A (en) * | 2020-09-16 | 2020-12-25 | 上海中通吉网络技术有限公司 | Method, system and equipment for determining information security vulnerability level |
| CN112286571A (en) * | 2020-09-25 | 2021-01-29 | 长沙市到家悠享网络科技有限公司 | Vulnerability repairing method and device and storage medium |
| CN112862236A (en) * | 2020-12-28 | 2021-05-28 | 中国信息安全测评中心 | Security vulnerability processing method and device |
| CN113810389A (en) * | 2021-08-31 | 2021-12-17 | 杭州电子科技大学 | Vulnerability selection method and device in vulnerability repair process of DHR (distributed Hash Table) system |
| CN116720197A (en) * | 2023-08-09 | 2023-09-08 | 北京比瓴科技有限公司 | Method and device for arranging vulnerability priorities |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101562609A (en) * | 2009-05-27 | 2009-10-21 | 西北大学 | VPN network security loophole detection and global admittance controlling system |
| CN104618178A (en) * | 2014-12-29 | 2015-05-13 | 北京奇虎科技有限公司 | Website bug online evaluation method and device |
| US20160057164A1 (en) * | 2013-03-26 | 2016-02-25 | (Electronics And Telecommunications Research Institue) | Device for quantifying vulnerability of system and method therefor |
-
2016
- 2016-12-22 CN CN201611250431.9A patent/CN106611126A/en active Pending
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101562609A (en) * | 2009-05-27 | 2009-10-21 | 西北大学 | VPN network security loophole detection and global admittance controlling system |
| US20160057164A1 (en) * | 2013-03-26 | 2016-02-25 | (Electronics And Telecommunications Research Institue) | Device for quantifying vulnerability of system and method therefor |
| CN104618178A (en) * | 2014-12-29 | 2015-05-13 | 北京奇虎科技有限公司 | Website bug online evaluation method and device |
Non-Patent Citations (2)
| Title |
|---|
| 张靓等: "《Java案例开发》", 31 January 2005 * |
| 马驰: "基于模糊理论的漏洞危害等级评估技术研究", 《中国优秀硕士学位论文全文数据库信息科技辑》 * |
Cited By (19)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107196955A (en) * | 2017-06-15 | 2017-09-22 | 北京理工大学 | The network system active defense method analyzed based on vulnerability correlation |
| CN109547401B (en) * | 2017-09-21 | 2021-07-06 | 通用汽车环球科技运作有限责任公司 | Network security vulnerability prioritization and remediation |
| CN109547401A (en) * | 2017-09-21 | 2019-03-29 | 通用汽车环球科技运作有限责任公司 | Cyberspace vulnerability is prioritized and repairs |
| CN108363926A (en) * | 2017-10-19 | 2018-08-03 | 北京安天网络安全技术有限公司 | A kind of loophole defence method and system |
| CN110287703A (en) * | 2019-06-10 | 2019-09-27 | 百度在线网络技术(北京)有限公司 | The method and device of vehicle safety risk supervision |
| CN110287703B (en) * | 2019-06-10 | 2021-10-12 | 百度在线网络技术(北京)有限公司 | Method and device for detecting vehicle safety risk |
| CN111147491A (en) * | 2019-12-26 | 2020-05-12 | 深信服科技股份有限公司 | Vulnerability repairing method, device, equipment and storage medium |
| CN111800427A (en) * | 2020-07-08 | 2020-10-20 | 华北电力科学研究院有限责任公司 | Internet of things equipment evaluation method, device and system |
| CN111800427B (en) * | 2020-07-08 | 2022-04-29 | 华北电力科学研究院有限责任公司 | Internet of things equipment evaluation method, device and system |
| CN112069503A (en) * | 2020-08-05 | 2020-12-11 | 长沙市到家悠享网络科技有限公司 | Task management method, device and storage medium |
| CN111967021A (en) * | 2020-08-27 | 2020-11-20 | 山东英信计算机技术有限公司 | Vulnerability processing method, device and equipment and computer readable storage medium |
| CN111967021B (en) * | 2020-08-27 | 2022-06-03 | 山东英信计算机技术有限公司 | Vulnerability processing method, device and equipment and computer readable storage medium |
| CN112131574A (en) * | 2020-09-16 | 2020-12-25 | 上海中通吉网络技术有限公司 | Method, system and equipment for determining information security vulnerability level |
| CN112286571A (en) * | 2020-09-25 | 2021-01-29 | 长沙市到家悠享网络科技有限公司 | Vulnerability repairing method and device and storage medium |
| CN112862236A (en) * | 2020-12-28 | 2021-05-28 | 中国信息安全测评中心 | Security vulnerability processing method and device |
| CN113810389A (en) * | 2021-08-31 | 2021-12-17 | 杭州电子科技大学 | Vulnerability selection method and device in vulnerability repair process of DHR (distributed Hash Table) system |
| CN113810389B (en) * | 2021-08-31 | 2022-10-14 | 杭州电子科技大学 | Vulnerability selection method and device in vulnerability repair process of DHR (distributed Hash Table) system |
| CN116720197A (en) * | 2023-08-09 | 2023-09-08 | 北京比瓴科技有限公司 | Method and device for arranging vulnerability priorities |
| CN116720197B (en) * | 2023-08-09 | 2023-11-03 | 北京比瓴科技有限公司 | Method and device for arranging vulnerability priorities |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN106611126A (en) | Loophole severity assessment and repair method | |
| CN107659543B (en) | Protection method for APT (android packet) attack of cloud platform | |
| US20080028470A1 (en) | Systems and Methods for Vulnerability Detection and Scoring with Threat Assessment | |
| CN101950338A (en) | Bug repair method based on hierarchical bug threat assessment | |
| CN109446817A (en) | A kind of detection of big data and auditing system | |
| CN104598383A (en) | Mode-based dynamic vulnerability discovery integrated system and mode-based dynamic vulnerability discovery integrated method | |
| CN104363236A (en) | Automatic vulnerability validation method | |
| CN104778413A (en) | Software vulnerability detection method based on simulation attack | |
| CN106529283B (en) | A kind of software-oriented defines network-based control device safety quantitative analysis method | |
| WO2017152877A1 (en) | Network threat event evaluation method and apparatus | |
| CN105260659A (en) | Kernel-level code reuse type attack detection method based on QEMU | |
| CN106453403A (en) | Vulnerability restructuring sequence determining method and system based on attack links | |
| CN106997437B (en) | System vulnerability protection method and device | |
| CN113434866A (en) | Unified risk quantitative evaluation method for instrument functional safety and information safety strategies | |
| CN106991325A (en) | The means of defence and device of a kind of software vulnerability | |
| CN112131574A (en) | Method, system and equipment for determining information security vulnerability level | |
| CN105718793A (en) | Method and system for preventing malicious code from identifying sandbox on the basis of sandbox environment modification | |
| CN107347064A (en) | Cloud computing platform Tendency Prediction method based on neural network algorithm | |
| Nichols et al. | A metrics framework to drive application security improvement | |
| CN110188578A (en) | A kind of method and apparatus of automatic shield information | |
| CN113407946A (en) | Intelligent protection method and system for IoT (IoT) equipment | |
| CN117349843A (en) | Management software safety maintenance method and system based on internet information technology | |
| CN114143052B (en) | Network defense system risk assessment method, device and storage medium based on controllable intrusion simulation | |
| CN115913756A (en) | Network equipment vulnerability verification method based on known vulnerability entries | |
| Lingzi et al. | An overview of source code audit |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20170503 |
|
| RJ01 | Rejection of invention patent application after publication |