CN107204876A - A kind of network security risk evaluation method - Google Patents
A kind of network security risk evaluation method Download PDFInfo
- Publication number
- CN107204876A CN107204876A CN201710364501.1A CN201710364501A CN107204876A CN 107204876 A CN107204876 A CN 107204876A CN 201710364501 A CN201710364501 A CN 201710364501A CN 107204876 A CN107204876 A CN 107204876A
- Authority
- CN
- China
- Prior art keywords
- risk
- node
- leak
- evaluation
- network
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/14—Network analysis or design
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
Abstract
The invention discloses a kind of network security risk evaluation method, the real-time attack that intruding detection system, Hole Detection and third party get, the security of dynamic evaluation objective network are combined on the basis of static risk assessment.Assets value is typically what is be defined by expert or administrative staff in risk assessment, during static evaluation, and does not have big change in a period of time;The dynamic change with the information of fragility is threatened, can be carried out by corresponding instrument;Intruding detection system and fire wall can be alerted to anomalous event at any time as monitoring system, and the threat that to be system can suffer from of these warning information, while being also the important evidence for evaluating a system risk situation.The present invention can effectively improve the degree of accuracy and the real-time of Network Risk Assessment, and then according to risk evaluation result defensive measure with high safety, in time, efficiently control risk.
Description
Technical field
The invention belongs to technical field of network security, particularly a kind of network security risk evaluation method.
Background technology
The method of network security risk evaluation mainly has two classes:Static evaluation and dynamic evaluation.Static evaluation passes through static state
Judge the risk class that the factors such as value, security breaches, the occurrence frequency of security incident of objective network carry out overall merit network.
The method that the Information Security Risk Assessment Methods that current people use are essentially confined to static evaluation.Relevant dynamic network security wind
The dangerous research assessed, is still in the exploratory stage both at home and abroad, and the main risk carried out in terms of based on leak and threat two is commented
Estimate.
The hole scanner auxiliary that methods of risk assessment based on leak is had using oneself finds out what may be utilized by threat
Leak, and the seriousness degree of these leaks is estimated.Xing Xujia etc. points out attacker using these characteristics of leak to meter
Unauthorized resource in calculation machine system conducts interviews, or the influence to damaging property of computer system.The proposition pair such as Zhang Yongzheng
Computer leak application risk propagation model carries out security risk quantitative evaluation.Sun Deheng proposes the network security of index fusion
Situation Evaluation Model, is set up the leak harmfulness quantification mechanism based on general leak points-scoring system, is repaiied using real-time performance data
Positive overall network security postures value.Horse, which speeds to wait, to be proposed to build leak hazard rating evaluation system, Jin Erli using analytic hierarchy process (AHP)
Quantitative, qualitatively risk assessment is carried out to leak hazard rating with fuzzy theory.
Methods of risk assessment based on threat monitors network safety event and collection flow in real time using intruding detection system
Information, their influence degrees to network are assessed according to the density of infection of various security incidents.Chen Xiu is really waited by obtaining invasion
Information, establishes the fine granularity threat situation assessment models based on service, 3 levels of main frame and network system.But the model does not have
There is the incidence relation between analysis main frame leak.Xu Chun etc. proposes a kind of new network security risk evaluation method, this method
Based on danger signal is theoretical, the quantization to antigen danger signal, and then assault is detected, finally realize to whole
The risk assessment of volume grid.Peng Lingxi etc. proposes the risk evaluation model based on danger theory, and the model can effectively, in real time
Every class attack and the value-at-risk of universe network are assessed respectively from two granularities of main frame and network.Wei Yong etc. proposes to utilize D-S
Evidence theory is merged multi-source IDS data, so calculate network safety situation and to prediction network security trend.Jiang Wei
It is a kind of matrix type attacking and defending betting model etc. proposing, privileged mode of the attacker on network entity is won at random as attacking and defending
Play chess the element of model, the dynamic change of modeled network attacking and defending state, and Forecast attack behavior and the optimal defence policies of decision-making.
Method based on static network security risk evaluation analysis can be roughly with regard to the long-term residing risk shape of network
State is estimated, but the attack being subjected to system lacks real-time network security risk detection, lacks adaptive ability.Adopt
With based in dynamic methods of risk assessment, though the method for the network security risk evaluation analysis based on leak can effectively be found
The tender spots of network system, but it only assesses tender spots in isolation, have ignored the correlation between tender spots and thus produces
Potential security risk.Methods of risk assessment based on threat can not effectively reduce Attack Scenarios and Forecast attack behavior.
The research of current network security risk evaluation also in constant quest stage, no matter use based on leak,
Methods of risk assessment based on threat is analyzed network security risk, all not yet finds a kind of good solution.
The content of the invention
The technical problems to be solved by the invention are to provide a kind of network security risk evaluation method, can effectively improve network
The degree of accuracy of risk assessment and real-time, and then according to risk evaluation result defensive measure with high safety, in time, efficiently control
Risk.
In order to solve the above technical problems, the technical solution adopted by the present invention is:
A kind of network security risk evaluation method, comprises the following steps:
Step 1:Static risk assessment is carried out to objective network, static evaluation result is provided;
Step 2:Networked asset is identified, analysis is associated to assets value assignment, and by assets and fragility;
Step 3:Assignment is carried out using the probability of success to leak using CVSS (CVSS) evaluation indexes;Adopt
Use formulaCalculate node assets significance level L;Wherein, Lc、LI、LaRespectively node pair
The confidentiality answered, integrality, the quantized value of availability attributes, round function representations are rounded up to 3 decimal places;
Step 4:Leak identification is carried out to network node using vulnerability scanners, the leak of current node, and root is detected
According to CVSS evaluation indexes, using formulaEach leak threat degree T at calculating;Wherein, Base scores for CVSS,
K is the probability of success that leak is attacked, and K is the numeral of 0~1 scope;
Step 5:Intruding detection system, fire wall and the real-time attack of the current node of third-party offer is received to accuse
It is alert, and warning information is classified according to different leaks;
Step 6:Intrusion detection, fire wall and third party's data sample are analyzed;
Based on formulaCalculate the alarm quantity ginseng of the influence weak property risk index of node
Number Num;Wherein, ni is certain alarm threshold, and num is the quantity of certain alarm;
Based on formulaCalculate the alarm source type Cate of the influence weak property risk index of node;Wherein, cn is total
Alarm source category, ci be certain alarm source category;
Based on formulaCalculate the alarm level of the influence weak property risk index of node
Parameter Lev;Wherein, N1、N2、N3High, medium and low three ranks alarm event quantity, W are corresponded to respectively1、W2、W3Weighed for corresponding level
Value;
Step 7:Using formula P=Num × Cate × Lev calculate node fragility risk index P, then using formula Ri=
Li×Ti×PiCalculate node security risk, dynamic risk assessment is carried out to system;Wherein, RiIt is the dynamic risk value of node i, Li
It is the assets significance level of node i, TiIt is the leak threat degree of node i, PiIt is the fragility risk index of node i;
Step 8:Repeat step 5 is to step 7, based on threat to objective network dynamic evaluation, and then completes to objective network
Security evaluation.
Further, in addition to step 9:After a period of time, step 4 is repeated to step 8, based on leak and threat to mesh
Mark network and carry out security evaluation.
Compared with prior art, the beneficial effects of the invention are as follows:1) methods of risk assessment that static and dynamic is combined, has
Effect improves the real-time of Network Risk Assessment;2) using based on leak and based on threat method come the potential wind of comprehensive assessment network
Danger, can effectively improve the degree of accuracy of Network Risk Assessment.
Brief description of the drawings
Fig. 1 is a kind of network security risk evaluation method framework schematic diagram of the invention.
Embodiment
The present invention is further detailed explanation with reference to the accompanying drawings and detailed description.The inventive method is in static state
The real-time attack that intruding detection system, Hole Detection and third party get is combined on the basis of risk assessment, is dynamically commented
Estimate the security of objective network.Assets, threat and fragility are 3 fundamentals of risk assessment.
In risk assessment, assets value is typically what is be defined by expert or administrative staff during static evaluation, and
Big change is not had in a period of time.And the acquisition of information with fragility is threatened, it can be carried out by corresponding instrument.It is quiet
System risk is reduced in tolerance interval after state risk assessment.Elapse over time, under internally being acted on external factor, and
Threaten and fragility changes, system risk can be lifted, beyond tolerance interval.And threaten the dynamic with the information of fragility
Change, can be carried out by corresponding instrument.
Intruding detection system and fire wall can be alerted to anomalous event at any time as monitoring system, and these are accused
Alert information is the threat that system can suffer from, while being also the important evidence for evaluating a system risk situation.On the other hand,
Using vulnerability checking instrument, the warning information progress that the vulnerability information of collection and intrusion detection instrument can be collected
Match somebody with somebody, so as to judge the possibility of threat event success or failure, and then the risk status of system is evaluated.
The overall framework for the methods of risk assessment being combined based on static and dynamic is as shown in Figure 1.Assets, threat and fragility
Property is 3 fundamentals of risk assessment.In order to dynamically evaluate the security risk of network system, the dynamic risk of network node
Following risk assessment calculation formula is taken in assessment:
Ri=Li×Ti×Pi (1)
In formula (1), RiIt is the dynamic risk value of node i, LiIt is the assets significance level of node i, TiIt is the leak of node i
Threat degree, PiIt is the fragility risk index of node i.
Assuming that the corresponding confidentiality of node, integrality, availability attributes (abbreviation CIA) quantized value are Lc、LI、La, and according to
Its quantized value of different brackets corresponds to (0.1,0.3,0.5,0.7,0.9) from low to high, and specific scalar quantization standard is omitted herein, then
Assets significance level L calculating formula is
Wherein round function representations are rounded up to 3 decimal places.
Leak threat degree T is related to the complexity that the leak is utilized.Carried using Unite States Standard with Institute for Research and Technology
The general CVSS supplied assesses leak threat degree.One CVSS scoring is the numeral of 0~10 scope.Each leak is by 3
Attribute is constituted, and is respectively:Base, Temporal and Environmental.Wherein, Base attributes are with leak threat degree.It
Span is 0~10, and therefore, leak threat degree T calculation formula is
Wherein Base scores for CVSS, and K is the probability of success that leak is attacked, and is the numeral of 0~1 scope, according to special
The probability of success that family's knowledge base is attacked leak is set, and is 0.8 to easy attack type value, general attack type takes
It is worth for 0.6, it is difficult to which attack type value is 0.2.
P is fragility risk index.Analyzed and studied to intrusion detection, fire wall and third party's data sample
Afterwards, the factor of influence system assets risk status has been summarized from data.By being analyzed and processed to these factors, from
And the value-at-risk of system assets is obtained using formula (1).The influence P factor has 3:(Number uses Num to alarm quantity parameter
Represent), alarm source type (Category is represented with Cate), alarm level (Level is represented with Lev).Fragility risk
The calculation formula of indices P is
P=Num × Cate × Lev (4)
In a period of time, if excessive, predetermined more than one threshold values of the alarm quantity detected on some main frame,
At this moment it is considered that the possibility attacked of the main frame is larger, there is certain risk.Therefore, the alarm in a period
Number parameter can reflect the current risk status of assets, and it can be used as one of risks and assumptions.Alarm quantity is relatively more,
The possibility that so assets are attacked is larger, and risk is higher.Therefore, alarm quantity parameter and fragility risk index P have
Certain linear relationship is present.Num calculation formula is
Wherein, ni be certain alarm threshold, it is necessary to expert or keeper are set according to historical data or experience, num
For the quantity of certain alarm.
Usual warning information derives from different systems, such as intrusion detection, fire wall and third party device.So if
When some current node of data display has different warning information of originating, then the node is probably attacked
Hit, there is certain risk.Therefore, alarm source type also should be used as one of factor of risk assessment.Alert source type
Cate calculation formula is
The alarm source categories of wherein cn always, ci is the source category of certain alarm.
Now common intruding detection system or instrument, all can be to alarm when alarming potential security incident
Event assigns a grade, to tell user the size for the threat that the event is likely to result in main frame.If a main frame is at certain
In one period, the alarm event being detected all has relatively higher grade, illustrates that the main frame can by serious attack
Energy property is very big, and risk index is very high.It is clear that alarm level is also the important composition for reflecting fragility risk index P
One of.Alarm level Lev calculation formula is
Different system alarm events assigns grade difference, and alert event is divided into 3 rank height by this method, in, it is low.Such as
Fruit alarm event assigns grade difference, needs expert or keeper to be classified as these three ranks when using first time.Formula
(7) N in1、N2、N3Height is corresponded to respectively, in, low three ranks alarm event quantity, W1、W2、W3For corresponding level weights.Wherein 3
Individual weights W1、W2、W3Need expert or keeper to set, relative importance need to be shown.
In order to make the purpose , technical scheme and advantage of the present invention be clearer, with reference to embodiments, to the present invention
It is further elaborated.Static risk assessment technology comparative maturity, this method is no longer described in detail, below with regard to this method base
It is briefly described in the beam worker required for static evaluation result.The methods of risk assessment being combined based on static and dynamic is included
2 stages:
Stage one:Static risk is assessed
1) static evaluation result is provided.
2) networked asset is identified, analysis is associated to assets value assignment, and by assets and fragility.
3) assignment is carried out to the vulnerability exploit probability of success using CVSS evaluation indexes.
4) formula (2) calculate node assets significance level L is utilized.
Stage two:Dynamic risk is assessed
1) leak identification is carried out to network node using vulnerability scanners, detects the leak of current node, and according to
CVSS evaluation indexes, utilize each leak threat degree at formula (3) calculating.
2) intruding detection system, fire wall and the real-time attack alarm of the current node of third-party offer are provided,
And warning information is classified according to different leaks.
3) analyzed and studied to intrusion detection, fire wall and third party's data sample, calculated based on formula (5)
Influence the alarm quantity parameter Num of the weak property risk index of node.
4) analyzed and studied to intrusion detection, fire wall and third party's data sample, calculated based on formula (6)
Influence the alarm source type Cate of node fragility risk index.
5) analyzed and studied to intrusion detection, fire wall and third party's data sample, calculated based on formula (7)
Influence the alarm level parameter Lev of node fragility risk index.
6) formula (4) calculate node fragility risk index P is utilized, then using formula (1) calculate node security risk,
Dynamic risk assessment is carried out to system.
7) repeat 2) to 6), based on threat to objective network dynamic evaluation.
8) according to security strategy, (such as one week or one month or network change and set as increased or decreased after a period of time
It is standby) repeat 1) to 6), based on leak and threat to objective network dynamic evaluation.
Claims (2)
1. a kind of network security risk evaluation method, it is characterised in that comprise the following steps:
Step 1:Static risk assessment is carried out to objective network, static evaluation result is provided;
Step 2:Networked asset is identified, analysis is associated to assets value assignment, and by assets and fragility;
Step 3:Assignment is carried out using the probability of success to leak using CVSS evaluation indexes;Using formulaCalculate node assets significance level L;Wherein, Lc、LI、LaThe respectively corresponding machine of node
Close property, integrality, the quantized value of availability attributes, round function representations are rounded up to 3 decimal places;
Step 4:Leak identification is carried out to network node using vulnerability scanners, the leak of current node is detected, and according to
CVSS evaluation indexes, using formulaEach leak threat degree T at calculating;Wherein, Base scores for CVSS, K
The probability of success attacked for leak, K is the numeral of 0~1 scope;
Step 5:Intruding detection system, fire wall and the real-time attack alarm of the current node of third-party offer are provided,
And warning information is classified according to different leaks;
Step 6:Intrusion detection, fire wall and third party's data sample are analyzed;
Based on formulaCalculate the alarm quantity parameter Num of the influence weak property risk index of node;
Wherein, ni is certain alarm threshold, and num is the quantity of certain alarm;
Based on formulaCalculate the alarm source type Cate of the influence weak property risk index of node;Wherein, the announcements of cn always
Alert source category, ci is the source category of certain alarm;
Based on formulaCalculate the alarm level parameter of the influence weak property risk index of node
Lev;Wherein, N1、N2、N3High, medium and low three ranks alarm event quantity, W are corresponded to respectively1、W2、W3For corresponding level weights;
Step 7:Using formula P=Num × Cate × Lev calculate node fragility risk index P, then using formula Ri=Li×
Ti×PiCalculate node security risk, dynamic risk assessment is carried out to system;Wherein, RiIt is the dynamic risk value of node i, LiIt is
The assets significance level of node i, TiIt is the leak threat degree of node i, PiIt is the fragility risk index of node i;
Step 8:Repeat step 5 is to step 7, based on threat to objective network dynamic evaluation, and then completes the peace to objective network
It is complete to assess.
2. a kind of network security risk evaluation method as claimed in claim 1, it is characterised in that also including step 9:At one section
Between after, repeat step 4 to step 8, based on leak and threaten security evaluation is carried out to objective network.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710364501.1A CN107204876B (en) | 2017-05-22 | 2017-05-22 | Network security risk assessment method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710364501.1A CN107204876B (en) | 2017-05-22 | 2017-05-22 | Network security risk assessment method |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN107204876A true CN107204876A (en) | 2017-09-26 |
| CN107204876B CN107204876B (en) | 2020-09-29 |
Family
ID=59906389
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201710364501.1A Expired - Fee Related CN107204876B (en) | 2017-05-22 | 2017-05-22 | Network security risk assessment method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN107204876B (en) |
Cited By (62)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107819771A (en) * | 2017-11-16 | 2018-03-20 | 国网湖南省电力有限公司 | A kind of Information Security Risk Assessment Methods and system based on assets dependence |
| CN107862205A (en) * | 2017-11-01 | 2018-03-30 | 龚土婷 | One kind assesses accurate information security risk evaluation system |
| CN108092985A (en) * | 2017-12-26 | 2018-05-29 | 厦门服云信息科技有限公司 | Network safety situation analysis method, device, equipment and computer storage media |
| CN108229175A (en) * | 2017-12-28 | 2018-06-29 | 中国科学院信息工程研究所 | A kind of correlation analysis system and method for multidimensional isomery forensic information |
| CN108429767A (en) * | 2018-05-29 | 2018-08-21 | 广西电网有限责任公司 | A kind of network safety situation forecasting system based on artificial intelligence |
| CN108494787A (en) * | 2018-03-29 | 2018-09-04 | 北京理工大学 | A kind of network risk assessment method based on asset association figure |
| CN108632081A (en) * | 2018-03-26 | 2018-10-09 | 中国科学院计算机网络信息中心 | Network Situation appraisal procedure, device and storage medium |
| CN108683662A (en) * | 2018-05-14 | 2018-10-19 | 深圳市联软科技股份有限公司 | Separate unit online equipment methods of risk assessment and system |
| CN108764631A (en) * | 2018-04-24 | 2018-11-06 | 中国人民公安大学 | A kind of analysis and assessment method and system of anti-terrorism security risk |
| CN108921433A (en) * | 2018-07-04 | 2018-11-30 | 大连和捷科技有限公司 | Quantitative risk analysis system based on business continuance |
| CN109376537A (en) * | 2018-11-06 | 2019-02-22 | 杭州安恒信息技术股份有限公司 | A kind of assets methods of marking and system based on multiple-factor fusion |
| CN109450956A (en) * | 2018-12-29 | 2019-03-08 | 北京奇安信科技有限公司 | Internet security appraisal procedure, system, medium and calculating equipment |
| CN109767352A (en) * | 2018-12-24 | 2019-05-17 | 国网山西省电力公司信息通信分公司 | A kind of power information physics emerging system safety situation evaluation method |
| CN109871688A (en) * | 2018-09-21 | 2019-06-11 | 中国人民解放军国防科技大学 | vulnerability threat degree evaluation method |
| CN110022293A (en) * | 2018-12-29 | 2019-07-16 | 国电南瑞科技股份有限公司 | A kind of electric network information physics emerging system methods of risk assessment |
| CN110033202A (en) * | 2019-04-22 | 2019-07-19 | 广东电网有限责任公司 | A kind of methods of risk assessment and assessment system of power business system |
| CN110545280A (en) * | 2019-09-09 | 2019-12-06 | 北京华赛在线科技有限公司 | quantitative evaluation method based on threat detection accuracy |
| CN110769007A (en) * | 2019-12-26 | 2020-02-07 | 国网电子商务有限公司 | Network security situation sensing method and device based on abnormal traffic detection |
| CN110851839A (en) * | 2019-11-12 | 2020-02-28 | 杭州安恒信息技术股份有限公司 | Risk-based asset scoring method and system |
| CN110881016A (en) * | 2018-09-05 | 2020-03-13 | 华为技术有限公司 | Network security threat assessment method and device |
| CN110991906A (en) * | 2019-12-06 | 2020-04-10 | 国家电网有限公司客户服务中心 | Cloud system information security risk assessment method |
| CN111090862A (en) * | 2019-11-25 | 2020-05-01 | 杭州安恒信息技术股份有限公司 | Asset portrait method and system based on Internet terminal |
| CN111147497A (en) * | 2019-12-28 | 2020-05-12 | 杭州安恒信息技术股份有限公司 | Intrusion detection method, device and equipment based on knowledge inequality |
| CN111586075A (en) * | 2020-05-26 | 2020-08-25 | 国家计算机网络与信息安全管理中心 | Hidden channel detection method based on multi-scale stream analysis technology |
| CN112039704A (en) * | 2020-08-31 | 2020-12-04 | 中国民航大学 | Information system risk assessment method based on risk propagation |
| CN112055957A (en) * | 2018-01-28 | 2020-12-08 | 爱维士软件有限责任公司 | Computer network security assessment engine |
| CN112052457A (en) * | 2020-09-03 | 2020-12-08 | 中国银行股份有限公司 | Security condition evaluation method and device of application system |
| CN112087408A (en) * | 2019-06-12 | 2020-12-15 | 普天信息技术有限公司 | Method and device for evaluating network assets |
| CN112202764A (en) * | 2020-09-28 | 2021-01-08 | 中远海运科技股份有限公司 | Network attack link visualization system, method and server |
| CN112291257A (en) * | 2020-11-11 | 2021-01-29 | 福建奇点时空数字科技有限公司 | Platform dynamic defense method based on event driving and timing migration |
| CN112348371A (en) * | 2020-11-11 | 2021-02-09 | 奇安信科技集团股份有限公司 | Cloud asset security risk assessment method, device, equipment and storage medium |
| CN112465302A (en) * | 2020-11-06 | 2021-03-09 | 中国航空工业集团公司西安航空计算技术研究所 | System and method for evaluating network security risk of civil aircraft airborne system |
| CN112491621A (en) * | 2020-11-30 | 2021-03-12 | 郑州轻工业大学 | Network security evaluation method and system |
| CN112600800A (en) * | 2020-12-03 | 2021-04-02 | 中国电子科技网络信息安全有限公司 | Network risk assessment method based on map |
| CN112702345A (en) * | 2020-12-24 | 2021-04-23 | 福建技术师范学院 | Information vulnerability risk assessment method and device based on data element characteristics |
| CN112737101A (en) * | 2020-12-07 | 2021-04-30 | 国家计算机网络与信息安全管理中心 | Network security risk assessment method and system for multiple monitoring domains |
| CN112749394A (en) * | 2020-12-11 | 2021-05-04 | 苏宁消费金融有限公司 | Consumption financial assessment method based on network risk value |
| CN112769747A (en) * | 2020-11-12 | 2021-05-07 | 成都思维世纪科技有限责任公司 | 5G data security risk evaluation method and evaluation system |
| CN112819336A (en) * | 2021-02-03 | 2021-05-18 | 国家电网有限公司 | Power monitoring system network threat-based quantification method and system |
| CN113114647A (en) * | 2021-04-01 | 2021-07-13 | 海尔数字科技(青岛)有限公司 | Network security risk detection method and device, electronic equipment and storage medium |
| CN113361888A (en) * | 2021-05-29 | 2021-09-07 | 北京威努特技术有限公司 | Industrial environment asset safety management method and system based on task tree |
| CN113378158A (en) * | 2021-05-24 | 2021-09-10 | 南京航空航天大学 | Mobile network risk vulnerability assessment method and device |
| CN113489680A (en) * | 2021-06-07 | 2021-10-08 | 广发银行股份有限公司 | Network attack threat level evaluation model, evaluation method, terminal and medium |
| CN113486577A (en) * | 2021-06-28 | 2021-10-08 | 金陵科技学院 | Geographical big data transmission method based on mixed distribution estimation algorithm |
| CN113824699A (en) * | 2021-08-30 | 2021-12-21 | 深圳供电局有限公司 | Network security detection method and device |
| CN113839817A (en) * | 2021-09-23 | 2021-12-24 | 北京天融信网络安全技术有限公司 | Network asset risk assessment method, device and system |
| CN114139020A (en) * | 2021-12-08 | 2022-03-04 | 广西民族大学 | Network security event structure hierarchical processing method and device |
| CN114500024A (en) * | 2022-01-19 | 2022-05-13 | 恒安嘉新(北京)科技股份公司 | Network asset management method, device, equipment and storage medium |
| CN114844953A (en) * | 2022-05-12 | 2022-08-02 | 机械工业仪器仪表综合技术经济研究所 | Petrochemical device instrument automatic control equipment safety monitoring system based on industrial internet |
| CN114997607A (en) * | 2022-05-17 | 2022-09-02 | 保利长大工程有限公司 | Anomaly assessment early warning method and system based on engineering detection data |
| CN115085965A (en) * | 2022-04-26 | 2022-09-20 | 南方电网数字电网研究院有限公司 | Method, device and equipment for evaluating attacked risk of information network of power system |
| CN115102834A (en) * | 2022-04-27 | 2022-09-23 | 浙江大学 | Change risk assessment method, equipment and storage medium |
| CN115190058A (en) * | 2022-06-20 | 2022-10-14 | 国家计算机网络与信息安全管理中心 | Vehicle network data security risk assessment system, method and device |
| CN115242465A (en) * | 2022-07-01 | 2022-10-25 | 电子科技大学成都学院 | Network equipment configuration method and network equipment |
| CN115277490A (en) * | 2022-09-28 | 2022-11-01 | 湖南大佳数据科技有限公司 | Network target range evaluation method, system, equipment and storage medium |
| CN115378744A (en) * | 2022-10-25 | 2022-11-22 | 天津丈八网络安全科技有限公司 | Network security test evaluation system and method |
| CN115694912A (en) * | 2022-09-30 | 2023-02-03 | 郑州云智信安安全技术有限公司 | Method for calculating network asset safety index |
| CN115883262A (en) * | 2023-03-02 | 2023-03-31 | 天津市职业大学 | Information security risk assessment method, equipment and medium for intelligent networked automobile |
| WO2023179467A1 (en) * | 2022-03-25 | 2023-09-28 | 华为技术有限公司 | Vulnerability assessment method and analysis device |
| CN117081851A (en) * | 2023-10-10 | 2023-11-17 | 网思科技股份有限公司 | Display method, system and medium of network security situation awareness information |
| CN117176476A (en) * | 2023-11-02 | 2023-12-05 | 江苏南通鑫业网络科技有限公司 | Network security assessment method and system based on node weight |
| CN115085965B (en) * | 2022-04-26 | 2024-05-03 | 南方电网数字电网研究院有限公司 | Power system information network attack risk assessment method, device and equipment |
-
2017
- 2017-05-22 CN CN201710364501.1A patent/CN107204876B/en not_active Expired - Fee Related
Non-Patent Citations (2)
| Title |
|---|
| 刘思帆: "一种基于主机日志分析的实时风险评估模型的研究与实现", 《中国优秀硕士学位论文全文数据库-信息科技辑》 * |
| 陈孟婕: "电力信息系统动静态风险评估技术研究", 《中国优秀硕士学位论文全文数据库-信息科技辑》 * |
Cited By (92)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107862205A (en) * | 2017-11-01 | 2018-03-30 | 龚土婷 | One kind assesses accurate information security risk evaluation system |
| CN107819771B (en) * | 2017-11-16 | 2020-03-20 | 国网湖南省电力有限公司 | Information security risk assessment method and system based on asset dependency relationship |
| CN107819771A (en) * | 2017-11-16 | 2018-03-20 | 国网湖南省电力有限公司 | A kind of Information Security Risk Assessment Methods and system based on assets dependence |
| CN108092985A (en) * | 2017-12-26 | 2018-05-29 | 厦门服云信息科技有限公司 | Network safety situation analysis method, device, equipment and computer storage media |
| CN108092985B (en) * | 2017-12-26 | 2021-04-06 | 厦门服云信息科技有限公司 | Network security situation analysis method, device, equipment and computer storage medium |
| CN108229175A (en) * | 2017-12-28 | 2018-06-29 | 中国科学院信息工程研究所 | A kind of correlation analysis system and method for multidimensional isomery forensic information |
| CN112055957B (en) * | 2018-01-28 | 2023-09-19 | 爱维士软件有限责任公司 | Computer Network Security Assessment Engine |
| CN112055957A (en) * | 2018-01-28 | 2020-12-08 | 爱维士软件有限责任公司 | Computer network security assessment engine |
| CN108632081A (en) * | 2018-03-26 | 2018-10-09 | 中国科学院计算机网络信息中心 | Network Situation appraisal procedure, device and storage medium |
| CN108632081B (en) * | 2018-03-26 | 2021-10-08 | 中国科学院计算机网络信息中心 | Network situation evaluation method, device and storage medium |
| CN108494787A (en) * | 2018-03-29 | 2018-09-04 | 北京理工大学 | A kind of network risk assessment method based on asset association figure |
| CN108764631A (en) * | 2018-04-24 | 2018-11-06 | 中国人民公安大学 | A kind of analysis and assessment method and system of anti-terrorism security risk |
| CN108683662A (en) * | 2018-05-14 | 2018-10-19 | 深圳市联软科技股份有限公司 | Separate unit online equipment methods of risk assessment and system |
| CN108429767A (en) * | 2018-05-29 | 2018-08-21 | 广西电网有限责任公司 | A kind of network safety situation forecasting system based on artificial intelligence |
| CN108921433B (en) * | 2018-07-04 | 2021-08-13 | 大连和捷科技有限公司 | Risk quantitative analysis system based on business continuity |
| CN108921433A (en) * | 2018-07-04 | 2018-11-30 | 大连和捷科技有限公司 | Quantitative risk analysis system based on business continuance |
| CN110881016A (en) * | 2018-09-05 | 2020-03-13 | 华为技术有限公司 | Network security threat assessment method and device |
| CN110881016B (en) * | 2018-09-05 | 2021-06-01 | 华为技术有限公司 | Network security threat assessment method and device |
| CN109871688A (en) * | 2018-09-21 | 2019-06-11 | 中国人民解放军国防科技大学 | vulnerability threat degree evaluation method |
| CN109376537A (en) * | 2018-11-06 | 2019-02-22 | 杭州安恒信息技术股份有限公司 | A kind of assets methods of marking and system based on multiple-factor fusion |
| CN109767352A (en) * | 2018-12-24 | 2019-05-17 | 国网山西省电力公司信息通信分公司 | A kind of power information physics emerging system safety situation evaluation method |
| CN109767352B (en) * | 2018-12-24 | 2023-08-01 | 国网山西省电力公司信息通信分公司 | Safety situation assessment method for electric power information physical fusion system |
| CN110022293A (en) * | 2018-12-29 | 2019-07-16 | 国电南瑞科技股份有限公司 | A kind of electric network information physics emerging system methods of risk assessment |
| CN109450956B (en) * | 2018-12-29 | 2021-06-08 | 奇安信科技集团股份有限公司 | Network security evaluation method, system, medium, and computer system |
| CN109450956A (en) * | 2018-12-29 | 2019-03-08 | 北京奇安信科技有限公司 | Internet security appraisal procedure, system, medium and calculating equipment |
| CN110033202A (en) * | 2019-04-22 | 2019-07-19 | 广东电网有限责任公司 | A kind of methods of risk assessment and assessment system of power business system |
| CN112087408A (en) * | 2019-06-12 | 2020-12-15 | 普天信息技术有限公司 | Method and device for evaluating network assets |
| CN110545280A (en) * | 2019-09-09 | 2019-12-06 | 北京华赛在线科技有限公司 | quantitative evaluation method based on threat detection accuracy |
| CN110851839A (en) * | 2019-11-12 | 2020-02-28 | 杭州安恒信息技术股份有限公司 | Risk-based asset scoring method and system |
| CN110851839B (en) * | 2019-11-12 | 2022-03-11 | 杭州安恒信息技术股份有限公司 | Risk-based asset scoring method and system |
| CN111090862A (en) * | 2019-11-25 | 2020-05-01 | 杭州安恒信息技术股份有限公司 | Asset portrait method and system based on Internet terminal |
| CN110991906B (en) * | 2019-12-06 | 2023-11-17 | 国家电网有限公司客户服务中心 | Cloud system information security risk assessment method |
| CN110991906A (en) * | 2019-12-06 | 2020-04-10 | 国家电网有限公司客户服务中心 | Cloud system information security risk assessment method |
| CN110769007A (en) * | 2019-12-26 | 2020-02-07 | 国网电子商务有限公司 | Network security situation sensing method and device based on abnormal traffic detection |
| CN111147497A (en) * | 2019-12-28 | 2020-05-12 | 杭州安恒信息技术股份有限公司 | Intrusion detection method, device and equipment based on knowledge inequality |
| CN111586075B (en) * | 2020-05-26 | 2022-06-14 | 国家计算机网络与信息安全管理中心 | Hidden channel detection method based on multi-scale stream analysis technology |
| CN111586075A (en) * | 2020-05-26 | 2020-08-25 | 国家计算机网络与信息安全管理中心 | Hidden channel detection method based on multi-scale stream analysis technology |
| CN112039704A (en) * | 2020-08-31 | 2020-12-04 | 中国民航大学 | Information system risk assessment method based on risk propagation |
| CN112052457B (en) * | 2020-09-03 | 2023-09-19 | 中国银行股份有限公司 | Safety condition assessment method and device of application system |
| CN112052457A (en) * | 2020-09-03 | 2020-12-08 | 中国银行股份有限公司 | Security condition evaluation method and device of application system |
| CN112202764B (en) * | 2020-09-28 | 2023-05-19 | 中远海运科技股份有限公司 | Network attack link visualization system, method and server |
| CN112202764A (en) * | 2020-09-28 | 2021-01-08 | 中远海运科技股份有限公司 | Network attack link visualization system, method and server |
| CN112465302B (en) * | 2020-11-06 | 2022-12-06 | 中国航空工业集团公司西安航空计算技术研究所 | System and method for evaluating network security risk of civil aircraft airborne system |
| CN112465302A (en) * | 2020-11-06 | 2021-03-09 | 中国航空工业集团公司西安航空计算技术研究所 | System and method for evaluating network security risk of civil aircraft airborne system |
| CN112291257A (en) * | 2020-11-11 | 2021-01-29 | 福建奇点时空数字科技有限公司 | Platform dynamic defense method based on event driving and timing migration |
| CN112291257B (en) * | 2020-11-11 | 2022-08-12 | 福建奇点时空数字科技有限公司 | Platform dynamic defense method based on event driving and timing migration |
| CN112348371A (en) * | 2020-11-11 | 2021-02-09 | 奇安信科技集团股份有限公司 | Cloud asset security risk assessment method, device, equipment and storage medium |
| CN112769747B (en) * | 2020-11-12 | 2022-11-04 | 成都思维世纪科技有限责任公司 | 5G data security risk evaluation method and evaluation system |
| CN112769747A (en) * | 2020-11-12 | 2021-05-07 | 成都思维世纪科技有限责任公司 | 5G data security risk evaluation method and evaluation system |
| CN112491621A (en) * | 2020-11-30 | 2021-03-12 | 郑州轻工业大学 | Network security evaluation method and system |
| CN112600800B (en) * | 2020-12-03 | 2022-07-05 | 中国电子科技网络信息安全有限公司 | Network risk assessment method based on map |
| CN112600800A (en) * | 2020-12-03 | 2021-04-02 | 中国电子科技网络信息安全有限公司 | Network risk assessment method based on map |
| CN112737101A (en) * | 2020-12-07 | 2021-04-30 | 国家计算机网络与信息安全管理中心 | Network security risk assessment method and system for multiple monitoring domains |
| CN112737101B (en) * | 2020-12-07 | 2022-08-26 | 国家计算机网络与信息安全管理中心 | Network security risk assessment method and system for multiple monitoring domains |
| CN112749394A (en) * | 2020-12-11 | 2021-05-04 | 苏宁消费金融有限公司 | Consumption financial assessment method based on network risk value |
| CN112749394B (en) * | 2020-12-11 | 2022-08-02 | 苏宁消费金融有限公司 | Consumption financial assessment method based on network risk value |
| CN112702345A (en) * | 2020-12-24 | 2021-04-23 | 福建技术师范学院 | Information vulnerability risk assessment method and device based on data element characteristics |
| CN112819336A (en) * | 2021-02-03 | 2021-05-18 | 国家电网有限公司 | Power monitoring system network threat-based quantification method and system |
| CN112819336B (en) * | 2021-02-03 | 2023-12-15 | 国家电网有限公司 | Quantification method and system based on network threat of power monitoring system |
| CN113114647A (en) * | 2021-04-01 | 2021-07-13 | 海尔数字科技(青岛)有限公司 | Network security risk detection method and device, electronic equipment and storage medium |
| CN113378158A (en) * | 2021-05-24 | 2021-09-10 | 南京航空航天大学 | Mobile network risk vulnerability assessment method and device |
| CN113361888A (en) * | 2021-05-29 | 2021-09-07 | 北京威努特技术有限公司 | Industrial environment asset safety management method and system based on task tree |
| CN113489680B (en) * | 2021-06-07 | 2023-10-24 | 广发银行股份有限公司 | Network attack threat level evaluation model, evaluation method, terminal and medium |
| CN113489680A (en) * | 2021-06-07 | 2021-10-08 | 广发银行股份有限公司 | Network attack threat level evaluation model, evaluation method, terminal and medium |
| CN113486577A (en) * | 2021-06-28 | 2021-10-08 | 金陵科技学院 | Geographical big data transmission method based on mixed distribution estimation algorithm |
| CN113486577B (en) * | 2021-06-28 | 2022-03-29 | 金陵科技学院 | Geographical big data transmission method based on mixed distribution estimation algorithm |
| CN113824699A (en) * | 2021-08-30 | 2021-12-21 | 深圳供电局有限公司 | Network security detection method and device |
| CN113824699B (en) * | 2021-08-30 | 2023-11-14 | 深圳供电局有限公司 | Network security detection method and device |
| CN113839817B (en) * | 2021-09-23 | 2023-05-05 | 北京天融信网络安全技术有限公司 | Network asset risk assessment method and device and electronic equipment |
| CN113839817A (en) * | 2021-09-23 | 2021-12-24 | 北京天融信网络安全技术有限公司 | Network asset risk assessment method, device and system |
| CN114139020A (en) * | 2021-12-08 | 2022-03-04 | 广西民族大学 | Network security event structure hierarchical processing method and device |
| CN114500024B (en) * | 2022-01-19 | 2024-03-22 | 恒安嘉新(北京)科技股份公司 | Network asset management method, device, equipment and storage medium |
| CN114500024A (en) * | 2022-01-19 | 2022-05-13 | 恒安嘉新(北京)科技股份公司 | Network asset management method, device, equipment and storage medium |
| WO2023179467A1 (en) * | 2022-03-25 | 2023-09-28 | 华为技术有限公司 | Vulnerability assessment method and analysis device |
| CN115085965A (en) * | 2022-04-26 | 2022-09-20 | 南方电网数字电网研究院有限公司 | Method, device and equipment for evaluating attacked risk of information network of power system |
| CN115085965B (en) * | 2022-04-26 | 2024-05-03 | 南方电网数字电网研究院有限公司 | Power system information network attack risk assessment method, device and equipment |
| CN115102834B (en) * | 2022-04-27 | 2024-04-16 | 浙江大学 | Change risk assessment method, device and storage medium |
| CN115102834A (en) * | 2022-04-27 | 2022-09-23 | 浙江大学 | Change risk assessment method, equipment and storage medium |
| CN114844953A (en) * | 2022-05-12 | 2022-08-02 | 机械工业仪器仪表综合技术经济研究所 | Petrochemical device instrument automatic control equipment safety monitoring system based on industrial internet |
| CN114997607A (en) * | 2022-05-17 | 2022-09-02 | 保利长大工程有限公司 | Anomaly assessment early warning method and system based on engineering detection data |
| CN115190058A (en) * | 2022-06-20 | 2022-10-14 | 国家计算机网络与信息安全管理中心 | Vehicle network data security risk assessment system, method and device |
| CN115242465A (en) * | 2022-07-01 | 2022-10-25 | 电子科技大学成都学院 | Network equipment configuration method and network equipment |
| CN115277490B (en) * | 2022-09-28 | 2023-01-17 | 湖南大佳数据科技有限公司 | Network target range evaluation method, system, equipment and storage medium |
| CN115277490A (en) * | 2022-09-28 | 2022-11-01 | 湖南大佳数据科技有限公司 | Network target range evaluation method, system, equipment and storage medium |
| CN115694912B (en) * | 2022-09-30 | 2023-08-04 | 郑州云智信安安全技术有限公司 | Calculation method of network asset security index |
| CN115694912A (en) * | 2022-09-30 | 2023-02-03 | 郑州云智信安安全技术有限公司 | Method for calculating network asset safety index |
| CN115378744A (en) * | 2022-10-25 | 2022-11-22 | 天津丈八网络安全科技有限公司 | Network security test evaluation system and method |
| CN115883262A (en) * | 2023-03-02 | 2023-03-31 | 天津市职业大学 | Information security risk assessment method, equipment and medium for intelligent networked automobile |
| CN117081851B (en) * | 2023-10-10 | 2024-03-19 | 网思科技股份有限公司 | Display method, system and medium of network security situation awareness information |
| CN117081851A (en) * | 2023-10-10 | 2023-11-17 | 网思科技股份有限公司 | Display method, system and medium of network security situation awareness information |
| CN117176476B (en) * | 2023-11-02 | 2024-01-02 | 江苏南通鑫业网络科技有限公司 | Network security assessment method and system based on node weight |
| CN117176476A (en) * | 2023-11-02 | 2023-12-05 | 江苏南通鑫业网络科技有限公司 | Network security assessment method and system based on node weight |
Also Published As
| Publication number | Publication date |
|---|---|
| CN107204876B (en) | 2020-09-29 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN107204876A (en) | A kind of network security risk evaluation method | |
| CN103581186B (en) | A kind of network security situational awareness method and system | |
| CN101808020B (en) | Intrusion response decision-making method based on incomplete information dynamic game | |
| CN103312679B (en) | The detection method of senior constant threat and system | |
| Bhattacharjee et al. | Detection and forensics against stealthy data falsification in smart metering infrastructure | |
| CN101459537A (en) | Network security situation sensing system and method based on multi-layer multi-angle analysis | |
| CN105868629B (en) | Security threat situation assessment method suitable for electric power information physical system | |
| US20070113281A1 (en) | Method used in the control of a physical system affected by threats | |
| CN108111348A (en) | A kind of security policy manager method and system for enterprise's cloud application | |
| CN103607388A (en) | APT threat prediction method and system | |
| CN106209856B (en) | Method for generating big data security posture map based on trusted computing | |
| Jiang et al. | A medical big data access control model based on fuzzy trust prediction and regression analysis | |
| CN108092985B (en) | Network security situation analysis method, device, equipment and computer storage medium | |
| CN103916385A (en) | WAF safety monitoring system based on intelligent algorithm | |
| CN106685996A (en) | Method for detecting account abnormal logging based on HMM model | |
| CN110289995A (en) | Based on the social networks behavior monitoring method and device using attribute attack graph | |
| CN108809706A (en) | A kind of network risks monitoring system of substation | |
| Chilvers et al. | The New South Wales “Compstat” process: its impact on crime | |
| CN112968796A (en) | Network security situation awareness method and device and computer equipment | |
| Kinser et al. | Scoring trust across hybrid-space: A quantitative framework designed to calculate cybersecurity ratings, measures, and metrics to inform a trust score | |
| CN107800575A (en) | The appraisal procedure of electric power industrial control system information security | |
| Wang et al. | Semantic analysis framework for protecting the power grid against monitoring‐control attacks | |
| Upadhyaya et al. | An analytical framework for reasoning about intrusions | |
| Mekonnen et al. | A privacy preserving context-aware insider threat prediction and prevention model predicated on the components of the fraud diamond | |
| Comes et al. | Decision support for disaster risk management: Integrating vulnerabilities into early-warning systems |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20200929 |
|
| CF01 | Termination of patent right due to non-payment of annual fee |