CN108683662A - Separate unit online equipment methods of risk assessment and system - Google Patents
Separate unit online equipment methods of risk assessment and system Download PDFInfo
- Publication number
- CN108683662A CN108683662A CN201810455479.6A CN201810455479A CN108683662A CN 108683662 A CN108683662 A CN 108683662A CN 201810455479 A CN201810455479 A CN 201810455479A CN 108683662 A CN108683662 A CN 108683662A
- Authority
- CN
- China
- Prior art keywords
- measured
- separate unit
- equipment
- online equipment
- score value
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
In this method, the risk class of multiple check items and each check item is arranged in separate unit online equipment methods of risk assessment provided by the invention and system;Separate unit online equipment to be measured is measured in real time according to check item, obtains testing result;The testing result obtained in the preset assessment time is stored, including occurs the check item alerted, the risk class of the check item and separate unit online equipment to be measured in testing result and the number alerted occurs;The testing result of storage is analyzed according to preset assessment models, obtains equipment behavior penalty values;The risk score value of separate unit online equipment to be measured is calculated according to equipment behavior penalty values.This method abandons the thinking for taking the alarm score value of the highest in all check items in the prior art, is periodically detected to the network equipment, is counted to testing result all in certain period, and alarm number can be added and analyzed, appraisal procedure is more effective.
Description
Technical field
The invention belongs to Internet technical fields, and in particular to separate unit online equipment methods of risk assessment and system.
Background technology
In the prior art, the risk assessment of separate unit online equipment is mainly the following mode:
1. setting detected rule, a plurality of detection is set, the network equipment is detected according to detection, examined by every
The threat degree for surveying item artificially determines risk class, as network equipment risk evaluation index;
2. set device inspection item, all inspection items set score value, and the alarm of single detection can not be opened up intuitively
Existing equipment Risk overall state.
The evaluation granularity of both the above method is too careless, and general networking risk assessment is within some period
Risk status, but equipment may be within certain period, several hazard detections can be alerted frequently, but risk class or deduction of points are identical,
Can not will alarm number investigation reasonably be added, can not consider a variety of alarms as a result, then can not be to network security pipe
Reason person provides effective reference.
Invention content
For the defects in the prior art, the present invention provides separate unit online equipment methods of risk assessment and system, Neng Goujia
Enter to alert number and be analyzed, the type of a variety of alarms can be considered, appraisal procedure is more effective.
In a first aspect, a kind of separate unit online equipment methods of risk assessment, includes the following steps:
The risk class of multiple check items and each check item is set;
Separate unit online equipment to be measured is measured in real time according to check item, obtains testing result;
The testing result obtained in the preset assessment time is stored, including occurs the check item alerted in testing result, be somebody's turn to do
There is the number alerted in the risk class of check item and separate unit online equipment to be measured;
The testing result of storage is analyzed according to preset assessment models, obtains equipment behavior penalty values;
The risk score value of separate unit online equipment to be measured is calculated according to equipment behavior penalty values.
Further, described that separate unit online equipment to be measured is measured in real time according to check item, obtain testing result tool
Body includes;
Separate unit online equipment to be measured is measured in real time according to check item;
Risk class to there is the check item alerted scores, and obtains alarm score value;
Record alarm score value;
The testing result includes the alarm score value.
Further, described that all testing results are analyzed according to preset assessment models, obtain equipment behavior
Penalty values specifically include:
Analysis time is set;
When being reached between when analyzed, it is calculate by the following formula equipment behavior penalty values:
Behavior_loss=(max_level+sum_level × 0.1) × max_level × tanh (check_
count);
Wherein, behavior_loss is the equipment behavior penalty values of separate unit online equipment to be measured, and max_level is to be measured
Highest alarm score value in the testing result of separate unit online equipment, sum_level are the testing result of separate unit online equipment to be measured
In the sum of all alarm score values, check_count is that separate unit online equipment to be measured the cumulative number alerted occurs,
Further, the risk score value that separate unit online equipment to be measured is calculated according to equipment behavior penalty values specifically wraps
It includes:
Full marks score value is set;
The equipment behavior penalty values of separate unit online equipment to be measured are subtracted, are obtained on the basis of full marks score value using deduction of points method
To the risk score value.
Second aspect, a kind of separate unit online equipment risk evaluating system, including:
Setting unit:Risk class for multiple check items and each check item to be arranged;
Detection unit:For being measured in real time to separate unit online equipment to be measured according to check item, testing result is obtained;
Statistic unit:For storing obtained testing result in the preset assessment time, including accused in testing result
There is the number alerted in the risk class of alert check item, the check item and separate unit online equipment to be measured;
Assessment unit:For being analyzed the testing result of storage according to preset assessment models, equipment behavior is obtained
Penalty values;It is additionally operable to calculate the risk score value of separate unit online equipment to be measured according to equipment behavior penalty values.
Further, described that separate unit online equipment to be measured is measured in real time according to check item, obtain testing result tool
Body includes;
Separate unit online equipment to be measured is measured in real time according to check item;
Risk class to there is the check item alerted scores, and obtains alarm score value;
Record alarm score value;
The testing result includes the alarm score value.
Further, described that all testing results are analyzed according to preset assessment models, obtain equipment behavior
Penalty values specifically include:
Analysis time is set;
When being reached between when analyzed, it is calculate by the following formula equipment behavior penalty values:
Behavior_loss=(max_level+sum_level × 0.1) × max_level × tanh (check_
count);
Wherein, behavior_loss is the equipment behavior penalty values of separate unit online equipment to be measured, and max_level is to be measured
Highest alarm score value in the testing result of separate unit online equipment, sum_level are the testing result of separate unit online equipment to be measured
In the sum of all alarm score values, check_count is that separate unit online equipment to be measured the cumulative number alerted occurs,
Further, the risk score value that separate unit online equipment to be measured is calculated according to equipment behavior penalty values specifically wraps
It includes:
Full marks score value is set;
The equipment behavior penalty values of separate unit online equipment to be measured are subtracted, are obtained on the basis of full marks score value using deduction of points method
To the risk score value.
As shown from the above technical solution, separate unit online equipment methods of risk assessment provided by the invention and system are abandoned existing
There is the thinking for taking the alarm score value of the highest in all check items in technology, periodically the network equipment is detected, to certain period
Interior all testing results are counted, and alarm number can be added and analyzed, appraisal procedure is more effective.
Description of the drawings
It, below will be to specific in order to illustrate more clearly of the specific embodiment of the invention or technical solution in the prior art
Embodiment or attached drawing needed to be used in the description of the prior art are briefly described.In all the appended drawings, similar element
Or part is generally identified by similar reference numeral.In attached drawing, each element or part might not be drawn according to actual ratio.
Fig. 1 is the flow chart for the appraisal procedure that embodiment one provides.
Fig. 2 is the module frame chart for the assessment system that example IV provides.
Specific implementation mode
The embodiment of technical solution of the present invention is described in detail below in conjunction with attached drawing.Following embodiment is only used for
Clearly illustrate technical scheme of the present invention, therefore be only used as example, and the protection model of the present invention cannot be limited with this
It encloses.It should be noted that unless otherwise indicated, technical term or scientific terminology used in this application are should be belonging to the present invention
The ordinary meaning that field technology personnel are understood.
It should be appreciated that ought use in this specification and in the appended claims, term " comprising " and "comprising" instruction
Described feature, entirety, step, operation, the presence of element and/or component, but one or more of the other feature, whole is not precluded
Body, step, operation, element, component and/or its presence or addition gathered.
As used in this specification and in the appended claims, term " if " can be according to context quilt
Be construed to " when ... " or " once " or " in response to determination " or " in response to detecting ".Similarly, phrase " if it is determined that " or
" if detecting [described condition or event] " can be interpreted to mean according to context " once it is determined that " or " in response to true
It is fixed " or " once detecting [described condition or event] " or " in response to detecting [described condition or event] ".
Embodiment one:
Referring to Fig. 1, a kind of separate unit online equipment methods of risk assessment includes the following steps:
S1:The risk class of multiple check items and each check item is set;
Specifically, it includes " not conforming to rule behavior ", " abnormal behaviour ", " hazardous act " three aspects that alarm, which occurs, in check item.
For example, if detecting that IP/MAC address changes, the implementor name of the network equipment change, operating system changes, then recognize
To there is abnormal behaviour.Different check items defines risk class according to its threat degree, for the low check item of threat degree,
Its risk class is low.For the high check item of threat degree, risk class is high.Separate unit online equipment includes PC equipment, network
Equipment, mobile device, IoT equipment, ICS equipment etc..
S2:Separate unit online equipment to be measured is measured in real time according to check item, obtains testing result;
Specifically, separate unit online equipment to be measured when being detected, needs to be detected all check items.Detection knot
All conjunction rule behaviors are contained in fruit, do not conform to rule behavior, abnormal behaviour, the check item of hazardous act, are also recorded for alarm behavior
Check item risk class.It is to be detected in real time when being detected according to check item, can detect network in real time in this way sets
Standby safety.
S3:Store obtained testing result in the preset assessment time, including occur in testing result the check item alerted,
There is the number alerted in the risk class of the check item and separate unit online equipment to be measured;
Specifically, the check item of alarm, convenient follow-up progress risk assessment are counted.There is time alerted in separate unit online equipment
Number is the accumulated quantity of the check item alerted occur in all examining reports.
S4:The testing result of storage is analyzed according to preset assessment models, obtains equipment behavior penalty values;
Specifically, periodically testing result can be analyzed.Such as:Such as analysis time is set, analysis time can be with
It is primary for a hour, two hour analyses, the risk status of separate unit online equipment to be measured is updated.If assessing the time
It is set as 24 hours, that is, indicates that the risk status to same day separate unit online equipment to be measured is updated.That is separate unit to be measured
Online equipment is detected according to check item always, if a hour analysis is primary, is obtained separate unit online equipment to be measured and is worked as
Its testing result obtained is analyzed, and updates the risk status of separate unit online equipment to be measured.This ensure that separate unit to be measured
The risk status of online equipment is real-time update.
S5:The risk score value of separate unit online equipment to be measured is calculated according to equipment behavior penalty values.
This method abandons the thinking for taking the alarm score value of the highest in all check items in the prior art, periodically to the network equipment
It is detected, testing result all in certain period is counted, alarm number can be added and analyzed, appraisal procedure
More effectively.
Embodiment two:
The method that embodiment two provides increases the following contents on the basis of embodiment one:
It is described that separate unit online equipment to be measured is detected according to check item, it obtains testing result and specifically includes;
Separate unit online equipment to be measured is measured in real time according to check item;
Risk class to there is the check item alerted scores, and obtains alarm score value;
Record alarm score value;
The testing result includes the alarm score value.
Specifically, embodiment is more intuitive, and risk class is higher, and score value is higher by scoring for risk class.Such as:Equipment exists
The risk class of non-working time access is 4 points, is mounted with that the risk class of the enterprise software of violation is 6 points.When check item A goes out
When existing 1 alarm, risk class is 4, if 2 alarms occurs in check item A, risk class upgrading becomes 5.
The method that the embodiment of the present invention is provided, to briefly describe, which does not refer to place, can refer to implementation
Corresponding contents in example one.
Embodiment three:
The method that embodiment three provides increases the following contents on the basis of embodiment two:
It is described that all testing results are analyzed according to preset assessment models, it is specific to obtain equipment behavior penalty values
Including:
Analysis time is set;
When being reached between when analyzed, it is calculate by the following formula equipment behavior penalty values:
Behavior_loss=(max_level+sum_level × 0.1) × max_level × tanh (check_
count);
Wherein, behavior_loss is the equipment behavior penalty values of separate unit online equipment to be measured, and max_level is to be measured
Highest alarm score value in the testing result of separate unit online equipment, sum_level are the testing result of separate unit online equipment to be measured
In the sum of all alarm score values, check_count is that separate unit online equipment to be measured the cumulative number alerted occurs,
Specifically, since the network equipment is after curstomer's site deployment, with the increase of deployment time, detection quantity is got over
Come bigger.And when establishing assessment models, it cannot estimate the check item transformation of the network equipment after deployment.So this method
Middle Hyperbolic Tangent Model does not influence assessment models robustness by the alarm number upper limit completely.The result that assessment models obtain begins
It is eventually positive number, between [0,100].The computing device behavior penalty values obtained by above-mentioned formula can occur with the check item
The number of alarm increases and increases.I.e. if the separate unit online equipment to be measured number that occurs alerting is more, risk class is higher.
In analysis, all testing results in the time will be assessed as the input of assessment models.Such as:If when analysis
Between when reaching, separate unit online equipment to be measured has in 3 parts of testing results, and the number for the check item alerted occur is respectively 5,7,4.3
In part testing result;The score value of highest risk class is 6;In 3 parts of testing results, there is the risk class of the check item alerted
The sum of score value be respectively 25,50,22.Then max_level=6, sum_level=25+50+22=97, check_count=
5+7+4=16.
Optionally, the risk score value that separate unit online equipment to be measured is calculated according to equipment behavior penalty values specifically includes:
Full marks score value is set;
The equipment behavior penalty values of separate unit online equipment to be measured are subtracted, are obtained on the basis of full marks score value using deduction of points method
To the risk score value.
Specifically, full marks score value could be provided as 100 points, and risk score value subtracts equipment behavior penalty values equal to 100.Equipment
Behavior penalty values are bigger, and risk score value is lower, and the risk of the network equipment is higher.Conversely, equipment behavior penalty values are smaller, risk point
Value is higher, and the risk of the network equipment is lower.The safest situation of the network equipment is 100 points, and most dangerous situation is 0 point.Score value
Grade classification and qualitative description are by users' personal allocation.
The method that the embodiment of the present invention is provided, to briefly describe, which does not refer to place, can refer to implementation
Corresponding contents in example two.
Example IV:
Referring to Fig. 2, example IV provides a kind of separate unit online equipment risk evaluating system, including:
Setting unit:Risk class for multiple check items and each check item to be arranged;
Detection unit:For being measured in real time to separate unit online equipment to be measured according to check item, testing result is obtained;
Statistic unit:For storing obtained testing result in the preset assessment time, including accused in testing result
There is the number alerted in the risk class of alert check item, the check item and separate unit online equipment to be measured;
Assessment unit:For being analyzed the testing result of storage according to preset assessment models, equipment behavior is obtained
Penalty values;It is additionally operable to calculate the risk score value of separate unit online equipment to be measured according to equipment behavior penalty values.
Further, described that separate unit online equipment to be measured is measured in real time according to check item, obtain testing result tool
Body includes;
Separate unit online equipment to be measured is measured in real time according to check item;
Risk class to there is the check item alerted scores, and obtains alarm score value;
Record alarm score value;
The testing result includes the alarm score value.
Further, described that all testing results are analyzed according to preset assessment models, obtain equipment behavior
Penalty values specifically include:
Analysis time is set;
When being reached between when analyzed, it is calculate by the following formula equipment behavior penalty values:
Behavior_loss=(max_level+sum_level × 0.1) × max_level × tanh (check_
count);
Wherein, behavior_loss is the equipment behavior penalty values of separate unit online equipment to be measured, and max_level is to be measured
Highest alarm score value in the testing result of separate unit online equipment, sum_level are the testing result of separate unit online equipment to be measured
In the sum of all alarm score values, check_count is that separate unit online equipment to be measured the cumulative number alerted occurs,
Further, the risk score value that separate unit online equipment to be measured is calculated according to equipment behavior penalty values specifically wraps
It includes:
Full marks score value is set;
The equipment behavior penalty values of separate unit online equipment to be measured are subtracted, are obtained on the basis of full marks score value using deduction of points method
To the risk score value.
The technique effect and preceding method embodiment phase of the device that the embodiment of the present invention is provided, realization principle and generation
Together, to briefly describe, device embodiment part does not refer to place, can refer to corresponding contents in preceding method embodiment.
In several embodiments provided herein, it should be understood that disclosed system and method can pass through it
Its mode is realized.For example, the apparatus embodiments described above are merely exemplary, for example, the division of the unit, only
Only a kind of division of logic function, formula that in actual implementation, there may be another division manner, such as multiple units or component can be tied
Another system is closed or is desirably integrated into, or some features can be ignored or not executed.In addition, shown or discussed phase
Coupling, direct-coupling or communication connection between mutually can be INDIRECT COUPLING or the communication by some interfaces, device or unit
Connection can also be electricity, mechanical or other form connections.
The unit illustrated as separating component may or may not be physically separated, aobvious as unit
The component shown may or may not be physical unit, you can be located at a place, or may be distributed over multiple
In network element.Some or all of unit therein can be selected according to the actual needs to realize the embodiment of the present invention
Purpose.
In addition, each functional unit in each embodiment of the present invention can be integrated in a processing unit, it can also
It is that each unit physically exists alone, can also be during two or more units are integrated in one unit.It is above-mentioned integrated
The form that hardware had both may be used in unit is realized, can also be realized in the form of SFU software functional unit.
If the integrated unit is realized in the form of SFU software functional unit and sells or use as independent product
When, it can be stored in a computer read/write memory medium.Based on this understanding, technical scheme of the present invention is substantially
The all or part of the part that contributes to existing technology or the technical solution can be in the form of software products in other words
It embodies, which is stored in a storage medium, including some instructions are used so that a computer
Equipment (can be personal computer, server or the network equipment etc.) executes the complete of each embodiment the method for the present invention
Portion or part steps.And storage medium above-mentioned includes:USB flash disk, mobile hard disk, read-only memory (ROM, Read-Only
Memory), random access memory (RAM, Random Access Memory), magnetic disc or CD etc. are various can store journey
The medium of sequence code.
Finally it should be noted that:The above embodiments are only used to illustrate the technical solution of the present invention., rather than its limitations;To the greatest extent
Present invention has been described in detail with reference to the aforementioned embodiments for pipe, it will be understood by those of ordinary skill in the art that:Its according to
So can with technical scheme described in the above embodiments is modified, either to which part or all technical features into
Row equivalent replacement;And these modifications or replacements, various embodiments of the present invention technology that it does not separate the essence of the corresponding technical solution
The range of scheme should all cover in the claim of the present invention and the range of specification.
Claims (8)
1. a kind of separate unit online equipment methods of risk assessment, which is characterized in that include the following steps:
The risk class of multiple check items and each check item is set;
Separate unit online equipment to be measured is measured in real time according to check item, obtains testing result;
The testing result obtained in the preset assessment time is stored, including occurs the check item alerted, the inspection in testing result
There is the number alerted in the risk class and separate unit online equipment to be measured of item;
The testing result of storage is analyzed according to preset assessment models, obtains equipment behavior penalty values;
The risk score value of separate unit online equipment to be measured is calculated according to equipment behavior penalty values.
2. separate unit online equipment methods of risk assessment according to claim 1, which is characterized in that
It is described that separate unit online equipment to be measured is measured in real time according to check item, it obtains testing result and specifically includes;
Separate unit online equipment to be measured is measured in real time according to check item;
Risk class to there is the check item alerted scores, and obtains alarm score value;
Record alarm score value;
The testing result includes the alarm score value.
3. separate unit online equipment methods of risk assessment according to claim 2, which is characterized in that
It is described that all testing results are analyzed according to preset assessment models, it obtains equipment behavior penalty values and specifically wraps
It includes:
Analysis time is set;
When being reached between when analyzed, it is calculate by the following formula equipment behavior penalty values:
Behavior_loss=(max_level+sum_level × 0.1) × max_level × tanh (check_count);
Wherein, behavior_loss is the equipment behavior penalty values of separate unit online equipment to be measured, and max_level is separate unit to be measured
Highest alarm score value in the testing result of online equipment, sum_level are institute in the testing result of separate unit online equipment to be measured
It is that separate unit online equipment to be measured the cumulative number alerted occurs to have the sum of alarm score value, check_count,
4. according to separate unit online equipment methods of risk assessment described in any claim in claim 1-3, which is characterized in that
The risk score value that separate unit online equipment to be measured is calculated according to equipment behavior penalty values specifically includes:
Full marks score value is set;
The equipment behavior penalty values of separate unit online equipment to be measured are subtracted, institute is obtained on the basis of full marks score value using deduction of points method
State risk score value.
5. a kind of separate unit online equipment risk evaluating system, which is characterized in that including:
Setting unit:Risk class for multiple check items and each check item to be arranged;
Detection unit:For being measured in real time to separate unit online equipment to be measured according to check item, testing result is obtained;
Statistic unit:For storing obtained testing result in the preset assessment time, including occur alerting in testing result
There is the number alerted in check item, the risk class of the check item and separate unit online equipment to be measured;
Assessment unit:For being analyzed the testing result of storage according to preset assessment models, equipment behavior loss is obtained
Value;It is additionally operable to calculate the risk score value of separate unit online equipment to be measured according to equipment behavior penalty values.
6. separate unit online equipment risk evaluating system according to claim 5, which is characterized in that
It is described that separate unit online equipment to be measured is measured in real time according to check item, it obtains testing result and specifically includes;
Separate unit online equipment to be measured is measured in real time according to check item;
Risk class to there is the check item alerted scores, and obtains alarm score value;
Record alarm score value;
The testing result includes the alarm score value.
7. separate unit online equipment risk evaluating system according to claim 6, which is characterized in that
It is described that all testing results are analyzed according to preset assessment models, it obtains equipment behavior penalty values and specifically wraps
It includes:
Analysis time is set;
When being reached between when analyzed, it is calculate by the following formula equipment behavior penalty values:
Behavior_loss=(max_level+sum_level × 0.1) × max_level × tanh (check_count);
Wherein, behavior_loss is the equipment behavior penalty values of separate unit online equipment to be measured, and max_level is separate unit to be measured
Highest alarm score value in the testing result of online equipment, sum_level are institute in the testing result of separate unit online equipment to be measured
It is that separate unit online equipment to be measured the cumulative number alerted occurs to have the sum of alarm score value, check_count,
8. according to separate unit online equipment risk evaluating system described in any claim in claim 5-7, which is characterized in that
The risk score value that separate unit online equipment to be measured is calculated according to equipment behavior penalty values specifically includes:
Full marks score value is set;
The equipment behavior penalty values of separate unit online equipment to be measured are subtracted, institute is obtained on the basis of full marks score value using deduction of points method
State risk score value.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810455479.6A CN108683662B (en) | 2018-05-14 | 2018-05-14 | Individual online equipment risk assessment method and system |
| PCT/CN2019/085191 WO2019218875A1 (en) | 2018-05-14 | 2019-04-30 | Single network equipment risk assessment method and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810455479.6A CN108683662B (en) | 2018-05-14 | 2018-05-14 | Individual online equipment risk assessment method and system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN108683662A true CN108683662A (en) | 2018-10-19 |
| CN108683662B CN108683662B (en) | 2020-08-14 |
Family
ID=63806390
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201810455479.6A Active CN108683662B (en) | 2018-05-14 | 2018-05-14 | Individual online equipment risk assessment method and system |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN108683662B (en) |
| WO (1) | WO2019218875A1 (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110443515A (en) * | 2019-08-09 | 2019-11-12 | 杭州安恒信息技术股份有限公司 | Internet of Things safety detection method and system based on threat index |
| WO2019218875A1 (en) * | 2018-05-14 | 2019-11-21 | 深圳市联软科技股份有限公司 | Single network equipment risk assessment method and system |
| CN111865660A (en) * | 2020-06-12 | 2020-10-30 | 广东电网有限责任公司 | Operation risk evaluation method and system for network equipment |
Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20130333038A1 (en) * | 2005-09-06 | 2013-12-12 | Daniel Chien | Evaluating a questionable network communication |
| CN104092469A (en) * | 2014-07-22 | 2014-10-08 | 西安电子科技大学 | Simplified Log-BP iterative decoding method based on equal-chord-length straight line approximation |
| CN106203666A (en) * | 2015-04-30 | 2016-12-07 | 中国南方电网有限责任公司 | A kind of data networking equipment methods of risk assessment and device |
| CN106790198A (en) * | 2016-12-30 | 2017-05-31 | 北京神州绿盟信息安全科技股份有限公司 | A kind of method for evaluating information system risk and system |
| CN107172004A (en) * | 2016-03-08 | 2017-09-15 | 中兴通讯股份有限公司 | The methods of risk assessment and device of a kind of Network Security Device |
| CN107204876A (en) * | 2017-05-22 | 2017-09-26 | 成都网络空间安全技术有限公司 | A kind of network security risk evaluation method |
| US20170324775A9 (en) * | 2012-11-21 | 2017-11-09 | Snoopwall, Llc | System and method for detecting, alerting and blocking data leakage, eavesdropping and spyware |
| CN107451402A (en) * | 2017-07-13 | 2017-12-08 | 北京交通大学 | A kind of equipment health degree appraisal procedure and device based on alarm data analysis |
| CN107911231A (en) * | 2017-10-25 | 2018-04-13 | 北京神州绿盟信息安全科技股份有限公司 | The appraisal procedure and device of a kind of threat data |
Family Cites Families (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105205732A (en) * | 2015-09-28 | 2015-12-30 | 中国南方电网有限责任公司 | Risk assessment and maintenance method based on equipment risk characteristic model |
| CN108009711A (en) * | 2017-11-23 | 2018-05-08 | 平安科技(深圳)有限公司 | Methods of risk assessment, device, computer equipment and readable storage medium storing program for executing |
| CN108683662B (en) * | 2018-05-14 | 2020-08-14 | 深圳市联软科技股份有限公司 | Individual online equipment risk assessment method and system |
-
2018
- 2018-05-14 CN CN201810455479.6A patent/CN108683662B/en active Active
-
2019
- 2019-04-30 WO PCT/CN2019/085191 patent/WO2019218875A1/en active Application Filing
Patent Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20130333038A1 (en) * | 2005-09-06 | 2013-12-12 | Daniel Chien | Evaluating a questionable network communication |
| US20170324775A9 (en) * | 2012-11-21 | 2017-11-09 | Snoopwall, Llc | System and method for detecting, alerting and blocking data leakage, eavesdropping and spyware |
| CN104092469A (en) * | 2014-07-22 | 2014-10-08 | 西安电子科技大学 | Simplified Log-BP iterative decoding method based on equal-chord-length straight line approximation |
| CN106203666A (en) * | 2015-04-30 | 2016-12-07 | 中国南方电网有限责任公司 | A kind of data networking equipment methods of risk assessment and device |
| CN107172004A (en) * | 2016-03-08 | 2017-09-15 | 中兴通讯股份有限公司 | The methods of risk assessment and device of a kind of Network Security Device |
| CN106790198A (en) * | 2016-12-30 | 2017-05-31 | 北京神州绿盟信息安全科技股份有限公司 | A kind of method for evaluating information system risk and system |
| CN107204876A (en) * | 2017-05-22 | 2017-09-26 | 成都网络空间安全技术有限公司 | A kind of network security risk evaluation method |
| CN107451402A (en) * | 2017-07-13 | 2017-12-08 | 北京交通大学 | A kind of equipment health degree appraisal procedure and device based on alarm data analysis |
| CN107911231A (en) * | 2017-10-25 | 2018-04-13 | 北京神州绿盟信息安全科技股份有限公司 | The appraisal procedure and device of a kind of threat data |
Non-Patent Citations (1)
| Title |
|---|
| 赵冬梅: "信息安全风险评估量化方法研究", 《中国博士学位论文全文数据库 信息科技辑》 * |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2019218875A1 (en) * | 2018-05-14 | 2019-11-21 | 深圳市联软科技股份有限公司 | Single network equipment risk assessment method and system |
| CN110443515A (en) * | 2019-08-09 | 2019-11-12 | 杭州安恒信息技术股份有限公司 | Internet of Things safety detection method and system based on threat index |
| CN111865660A (en) * | 2020-06-12 | 2020-10-30 | 广东电网有限责任公司 | Operation risk evaluation method and system for network equipment |
Also Published As
| Publication number | Publication date |
|---|---|
| WO2019218875A1 (en) | 2019-11-21 |
| CN108683662B (en) | 2020-08-14 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN108650133A (en) | Network risk assessment method and system | |
| CN108683662A (en) | Separate unit online equipment methods of risk assessment and system | |
| CN109947079A (en) | Region method for detecting abnormality and edge calculations equipment based on edge calculations | |
| CN106600115A (en) | Intelligent operation and maintenance analysis method for enterprise information system | |
| CN105516130A (en) | Data processing method and device | |
| CN109379373A (en) | A kind of cloud security assessment system and method | |
| CN104504334B (en) | System and method for assessing classifying rules selectivity | |
| CN109412839A (en) | A kind of recognition methods, device, equipment and the storage medium of exception account | |
| CN111557011A (en) | Enterprise yield-breaking prediction system and operation method thereof | |
| CN109614608A (en) | Electronic device, text information detection method and storage medium | |
| Sulaman et al. | A review of research on risk analysis methods for IT systems | |
| CN109389400A (en) | The system and method for potential danger equipment are identified during user interacts with bank service | |
| CN107911231A (en) | The appraisal procedure and device of a kind of threat data | |
| CN108696486A (en) | A kind of abnormal operation behavioral value processing method and processing device | |
| CN105825130B (en) | A kind of information security method for early warning and device | |
| CN109815480A (en) | A kind of data processing method and device and storage medium | |
| CN113283315B (en) | Multi-flight-state helicopter fault dynamic monitoring and alarming method | |
| CN107135199A (en) | The detection method and device at webpage back door | |
| CN113761205A (en) | Networking alarm application management system for hazardous chemical substances | |
| KR20040104853A (en) | Risk analysis system for information assets | |
| CN117330246A (en) | Method, device and medium for optimizing space arrangement of storage tank leakage gas monitor | |
| CN111625437A (en) | Monitoring method and device of wind control model | |
| Takano et al. | Modelling of human errors in cognitive processes observed in dynamic environments | |
| CN114285630B (en) | Security domain risk warning method, system, device and readable storage medium | |
| CN116227920A (en) | Enterprise risk assessment method and device, electronic equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |