CN108764481A - A kind of information security ability evaluating method and system based on mobile terminal behavior - Google Patents

A kind of information security ability evaluating method and system based on mobile terminal behavior Download PDF

Info

Publication number
CN108764481A
CN108764481A CN201810419424.XA CN201810419424A CN108764481A CN 108764481 A CN108764481 A CN 108764481A CN 201810419424 A CN201810419424 A CN 201810419424A CN 108764481 A CN108764481 A CN 108764481A
Authority
CN
China
Prior art keywords
information security
evaluation
security ability
behavior
ability
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201810419424.XA
Other languages
Chinese (zh)
Inventor
杨鹏
黄元飞
陈亮
高强
张晓娜
罗森林
潘丽敏
李蕊
胡雅娴
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Institute of Technology BIT
National Computer Network and Information Security Management Center
Original Assignee
Beijing Institute of Technology BIT
National Computer Network and Information Security Management Center
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Institute of Technology BIT, National Computer Network and Information Security Management Center filed Critical Beijing Institute of Technology BIT
Priority to CN201810419424.XA priority Critical patent/CN108764481A/en
Publication of CN108764481A publication Critical patent/CN108764481A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06NCOMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
    • G06N7/00Computing arrangements based on specific mathematical models
    • G06N7/02Computing arrangements based on specific mathematical models using fuzzy logic

Landscapes

  • Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Computational Mathematics (AREA)
  • Evolutionary Computation (AREA)
  • Molecular Biology (AREA)
  • Fuzzy Systems (AREA)
  • Biomedical Technology (AREA)
  • Algebra (AREA)
  • Artificial Intelligence (AREA)
  • Health & Medical Sciences (AREA)
  • Data Mining & Analysis (AREA)
  • General Health & Medical Sciences (AREA)
  • Automation & Control Theory (AREA)
  • Mathematical Analysis (AREA)
  • Mathematical Optimization (AREA)
  • Pure & Applied Mathematics (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Mathematical Physics (AREA)
  • Life Sciences & Earth Sciences (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

A kind of the information security ability evaluating method and system based on mobile terminal behavior that the embodiment of the present invention proposes, pass through the behavioral data according to mobile terminal when users use, user information safety ability is evaluated and tested, it solves the problems, such as the unicity of existing information security capabilities evaluating method and evaluates comprehensive insufficient, emphasis considers importance of the objective behavior to ontological analysis so that information security ability evaluation result is with true and reliable.

Description

A kind of information security ability evaluating method and system based on mobile terminal behavior
Technical field
The present embodiments relate to information security abilities to evaluate and test technical field, and in particular to one kind being based on mobile terminal behavior Information security ability evaluating method and system.
Background technology
Information security ability is an essential basic capacity during rapid technological growth, and mobile Internet is logical Believe the product that net and internet combine, has the characteristics that wireless and portable.Mobile terminal is the equipment using mobile Internet, because And mobile terminal has increasing income property and opening.Mobile terminal device is used as the highest equipment of popularization, Ke Yi in the masses Largely reflect the information security ability of user.In recent years, fund is stolen and the security incidents such as privacy leakage are commonplace, The security of the lives and property for seriously threatening the masses needs to carry out information security ability to avoid the generation of security incident as possible Evaluation and test improves its information security ability to be guided the individual of information security scarce capacity.Therefore, the present invention will carry For evaluating and testing out the information security ability of individual based on the information security ability evaluating method of mobile terminal behavior, weak spot is found out It is guided, to improve information security ability.
Existing evaluation and test technology is taken a broad view of, three classes can be classified as usually using method:
1. questionnaire method
Questionnaire method be it is a kind of it is common evaluation and test user information security ability method, can be designed as it is open, It is closed and quantization table response formula, generally using access, mailing and provide the methods of carry out.The basic principle of questionnaire method is The theme of one investigation of selection, using questionnaire as carrier the problem of needing investigation under this theme, the core of this method is Design seismic wave questionnaire, questionnaire design needs rational structure, careful logic, and wants easy-to-understand, not only to reach by Problem is communicated to the purpose of surveyee, also to allow investigator to answer strictly according to the facts.But questionnaire method relies primarily on surveyee Subjective answers, lack objective judgement, obtained result may not be inconsistent with truth, and the knowledge involved in questionnaire Not wide enough, investigation is inefficient.
2. serious game
Serious game is a kind of electronic game for the purpose of imparting knowledge to students, provide professional skill training and simulation application, core The heart is the application elements such as knowledge and skills.The basic principle of this method be under the scene of virtual reality to user carry out education with Culture achievees the purpose that exercise skill, improves professional ability and evaluates and tests its ability.Serious scene of game solid is changeable, can give User is provided close to true academic environment, at low cost, high efficiency, and popularization is also very strong.But serious game can only be directed to Individual event technical ability is giveed training or is evaluated and tested, and information security events development is changeable, it is difficult to which in addition development of keeping abreast of the current situation strictly is played Development cost is higher.
3. examination question is examined
Examination question examination is, by the information security ability of examination question examination individual, to obtain user on the basis of software development Information security ability it is strong and weak, and positive feedback is given at the end of examination, for the weak commending contents related subject of user Study teaching material etc., guidance education user knowledge related with information security and ability.This method can be examined to a certain extent The information security ability of core individual, but it is difficult to ensure that it accomplishes the tool corresponding to correct option in examination question in daily life The behavior of body.
In conclusion existing evaluating method is difficult to preferably evaluate and test information security ability.
Invention content
In order to solve the above-mentioned technical problem above-mentioned technical problem or is at least partly solved, an embodiment of the present invention provides A kind of information security ability evaluating method and system based on mobile terminal behavior.
In view of this, in a first aspect, the embodiment of the present invention provides a kind of information security ability based on mobile terminal behavior Evaluating method, including:
Behavioral data when acquisition mobile terminal is used by a user;
The behavioral data is input to the information security ability fuzzy evaluating model built in advance, output with it is described The corresponding information security ability rating of behavioral data.
The structure of described information security capabilities fuzzy evaluating model, including:
Acquire multiple historical behavior data samples of mobile terminal;
Determine the safety of historical behavior data sample, and according to the safety of historical behavior data sample, foundation is used for Evaluate and test the unsafe acts evaluation rule of behavioral data safety;
Information security ability fuzzy evaluating model is built according to the unsafe acts evaluation rule.
Determine the safety of historical behavior data sample, and according to the safety of historical behavior data sample, foundation is used for The unsafe acts evaluation rule of behavioral data safety is evaluated and tested, including:
Obtain preset dynamic behaviour condition and static behavior condition;
According to the dynamic behaviour condition and static behavior condition, the historical behavior data sample is divided into dynamic row For data sample and static behavior data sample;
The safety of the dynamic behaviour data sample and static behavior data sample is determined according to priori database;
According to the safety of the safety of dynamic behaviour data sample and static behavior data sample, it is dangerous to establish dynamic Action estimation rule and static unsafe acts evaluation rule.
Information security ability fuzzy evaluating model is built according to the unsafe acts evaluation rule, including:
Evaluation index is determined according to unsafe acts evaluation rule;
Information security ability evaluation metrics system is built according to evaluation index and evaluation and test collects, and the evaluation and test collection is for described The result that information security ability evaluation metrics system obtains is evaluated;
Establish the weight sets of evaluation metrics in information security ability evaluation metrics system;
Establish the degree of membership of evaluation metrics in information security ability evaluation metrics system;
Fuzzy overall evaluation matrix is built according to the weight sets and degree of membership.
The behavioral data is input to the information security ability fuzzy evaluating model built in advance, is exported remaining described The corresponding information security ability rating of behavioral data, including:
The behavioral data is input to the information security ability fuzzy evaluating model built in advance, is pacified by information All can power evaluation metrics system computing obtain information security Capability index;
According to the correspondence of preset information security Capability index and evaluation and test collection, information security ability grade is determined.
The element of the evaluation and test collection include information security ability is weak, information security ability is general, information security ability is relatively strong, The strong four information security ability grades of information security ability.
The behavioral data includes:
Call behavior, short message behavior, hot spot connect behavior, using installation behavior, application operation behavior, positioning behavior and net Network interbehavior.
Second aspect, the embodiment of the present invention also provide a kind of information security ability evaluation and test system based on mobile terminal behavior System, including:
Acquisition module, for acquiring behavioral data when mobile terminal is used by a user;
Evaluation and test module, for the behavioral data to be input to the information security ability fuzzy evaluating mould built in advance Type exports information security ability rating corresponding with the behavioral data.
The evaluation and test module includes the modeling submodule for building information security ability fuzzy evaluating model;
The modeling submodule includes:
Collecting unit, multiple historical behavior data samples for acquiring mobile terminal;
Rules unit, the safety for determining historical behavior data sample, and according to the peace of historical behavior data sample Quan Xing establishes the unsafe acts evaluation rule for evaluating and testing behavioral data safety;
Modeling unit, for building information security ability fuzzy evaluating mould according to the unsafe acts evaluation rule Type.
The rules unit includes:
Subelement is obtained, for obtaining preset dynamic behaviour condition and static behavior condition;
Subelement is divided, is used for according to the dynamic behaviour condition and static behavior condition, by the historical behavior data Sample is divided into dynamic behaviour data sample and static behavior data sample;
Determination subelement, for determining the dynamic behaviour data sample and static behavior number according to priori database According to the safety of sample;
Subelement is established, the safety of the safety and static behavior data sample according to dynamic behaviour data sample is used for Property, establish dynamic unsafe acts evaluation rule and static unsafe acts evaluation rule.
The third aspect, the embodiment of the present invention also propose a kind of non-transient computer readable storage medium, the non-transient meter Calculation machine readable storage medium storing program for executing stores computer instruction, and the computer instruction makes the computer execute side as described in relation to the first aspect The step of method.
Compared with prior art, a kind of information security ability evaluation and test based on mobile terminal behavior that the embodiment of the present invention proposes Method is evaluated and tested user information safety ability, is solved by the behavioral data according to mobile terminal when users use The unicity of existing information security capabilities evaluating method and the problem for evaluating comprehensive deficiency, emphasis consider objective behavior to this The importance of body analysis so that information security ability evaluation result is with true and reliable;
Compared to questionnaire method, the present invention acquires the behavioral data of customer mobile terminal, increases objective judgement, obtains As a result can be closer to truth, efficiency is higher;
Compared to serious game, the present invention acquires multi-level mobile terminal data, and coverage is wide, real-time, conscientiously Reflect the information security ability of current state user and at low cost;
Examined compared to examination question, the present invention can the behavior based on user evaluation and test is made to information security ability, rather than only By subjective answer, accuracy higher.
Description of the drawings
In order to illustrate the technical solution of the embodiments of the present invention more clearly, below will be in embodiment or description of the prior art Required attached drawing is briefly described, it should be apparent that, the accompanying drawings in the following description is only some realities of the present invention Example is applied, it for those of ordinary skill in the art, without having to pay creative labor, can also be attached according to these Figure obtains other attached drawings.
Fig. 1 is a kind of flow of the information security ability evaluating method method based on mobile terminal behavior provided by the invention Figure;
Fig. 2 is a kind of information security ability evaluating system signal based on mobile terminal behavior provided in an embodiment of the present invention Figure.
Specific implementation mode
In order to make the object, technical scheme and advantages of the embodiment of the invention clearer, below in conjunction with the embodiment of the present invention In attached drawing, technical scheme in the embodiment of the invention is clearly and completely described, it is clear that described embodiment is A part of the embodiment of the present invention, instead of all the embodiments.Based on the embodiments of the present invention, ordinary skill people The every other embodiment that member is obtained without making creative work, shall fall within the protection scope of the present invention.
As shown in FIG. 1, FIG. 1 is a kind of information security ability evaluation and test sides based on mobile terminal behavior provided by the invention Method, it may include following steps:
Behavioral data when acquisition mobile terminal is used by a user;
The behavioral data is input to the information security ability fuzzy evaluating model built in advance, output with it is described The corresponding information security ability rating of behavioral data.
The structure of described information security capabilities fuzzy evaluating model, including:
Acquire multiple historical behavior data samples of mobile terminal;
Determine the safety of historical behavior data sample, and according to the safety of historical behavior data sample, foundation is used for Evaluate and test the unsafe acts evaluation rule of behavioral data safety;
Information security ability fuzzy evaluating model is built according to the unsafe acts evaluation rule.
Determine the safety of historical behavior data sample, and according to the safety of historical behavior data sample, foundation is used for The unsafe acts evaluation rule of behavioral data safety is evaluated and tested, including:
Obtain preset dynamic behaviour condition and static behavior condition;
According to the dynamic behaviour condition and static behavior condition, the historical behavior data sample is divided into dynamic row For data sample and static behavior data sample;
The safety of the dynamic behaviour data sample and static behavior data sample is determined according to priori database;
According to the safety of the safety of dynamic behaviour data sample and static behavior data sample, it is dangerous to establish dynamic Action estimation rule and static unsafe acts evaluation rule.
Information security ability fuzzy evaluating model is built according to the unsafe acts evaluation rule, including:
Evaluation index is determined according to unsafe acts evaluation rule;
Information security ability evaluation metrics system is built according to evaluation index and evaluation and test collects, and the evaluation and test collection is for described The result that information security ability evaluation metrics system obtains is evaluated;
Establish the weight sets of evaluation metrics in information security ability evaluation metrics system;
Establish the degree of membership of evaluation metrics in information security ability evaluation metrics system;
Fuzzy overall evaluation matrix is built according to the weight sets and degree of membership.
The behavioral data is input to the information security ability fuzzy evaluating model built in advance, is exported remaining described The corresponding information security ability rating of behavioral data, including:
The behavioral data is input to the information security ability fuzzy evaluating model built in advance, is pacified by information All can power evaluation metrics system computing obtain information security Capability index;
According to the correspondence of preset information security Capability index and evaluation and test collection, information security ability grade is determined.
The element of the evaluation and test collection include information security ability is weak, information security ability is general, information security ability is relatively strong, The strong four information security ability grades of information security ability.
The behavioral data includes:
Call behavior, short message behavior, hot spot connect behavior, using installation behavior, application operation behavior, positioning behavior and net Network interbehavior.
Based on identical inventive concept, the information security ability evaluation and test based on mobile terminal behavior that the present invention also provides a kind of System, as shown in Fig. 2, may include:
Acquisition module, for acquiring behavioral data when mobile terminal is used by a user;
Evaluation and test module, for the behavioral data to be input to the information security ability fuzzy evaluating mould built in advance Type exports information security ability rating corresponding with the behavioral data.
The evaluation and test module includes the modeling submodule for building information security ability fuzzy evaluating model;
The modeling submodule includes:
Collecting unit, multiple historical behavior data samples for acquiring mobile terminal;
Rules unit, the safety for determining historical behavior data sample, and according to the peace of historical behavior data sample Quan Xing establishes the unsafe acts evaluation rule for evaluating and testing behavioral data safety;
Modeling unit, for building information security ability fuzzy evaluating mould according to the unsafe acts evaluation rule Type.
The rules unit includes:
Subelement is obtained, for obtaining preset dynamic behaviour condition and static behavior condition;
Subelement is divided, is used for according to the dynamic behaviour condition and static behavior condition, by the historical behavior data Sample is divided into dynamic behaviour data sample and static behavior data sample;
Determination subelement, for determining the dynamic behaviour data sample and static behavior number according to priori database According to the safety of sample;
Subelement is established, the safety of the safety and static behavior data sample according to dynamic behaviour data sample is used for Property, establish dynamic unsafe acts evaluation rule and static unsafe acts evaluation rule.
In a specific example,
Experimental data is in August, 2017 to 431 behavior numbers of Android 4.4.1 systems prototype during in December, 2017 According to detailed process is:
Step 1, call behavior, short message behavior, hot spot connect behavior, using installation and operation row in acquisition mobile terminal For, positioning the experimental datas such as behavior and network-flow characteristic.
Step 2, collected experimental data is analyzed, unsafe acts evaluation rule is established.
Step 2.1, participant in the feature of the corresponding static behavior of analysis abstract concept and dynamic behaviour, dynamic behaviour and Experimental data is divided into static behavior data and dynamic behaviour data by the relationship between participant and dynamic behaviour.
Step 2.2, the relationship between static behavior data and dynamic behaviour data and information security ability is found respectively, is led to It crosses expert consulting and expert's knowledge formulates unsafe acts evaluation rule shown in table 1.
1. unsafe acts evaluation rule of table
Step 3, information security ability fuzzy evaluating model is built, user information safety ability is evaluated and tested.
Step 3.1, information security ability evaluation metrics system, the index system are built according to unsafe acts evaluation rule Including three first class index and 15 two-level index.
Step 3.2, it defines the evaluation and test of information security ability rating to integrate as level Four information security ability grade, evaluation and test collection V= {V1,V2,V3,V4Information security ability is weak, information security ability is general, information security ability is compared with strong, information security ability is strong }, User information safety ability hypermnesia is 3 by V (V ∈ { 0,1,2,3 }), and information security ability is 2 compared with hypermnesia, information security ability It generally is denoted as 1, information security ability is weak to be denoted as 0.
Step 3.3, judgment matrix is established to first class index, calculate weight vectors and carries out consistency check, if consistency Inspection does not pass through, and carries out parameters revision, will be used as first class index weight by the value of consistency check.
Step 3.4, judgment matrix is established to two-level index, calculate weight vectors and carries out consistency check, if consistency Inspection does not pass through, and carries out parameters revision, will be used as two-level index weight by the value of consistency check.
Step 3.5, questionnaire is provided to expert, obtains the degree of membership of evaluation index, construct degree of membership fuzzy subset Table obtains fuzzy overall evaluation matrix.
Step 3.6, the information security Capability index of user is calculated according to following formula, and is carried out at MIN-MAX normalization Reason.
P=W1×W2×I (1)
Wherein, W1For first class index weight matrix, W2For two-level index weight matrix, I be under two-level index in single index Vector.
The calculation formula of single indicator vector is as follows in two-level index:
I=S × R × X (2)
Wherein, S is degree of membership weight vectors, and R is fuzzy matrix, X=(0 12 3)TFor information security ability rating to Amount.
MIN-MAX normalized calculation formula are as follows:
Wherein, P*For the value after P normalizeds, MAX is index maximum value, and MIN is Index Min.
Step 3.7, grade classification is carried out to information security Capability index, it is strong to be divided into information security ability, information security Ability is stronger, and information security ability is general and weak four grades of information security ability.Table 2 is information security Capability index grade Table.
2. information security Capability index table of grading of table
Test result:Experiment based on mobile terminal behavior pair in August, 2017 to during in December, 2017 certain use Android 4.4.1 the user information safety ability of system is evaluated and tested, and obtains user information security capability result during this period, and being based on should Number of cases evidence, the present invention propose that test and appraisal efficiency can be improved 10%-20% by method.
It is understood that embodiments described herein can use hardware, software, firmware, middleware, microcode or its It combines to realize.For hardware realization, processing unit may be implemented in one or more application-specific integrated circuits (ApplicationSpecificIntegratedCircuits, ASIC), digital signal processor (DigitalSignalProcessing, DSP), digital signal processing appts (DSPDevice, DSPD), programmable logic device (ProgrammableLogicDevice, PLD), field programmable gate array (Field-ProgrammableGateArray, FPGA), general processor, controller, microcontroller, microprocessor, other electronics lists for executing herein described function In member or combinations thereof.
For software implementations, the techniques described herein can be realized by executing the unit of function described herein.Software generation Code is storable in memory and is executed by processor.Memory can in the processor or portion realizes outside the processor.
Those of ordinary skill in the art may realize that lists described in conjunction with the examples disclosed in the embodiments of the present disclosure Member and algorithm steps can be realized with the combination of electronic hardware or computer software and electronic hardware.These functions are actually It is implemented in hardware or software, depends on the specific application and design constraint of technical solution.Professional technician Each specific application can be used different methods to achieve the described function, but this realization is it is not considered that exceed The scope of the present invention.
It is apparent to those skilled in the art that for convenience and simplicity of description, the system of foregoing description, The specific work process of device and unit, can refer to corresponding processes in the foregoing method embodiment, and details are not described herein.
In embodiment provided herein, it should be understood that disclosed device and method can pass through others Mode is realized.For example, the apparatus embodiments described above are merely exemplary, for example, the division of the unit, only A kind of division of logic function, formula that in actual implementation, there may be another division manner, such as multiple units or component can combine or Person is desirably integrated into another system, or some features can be ignored or not executed.Another point, shown or discussed is mutual Between coupling, direct-coupling or communication connection can be INDIRECT COUPLING or communication link by some interfaces, device or unit It connects, can be electrical, machinery or other forms.
The unit illustrated as separating component may or may not be physically separated, aobvious as unit The component shown may or may not be physical unit, you can be located at a place, or may be distributed over multiple In network element.Some or all of unit therein can be selected according to the actual needs to realize the mesh of this embodiment scheme 's.
In addition, each functional unit in each embodiment of the present invention can be integrated in a processing unit, it can also It is that each unit physically exists alone, it can also be during two or more units be integrated in one unit.
It, can be with if the function is realized in the form of SFU software functional unit and when sold or used as an independent product It is stored in a computer read/write memory medium.Based on this understanding, the technical solution of the embodiment of the present invention is substantially The part of the part that contributes to existing technology or the technical solution can embody in the form of software products in other words Come, which is stored in a storage medium, including some instructions are used so that a computer equipment (can To be personal computer, server or the network equipment etc.) execute all or part of each embodiment the method for the present invention Step.And storage medium above-mentioned includes:USB flash disk, mobile hard disk, ROM, RAM, magnetic disc or CD etc. are various can to store program The medium of code.
It should be noted that herein, the terms "include", "comprise" or its any other variant are intended to non-row His property includes, so that process, method, article or device including a series of elements include not only those elements, and And further include other elements that are not explicitly listed, or further include for this process, method, article or device institute it is intrinsic Element.In the absence of more restrictions, the element limited by sentence "including a ...", it is not excluded that including this There is also other identical elements in the process of element, method, article or device.
It these are only the preferred embodiment of the present invention, be not intended to limit the scope of the present invention, it is every to be said using the present invention Equivalent structure or equivalent flow shift made by bright book and accompanying drawing content is applied directly or indirectly in other relevant technology necks Domain includes similarly within the scope of the present invention.

Claims (10)

1. a kind of information security ability evaluating method based on mobile terminal behavior, which is characterized in that including:
Behavioral data when acquisition mobile terminal is used by a user;
The behavioral data is input to the information security ability fuzzy evaluating model built in advance, output and the behavior The corresponding information security ability rating of data.
2. information security ability evaluating method according to claim 1, which is characterized in that described information security capabilities is fuzzy The structure of comprehensive evaluating model, including:
Acquire multiple historical behavior data samples of mobile terminal;
It determines the safety of historical behavior data sample, and according to the safety of historical behavior data sample, establishes for evaluating and testing The unsafe acts evaluation rule of behavioral data safety;
Information security ability fuzzy evaluating model is built according to the unsafe acts evaluation rule.
3. information security ability evaluating method according to claim 2, which is characterized in that determine historical behavior data sample Safety, and according to the safety of historical behavior data sample, establish the dangerous row for evaluating and testing behavioral data safety For evaluation rule, including:
Obtain preset dynamic behaviour condition and static behavior condition;
According to the dynamic behaviour condition and static behavior condition, the historical behavior data sample is divided into dynamic behaviour number According to sample and static behavior data sample;
The safety of the dynamic behaviour data sample and static behavior data sample is determined according to priori database;
According to the safety of the safety of dynamic behaviour data sample and static behavior data sample, dynamic unsafe acts are established Evaluation rule and static unsafe acts evaluation rule.
4. information security ability evaluating method according to claim 2, which is characterized in that commented according to the unsafe acts Gauge then builds information security ability fuzzy evaluating model, including:
Evaluation index is determined according to unsafe acts evaluation rule;
Information security ability evaluation metrics system is built according to evaluation index and evaluation and test collects, and the evaluation and test collection is for described information The result that security capabilities evaluation metrics system obtains is evaluated;
Establish the weight sets of evaluation metrics in information security ability evaluation metrics system;
Establish the degree of membership of evaluation metrics in information security ability evaluation metrics system;
Fuzzy overall evaluation matrix is built according to the weight sets and degree of membership.
5. information security ability evaluating method according to claim 4, which is characterized in that the behavioral data to be input to The information security ability fuzzy evaluating model built in advance exports corresponding information security ability of the remaining behavioral data etc. Grade, including:
The behavioral data is input to the information security ability fuzzy evaluating model built in advance, passes through information security energy Power evaluation metrics system computing obtains information security Capability index;
According to the correspondence of preset information security Capability index and evaluation and test collection, information security ability grade is determined.
6. information security ability evaluating method according to claim 4 or 5, which is characterized in that the element of the evaluation and test collection , information security ability weak including information security ability be general, information security ability is compared with the strong four information peace of strong, information security ability Full ability grade.
7. according to claim 1-6 any one of them information security ability evaluating methods, which is characterized in that the behavioral data Including:
Call behavior, short message behavior, hot spot connect behavior, are handed over using installation behavior, application operation behavior, positioning behavior and network Mutual behavior.
8. a kind of information security ability evaluating system based on mobile terminal behavior, which is characterized in that including:
Acquisition module, for acquiring behavioral data when mobile terminal is used by a user;
Evaluation and test module, for the behavioral data to be input to the information security ability fuzzy evaluating model built in advance, Output information security ability rating corresponding with the behavioral data.
9. information security ability evaluating system according to claim 8, which is characterized in that the evaluation and test module includes being used for Build the modeling submodule of information security ability fuzzy evaluating model;
The modeling submodule includes:
Collecting unit, multiple historical behavior data samples for acquiring mobile terminal;
Rules unit, the safety for determining historical behavior data sample, and according to the safety of historical behavior data sample, Establish the unsafe acts evaluation rule for evaluating and testing behavioral data safety;
Modeling unit, for building information security ability fuzzy evaluating model according to the unsafe acts evaluation rule.
10. information security ability evaluating system according to claim 9, which is characterized in that the rules unit includes:
Subelement is obtained, for obtaining preset dynamic behaviour condition and static behavior condition;
Subelement is divided, is used for according to the dynamic behaviour condition and static behavior condition, by the historical behavior data sample It is divided into dynamic behaviour data sample and static behavior data sample;
Determination subelement, for determining the dynamic behaviour data sample and static behavior data sample according to priori database This safety;
Subelement is established, the safety of the safety and static behavior data sample according to dynamic behaviour data sample is used for, builds Vertical dynamic unsafe acts evaluation rule and static unsafe acts evaluation rule.
CN201810419424.XA 2018-05-04 2018-05-04 A kind of information security ability evaluating method and system based on mobile terminal behavior Pending CN108764481A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810419424.XA CN108764481A (en) 2018-05-04 2018-05-04 A kind of information security ability evaluating method and system based on mobile terminal behavior

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810419424.XA CN108764481A (en) 2018-05-04 2018-05-04 A kind of information security ability evaluating method and system based on mobile terminal behavior

Publications (1)

Publication Number Publication Date
CN108764481A true CN108764481A (en) 2018-11-06

Family

ID=64010028

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810419424.XA Pending CN108764481A (en) 2018-05-04 2018-05-04 A kind of information security ability evaluating method and system based on mobile terminal behavior

Country Status (1)

Country Link
CN (1) CN108764481A (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112115479A (en) * 2020-09-08 2020-12-22 恩善(厦门)信息科技有限公司 Information security capability evaluation method and system based on mobile terminal behaviors
CN113626982A (en) * 2021-07-05 2021-11-09 郑州云智信安安全技术有限公司 Information security capability evaluation method and system based on mobile terminal behaviors

Citations (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050114279A1 (en) * 2000-08-03 2005-05-26 Unicru, Inc. Development of electronic employee selection systems and methods
CN101470779A (en) * 2007-12-24 2009-07-01 北京启明星辰信息技术股份有限公司 Fuzzy risk evaluation system and method for computer information security
CN101727627A (en) * 2009-12-16 2010-06-09 工业和信息化部电子第五研究所 Information system security risk assessment model based on combined evaluation method
CN104063750A (en) * 2014-06-27 2014-09-24 国家电网公司 Method for predicting influence of disasters to power system based on improved AHP-anti-entropy weight
CN104156662A (en) * 2014-08-28 2014-11-19 北京奇虎科技有限公司 Process monitoring method and device and intelligent terminal
CN104156895A (en) * 2014-08-20 2014-11-19 国网浙江余姚市供电公司 Evaluation method and device
CN104376266A (en) * 2014-11-21 2015-02-25 工业和信息化部电信研究院 Determination method and device for security level of application software
CN105007170A (en) * 2015-05-11 2015-10-28 大连理工大学 WLAN load comprehensive evaluation method based on FAHP-SVM theory
CN105279567A (en) * 2014-06-30 2016-01-27 国网上海市电力公司 Fuzzy comprehensive evaluation method for security risk of power supply enterprise electronic file
CN106056308A (en) * 2016-06-13 2016-10-26 宁波工程学院 Highway tunnel operation environment safety risk automatic judgment method
CN106096838A (en) * 2016-06-14 2016-11-09 广州市恒迅技防系统有限公司 Building fire safety evaluation method based on model of fuzzy synthetic evaluation and system
CN106203831A (en) * 2016-07-05 2016-12-07 杨林 A kind of power supply enterprise Electronic Archival Security risk evaluating system
CN107395430A (en) * 2017-08-16 2017-11-24 中国民航大学 A kind of cloud platform dynamic risk access control method

Patent Citations (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050114279A1 (en) * 2000-08-03 2005-05-26 Unicru, Inc. Development of electronic employee selection systems and methods
CN101470779A (en) * 2007-12-24 2009-07-01 北京启明星辰信息技术股份有限公司 Fuzzy risk evaluation system and method for computer information security
CN101727627A (en) * 2009-12-16 2010-06-09 工业和信息化部电子第五研究所 Information system security risk assessment model based on combined evaluation method
CN104063750A (en) * 2014-06-27 2014-09-24 国家电网公司 Method for predicting influence of disasters to power system based on improved AHP-anti-entropy weight
CN105279567A (en) * 2014-06-30 2016-01-27 国网上海市电力公司 Fuzzy comprehensive evaluation method for security risk of power supply enterprise electronic file
CN104156895A (en) * 2014-08-20 2014-11-19 国网浙江余姚市供电公司 Evaluation method and device
CN104156662A (en) * 2014-08-28 2014-11-19 北京奇虎科技有限公司 Process monitoring method and device and intelligent terminal
CN104376266A (en) * 2014-11-21 2015-02-25 工业和信息化部电信研究院 Determination method and device for security level of application software
CN105007170A (en) * 2015-05-11 2015-10-28 大连理工大学 WLAN load comprehensive evaluation method based on FAHP-SVM theory
CN106056308A (en) * 2016-06-13 2016-10-26 宁波工程学院 Highway tunnel operation environment safety risk automatic judgment method
CN106096838A (en) * 2016-06-14 2016-11-09 广州市恒迅技防系统有限公司 Building fire safety evaluation method based on model of fuzzy synthetic evaluation and system
CN106203831A (en) * 2016-07-05 2016-12-07 杨林 A kind of power supply enterprise Electronic Archival Security risk evaluating system
CN107395430A (en) * 2017-08-16 2017-11-24 中国民航大学 A kind of cloud platform dynamic risk access control method

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112115479A (en) * 2020-09-08 2020-12-22 恩善(厦门)信息科技有限公司 Information security capability evaluation method and system based on mobile terminal behaviors
CN113626982A (en) * 2021-07-05 2021-11-09 郑州云智信安安全技术有限公司 Information security capability evaluation method and system based on mobile terminal behaviors

Similar Documents

Publication Publication Date Title
Marquez-Vera et al. Predicting school failure using data mining
Nelson et al. Knowledge structure and the estimation of conditional probabilities in audit planning
CN104155596A (en) Artificial circuit fault diagnosis system based on random forest
Sundar A comparative study for predicting students academic performance using Bayesian network classifiers
CN105095411B (en) A kind of APP rankings prediction technique and system based on APP mass
CN108921569A (en) A kind of method and device of determining customer complaint type
CN106485621A (en) One kind is based on random algorithm vocational study checking system
CN108304853A (en) Acquisition methods, device, storage medium and the electronic device for the degree of correlation of playing
CN109740861A (en) A kind of learning data analysis method and device
CN107274888A (en) A kind of Emotional speech recognition method based on octave signal intensity and differentiation character subset
CN112527821A (en) Student bloom mastery degree evaluation method, system and storage medium
CN109800309A (en) Classroom Discourse genre classification methods and device
CN110232405A (en) Method and device for personal credit file
CN108764481A (en) A kind of information security ability evaluating method and system based on mobile terminal behavior
CN110198453A (en) Live content filter method, storage medium, equipment and system based on barrage
CN107943853A (en) Knowledge node selects test method and its institute's computation machine equipment and storage medium
CN110135684A (en) A kind of capability comparison method, capability comparison device and terminal device
CN104809104A (en) Method and system for identifying micro-blog textual emotion
CN109036528B (en) Clinical ability assessment method, device, storage medium and electronic equipment
Zhang et al. Understanding and improving fairness in cognitive diagnosis
CN114519508A (en) Credit risk assessment method based on time sequence deep learning and legal document information
Zhang et al. Research and application of grade prediction model based on decision tree algorithm
CN113127955A (en) Building anti-seismic performance evaluation method, system, device and storage medium
CN111062449A (en) Prediction model training method, interestingness prediction device and storage medium
CN110096708A (en) A kind of determining method and device of calibration collection

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20181106