CN108764481A - A kind of information security ability evaluating method and system based on mobile terminal behavior - Google Patents
A kind of information security ability evaluating method and system based on mobile terminal behavior Download PDFInfo
- Publication number
- CN108764481A CN108764481A CN201810419424.XA CN201810419424A CN108764481A CN 108764481 A CN108764481 A CN 108764481A CN 201810419424 A CN201810419424 A CN 201810419424A CN 108764481 A CN108764481 A CN 108764481A
- Authority
- CN
- China
- Prior art keywords
- information security
- evaluation
- security ability
- behavior
- ability
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06N—COMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N7/00—Computing arrangements based on specific mathematical models
- G06N7/02—Computing arrangements based on specific mathematical models using fuzzy logic
Landscapes
- Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- Computational Mathematics (AREA)
- Evolutionary Computation (AREA)
- Molecular Biology (AREA)
- Fuzzy Systems (AREA)
- Biomedical Technology (AREA)
- Algebra (AREA)
- Artificial Intelligence (AREA)
- Health & Medical Sciences (AREA)
- Data Mining & Analysis (AREA)
- General Health & Medical Sciences (AREA)
- Automation & Control Theory (AREA)
- Mathematical Analysis (AREA)
- Mathematical Optimization (AREA)
- Pure & Applied Mathematics (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Mathematical Physics (AREA)
- Life Sciences & Earth Sciences (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
A kind of the information security ability evaluating method and system based on mobile terminal behavior that the embodiment of the present invention proposes, pass through the behavioral data according to mobile terminal when users use, user information safety ability is evaluated and tested, it solves the problems, such as the unicity of existing information security capabilities evaluating method and evaluates comprehensive insufficient, emphasis considers importance of the objective behavior to ontological analysis so that information security ability evaluation result is with true and reliable.
Description
Technical field
The present embodiments relate to information security abilities to evaluate and test technical field, and in particular to one kind being based on mobile terminal behavior
Information security ability evaluating method and system.
Background technology
Information security ability is an essential basic capacity during rapid technological growth, and mobile Internet is logical
Believe the product that net and internet combine, has the characteristics that wireless and portable.Mobile terminal is the equipment using mobile Internet, because
And mobile terminal has increasing income property and opening.Mobile terminal device is used as the highest equipment of popularization, Ke Yi in the masses
Largely reflect the information security ability of user.In recent years, fund is stolen and the security incidents such as privacy leakage are commonplace,
The security of the lives and property for seriously threatening the masses needs to carry out information security ability to avoid the generation of security incident as possible
Evaluation and test improves its information security ability to be guided the individual of information security scarce capacity.Therefore, the present invention will carry
For evaluating and testing out the information security ability of individual based on the information security ability evaluating method of mobile terminal behavior, weak spot is found out
It is guided, to improve information security ability.
Existing evaluation and test technology is taken a broad view of, three classes can be classified as usually using method:
1. questionnaire method
Questionnaire method be it is a kind of it is common evaluation and test user information security ability method, can be designed as it is open,
It is closed and quantization table response formula, generally using access, mailing and provide the methods of carry out.The basic principle of questionnaire method is
The theme of one investigation of selection, using questionnaire as carrier the problem of needing investigation under this theme, the core of this method is
Design seismic wave questionnaire, questionnaire design needs rational structure, careful logic, and wants easy-to-understand, not only to reach by
Problem is communicated to the purpose of surveyee, also to allow investigator to answer strictly according to the facts.But questionnaire method relies primarily on surveyee
Subjective answers, lack objective judgement, obtained result may not be inconsistent with truth, and the knowledge involved in questionnaire
Not wide enough, investigation is inefficient.
2. serious game
Serious game is a kind of electronic game for the purpose of imparting knowledge to students, provide professional skill training and simulation application, core
The heart is the application elements such as knowledge and skills.The basic principle of this method be under the scene of virtual reality to user carry out education with
Culture achievees the purpose that exercise skill, improves professional ability and evaluates and tests its ability.Serious scene of game solid is changeable, can give
User is provided close to true academic environment, at low cost, high efficiency, and popularization is also very strong.But serious game can only be directed to
Individual event technical ability is giveed training or is evaluated and tested, and information security events development is changeable, it is difficult to which in addition development of keeping abreast of the current situation strictly is played
Development cost is higher.
3. examination question is examined
Examination question examination is, by the information security ability of examination question examination individual, to obtain user on the basis of software development
Information security ability it is strong and weak, and positive feedback is given at the end of examination, for the weak commending contents related subject of user
Study teaching material etc., guidance education user knowledge related with information security and ability.This method can be examined to a certain extent
The information security ability of core individual, but it is difficult to ensure that it accomplishes the tool corresponding to correct option in examination question in daily life
The behavior of body.
In conclusion existing evaluating method is difficult to preferably evaluate and test information security ability.
Invention content
In order to solve the above-mentioned technical problem above-mentioned technical problem or is at least partly solved, an embodiment of the present invention provides
A kind of information security ability evaluating method and system based on mobile terminal behavior.
In view of this, in a first aspect, the embodiment of the present invention provides a kind of information security ability based on mobile terminal behavior
Evaluating method, including:
Behavioral data when acquisition mobile terminal is used by a user;
The behavioral data is input to the information security ability fuzzy evaluating model built in advance, output with it is described
The corresponding information security ability rating of behavioral data.
The structure of described information security capabilities fuzzy evaluating model, including:
Acquire multiple historical behavior data samples of mobile terminal;
Determine the safety of historical behavior data sample, and according to the safety of historical behavior data sample, foundation is used for
Evaluate and test the unsafe acts evaluation rule of behavioral data safety;
Information security ability fuzzy evaluating model is built according to the unsafe acts evaluation rule.
Determine the safety of historical behavior data sample, and according to the safety of historical behavior data sample, foundation is used for
The unsafe acts evaluation rule of behavioral data safety is evaluated and tested, including:
Obtain preset dynamic behaviour condition and static behavior condition;
According to the dynamic behaviour condition and static behavior condition, the historical behavior data sample is divided into dynamic row
For data sample and static behavior data sample;
The safety of the dynamic behaviour data sample and static behavior data sample is determined according to priori database;
According to the safety of the safety of dynamic behaviour data sample and static behavior data sample, it is dangerous to establish dynamic
Action estimation rule and static unsafe acts evaluation rule.
Information security ability fuzzy evaluating model is built according to the unsafe acts evaluation rule, including:
Evaluation index is determined according to unsafe acts evaluation rule;
Information security ability evaluation metrics system is built according to evaluation index and evaluation and test collects, and the evaluation and test collection is for described
The result that information security ability evaluation metrics system obtains is evaluated;
Establish the weight sets of evaluation metrics in information security ability evaluation metrics system;
Establish the degree of membership of evaluation metrics in information security ability evaluation metrics system;
Fuzzy overall evaluation matrix is built according to the weight sets and degree of membership.
The behavioral data is input to the information security ability fuzzy evaluating model built in advance, is exported remaining described
The corresponding information security ability rating of behavioral data, including:
The behavioral data is input to the information security ability fuzzy evaluating model built in advance, is pacified by information
All can power evaluation metrics system computing obtain information security Capability index;
According to the correspondence of preset information security Capability index and evaluation and test collection, information security ability grade is determined.
The element of the evaluation and test collection include information security ability is weak, information security ability is general, information security ability is relatively strong,
The strong four information security ability grades of information security ability.
The behavioral data includes:
Call behavior, short message behavior, hot spot connect behavior, using installation behavior, application operation behavior, positioning behavior and net
Network interbehavior.
Second aspect, the embodiment of the present invention also provide a kind of information security ability evaluation and test system based on mobile terminal behavior
System, including:
Acquisition module, for acquiring behavioral data when mobile terminal is used by a user;
Evaluation and test module, for the behavioral data to be input to the information security ability fuzzy evaluating mould built in advance
Type exports information security ability rating corresponding with the behavioral data.
The evaluation and test module includes the modeling submodule for building information security ability fuzzy evaluating model;
The modeling submodule includes:
Collecting unit, multiple historical behavior data samples for acquiring mobile terminal;
Rules unit, the safety for determining historical behavior data sample, and according to the peace of historical behavior data sample
Quan Xing establishes the unsafe acts evaluation rule for evaluating and testing behavioral data safety;
Modeling unit, for building information security ability fuzzy evaluating mould according to the unsafe acts evaluation rule
Type.
The rules unit includes:
Subelement is obtained, for obtaining preset dynamic behaviour condition and static behavior condition;
Subelement is divided, is used for according to the dynamic behaviour condition and static behavior condition, by the historical behavior data
Sample is divided into dynamic behaviour data sample and static behavior data sample;
Determination subelement, for determining the dynamic behaviour data sample and static behavior number according to priori database
According to the safety of sample;
Subelement is established, the safety of the safety and static behavior data sample according to dynamic behaviour data sample is used for
Property, establish dynamic unsafe acts evaluation rule and static unsafe acts evaluation rule.
The third aspect, the embodiment of the present invention also propose a kind of non-transient computer readable storage medium, the non-transient meter
Calculation machine readable storage medium storing program for executing stores computer instruction, and the computer instruction makes the computer execute side as described in relation to the first aspect
The step of method.
Compared with prior art, a kind of information security ability evaluation and test based on mobile terminal behavior that the embodiment of the present invention proposes
Method is evaluated and tested user information safety ability, is solved by the behavioral data according to mobile terminal when users use
The unicity of existing information security capabilities evaluating method and the problem for evaluating comprehensive deficiency, emphasis consider objective behavior to this
The importance of body analysis so that information security ability evaluation result is with true and reliable;
Compared to questionnaire method, the present invention acquires the behavioral data of customer mobile terminal, increases objective judgement, obtains
As a result can be closer to truth, efficiency is higher;
Compared to serious game, the present invention acquires multi-level mobile terminal data, and coverage is wide, real-time, conscientiously
Reflect the information security ability of current state user and at low cost;
Examined compared to examination question, the present invention can the behavior based on user evaluation and test is made to information security ability, rather than only
By subjective answer, accuracy higher.
Description of the drawings
In order to illustrate the technical solution of the embodiments of the present invention more clearly, below will be in embodiment or description of the prior art
Required attached drawing is briefly described, it should be apparent that, the accompanying drawings in the following description is only some realities of the present invention
Example is applied, it for those of ordinary skill in the art, without having to pay creative labor, can also be attached according to these
Figure obtains other attached drawings.
Fig. 1 is a kind of flow of the information security ability evaluating method method based on mobile terminal behavior provided by the invention
Figure;
Fig. 2 is a kind of information security ability evaluating system signal based on mobile terminal behavior provided in an embodiment of the present invention
Figure.
Specific implementation mode
In order to make the object, technical scheme and advantages of the embodiment of the invention clearer, below in conjunction with the embodiment of the present invention
In attached drawing, technical scheme in the embodiment of the invention is clearly and completely described, it is clear that described embodiment is
A part of the embodiment of the present invention, instead of all the embodiments.Based on the embodiments of the present invention, ordinary skill people
The every other embodiment that member is obtained without making creative work, shall fall within the protection scope of the present invention.
As shown in FIG. 1, FIG. 1 is a kind of information security ability evaluation and test sides based on mobile terminal behavior provided by the invention
Method, it may include following steps:
Behavioral data when acquisition mobile terminal is used by a user;
The behavioral data is input to the information security ability fuzzy evaluating model built in advance, output with it is described
The corresponding information security ability rating of behavioral data.
The structure of described information security capabilities fuzzy evaluating model, including:
Acquire multiple historical behavior data samples of mobile terminal;
Determine the safety of historical behavior data sample, and according to the safety of historical behavior data sample, foundation is used for
Evaluate and test the unsafe acts evaluation rule of behavioral data safety;
Information security ability fuzzy evaluating model is built according to the unsafe acts evaluation rule.
Determine the safety of historical behavior data sample, and according to the safety of historical behavior data sample, foundation is used for
The unsafe acts evaluation rule of behavioral data safety is evaluated and tested, including:
Obtain preset dynamic behaviour condition and static behavior condition;
According to the dynamic behaviour condition and static behavior condition, the historical behavior data sample is divided into dynamic row
For data sample and static behavior data sample;
The safety of the dynamic behaviour data sample and static behavior data sample is determined according to priori database;
According to the safety of the safety of dynamic behaviour data sample and static behavior data sample, it is dangerous to establish dynamic
Action estimation rule and static unsafe acts evaluation rule.
Information security ability fuzzy evaluating model is built according to the unsafe acts evaluation rule, including:
Evaluation index is determined according to unsafe acts evaluation rule;
Information security ability evaluation metrics system is built according to evaluation index and evaluation and test collects, and the evaluation and test collection is for described
The result that information security ability evaluation metrics system obtains is evaluated;
Establish the weight sets of evaluation metrics in information security ability evaluation metrics system;
Establish the degree of membership of evaluation metrics in information security ability evaluation metrics system;
Fuzzy overall evaluation matrix is built according to the weight sets and degree of membership.
The behavioral data is input to the information security ability fuzzy evaluating model built in advance, is exported remaining described
The corresponding information security ability rating of behavioral data, including:
The behavioral data is input to the information security ability fuzzy evaluating model built in advance, is pacified by information
All can power evaluation metrics system computing obtain information security Capability index;
According to the correspondence of preset information security Capability index and evaluation and test collection, information security ability grade is determined.
The element of the evaluation and test collection include information security ability is weak, information security ability is general, information security ability is relatively strong,
The strong four information security ability grades of information security ability.
The behavioral data includes:
Call behavior, short message behavior, hot spot connect behavior, using installation behavior, application operation behavior, positioning behavior and net
Network interbehavior.
Based on identical inventive concept, the information security ability evaluation and test based on mobile terminal behavior that the present invention also provides a kind of
System, as shown in Fig. 2, may include:
Acquisition module, for acquiring behavioral data when mobile terminal is used by a user;
Evaluation and test module, for the behavioral data to be input to the information security ability fuzzy evaluating mould built in advance
Type exports information security ability rating corresponding with the behavioral data.
The evaluation and test module includes the modeling submodule for building information security ability fuzzy evaluating model;
The modeling submodule includes:
Collecting unit, multiple historical behavior data samples for acquiring mobile terminal;
Rules unit, the safety for determining historical behavior data sample, and according to the peace of historical behavior data sample
Quan Xing establishes the unsafe acts evaluation rule for evaluating and testing behavioral data safety;
Modeling unit, for building information security ability fuzzy evaluating mould according to the unsafe acts evaluation rule
Type.
The rules unit includes:
Subelement is obtained, for obtaining preset dynamic behaviour condition and static behavior condition;
Subelement is divided, is used for according to the dynamic behaviour condition and static behavior condition, by the historical behavior data
Sample is divided into dynamic behaviour data sample and static behavior data sample;
Determination subelement, for determining the dynamic behaviour data sample and static behavior number according to priori database
According to the safety of sample;
Subelement is established, the safety of the safety and static behavior data sample according to dynamic behaviour data sample is used for
Property, establish dynamic unsafe acts evaluation rule and static unsafe acts evaluation rule.
In a specific example,
Experimental data is in August, 2017 to 431 behavior numbers of Android 4.4.1 systems prototype during in December, 2017
According to detailed process is:
Step 1, call behavior, short message behavior, hot spot connect behavior, using installation and operation row in acquisition mobile terminal
For, positioning the experimental datas such as behavior and network-flow characteristic.
Step 2, collected experimental data is analyzed, unsafe acts evaluation rule is established.
Step 2.1, participant in the feature of the corresponding static behavior of analysis abstract concept and dynamic behaviour, dynamic behaviour and
Experimental data is divided into static behavior data and dynamic behaviour data by the relationship between participant and dynamic behaviour.
Step 2.2, the relationship between static behavior data and dynamic behaviour data and information security ability is found respectively, is led to
It crosses expert consulting and expert's knowledge formulates unsafe acts evaluation rule shown in table 1.
1. unsafe acts evaluation rule of table
Step 3, information security ability fuzzy evaluating model is built, user information safety ability is evaluated and tested.
Step 3.1, information security ability evaluation metrics system, the index system are built according to unsafe acts evaluation rule
Including three first class index and 15 two-level index.
Step 3.2, it defines the evaluation and test of information security ability rating to integrate as level Four information security ability grade, evaluation and test collection V=
{V1,V2,V3,V4Information security ability is weak, information security ability is general, information security ability is compared with strong, information security ability is strong },
User information safety ability hypermnesia is 3 by V (V ∈ { 0,1,2,3 }), and information security ability is 2 compared with hypermnesia, information security ability
It generally is denoted as 1, information security ability is weak to be denoted as 0.
Step 3.3, judgment matrix is established to first class index, calculate weight vectors and carries out consistency check, if consistency
Inspection does not pass through, and carries out parameters revision, will be used as first class index weight by the value of consistency check.
Step 3.4, judgment matrix is established to two-level index, calculate weight vectors and carries out consistency check, if consistency
Inspection does not pass through, and carries out parameters revision, will be used as two-level index weight by the value of consistency check.
Step 3.5, questionnaire is provided to expert, obtains the degree of membership of evaluation index, construct degree of membership fuzzy subset
Table obtains fuzzy overall evaluation matrix.
Step 3.6, the information security Capability index of user is calculated according to following formula, and is carried out at MIN-MAX normalization
Reason.
P=W1×W2×I (1)
Wherein, W1For first class index weight matrix, W2For two-level index weight matrix, I be under two-level index in single index
Vector.
The calculation formula of single indicator vector is as follows in two-level index:
I=S × R × X (2)
Wherein, S is degree of membership weight vectors, and R is fuzzy matrix, X=(0 12 3)TFor information security ability rating to
Amount.
MIN-MAX normalized calculation formula are as follows:
Wherein, P*For the value after P normalizeds, MAX is index maximum value, and MIN is Index Min.
Step 3.7, grade classification is carried out to information security Capability index, it is strong to be divided into information security ability, information security
Ability is stronger, and information security ability is general and weak four grades of information security ability.Table 2 is information security Capability index grade
Table.
2. information security Capability index table of grading of table
Test result:Experiment based on mobile terminal behavior pair in August, 2017 to during in December, 2017 certain use Android
4.4.1 the user information safety ability of system is evaluated and tested, and obtains user information security capability result during this period, and being based on should
Number of cases evidence, the present invention propose that test and appraisal efficiency can be improved 10%-20% by method.
It is understood that embodiments described herein can use hardware, software, firmware, middleware, microcode or its
It combines to realize.For hardware realization, processing unit may be implemented in one or more application-specific integrated circuits
(ApplicationSpecificIntegratedCircuits, ASIC), digital signal processor
(DigitalSignalProcessing, DSP), digital signal processing appts (DSPDevice, DSPD), programmable logic device
(ProgrammableLogicDevice, PLD), field programmable gate array (Field-ProgrammableGateArray,
FPGA), general processor, controller, microcontroller, microprocessor, other electronics lists for executing herein described function
In member or combinations thereof.
For software implementations, the techniques described herein can be realized by executing the unit of function described herein.Software generation
Code is storable in memory and is executed by processor.Memory can in the processor or portion realizes outside the processor.
Those of ordinary skill in the art may realize that lists described in conjunction with the examples disclosed in the embodiments of the present disclosure
Member and algorithm steps can be realized with the combination of electronic hardware or computer software and electronic hardware.These functions are actually
It is implemented in hardware or software, depends on the specific application and design constraint of technical solution.Professional technician
Each specific application can be used different methods to achieve the described function, but this realization is it is not considered that exceed
The scope of the present invention.
It is apparent to those skilled in the art that for convenience and simplicity of description, the system of foregoing description,
The specific work process of device and unit, can refer to corresponding processes in the foregoing method embodiment, and details are not described herein.
In embodiment provided herein, it should be understood that disclosed device and method can pass through others
Mode is realized.For example, the apparatus embodiments described above are merely exemplary, for example, the division of the unit, only
A kind of division of logic function, formula that in actual implementation, there may be another division manner, such as multiple units or component can combine or
Person is desirably integrated into another system, or some features can be ignored or not executed.Another point, shown or discussed is mutual
Between coupling, direct-coupling or communication connection can be INDIRECT COUPLING or communication link by some interfaces, device or unit
It connects, can be electrical, machinery or other forms.
The unit illustrated as separating component may or may not be physically separated, aobvious as unit
The component shown may or may not be physical unit, you can be located at a place, or may be distributed over multiple
In network element.Some or all of unit therein can be selected according to the actual needs to realize the mesh of this embodiment scheme
's.
In addition, each functional unit in each embodiment of the present invention can be integrated in a processing unit, it can also
It is that each unit physically exists alone, it can also be during two or more units be integrated in one unit.
It, can be with if the function is realized in the form of SFU software functional unit and when sold or used as an independent product
It is stored in a computer read/write memory medium.Based on this understanding, the technical solution of the embodiment of the present invention is substantially
The part of the part that contributes to existing technology or the technical solution can embody in the form of software products in other words
Come, which is stored in a storage medium, including some instructions are used so that a computer equipment (can
To be personal computer, server or the network equipment etc.) execute all or part of each embodiment the method for the present invention
Step.And storage medium above-mentioned includes:USB flash disk, mobile hard disk, ROM, RAM, magnetic disc or CD etc. are various can to store program
The medium of code.
It should be noted that herein, the terms "include", "comprise" or its any other variant are intended to non-row
His property includes, so that process, method, article or device including a series of elements include not only those elements, and
And further include other elements that are not explicitly listed, or further include for this process, method, article or device institute it is intrinsic
Element.In the absence of more restrictions, the element limited by sentence "including a ...", it is not excluded that including this
There is also other identical elements in the process of element, method, article or device.
It these are only the preferred embodiment of the present invention, be not intended to limit the scope of the present invention, it is every to be said using the present invention
Equivalent structure or equivalent flow shift made by bright book and accompanying drawing content is applied directly or indirectly in other relevant technology necks
Domain includes similarly within the scope of the present invention.
Claims (10)
1. a kind of information security ability evaluating method based on mobile terminal behavior, which is characterized in that including:
Behavioral data when acquisition mobile terminal is used by a user;
The behavioral data is input to the information security ability fuzzy evaluating model built in advance, output and the behavior
The corresponding information security ability rating of data.
2. information security ability evaluating method according to claim 1, which is characterized in that described information security capabilities is fuzzy
The structure of comprehensive evaluating model, including:
Acquire multiple historical behavior data samples of mobile terminal;
It determines the safety of historical behavior data sample, and according to the safety of historical behavior data sample, establishes for evaluating and testing
The unsafe acts evaluation rule of behavioral data safety;
Information security ability fuzzy evaluating model is built according to the unsafe acts evaluation rule.
3. information security ability evaluating method according to claim 2, which is characterized in that determine historical behavior data sample
Safety, and according to the safety of historical behavior data sample, establish the dangerous row for evaluating and testing behavioral data safety
For evaluation rule, including:
Obtain preset dynamic behaviour condition and static behavior condition;
According to the dynamic behaviour condition and static behavior condition, the historical behavior data sample is divided into dynamic behaviour number
According to sample and static behavior data sample;
The safety of the dynamic behaviour data sample and static behavior data sample is determined according to priori database;
According to the safety of the safety of dynamic behaviour data sample and static behavior data sample, dynamic unsafe acts are established
Evaluation rule and static unsafe acts evaluation rule.
4. information security ability evaluating method according to claim 2, which is characterized in that commented according to the unsafe acts
Gauge then builds information security ability fuzzy evaluating model, including:
Evaluation index is determined according to unsafe acts evaluation rule;
Information security ability evaluation metrics system is built according to evaluation index and evaluation and test collects, and the evaluation and test collection is for described information
The result that security capabilities evaluation metrics system obtains is evaluated;
Establish the weight sets of evaluation metrics in information security ability evaluation metrics system;
Establish the degree of membership of evaluation metrics in information security ability evaluation metrics system;
Fuzzy overall evaluation matrix is built according to the weight sets and degree of membership.
5. information security ability evaluating method according to claim 4, which is characterized in that the behavioral data to be input to
The information security ability fuzzy evaluating model built in advance exports corresponding information security ability of the remaining behavioral data etc.
Grade, including:
The behavioral data is input to the information security ability fuzzy evaluating model built in advance, passes through information security energy
Power evaluation metrics system computing obtains information security Capability index;
According to the correspondence of preset information security Capability index and evaluation and test collection, information security ability grade is determined.
6. information security ability evaluating method according to claim 4 or 5, which is characterized in that the element of the evaluation and test collection
, information security ability weak including information security ability be general, information security ability is compared with the strong four information peace of strong, information security ability
Full ability grade.
7. according to claim 1-6 any one of them information security ability evaluating methods, which is characterized in that the behavioral data
Including:
Call behavior, short message behavior, hot spot connect behavior, are handed over using installation behavior, application operation behavior, positioning behavior and network
Mutual behavior.
8. a kind of information security ability evaluating system based on mobile terminal behavior, which is characterized in that including:
Acquisition module, for acquiring behavioral data when mobile terminal is used by a user;
Evaluation and test module, for the behavioral data to be input to the information security ability fuzzy evaluating model built in advance,
Output information security ability rating corresponding with the behavioral data.
9. information security ability evaluating system according to claim 8, which is characterized in that the evaluation and test module includes being used for
Build the modeling submodule of information security ability fuzzy evaluating model;
The modeling submodule includes:
Collecting unit, multiple historical behavior data samples for acquiring mobile terminal;
Rules unit, the safety for determining historical behavior data sample, and according to the safety of historical behavior data sample,
Establish the unsafe acts evaluation rule for evaluating and testing behavioral data safety;
Modeling unit, for building information security ability fuzzy evaluating model according to the unsafe acts evaluation rule.
10. information security ability evaluating system according to claim 9, which is characterized in that the rules unit includes:
Subelement is obtained, for obtaining preset dynamic behaviour condition and static behavior condition;
Subelement is divided, is used for according to the dynamic behaviour condition and static behavior condition, by the historical behavior data sample
It is divided into dynamic behaviour data sample and static behavior data sample;
Determination subelement, for determining the dynamic behaviour data sample and static behavior data sample according to priori database
This safety;
Subelement is established, the safety of the safety and static behavior data sample according to dynamic behaviour data sample is used for, builds
Vertical dynamic unsafe acts evaluation rule and static unsafe acts evaluation rule.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810419424.XA CN108764481A (en) | 2018-05-04 | 2018-05-04 | A kind of information security ability evaluating method and system based on mobile terminal behavior |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810419424.XA CN108764481A (en) | 2018-05-04 | 2018-05-04 | A kind of information security ability evaluating method and system based on mobile terminal behavior |
Publications (1)
Publication Number | Publication Date |
---|---|
CN108764481A true CN108764481A (en) | 2018-11-06 |
Family
ID=64010028
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201810419424.XA Pending CN108764481A (en) | 2018-05-04 | 2018-05-04 | A kind of information security ability evaluating method and system based on mobile terminal behavior |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN108764481A (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112115479A (en) * | 2020-09-08 | 2020-12-22 | 恩善(厦门)信息科技有限公司 | Information security capability evaluation method and system based on mobile terminal behaviors |
CN113626982A (en) * | 2021-07-05 | 2021-11-09 | 郑州云智信安安全技术有限公司 | Information security capability evaluation method and system based on mobile terminal behaviors |
Citations (13)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20050114279A1 (en) * | 2000-08-03 | 2005-05-26 | Unicru, Inc. | Development of electronic employee selection systems and methods |
CN101470779A (en) * | 2007-12-24 | 2009-07-01 | 北京启明星辰信息技术股份有限公司 | Fuzzy risk evaluation system and method for computer information security |
CN101727627A (en) * | 2009-12-16 | 2010-06-09 | 工业和信息化部电子第五研究所 | Information system security risk assessment model based on combined evaluation method |
CN104063750A (en) * | 2014-06-27 | 2014-09-24 | 国家电网公司 | Method for predicting influence of disasters to power system based on improved AHP-anti-entropy weight |
CN104156662A (en) * | 2014-08-28 | 2014-11-19 | 北京奇虎科技有限公司 | Process monitoring method and device and intelligent terminal |
CN104156895A (en) * | 2014-08-20 | 2014-11-19 | 国网浙江余姚市供电公司 | Evaluation method and device |
CN104376266A (en) * | 2014-11-21 | 2015-02-25 | 工业和信息化部电信研究院 | Determination method and device for security level of application software |
CN105007170A (en) * | 2015-05-11 | 2015-10-28 | 大连理工大学 | WLAN load comprehensive evaluation method based on FAHP-SVM theory |
CN105279567A (en) * | 2014-06-30 | 2016-01-27 | 国网上海市电力公司 | Fuzzy comprehensive evaluation method for security risk of power supply enterprise electronic file |
CN106056308A (en) * | 2016-06-13 | 2016-10-26 | 宁波工程学院 | Highway tunnel operation environment safety risk automatic judgment method |
CN106096838A (en) * | 2016-06-14 | 2016-11-09 | 广州市恒迅技防系统有限公司 | Building fire safety evaluation method based on model of fuzzy synthetic evaluation and system |
CN106203831A (en) * | 2016-07-05 | 2016-12-07 | 杨林 | A kind of power supply enterprise Electronic Archival Security risk evaluating system |
CN107395430A (en) * | 2017-08-16 | 2017-11-24 | 中国民航大学 | A kind of cloud platform dynamic risk access control method |
-
2018
- 2018-05-04 CN CN201810419424.XA patent/CN108764481A/en active Pending
Patent Citations (13)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20050114279A1 (en) * | 2000-08-03 | 2005-05-26 | Unicru, Inc. | Development of electronic employee selection systems and methods |
CN101470779A (en) * | 2007-12-24 | 2009-07-01 | 北京启明星辰信息技术股份有限公司 | Fuzzy risk evaluation system and method for computer information security |
CN101727627A (en) * | 2009-12-16 | 2010-06-09 | 工业和信息化部电子第五研究所 | Information system security risk assessment model based on combined evaluation method |
CN104063750A (en) * | 2014-06-27 | 2014-09-24 | 国家电网公司 | Method for predicting influence of disasters to power system based on improved AHP-anti-entropy weight |
CN105279567A (en) * | 2014-06-30 | 2016-01-27 | 国网上海市电力公司 | Fuzzy comprehensive evaluation method for security risk of power supply enterprise electronic file |
CN104156895A (en) * | 2014-08-20 | 2014-11-19 | 国网浙江余姚市供电公司 | Evaluation method and device |
CN104156662A (en) * | 2014-08-28 | 2014-11-19 | 北京奇虎科技有限公司 | Process monitoring method and device and intelligent terminal |
CN104376266A (en) * | 2014-11-21 | 2015-02-25 | 工业和信息化部电信研究院 | Determination method and device for security level of application software |
CN105007170A (en) * | 2015-05-11 | 2015-10-28 | 大连理工大学 | WLAN load comprehensive evaluation method based on FAHP-SVM theory |
CN106056308A (en) * | 2016-06-13 | 2016-10-26 | 宁波工程学院 | Highway tunnel operation environment safety risk automatic judgment method |
CN106096838A (en) * | 2016-06-14 | 2016-11-09 | 广州市恒迅技防系统有限公司 | Building fire safety evaluation method based on model of fuzzy synthetic evaluation and system |
CN106203831A (en) * | 2016-07-05 | 2016-12-07 | 杨林 | A kind of power supply enterprise Electronic Archival Security risk evaluating system |
CN107395430A (en) * | 2017-08-16 | 2017-11-24 | 中国民航大学 | A kind of cloud platform dynamic risk access control method |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112115479A (en) * | 2020-09-08 | 2020-12-22 | 恩善(厦门)信息科技有限公司 | Information security capability evaluation method and system based on mobile terminal behaviors |
CN113626982A (en) * | 2021-07-05 | 2021-11-09 | 郑州云智信安安全技术有限公司 | Information security capability evaluation method and system based on mobile terminal behaviors |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
Marquez-Vera et al. | Predicting school failure using data mining | |
Nelson et al. | Knowledge structure and the estimation of conditional probabilities in audit planning | |
CN104155596A (en) | Artificial circuit fault diagnosis system based on random forest | |
Sundar | A comparative study for predicting students academic performance using Bayesian network classifiers | |
CN105095411B (en) | A kind of APP rankings prediction technique and system based on APP mass | |
CN108921569A (en) | A kind of method and device of determining customer complaint type | |
CN106485621A (en) | One kind is based on random algorithm vocational study checking system | |
CN108304853A (en) | Acquisition methods, device, storage medium and the electronic device for the degree of correlation of playing | |
CN109740861A (en) | A kind of learning data analysis method and device | |
CN107274888A (en) | A kind of Emotional speech recognition method based on octave signal intensity and differentiation character subset | |
CN112527821A (en) | Student bloom mastery degree evaluation method, system and storage medium | |
CN109800309A (en) | Classroom Discourse genre classification methods and device | |
CN110232405A (en) | Method and device for personal credit file | |
CN108764481A (en) | A kind of information security ability evaluating method and system based on mobile terminal behavior | |
CN110198453A (en) | Live content filter method, storage medium, equipment and system based on barrage | |
CN107943853A (en) | Knowledge node selects test method and its institute's computation machine equipment and storage medium | |
CN110135684A (en) | A kind of capability comparison method, capability comparison device and terminal device | |
CN104809104A (en) | Method and system for identifying micro-blog textual emotion | |
CN109036528B (en) | Clinical ability assessment method, device, storage medium and electronic equipment | |
Zhang et al. | Understanding and improving fairness in cognitive diagnosis | |
CN114519508A (en) | Credit risk assessment method based on time sequence deep learning and legal document information | |
Zhang et al. | Research and application of grade prediction model based on decision tree algorithm | |
CN113127955A (en) | Building anti-seismic performance evaluation method, system, device and storage medium | |
CN111062449A (en) | Prediction model training method, interestingness prediction device and storage medium | |
CN110096708A (en) | A kind of determining method and device of calibration collection |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20181106 |