CN110866259A - Method and system for calculating potential safety hazard score based on multi-dimensional data - Google Patents
Method and system for calculating potential safety hazard score based on multi-dimensional data Download PDFInfo
- Publication number
- CN110866259A CN110866259A CN201911115944.2A CN201911115944A CN110866259A CN 110866259 A CN110866259 A CN 110866259A CN 201911115944 A CN201911115944 A CN 201911115944A CN 110866259 A CN110866259 A CN 110866259A
- Authority
- CN
- China
- Prior art keywords
- safety hazard
- potential safety
- attribute data
- data
- website
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/90—Details of database functions independent of the retrieved data types
- G06F16/95—Retrieval from the web
- G06F16/958—Organisation or management of web site content, e.g. publishing, maintaining pages or automatic linking
Abstract
The invention provides a method and a system for calculating potential safety hazard scoring based on multidimensional data, which relate to the technical field of network safety and comprise the following steps: acquiring potential safety hazard data existing in a website to be detected, and extracting attribute data of the potential safety hazard data; determining a weight value corresponding to the attribute data and a target scoring rule for calculating the potential safety hazard score of the attribute data, wherein the weight value is used for representing the importance degree of the attribute data, and the potential safety hazard score is used for representing the danger degree of the potential safety hazard existing in the website to be detected; the potential safety hazard score of the attribute data is calculated by using the target scoring rule and the weighted value, so that the technical problems that in the prior art, the potential safety hazard of a website to be detected is analyzed and evaluated manually, a large amount of manpower and material resources are wasted, and the evaluation efficiency is low are solved.
Description
Technical Field
The invention relates to the technical field of network security, in particular to a method and a system for calculating potential safety hazard scores based on multi-dimensional data.
Background
The problem that the degree of danger of potential safety hazard conditions can be expressed needs to be shown in a situation perception scene. The problem that is not solved is the computational complexity. Different data have different harmfulness degrees, so the calculation modes are different. However, in the prior art, comparison and analysis of a large amount of data are performed manually, time and labor are wasted, the evaluation period is relatively long, and potential safety hazards can be utilized in the time required by the comparison, analysis and comparison of the data, so that economic loss is caused.
No effective solution has been proposed to the above problems.
Disclosure of Invention
In view of this, the present invention aims to provide a method and a system for calculating a score of a potential safety hazard based on multidimensional data, so as to solve the technical problems that in the prior art, evaluation of the potential safety hazard of a to-be-detected website is performed manually, a large amount of manpower and material resources are wasted, and evaluation efficiency is low.
In a first aspect, an embodiment of the present invention provides a method for calculating a potential safety hazard score based on multidimensional data, including: acquiring potential safety hazard data existing in a website to be detected, and extracting attribute data of the potential safety hazard data; determining a weight value corresponding to the attribute data and a target scoring rule for calculating a potential safety hazard score of the potential safety hazard data, wherein the weight value is used for representing the importance degree of the attribute data, and the potential safety hazard score is used for representing the danger degree of the potential safety hazard existing in the website to be detected; and calculating the potential safety hazard score of the potential safety hazard data by using a target scoring rule and the weighted value.
Further, the attribute data includes: first attribute data and second attribute data, wherein the first attribute data comprises at least one of: the data name of the potential safety hazard data, the potential safety hazard type corresponding to the potential safety hazard data, the website name of the website to be detected, the unit name of the unit to which the website to be detected belongs, the position information of the unit to which the website to be detected belongs, the discovery time of the potential safety hazard data, and the data source of the potential safety hazard data; the second attribute data includes at least one of: the grade of the website to be detected, the grade of the unit to which the website to be detected belongs, the grade of the position information of the unit to which the website to be detected belongs, and the occurrence frequency of the potential safety hazard corresponding to the potential safety hazard data.
Further, calculating the potential safety hazard score of the potential safety hazard data by using a target scoring rule and a weighted value, wherein the method comprises the following steps: acquiring a preset matching rule, wherein the preset matching rule comprises an association relation between attribute data and a scoring rule; determining a weight value of the second attribute data based on the first attribute data and the second attribute data; determining the target scoring rule in the scoring rules based on the first attribute data and the preset matching rule; determining target attribute data in the second attribute data based on the target scoring rule, wherein the target attribute data is the attribute data used for calculating the potential safety hazard score in the second attribute data; determining a weight value of the target attribute data according to the weight value of the second attribute data; and calculating to obtain the potential safety hazard score by combining the weight value of the target attribute data and the target scoring rule.
Further, the target scoring rule is a sum value of products between the target attribute data and weight values of the target attribute data.
Further, the method further comprises: if the target scoring rule is not determined in the scoring rules based on the first attribute data and the preset matching rule, acquiring a preset fixed scoring rule; and calculating the potential safety hazard score of the potential safety hazard data by combining the preset fixed scoring rule and the weighted value of the second attribute data.
In a second aspect, the embodiment of the present invention further provides an acquiring unit, a determining unit and a calculating unit of a system for calculating potential safety hazard scores based on multidimensional data, wherein the acquiring unit is configured to acquire potential safety hazard data existing in a to-be-detected website, and extract attribute data of the potential safety hazard data; the determining unit is used for determining a weight value corresponding to the attribute data and determining a target scoring rule for calculating a potential safety hazard score of the potential safety hazard data, wherein the weight value is used for representing the importance degree of the attribute data, and the potential safety hazard score is used for representing the danger degree of the potential safety hazard existing in the website to be detected; the calculation unit is used for calculating the potential safety hazard score of the potential safety hazard data by using a target scoring rule and a weighted value.
Further, the attribute data includes: first attribute data and second attribute data, wherein the first attribute data comprises at least one of: the data name of the potential safety hazard data, the potential safety hazard type corresponding to the potential safety hazard data, the website name of the website to be detected, the unit name of the unit to which the website to be detected belongs, the position information of the unit to which the website to be detected belongs, the discovery time of the potential safety hazard data, and the data source of the potential safety hazard data; the second attribute data includes at least one of: the grade of the website to be detected, the grade of the unit to which the website to be detected belongs, the grade of the position information of the unit to which the website to be detected belongs, and the occurrence frequency of the potential safety hazard corresponding to the potential safety hazard data.
Further, the computing unit is further configured to: acquiring a preset matching rule, wherein the preset matching rule comprises an association relation between attribute data and a scoring rule; determining a weight value of the second attribute data based on the first attribute data and the second attribute data; determining the target scoring rule in the scoring rules based on the first attribute data and the preset matching rule; determining target attribute data in the second attribute data based on the target scoring rule, wherein the target attribute data is the attribute data used for calculating the potential safety hazard score in the second attribute data; determining a weight value of the target attribute data according to the weight value of the second attribute data; and calculating to obtain the potential safety hazard score by combining the weight value of the target attribute data and the target scoring rule.
In a third aspect, an embodiment of the present invention further provides a computer-readable medium having a non-volatile program code executable by a processor, where the program code causes the processor to execute the method for calculating a security risk score based on multidimensional data according to the first aspect.
In a fourth aspect, an embodiment of the present invention further provides an electronic device, which includes a memory, a processor, and a computer program stored on the memory and executable on the processor, where the processor, when executing the computer program, implements the method for calculating a potential safety hazard score based on multidimensional data in the first aspect.
In the embodiment of the invention, firstly, potential safety hazard data existing in a website to be detected is obtained, and attribute data of the potential safety hazard data is extracted; and finally, calculating the potential safety hazard score of the attribute data by using the target scoring rule and the weight value.
In the embodiment of the invention, the potential safety hazard score for the risk degree of the potential safety hazard existing in the to-be-detected website is obtained by automatically analyzing and calculating the potential safety hazard data, so that the technical effect of evaluating the potential safety hazard of the to-be-detected website is achieved, and further, in the prior art, the evaluation of the potential safety hazard of the to-be-detected website is manually analyzed and evaluated, so that a large amount of manpower and material resources are wasted, the evaluation efficiency is low, and the technical effects of saving manpower and material resources required for evaluating the potential safety hazard of the to-be-detected website and improving the evaluation efficiency are achieved.
Additional features and advantages of the invention will be set forth in the description which follows, and in part will be obvious from the description, or may be learned by practice of the invention. The objectives and other advantages of the invention will be realized and attained by the structure particularly pointed out in the written description and claims hereof as well as the appended drawings.
In order to make the aforementioned and other objects, features and advantages of the present invention comprehensible, preferred embodiments accompanied with figures are described in detail below.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, and it is obvious that the drawings in the following description are some embodiments of the present invention, and other drawings can be obtained by those skilled in the art without creative efforts.
Fig. 1 is a flowchart of a method for calculating a potential safety hazard score based on multidimensional data according to an embodiment of the present invention;
fig. 2 is a flowchart of a method for calculating a potential safety hazard score according to a target scoring rule and a weight value according to an embodiment of the present invention;
fig. 3 is a schematic diagram of a system for calculating a potential safety hazard score based on multidimensional data according to an embodiment of the present invention;
fig. 4 is a schematic diagram of a server according to an embodiment of the present invention.
Detailed Description
To make the objects, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions of the present invention will be clearly and completely described below with reference to the accompanying drawings, and it is apparent that the described embodiments are some, but not all embodiments of the present invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The first embodiment is as follows:
in accordance with an embodiment of the present invention, there is provided an embodiment of a method for computing a security risk score based on multidimensional data, it is noted that the steps illustrated in the flowchart of the figure may be performed in a computer system such as a set of computer-executable instructions and that, although a logical order is illustrated in the flowchart, in some cases, the steps illustrated or described may be performed in an order different than here.
Fig. 1 is a flowchart of a method for calculating a security risk score based on multidimensional data according to an embodiment of the present invention, as shown in fig. 1, the method includes the following steps:
step S102, potential safety hazard data existing in a website to be detected are obtained, and attribute data of the potential safety hazard data are extracted;
it should be noted that the potential safety hazard data is used for representing various risks in the website to be detected, for example, SQL injection received by the website, bugs existing in the website, and the like; generally, the above-mentioned safety hazard data is provided by a hazard collection tool, and the data source is reported from a third party.
The attribute data of the safety hazard data includes: first attribute data and second attribute data.
The first attribute data includes at least one of: the method comprises the steps of obtaining data names of potential safety hazard data, potential safety hazard types corresponding to the potential safety hazard data, website names of websites to be detected, unit names of units to which the websites to be detected belong, position information of the units to which the websites to be detected belong, discovery time of the potential safety hazard data and data sources of the potential safety hazard data;
the second attribute data includes at least one of: the grade of the website to be detected, the grade of the unit to which the website to be detected belongs, the grade of the position information of the unit to which the website to be detected belongs, and the occurrence frequency of the potential safety hazard corresponding to the potential safety hazard data.
In the embodiment of the invention, the potential safety hazard score of the potential safety hazard data is calculated through extracting the attribute data containing various feature data and the multidimensional attribute data, and when a large amount of potential safety hazard data is obtained, the potential safety hazard score of each potential safety hazard data can be accurately calculated according to different potential safety hazard data.
Step S104, determining a weight value corresponding to the attribute data and a target scoring rule for calculating a potential safety hazard score of the potential safety hazard data, wherein the weight value is used for representing the importance degree of the attribute data, and the potential safety hazard score is used for representing the danger degree of the potential safety hazard in the website to be detected;
it should be noted that, the target scoring rule and the weight value are set and uploaded by the user according to the actual situation, and are not specifically limited in the embodiment of the present invention.
And step S106, calculating the potential safety hazard score of the potential safety hazard data by using a target scoring rule and the weight value.
In the embodiment of the invention, the potential safety hazard score for the risk degree of the potential safety hazard existing in the to-be-detected website is obtained by automatically analyzing and calculating the potential safety hazard data, so that the technical effect of evaluating the potential safety hazard of the to-be-detected website is achieved, and further, in the prior art, the evaluation of the potential safety hazard of the to-be-detected website is manually analyzed and evaluated, so that a large amount of manpower and material resources are wasted, the evaluation efficiency is low, and the technical effects of saving manpower and material resources required for evaluating the potential safety hazard of the to-be-detected website and improving the evaluation efficiency are achieved.
In the embodiment of the present invention, as shown in fig. 2, step S106 further includes the following steps:
step S11, acquiring a preset matching rule, wherein the preset matching rule comprises an incidence relation between attribute data and a scoring rule;
a step S12 of determining a weight value of the second attribute data based on the first attribute data and the second attribute data;
step S13, determining the target scoring rule in the scoring rules based on the first attribute data and the preset matching rule;
step S14, determining target attribute data in the second attribute data based on the target scoring rule, where the target attribute data is the attribute data used for calculating the safety hazard score in the second attribute data;
step S15, determining a weight value of the target attribute data according to the weight value of the second attribute data;
and step S16, calculating to obtain the potential safety hazard score by combining the weight value of the target attribute data and the target scoring rule.
In the embodiment of the present invention, a target scoring rule is determined in the scoring rules according to the association relationship (i.e., a preset matching rule) between the attribute data and the scoring rule and the first attribute data, and a weight value of the second attribute data is determined according to the first attribute data and the second attribute data.
For example, if the level of the position information of the unit to which the website to be detected belongs is 2, according to the first attribute data, it is determined that the level of the position information of the unit to which the website to be detected belongs is matched with the second matching rule of the level of the position information of the unit to which the website to be detected belongs, and it is determined that the weight value of the level of the position information of the unit to which the website to be detected belongs is 20.
By analogy, the grade of the to-be-detected website, the grade of the unit to which the to-be-detected website belongs and the weight value corresponding to the occurrence frequency of the potential safety hazard corresponding to the potential safety hazard data can be determined by the method, so that the weight value of the second attribute data is obtained.
Next, target attribute data (i.e., attribute data of the second attribute data used for calculating the safety risk score) is determined in the second attribute data according to a target scoring rule.
For example, the potential safety hazard data 1 determines that the attribute data used for calculating the potential safety hazard score is the grade of the website to be detected and the grade of the unit to which the website to be detected belongs according to the target scoring rule, and then the grade of the website to be detected and the grade of the unit to which the website to be detected belongs are the target attribute data.
And finally, substituting the target attribute data and the weight value of the target attribute data into a target scoring rule, and calculating the potential safety hazard score.
For example, in the target attribute data of the potential safety hazard data 2, the rank of the website to be detected is 2, the rank of the unit to which the website to be detected belongs is 1, the rank of the position information of the unit to which the website to be detected belongs is 3, the occurrence frequency of the potential safety hazard corresponding to the potential safety hazard data is 5, and the corresponding weight values are a, b, c and d in sequence, so that the potential safety hazard score of the potential safety hazard data 2 is 2 a +1 b +3 c +5 d.
In addition, it should be further noted that the second attribute data supports comparison matching, that is, supports a matching manner smaller than, equal to, and larger than, for example, if the level of the to-be-detected website is 2, according to the matching rule, the weight value corresponding to the level of the to-be-detected website being 2 is 4; if the grade of the website to be detected is 3, if the grade of the website to be detected is greater than 2 according to the matching rule, the weight value corresponding to the grade of the website to be detected is 50.
In addition, for the first attribute data, regular matching and equal matching are supported, and the preset matching rule is a matching rule set by a user according to an actual situation, and is not specifically limited in the embodiment of the present invention.
In an embodiment of the present invention, the method further includes the steps of:
step S108, if the target scoring rule is not determined in the scoring rules based on the first attribute data and the preset matching rule, acquiring a preset fixed scoring rule; and calculating the potential safety hazard score of the potential safety hazard data by combining the preset fixed scoring rule and the weighted value of the second attribute data.
In the embodiment of the present invention, when a target scoring rule is not determined in the scoring rules according to the first attribute data and the preset matching rule, a preset fixed scoring rule stored in the server is obtained, and the weight value of the second attribute data and the second attribute data are substituted into the preset fixed scoring rule, so as to calculate the potential safety hazard score of the potential safety hazard data.
Example two:
the invention also provides an embodiment of the system for calculating the potential safety hazard scoring based on the multidimensional data, which is used for executing the method for calculating the potential safety hazard scoring based on the multidimensional data provided by the embodiment of the invention.
As shown in fig. 3, the above system for calculating a risk of safety hazard based on multidimensional data includes: an acquisition unit 10, a determination unit 20 and a calculation unit 30.
The acquiring unit 10 is configured to acquire potential safety hazard data existing in a to-be-detected website, and extract attribute data of the potential safety hazard data;
the determining unit 20 is configured to determine a weight value corresponding to the attribute data, and determine a target scoring rule for calculating a potential safety hazard score of the potential safety hazard data, where the weight value is used to represent an importance degree of the attribute data, and the potential safety hazard score is used to represent a risk degree of a potential safety hazard existing in the to-be-detected website;
the calculating unit 30 is configured to calculate a potential safety hazard score of the potential safety hazard data by using a target scoring rule and a weight value.
In the embodiment of the invention, the potential safety hazard score for the risk degree of the potential safety hazard existing in the to-be-detected website is obtained by automatically analyzing and calculating the potential safety hazard data, so that the technical effect of evaluating the potential safety hazard of the to-be-detected website is achieved, and further, in the prior art, the evaluation of the potential safety hazard of the to-be-detected website is manually analyzed and evaluated, so that a large amount of manpower and material resources are wasted, the evaluation efficiency is low, and the technical effects of saving manpower and material resources required for evaluating the potential safety hazard of the to-be-detected website and improving the evaluation efficiency are achieved.
Preferably, the attribute data includes: first attribute data and second attribute data, wherein the first attribute data comprises at least one of: the data name of the potential safety hazard data, the potential safety hazard type corresponding to the potential safety hazard data, the website name of the website to be detected, the unit name of the unit to which the website to be detected belongs, the position information of the unit to which the website to be detected belongs, the discovery time of the potential safety hazard data, and the data source of the potential safety hazard data; the second attribute data includes at least one of: the grade of the website to be detected, the grade of the unit to which the website to be detected belongs, the grade of the position information of the unit to which the website to be detected belongs, and the occurrence frequency of the potential safety hazard corresponding to the potential safety hazard data.
Preferably, the computing unit is further configured to: acquiring a preset matching rule, wherein the preset matching rule comprises an association relation between attribute data and a scoring rule; determining a weight value of the second attribute data based on the first attribute data and the second attribute data; determining the target scoring rule in the scoring rules based on the first attribute data and the preset matching rule; determining target attribute data in the second attribute data based on the target scoring rule, wherein the target attribute data is the attribute data used for calculating the potential safety hazard score in the second attribute data; determining a weight value of the target attribute data according to the weight value of the second attribute data; and calculating to obtain the potential safety hazard score by combining the weight value of the target attribute data and the target scoring rule.
Preferably, the target scoring rule is a sum of products between the target attribute data and weight values of the target attribute data.
Preferably, the computing unit is further configured to: if the target scoring rule is not determined in the scoring rules based on the first attribute data and the preset matching rule, acquiring a preset fixed scoring rule; and calculating the potential safety hazard score of the potential safety hazard data by combining the preset fixed scoring rule and the weighted value of the second attribute data.
The computer-readable medium having the non-volatile program code executable by the processor according to the embodiment of the present invention makes the processor execute the alarm sequencing method based on the big data environment in the first embodiment.
The electronic device provided by the embodiment of the invention comprises a memory, a processor and a computer program which is stored on the memory and can run on the processor, wherein the alarm sequencing method based on the big data environment in the first embodiment is realized when the processor executes the computer program.
Referring to fig. 4, an embodiment of the present invention further provides a server 100, including: the device comprises a processor 50, a memory 51, a bus 52 and a communication interface 53, wherein the processor 50, the communication interface 53 and the memory 51 are connected through the bus 52; the processor 50 is arranged to execute executable modules, such as computer programs, stored in the memory 51.
The Memory 51 may include a high-speed Random Access Memory (RAM) and may also include a non-volatile Memory (non-volatile Memory), such as at least one disk Memory. The communication connection between the network element of the system and at least one other network element is realized through at least one communication interface 53 (which may be wired or wireless), and the internet, a wide area network, a local network, a metropolitan area network, and the like can be used.
The bus 52 may be an ISA bus, PCI bus, EISA bus, or the like. The bus may be divided into an address bus, a data bus, a control bus, etc. For ease of illustration, only one double-headed arrow is shown in FIG. 4, but that does not indicate only one bus or one type of bus.
The memory 51 is used for storing a program, the processor 50 executes the program after receiving an execution instruction, and the method executed by the apparatus defined by the flow process disclosed in any of the foregoing embodiments of the present invention may be applied to the processor 50, or implemented by the processor 50.
The processor 50 may be an integrated circuit chip having signal processing capabilities. In implementation, the steps of the above method may be performed by integrated logic circuits of hardware or instructions in the form of software in the processor 50. The Processor 50 may be a general-purpose Processor, and includes a Central Processing Unit (CPU), a Network Processor (NP), and the like; the device can also be a Digital Signal Processor (DSP), an Application Specific Integrated Circuit (ASIC), a Field-Programmable Gate Array (FPGA) or other Programmable logic device, a discrete Gate or transistor logic device, or a discrete hardware component. The various methods, steps and logic blocks disclosed in the embodiments of the present invention may be implemented or performed. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like. The steps of the method disclosed in connection with the embodiments of the present invention may be directly implemented by a hardware decoding processor, or implemented by a combination of hardware and software modules in the decoding processor. The software module may be located in ram, flash memory, rom, prom, or eprom, registers, etc. storage media as is well known in the art. The storage medium is located in the memory 51, and the processor 50 reads the information in the memory 51 and completes the steps of the method in combination with the hardware thereof.
In addition, in the description of the embodiments of the present invention, unless otherwise explicitly specified or limited, the terms "mounted," "connected," and "connected" are to be construed broadly, e.g., as meaning either a fixed connection, a removable connection, or an integral connection; can be mechanically or electrically connected; they may be connected directly or indirectly through intervening media, or they may be interconnected between two elements. The specific meanings of the above terms in the present invention can be understood in specific cases to those skilled in the art.
In the description of the present invention, it should be noted that the terms "center", "upper", "lower", "left", "right", "vertical", "horizontal", "inner", "outer", etc., indicate orientations or positional relationships based on the orientations or positional relationships shown in the drawings, and are only for convenience of description and simplicity of description, but do not indicate or imply that the device or element being referred to must have a particular orientation, be constructed and operated in a particular orientation, and thus, should not be construed as limiting the present invention. Furthermore, the terms "first," "second," and "third" are used for descriptive purposes only and are not to be construed as indicating or implying relative importance.
In the several embodiments provided in the present application, it should be understood that the disclosed system, apparatus and method may be implemented in other ways. The above-described embodiments of the apparatus are merely illustrative, and for example, the division of the units is only one logical division, and there may be other divisions when actually implemented, and for example, a plurality of units or components may be combined or integrated into another system, or some features may be omitted, or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection of devices or units through some communication interfaces, and may be in an electrical, mechanical or other form.
The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.
In addition, functional units in the embodiments of the present invention may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit.
Finally, it should be noted that: the above-mentioned embodiments are only specific embodiments of the present invention, which are used for illustrating the technical solutions of the present invention and not for limiting the same, and the protection scope of the present invention is not limited thereto, although the present invention is described in detail with reference to the foregoing embodiments, those skilled in the art should understand that: any person skilled in the art can modify or easily conceive the technical solutions described in the foregoing embodiments or equivalent substitutes for some technical features within the technical scope of the present disclosure; such modifications, changes or substitutions do not depart from the spirit and scope of the embodiments of the present invention, and they should be construed as being included therein. Therefore, the protection scope of the present invention shall be subject to the protection scope of the claims.
Claims (10)
1. A method for calculating potential safety hazard scoring based on multi-dimensional data is characterized by comprising the following steps:
acquiring potential safety hazard data existing in a website to be detected, and extracting attribute data of the potential safety hazard data;
determining a weight value corresponding to the attribute data and a target scoring rule for calculating a potential safety hazard score of the potential safety hazard data, wherein the weight value is used for representing the importance degree of the attribute data, and the potential safety hazard score is used for representing the danger degree of the potential safety hazard existing in the website to be detected;
and calculating the potential safety hazard score of the potential safety hazard data by using a target scoring rule and the weighted value.
2. The method of claim 1, wherein the attribute data comprises: first attribute data and second attribute data, wherein,
the first attribute data includes at least one of: the data name of the potential safety hazard data, the potential safety hazard type corresponding to the potential safety hazard data, the website name of the website to be detected, the unit name of the unit to which the website to be detected belongs, the position information of the unit to which the website to be detected belongs, the discovery time of the potential safety hazard data, and the data source of the potential safety hazard data;
the second attribute data includes at least one of: the grade of the website to be detected, the grade of the unit to which the website to be detected belongs, the grade of the position information of the unit to which the website to be detected belongs, and the occurrence frequency of the potential safety hazard corresponding to the potential safety hazard data.
3. The method of claim 2, wherein calculating the potential safety hazard score for the potential safety hazard data using target scoring rules and weight values comprises:
acquiring a preset matching rule, wherein the preset matching rule comprises an association relation between attribute data and a scoring rule;
determining a weight value of the second attribute data based on the first attribute data and the second attribute data;
determining the target scoring rule in the scoring rules based on the first attribute data and the preset matching rule;
determining target attribute data in the second attribute data based on the target scoring rule, wherein the target attribute data is the attribute data used for calculating the potential safety hazard score in the second attribute data;
determining a weight value of the target attribute data according to the weight value of the second attribute data;
and calculating to obtain the potential safety hazard score by combining the weight value of the target attribute data and the target scoring rule.
4. The method of claim 3, wherein the target scoring rule is a sum of products between the target attribute data and weight values of the target attribute data.
5. The method of claim 3, further comprising:
if the target scoring rule is not determined in the scoring rules based on the first attribute data and the preset matching rule, acquiring a preset fixed scoring rule; and calculating the potential safety hazard score of the potential safety hazard data by combining the preset fixed scoring rule and the weighted value of the second attribute data.
6. A system for calculating potential safety hazard scoring based on multi-dimensional data is characterized by comprising: an acquisition unit, a determination unit and a calculation unit, wherein,
the acquisition unit is used for acquiring potential safety hazard data existing in a website to be detected and extracting attribute data of the potential safety hazard data;
the determining unit is used for determining a weight value corresponding to the attribute data and determining a target scoring rule for calculating a potential safety hazard score of the potential safety hazard data, wherein the weight value is used for representing the importance degree of the attribute data, and the potential safety hazard score is used for representing the danger degree of the potential safety hazard existing in the website to be detected;
the calculation unit is used for calculating the potential safety hazard score of the potential safety hazard data by using a target scoring rule and a weighted value.
7. The system of claim 6, wherein the attribute data comprises: first attribute data and second attribute data, wherein,
the first attribute data includes at least one of: the data name of the potential safety hazard data, the potential safety hazard type corresponding to the potential safety hazard data, the website name of the website to be detected, the unit name of the unit to which the website to be detected belongs, the position information of the unit to which the website to be detected belongs, the discovery time of the potential safety hazard data, and the data source of the potential safety hazard data;
the second attribute data includes at least one of: the grade of the website to be detected, the grade of the unit to which the website to be detected belongs, the grade of the position information of the unit to which the website to be detected belongs, and the occurrence frequency of the potential safety hazard corresponding to the potential safety hazard data.
8. The system of claim 7, wherein the computing unit is further configured to:
acquiring a preset matching rule, wherein the preset matching rule comprises an association relation between attribute data and a scoring rule;
determining a weight value of the second attribute data based on the first attribute data and the second attribute data;
determining the target scoring rule in the scoring rules based on the first attribute data and the preset matching rule;
determining target attribute data in the second attribute data based on the target scoring rule, wherein the target attribute data is the attribute data used for calculating the potential safety hazard score in the second attribute data;
determining a weight value of the target attribute data according to the weight value of the second attribute data;
and calculating to obtain the potential safety hazard score by combining the weight value of the target attribute data and the target scoring rule.
9. A computer-readable medium having non-transitory program code executable by a processor, the program code causing the processor to perform the method of calculating a risk score based on multidimensional data of any of claims 1 to 5.
10. An electronic device comprising a memory, a processor, and a computer program stored on the memory and executable on the processor, wherein the processor implements the method for computing a security risk score based on multidimensional data of any of claims 1 to 5 when executing the computer program.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911115944.2A CN110866259A (en) | 2019-11-14 | 2019-11-14 | Method and system for calculating potential safety hazard score based on multi-dimensional data |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911115944.2A CN110866259A (en) | 2019-11-14 | 2019-11-14 | Method and system for calculating potential safety hazard score based on multi-dimensional data |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN110866259A true CN110866259A (en) | 2020-03-06 |
Family
ID=69653934
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201911115944.2A Pending CN110866259A (en) | 2019-11-14 | 2019-11-14 | Method and system for calculating potential safety hazard score based on multi-dimensional data |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN110866259A (en) |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113641553A (en) * | 2021-08-09 | 2021-11-12 | 杭州安恒信息技术股份有限公司 | Hidden danger data reporting method, system, equipment and computer storage medium |
| CN113779008A (en) * | 2021-09-07 | 2021-12-10 | 杭州天宽科技有限公司 | Intelligent storage system for operating data of power intranet |
| US11641371B2 (en) | 2021-02-17 | 2023-05-02 | Saudi Arabian Oil Company | Systems, methods and computer-readable media for monitoring a computer network for threats using OLAP cubes |
| CN116595554A (en) * | 2023-05-18 | 2023-08-15 | 北京长河数智科技有限责任公司 | Method and device for realizing government affair data security analysis based on multiple dimensions |
Citations (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101488168A (en) * | 2008-01-17 | 2009-07-22 | 北京启明星辰信息技术股份有限公司 | Integrated risk computing method and system of computer information system |
| CN102571870A (en) * | 2010-12-31 | 2012-07-11 | 北京安码科技有限公司 | Scoring method for web vulnerability scanning |
| CN104954342A (en) * | 2014-03-31 | 2015-09-30 | 腾讯科技(深圳)有限公司 | Security estimation method and device |
| CN105119915A (en) * | 2015-08-14 | 2015-12-02 | 中国传媒大学 | Malicious domain detection method and device based on intelligence analysis |
| CN105282131A (en) * | 2015-02-10 | 2016-01-27 | 中国移动通信集团广东有限公司 | Information security evaluation method, device and system based on risk item scanning |
| CN107547552A (en) * | 2017-09-07 | 2018-01-05 | 杭州安恒信息技术有限公司 | A kind of website credit assessment and device based on web site features identification and relationship topology |
| CN107682350A (en) * | 2017-10-19 | 2018-02-09 | 杭州安恒信息技术有限公司 | Active defense method, device and electronic equipment based on web portal security scoring |
| CN108229176A (en) * | 2017-12-29 | 2018-06-29 | 北京神州绿盟信息安全科技股份有限公司 | A kind of method and device of determining Web applications protection effect |
| CN109246153A (en) * | 2018-11-09 | 2019-01-18 | 中国银行股份有限公司 | Network safety situation analysis model and network safety evaluation method |
| CN109670314A (en) * | 2018-09-13 | 2019-04-23 | 平安普惠企业管理有限公司 | Risk server appraisal procedure, device, equipment and computer readable storage medium |
| CN110225018A (en) * | 2019-05-31 | 2019-09-10 | 江苏百达智慧网络科技有限公司 | A method of based on more equipment evaluation web application fragility |
-
2019
- 2019-11-14 CN CN201911115944.2A patent/CN110866259A/en active Pending
Patent Citations (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101488168A (en) * | 2008-01-17 | 2009-07-22 | 北京启明星辰信息技术股份有限公司 | Integrated risk computing method and system of computer information system |
| CN102571870A (en) * | 2010-12-31 | 2012-07-11 | 北京安码科技有限公司 | Scoring method for web vulnerability scanning |
| CN104954342A (en) * | 2014-03-31 | 2015-09-30 | 腾讯科技(深圳)有限公司 | Security estimation method and device |
| CN105282131A (en) * | 2015-02-10 | 2016-01-27 | 中国移动通信集团广东有限公司 | Information security evaluation method, device and system based on risk item scanning |
| CN105119915A (en) * | 2015-08-14 | 2015-12-02 | 中国传媒大学 | Malicious domain detection method and device based on intelligence analysis |
| CN107547552A (en) * | 2017-09-07 | 2018-01-05 | 杭州安恒信息技术有限公司 | A kind of website credit assessment and device based on web site features identification and relationship topology |
| CN107682350A (en) * | 2017-10-19 | 2018-02-09 | 杭州安恒信息技术有限公司 | Active defense method, device and electronic equipment based on web portal security scoring |
| CN108229176A (en) * | 2017-12-29 | 2018-06-29 | 北京神州绿盟信息安全科技股份有限公司 | A kind of method and device of determining Web applications protection effect |
| CN109670314A (en) * | 2018-09-13 | 2019-04-23 | 平安普惠企业管理有限公司 | Risk server appraisal procedure, device, equipment and computer readable storage medium |
| CN109246153A (en) * | 2018-11-09 | 2019-01-18 | 中国银行股份有限公司 | Network safety situation analysis model and network safety evaluation method |
| CN110225018A (en) * | 2019-05-31 | 2019-09-10 | 江苏百达智慧网络科技有限公司 | A method of based on more equipment evaluation web application fragility |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US11641371B2 (en) | 2021-02-17 | 2023-05-02 | Saudi Arabian Oil Company | Systems, methods and computer-readable media for monitoring a computer network for threats using OLAP cubes |
| CN113641553A (en) * | 2021-08-09 | 2021-11-12 | 杭州安恒信息技术股份有限公司 | Hidden danger data reporting method, system, equipment and computer storage medium |
| CN113779008A (en) * | 2021-09-07 | 2021-12-10 | 杭州天宽科技有限公司 | Intelligent storage system for operating data of power intranet |
| CN116595554A (en) * | 2023-05-18 | 2023-08-15 | 北京长河数智科技有限责任公司 | Method and device for realizing government affair data security analysis based on multiple dimensions |
| CN116595554B (en) * | 2023-05-18 | 2024-01-19 | 北京长河数智科技有限责任公司 | Method and device for realizing government affair data security analysis based on multiple dimensions |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN107943954B (en) | Method and device for detecting webpage sensitive information and electronic equipment | |
| CN110866259A (en) | Method and system for calculating potential safety hazard score based on multi-dimensional data | |
| CN110275958B (en) | Website information identification method and device and electronic equipment | |
| CN109670091B (en) | Metadata intelligent maintenance method and device based on data standard | |
| CN110808994B (en) | Method and device for detecting brute force cracking operation and server | |
| US10678915B2 (en) | Method, device and program for checking and killing a backdoor file, and readable medium | |
| CN114598504B (en) | Risk assessment method and device, electronic equipment and readable storage medium | |
| CN107395650B (en) | Method and device for identifying Trojan back connection based on sandbox detection file | |
| CN110134653B (en) | Method and system for assisting database auditing by using logs | |
| CN107682350B (en) | Active defense method and device based on website security score and electronic equipment | |
| CN110851339A (en) | Method and device for reporting buried point data, storage medium and terminal equipment | |
| CN111897834A (en) | Log searching method and device and server | |
| CN111090593A (en) | Method, device, electronic equipment and storage medium for determining crash attribution | |
| CN114564947A (en) | Rail transit signal fault operation and maintenance method and device and electronic equipment | |
| CN109189809B (en) | Shareholder name association matching method and device | |
| CN110798481A (en) | Malicious domain name detection method and device based on deep learning | |
| CN107844702B (en) | Website trojan backdoor detection method and device based on cloud protection environment | |
| CN110598115A (en) | Sensitive webpage identification method and system based on artificial intelligence multi-engine | |
| CN110866831A (en) | Asset activity level determination method and device and server | |
| CN108171053B (en) | Rule discovery method and system | |
| CN109471852B (en) | Medical database establishing method, medical database establishing device, computer equipment and storage medium | |
| CN113919500B (en) | Microseism event space-time fractal dimension calculation method and device and electronic equipment | |
| CN115841193A (en) | Method and device for predicting forest pests | |
| CN112231194B (en) | Index abnormity root analysis method and device and computer readable storage medium | |
| CN115082993A (en) | Face biopsy method and device based on mouth opening action |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20200306 |