CN111385291A

CN111385291A - Method, device, equipment and storage medium for evaluating vehicle information security vulnerability

Info

Publication number: CN111385291A
Application number: CN202010137079.8A
Authority: CN
Inventors: 曹伟
Original assignee: Beijing Baidu Netcom Science and Technology Co Ltd
Current assignee: Apollo Zhilian Beijing Technology Co Ltd
Priority date: 2020-03-02
Filing date: 2020-03-02
Publication date: 2020-07-07
Anticipated expiration: 2040-03-02
Also published as: CN111385291B

Abstract

The application discloses a method, a device, equipment and a storage medium for evaluating vehicle information security vulnerabilities, and relates to the field of Internet of vehicles. The specific implementation scheme is as follows: the method is applied to an electronic device which communicates with an information system of a vehicle, and comprises the following steps: acquiring target vulnerability attack information corresponding to an information system of a vehicle; determining attack link attack information corresponding to the target vulnerability; determining the contribution value of the target vulnerability in the corresponding attack link according to the attack information of the attack link and the attack information of the target vulnerability; determining the evaluation value of the target vulnerability according to the target vulnerability attack information; and calculating the final evaluation value of the target vulnerability according to the evaluation value and the contribution value. The method has the advantages that the evaluation on the vehicle information security system loopholes is more reasonable, the accuracy of the evaluation on the vehicle information security system loopholes is improved, and the vehicle information security system loopholes can be repaired more reasonably.

Description

Method, device, equipment and storage medium for evaluating vehicle information security vulnerability

Technical Field

The application relates to the technical field of data processing, in particular to a car networking technology.

Background

With the development of automobiles in the direction of electromotion, intellectualization, networking and sharing, the security problem of an automobile information system is increasingly prominent, so that the information security loophole of the information system needs to be detected and evaluated so as to better repair the information security loophole and ensure the security of the automobile information system.

In the prior art, when evaluating the information security vulnerability of a vehicle, a general vulnerability scoring system (CVSS) or a HEAVENS vulnerability scoring system is generally adopted. However, the two vulnerability scoring systems do not consider how to evaluate a single information security vulnerability under the condition of the comprehensive action of a plurality of information security vulnerabilities in the vehicle information system.

In the field of vehicle information security, the damage of an information system is generally the comprehensive effect of a plurality of information security vulnerabilities, that is, the plurality of information security vulnerabilities form an attack link which may affect and damage a vehicle. Therefore, the two vulnerability scoring systems are not reasonable in evaluating the vulnerabilities of the information security system of the vehicle, so that the evaluation accuracy of the vulnerabilities of the information security system of the vehicle is low, and further the vulnerabilities of the information security system cannot be reasonably repaired.

Disclosure of Invention

The embodiment of the application provides a method, a device, equipment and a storage medium for evaluating vehicle information security vulnerabilities, and solves the technical problems that in the prior art, the vehicle information security system vulnerabilities are not evaluated reasonably, so that the evaluation accuracy of the vehicle information security system vulnerabilities is low, and further the information security system vulnerabilities cannot be repaired reasonably.

The first aspect of the embodiments of the present application provides a method for evaluating a vehicle information security vulnerability, where the method is applied to an electronic device, and the electronic device communicates with an information system of a vehicle, and the method includes:

acquiring target vulnerability attack information corresponding to an information system of the vehicle; determining attack link attack information corresponding to the target vulnerability; determining the contribution value of the target vulnerability in the corresponding attack link according to the attack information of the attack link and the attack information of the target vulnerability; determining the evaluation value of the target vulnerability according to the target vulnerability attack information; and calculating the final evaluation value of the target vulnerability according to the self evaluation value and the contribution value.

In the embodiment of the application, when the target vulnerability is evaluated, not only the evaluation value of the target vulnerability itself is calculated, but also the contribution value of the target vulnerability in the corresponding attack link is combined, so that the final evaluation is carried out on the information security vulnerability of the vehicle. Therefore, under the condition of considering the comprehensive action of a plurality of information security vulnerabilities, how to evaluate the influence of a single information security vulnerability is achieved. Therefore, the evaluation of the vehicle information security system loophole is more reasonable, the accuracy of the evaluation of the vehicle information security system loophole is improved, and the vehicle information security system loophole can be repaired more reasonably.

Further, as the method described above, before determining the attack link information corresponding to the target vulnerability, the method further includes:

determining an incidence relation between attack nodes included in the information system; constructing at least one attack link corresponding to the information system according to the incidence relation among the attack nodes; and setting the weight corresponding to each attack node existing in each attack link.

In the embodiment of the application, before determining the attack link information corresponding to the target vulnerability, the attack link of the information system is constructed according to the incidence relation between the attack nodes in the information system, and data preparation is carried out for subsequently calculating the contribution value of the target vulnerability in the corresponding attack link for the weight corresponding to each attack node in the attack link.

Further, the determining attack link attack information corresponding to the target vulnerability according to the method includes:

acquiring type information of a corresponding attack link in the target vulnerability attack information; and determining the attack information of the attack link according to the type information of the attack link.

According to the embodiment of the application, the attack information of the attack link can be quickly determined from the mapping relation between the type of the attack link and the attack information which is stored in advance.

Further, in the method as described above, the type of the attack link includes: near-field attack links, remote attack links, and local attack links.

In the embodiment of the application, the attack links are divided into different types, and when the attack links corresponding to the target vulnerability can be evaluated, the types of the attack links are taken as reference, so that the attack links can be evaluated more accurately.

Further, the method for determining the contribution value of the target vulnerability in the corresponding attack link according to the attack information of the attack link and the attack information of the target vulnerability includes:

determining an evaluation value of an attack link corresponding to the target vulnerability according to the type information and the attack information of the attack link; determining a attack value of the target vulnerability in a corresponding attack link according to the target vulnerability attack information; and calculating the contribution value according to the evaluation value of the attack link and the attack value.

In the embodiment of the application, when the contribution value of the target vulnerability in the corresponding attack link is determined, the evaluation value of the attack link corresponding to the target vulnerability and the attack value of the target vulnerability in the corresponding attack link are added into the reference factors, so that the contribution value of the target vulnerability in the corresponding attack link can be more accurately determined

Further, the method for determining the evaluation value of the attack link corresponding to the target vulnerability according to the type information of the attack link and the attack information includes:

inputting the type information and the attack information of the attack link into a HEAVENS vulnerability scoring system so as to evaluate the attack link through the HEAVENS vulnerability scoring system;

and outputting the evaluation value of the attack link through the HEAVANS vulnerability scoring system.

In the embodiment of the application, when the evaluation value of the attack link is determined, the influence on the vehicle can be directly caused when one attack link is broken, and the attack link has no relation with other attack links, so that the evaluation on the attack link can be accurately carried out by adopting the HEAVENS vulnerability scoring system.

Further, the method for determining the attack value of the target vulnerability in the corresponding attack link according to the target vulnerability attack information includes:

determining the weight corresponding to the attack node which is attacked on the corresponding attack link by the target vulnerability in the target vulnerability attack information; determining a control value corresponding to an attack node which is attacked on a corresponding attack link by the target vulnerability according to the target vulnerability attack information; and calculating the attack value according to the control value and the weight corresponding to the attacked node.

In the embodiment of the application, the attack value of the target vulnerability in the corresponding attack link is calculated, and the weight and the control value corresponding to the attack node of the target vulnerability on the corresponding attack link are taken as reference factors, so that the attack value of the target vulnerability in the corresponding attack link can be more accurately determined as the two factors can reflect the attack capability of the target vulnerability in the corresponding attack link.

Further, the method for determining, according to the target vulnerability attack information, a control value corresponding to an attack node that the target vulnerability attacks on a corresponding attack link includes:

determining control degree information of the attacked nodes in the target vulnerability attack information; and determining a control value corresponding to the attacked node according to the control degree information.

In the embodiment of the application, the control value corresponding to the attacking node attacked by the target vulnerability on the corresponding attacking link is determined according to the control degree of the attacking node attacked by the target vulnerability on the corresponding attacking link, so that the control value corresponding to the attacking node attacked can be more accurately determined.

Further, the method for calculating the attack value according to the control value and the weight corresponding to the attacked attack node includes:

respectively carrying out multiplication operation on the control value corresponding to each attacked node and the weight to obtain each sub-attacked value; and carrying out summation operation on the sub-attack values to obtain the attack values.

In the embodiment of the application, the weight corresponding to the attack node on the corresponding attack link, where the target vulnerability is attacked, is determined according to the contribution degree and the attack difficulty of the target vulnerability on the corresponding attack link, and the control value corresponding to the attack node on the corresponding attack link, where the target vulnerability is attacked, is determined according to the control degree of the attack node on the corresponding attack link, so that the control value corresponding to each attacked node is multiplied by the weight and then summed, and the calculated attack value is more accurate and reasonable.

Further, the method as described above, wherein the calculating the contribution value according to the evaluation value and the attack value of the attack link includes:

and multiplying the evaluation value of the attack link and the attack value to obtain the contribution value.

In the embodiment of the application, the evaluation value of the attack link and the attack value are multiplied to calculate the contribution value of the target vulnerability in the corresponding attack link, so that the evaluation value of the attack link corresponding to the target vulnerability and the attack value of the target vulnerability in the corresponding attack link can be better fused, and the calculated contribution value of the target vulnerability in the corresponding attack link is more accurate and reasonable.

Further, the method for determining the self evaluation value of the target vulnerability according to the target vulnerability attack information includes:

inputting relevant attack information in the target vulnerability attack information into a preset vulnerability scoring system so as to evaluate the target vulnerability through the preset vulnerability scoring system; outputting the evaluation value per se through the preset vulnerability scoring system; the preset vulnerability scoring system is a CVSS vulnerability scoring system or a HEAVANS vulnerability scoring system.

In the embodiment of the application, when the CVSS vulnerability scoring system or the HEAVANS vulnerability scoring system evaluates the target vulnerability, how to evaluate the influence of a single information security vulnerability is simply evaluated without considering the comprehensive action of a plurality of information security vulnerabilities, so that the evaluation value of the target vulnerability can be accurately calculated by adopting the CVSS vulnerability scoring system or the HEAVANS vulnerability scoring system.

Further, the method as described above, the calculating a final evaluation value of the target vulnerability according to the self evaluation value and the contribution value includes:

and carrying out summation operation on the evaluation value per se and the contribution value to obtain a final evaluation value of the target vulnerability.

In the embodiment of the application, the evaluation value of the target vulnerability and the contribution value of the target vulnerability in the corresponding attack link are summed to calculate the final evaluation value of the target vulnerability, so that the evaluation value of the target vulnerability and the contribution value of the target vulnerability in the corresponding attack link can be better fused, and the calculated final evaluation value of the target vulnerability is more accurate and reasonable.

Further, the method, after calculating the final evaluation value of the target vulnerability according to the self evaluation value and the contribution value, further includes:

calculating the repair grade of the target vulnerability according to the final evaluation value of the target vulnerability;

and sending the repair grade of the target vulnerability to the information system so that the information system repairs the target vulnerability according to the repair grade.

In the embodiment of the application, after the final evaluation value of the target bug is calculated, the repair grade of the target bug is calculated according to the final evaluation value of the target bug, and the final evaluation value of the target bug is more accurate and reasonable, so that the determined repair grade of the target bug is more accurate and reasonable, and further, when the information system repairs the target bug, if a plurality of target bugs exist, the target bug can be repaired according to a more reasonable repair sequence.

A second aspect of the embodiments of the present application provides an apparatus for evaluating a vehicle information security vulnerability, where the apparatus is located in an electronic device, and the electronic device communicates with an information system of a vehicle, and the apparatus includes:

the vulnerability information acquisition module is used for acquiring target vulnerability attack information corresponding to the information system of the vehicle; the attack link information determining module is used for determining attack link attack information corresponding to the target vulnerability; the contribution value determining module is used for determining the contribution value of the target vulnerability in the corresponding attack link according to the attack link attack information and the target vulnerability attack information; the self evaluation value determining module is used for determining the self evaluation value of the target vulnerability according to the target vulnerability attack information; and the final evaluation value calculation module is used for calculating the final evaluation value of the target vulnerability according to the self evaluation value and the contribution value.

Further, the apparatus as described above, the attack link construction module, is configured to:

Further, in the above apparatus, the attack link information determining module is specifically configured to:

Wherein the type of the attack link comprises: near-field attack links, remote attack links, and local attack links.

Further, in the apparatus as described above, the contribution value determining module is specifically configured to:

Further, in the apparatus as described above, the contribution value determining module, when determining the evaluation value of the attack link corresponding to the target vulnerability according to the type information of the attack link and the attack information, is specifically configured to:

inputting the type information and the attack information of the attack link into a HEAVENS vulnerability scoring system so as to evaluate the attack link through the HEAVENS vulnerability scoring system; and outputting the evaluation value of the attack link through the HEAVANS vulnerability scoring system.

Further, in the apparatus as described above, the contribution value determining module, when determining the attack value of the target vulnerability in the corresponding attack link according to the target vulnerability attack information, is specifically configured to:

Further, in the apparatus as described above, the contribution value determining module, when determining, according to the target vulnerability attack information, a control value corresponding to an attack node that the target vulnerability is attacked on a corresponding attack link, is specifically configured to:

Further, in the apparatus described above, the contribution value determining module, when calculating the attack value according to the control value and the weight corresponding to the attacked node, is specifically configured to:

Further, in the above apparatus, the contribution value determining module, when calculating the contribution value according to the evaluation value of the attack link and the attack value, is specifically configured to:

Further, in the apparatus as described above, the self-evaluation-value determining module is specifically configured to:

Further, in the apparatus as described above, the final evaluation value calculation module is specifically configured to:

Further, the apparatus as described above, the repair level calculation module is configured to:

calculating the repair grade of the target vulnerability according to the final evaluation value of the target vulnerability; and sending the repair grade of the target vulnerability to the information system so that the information system repairs the target vulnerability according to the repair grade.

A third aspect of the embodiments of the present application provides an electronic device, including: at least one processor; and a memory communicatively coupled to the at least one processor; wherein the content of the first and second substances,

the memory stores instructions executable by the at least one processor to enable the at least one processor to perform the method of any one of the first aspects.

A fourth aspect of embodiments of the present application provides a non-transitory computer-readable storage medium having stored thereon computer instructions for causing a computer to perform the method of any one of the first aspects.

A fifth aspect of embodiments of the present application provides a computer program comprising program code for performing the method according to the first aspect when the computer program is run by a computer.

Drawings

The drawings are included to provide a better understanding of the present solution and are not intended to limit the present application. Wherein:

fig. 1 is a first application view diagram of an evaluation method for vehicle information security vulnerabilities, which may implement an embodiment of the present application;

fig. 2 is a second application scenario diagram of an evaluation method for vehicle information security vulnerabilities, which may implement the embodiment of the present application;

fig. 3 is a schematic flowchart of an evaluation method for vehicle information security vulnerabilities according to a first embodiment of the present application;

fig. 4 is a schematic flowchart of an evaluation method for vehicle information security vulnerabilities according to a second embodiment of the present application;

fig. 5 is a schematic diagram of an attack link constructed in the method for evaluating vehicle information security vulnerabilities according to the second embodiment of the present application;

fig. 6 is a schematic flowchart of step 205 in the method for evaluating a vehicle information security vulnerability according to the second embodiment of the present application;

fig. 7 is a schematic flowchart of step 206 in the method for evaluating a vehicle information security vulnerability according to the second embodiment of the present application;

fig. 8 is a schematic flowchart of step 207 in the method for evaluating a vehicle information security vulnerability according to the second embodiment of the present application;

fig. 9 is a schematic flowchart of step 2072 in the vehicle information security vulnerability assessment method according to the second embodiment of the present application;

fig. 10 is a schematic flowchart of step 2073 in the vehicle information security vulnerability assessment method according to the second embodiment of the present application;

fig. 11 is a schematic flowchart of step 209 in the method for evaluating a vehicle information security vulnerability according to the second embodiment of the present application;

fig. 12 is a signaling flowchart of a method for evaluating a vehicle information security vulnerability according to a third embodiment of the present application;

fig. 13 is a schematic structural diagram of an evaluation apparatus for vehicle information security vulnerabilities according to a fourth embodiment of the present application;

fig. 14 is a schematic structural diagram of an evaluation apparatus for vehicle information security vulnerabilities according to a fifth embodiment of the present application;

fig. 15 is a block diagram of an electronic device for implementing the method for evaluating the vehicle information security vulnerability according to the embodiment of the present application.

Detailed Description

The following description of the exemplary embodiments of the present application, taken in conjunction with the accompanying drawings, includes various details of the embodiments of the application for the understanding of the same, which are to be considered exemplary only. Accordingly, those of ordinary skill in the art will recognize that various changes and modifications of the embodiments described herein can be made without departing from the scope and spirit of the present application. Also, descriptions of well-known functions and constructions are omitted in the following description for clarity and conciseness.

For a clear understanding of the technical solutions of the present application, a detailed description of the prior art solutions is first provided. With the development of vehicles toward electric, intelligent, networking and sharing, and particularly toward networking, the access to information systems of vehicles is becoming more and more common. When the information system of the vehicle is accessed, some illegal users are prevented from attacking the information system of the vehicle by using the information security loopholes of the information system. In order to ensure the safety of the vehicle information system, it is necessary to detect and evaluate the information security vulnerability of the information system.

In the prior art, a CVSS vulnerability scoring system or a HEAVENS vulnerability scoring system is generally used for evaluating information security vulnerabilities. The CVSS vulnerability scoring system is an industry-published standard for assessing the severity of system security vulnerabilities. The method mainly aims to help people establish a standard for measuring the severity of the vulnerability, so that people can compare the severity of the vulnerability and determine the priority of vulnerability repair. The CVSS vulnerability scoring system is based on a series of measurement results in dimensionality when evaluating the information security vulnerability of the vehicle. The evaluation value of the information security hole of the final vehicle is 10 at the maximum and 0 at the minimum. The information security vulnerability with the evaluation value of 7-10 is generally considered to be serious, the information security vulnerability with the evaluation value of 4-6.9 is a middle-level vulnerability, and the information security vulnerability with the evaluation value of 0-3.9 is a low-level vulnerability.

When the HEAVENS vulnerability scoring system evaluates the information security vulnerability, the evaluation value is divided into two aspects of threat level and influence level. The threat level is similar to the vulnerability basic scoring rule of the CVSS, the influence level is similar to the influence scoring of the CVSS, but vehicle-related factors are considered, so that the rationality of the evaluation of the vehicle information security vulnerability is improved.

However, the inventor finds that the information security holes of the vehicle are different from those of other fields through research. In the field of vehicle information security, the damage of an information system is generally the comprehensive effect of a plurality of information security vulnerabilities, that is, the plurality of information security vulnerabilities form an attack link which may affect and damage a vehicle. However, in the information security vulnerability evaluation method in the prior art, how to evaluate the influence of a single information security vulnerability under the condition that the comprehensive action of a plurality of information security vulnerabilities is not considered.

The method aims to solve the technical problem of a vehicle information security vulnerability evaluation method in the prior art. The method is exemplified by an information security vulnerability scene of a vehicle: if a gateway in an information system of a vehicle has an information security flaw, the information security flaw of the gateway can only be matched with a remote information security flaw to implement the attack of controlling the vehicle. However, no remote information security vulnerability is found at present, and two extreme methods are adopted in the two evaluation methods in the prior art, wherein one method is that the existence of the remote information security vulnerability is not concerned, and the information security vulnerability of the gateway is directly evaluated according to the successful harm of attack; the second is to determine that there is no harm to the information security vulnerability of the gateway by default since there is no remote information security vulnerability. It can be seen that it is unreasonable to adopt these two extreme ways to evaluate the information security vulnerability of the vehicle.

Therefore, based on the technical problem of the information security vulnerability assessment method for the vehicle in the prior art, the inventor further researches and discovers that the contribution of the target vulnerability in the corresponding attack link can be assessed by constructing the attack link of the information system of the vehicle in advance, then analyzing the expression and the attack characteristics of the target vulnerability in the corresponding attack link, and calculating the final assessment value of the target vulnerability by combining the assessment value of the target vulnerability. The problem of how to evaluate the influence of a single information security vulnerability under the condition of considering the comprehensive action of a plurality of information security vulnerabilities can be solved. The method and the device for repairing the vehicle information security system leak finally solve the problems that the evaluation of the vehicle information security system leak is not reasonable, the evaluation accuracy of the vehicle information security system leak is low, and the information security system leak cannot be repaired reasonably.

The inventor proposes a technical scheme of the application based on the creative discovery. An application scenario of the vehicle information security vulnerability assessment method provided by the embodiment of the present application is described below. As shown in fig. 1, an application scenario corresponding to the evaluation method for vehicle information security vulnerabilities provided in the embodiment of the present application includes: a server or other device 1, an electronic device 2 and an information system 3 of a vehicle, which are adopted by an illegal user. The electronic device 2 can communicate with the information system in advance, acquire attack node information included in the information system 3, determine an incidence relation between attack nodes according to the attack node information, and construct an attack link of the information system according to the incidence relation between the attack nodes. When an illegal user attacks the information system of the vehicle by using the server or other devices 1, the information system 3 can detect the information security vulnerability of the information system according to the information attack condition, wherein the information security vulnerability is a target vulnerability for evaluation. And determining attack information of the target vulnerability of the information system. Attack information of the information security hole may be transmitted to the electronic device 2. The attack information of the target vulnerability comprises information of the target vulnerability in a corresponding attack link. The electronic equipment 2 determines attack link attack information corresponding to the target vulnerability; determining the contribution value of the target vulnerability in the corresponding attack link according to the attack information of the attack link and the attack information of the target vulnerability; determining the evaluation value of the target vulnerability according to the target vulnerability attack information; and calculating the final evaluation value of the target vulnerability according to the evaluation value and the contribution value. The electronic device 2 may further determine a repair level of the target vulnerability according to the final evaluation value of the target vulnerability. And sending the final evaluation value and/or the repair grade of the target vulnerability to the information system 3, so that the information system 3 repairs the target vulnerability of the information system according to the final evaluation value and/or the repair grade of the target vulnerability. So as to block the attack of the illegal user to the vehicle information system by using the server or other devices 1.

As shown in fig. 2, in another application scenario corresponding to the evaluation method for vehicle information security vulnerabilities provided in the embodiment of the present application, after an illegal user uses a server or other devices 1 to attack an information system of a vehicle, and an information system 3 determines attack information of a target vulnerability, the attack information of the target vulnerability can be stored in another storage device 4. The electronic device 2 may obtain attack information of the target vulnerability in batch through the storage device 4, evaluate the target vulnerability in the same manner as the application scenario 1, and store the final evaluation value and/or repair grade of each target vulnerability in the storage device 4, so that when the information system 3 of the vehicle needs to repair the target vulnerability, the final evaluation value and/or repair grade is obtained from the storage device to repair the target vulnerability.

Embodiments of the present application will be described below in detail with reference to the accompanying drawings.

Example one

Fig. 3 is a schematic flow chart of a method for evaluating a vehicle information security vulnerability according to a first embodiment of the present application, and as shown in fig. 3, an execution subject of the embodiment of the present application is an evaluation device for a vehicle information security vulnerability, and the evaluation device for a vehicle information security vulnerability may be located in an electronic device. The electronic device may communicate with an information system of the vehicle. The method for evaluating the vehicle information security vulnerability provided by the embodiment includes the following steps.

Step 101, obtaining target vulnerability attack information corresponding to an information system of a vehicle.

In this embodiment, the electronic device may be in communication connection with an information system of the vehicle, acquire attack node information included in the information system in advance, and determine an association relationship between attack nodes according to the attack node information to construct an attack link of the information system.

The attack link of the information system may include: near-field attack link, remote attack link, local attack link, etc.

Therefore, the target vulnerability attack information not only includes the relevant attack information of the target vulnerability itself, but also includes the attack characteristic information on the attack node of the attack link corresponding to the target vulnerability.

The target vulnerability attack information may include result information after the target vulnerability is successfully attacked, and may also include state information of an information system after the target vulnerability is successfully attacked, control state information of the vehicle, and the like.

Specifically, in this embodiment, if the target vulnerability attack information corresponding to the information system of the vehicle is stored in the storage device connected to the information system, the electronic device obtains the target vulnerability attack information corresponding to the information system of the vehicle by communicating with the storage device. And if the target vulnerability attack information is directly stored in the information system of the vehicle, the electronic equipment is communicated with the information system to acquire the target vulnerability attack information corresponding to the information system of the vehicle.

The communication mode between the electronic device and the information system or the storage device may be: global system for Mobile communications (GSM), Code Division Multiple Access (CDMA), Wideband Code Division Multiple Access (WCDMA), Time Division-Synchronous Code Division Multiple Access (TD-SCDMA), Long Term Evolution (LTE), and 5G in the future. It can be understood that the communication mode of the electronic device and the information system may also be a wireless communication mode, and the wireless communication mode may be zigbee communication, bluetooth BLE communication, or wifi communication of an action hotspot.

If the electronic device communicates with the information system, the electronic device may be mounted on the target vehicle, and the electronic device and the information system of the target vehicle communicate with each other by using a bus.

In this embodiment, the communication mode between the electronic device and the information system or the storage device is not limited.

And 102, determining attack link attack information corresponding to the target vulnerability.

In this embodiment, when an illegal user attacks the information system by using a server or other devices, the target vulnerability exists on the corresponding attack link, so that attack information of the attack link corresponding to the target vulnerability can be determined.

The attack information of the attack link may include result information after the attack link is successfully attacked, and may also include state information of an information system after the attack link is successfully attacked, control state information of the vehicle, and the like.

As an optional implementation manner, in this embodiment, a mapping relationship between attack information of each attack link and an identifier and/or a type of a corresponding attack link may be stored in advance. The identification and/or type information of the attack link corresponding to the target vulnerability can be determined according to the attack information of the target vulnerability, and the attack information of the attack link corresponding to the target vulnerability can be determined according to the identification and/or type information of the attack link and the mapping relation.

And 103, determining the contribution value of the target vulnerability in the corresponding attack link according to the attack information of the attack link and the attack information of the target vulnerability.

And the contribution value of the target vulnerability in the corresponding attack link is the influence value of the target vulnerability on the attack link after the target vulnerability is successfully attacked.

Specifically, in this embodiment, the evaluation value of the attack link corresponding to the target vulnerability may be determined according to the attack information of the attack link, the attack value of the target vulnerability in the corresponding attack link may be determined according to the attack information of the target vulnerability, and the contribution value of the target vulnerability in the corresponding attack link may be calculated according to the evaluation value of the attack link corresponding to the target vulnerability and the attack value of the target vulnerability in the corresponding attack link.

Or determining the contribution value of the target vulnerability in the corresponding attack link according to the attack link attack information and the target vulnerability attack information in other manners, which is not limited in this embodiment.

And 104, determining the evaluation value of the target vulnerability according to the target vulnerability attack information.

In this embodiment, since the target vulnerability attack information includes the relevant attack information of the target vulnerability itself, the evaluation value of the target vulnerability itself can be determined according to the attack information of the target vulnerability itself.

When determining the self evaluation value of the target vulnerability according to the self attack information of the target vulnerability, the following steps can be adopted: a CVSS vulnerability scoring system or a HEAVENS vulnerability scoring system, etc., which are not limited in this embodiment.

And 105, calculating a final evaluation value of the target vulnerability according to the evaluation value and the contribution value.

As an optional implementation manner, in this embodiment, weights of the self-evaluation value of the target vulnerability and the contribution value at the corresponding attack link may be set, and a final evaluation value of the target vulnerability may be calculated by weighting and summing the self-evaluation value of the target vulnerability and the contribution value at the corresponding attack link.

Or as another optional implementation, in this embodiment, the self evaluation value of the target vulnerability and the contribution value of the corresponding attack link may be directly summed to calculate the final evaluation value of the target vulnerability.

Or calculating the final evaluation value of the target vulnerability according to the evaluation value and the contribution value by other methods, which is not limited in this embodiment.

According to the evaluation method for the vehicle information security vulnerability, target vulnerability attack information corresponding to an information system of a vehicle is obtained; determining attack link attack information corresponding to the target vulnerability; determining the contribution value of the target vulnerability in the corresponding attack link according to the attack information of the attack link and the attack information of the target vulnerability; determining the evaluation value of the target vulnerability according to the target vulnerability attack information; and calculating the final evaluation value of the target vulnerability according to the evaluation value and the contribution value. When the target vulnerability is evaluated, the evaluation value of the target vulnerability is calculated, and the contribution value of the target vulnerability in the corresponding attack link is combined, so that the information security vulnerability of the vehicle is finally evaluated. Therefore, under the condition of considering the comprehensive action of a plurality of information security vulnerabilities, how to evaluate the influence of a single information security vulnerability is achieved. Therefore, the evaluation of the vehicle information security system loophole is more reasonable, the accuracy of the evaluation of the vehicle information security system loophole is improved, and the vehicle information security system loophole can be repaired more reasonably.

Example two

Fig. 4 is a schematic flow chart of a method for evaluating a vehicle information security vulnerability according to a second embodiment of the present application, and as shown in fig. 4, the method for evaluating a vehicle information security vulnerability according to the present embodiment is further detailed in steps 102 to 105 on the basis of the method for evaluating a vehicle information security vulnerability according to the first embodiment of the present application. And the method also comprises the steps of constructing attack links of the information system and setting the weight corresponding to each attack node in each attack link. The method for evaluating the vehicle information security vulnerability provided by the embodiment comprises the following steps.

Step 201, determining the incidence relation between attack nodes included in the information system.

Further, in this embodiment, the electronic device communicates with the information system, acquires attack node information included in the information system, and determines an association relationship between attack nodes according to a communication connection relationship between the attack nodes.

As shown in fig. 5, an attack node in an information system includes: the system comprises a remote communication attack node, a near field communication attack node, a local attack node, a micro control unit attack node (MCU attack node for short) and a gateway attack node.

The local attack node can be a running computer of the vehicle. In the information system, a remote communication unit or a near field communication unit is in communication connection with a running computer of a vehicle, an MCU is connected with the running computer, the MCU is in communication connection with a gateway, and the gateway is in communication connection with an engine and a gearbox of the vehicle so as to control the vehicle to run through local control or near field control or remote control.

Step 202, at least one attack link corresponding to the information system is constructed according to the incidence relation among the attack nodes.

In this embodiment, at least one attack link corresponding to the information system is constructed according to the communication connection relationship between the attack nodes.

Wherein the constructed at least one type of attack link comprises: near-field attack links, remote attack links, and local attack links.

As shown in fig. 5, the attack links connected by thick solid lines are near-field attack links, the attack links connected by thin solid lines are remote attack links, and the attack links connected by dotted lines are local attack links. The attack node included on the near field attack link includes: the system comprises a near field communication attack node, a local attack node, an MCU attack node and a gateway attack node. The attack node included in the remote attack link includes: the system comprises a remote communication attack node, a local attack node, an MCU attack node and a gateway attack node. The attack nodes included in the local attack link comprise: local attack nodes, MCU attack nodes and gateway attack nodes.

And step 203, setting weights corresponding to all attack nodes existing in all attack links.

Further, in this embodiment, the weight corresponding to each attack node may be set according to the contribution degree and the attack difficulty of the attack node when the attack link attack succeeds. If the contribution of the attack node is larger when the attack link attack succeeds, the difficulty of attack is larger, and the weight corresponding to the attack node is larger. On the contrary, if the contribution of the attack node is smaller when the attack link attack succeeds, the difficulty of attack is smaller, and the weight corresponding to the attack node is smaller.

As an alternative, the weights corresponding to the same attack node on each attack link may be set to the same value. Then, for example, as shown in fig. 5, the weights corresponding to the near field communication attack node and the telecommunication attack node may be respectively 0.4. The weights corresponding to the local attack node and the MCU attack node may be 0.1, respectively. The weight corresponding to the gateway attack node is 0.4.

It can be understood that the weight corresponding to each attack node can be adjusted and updated according to the actual performance of each attack node in the attack.

And 204, acquiring target vulnerability attack information corresponding to the information system of the vehicle.

In this embodiment, when an illegal user attacks the information system through a server or other devices, a log file is formed in the information system. The target vulnerability attack information corresponding to the information system of the vehicle can be obtained from the log file. The information system may store the target vulnerability attack information in the storage device or itself. The electronic device obtains target vulnerability attack information through communication with the storage device or the information system.

Further, in this embodiment, the attack characteristic information on the attack node of the attack link corresponding to the target vulnerability in the target vulnerability attack information may include: the type information of the attack link corresponding to the target vulnerability, the weight corresponding to the attack node which is attacked by the target vulnerability on the corresponding attack link, the control degree information of the attacked node, and the like.

It should be noted that the number of attack nodes that an illegal user attacks on a corresponding attack link by using a target vulnerability may be 0, 1 or more. This is determined by the size of the target leak and/or the strength of the attack by the illegitimate user. For example, if an illegal user can break through the near field communication attack node by using a target vulnerability generated by near field communication protocols such as bluetooth, wifi, NFC, etc., and further attack the local attack node, the number of attack nodes attacked on the attack link corresponding to the target vulnerability is 2. For another example, a target vulnerability existing in the vehicle computer is very small, and an illegal user cannot control the local area by using the target vulnerability, so that the number of attack nodes attacked on the attack link corresponding to the target vulnerability is 0.

Step 205, determining attack link attack information corresponding to the target vulnerability.

As an alternative implementation manner, in this embodiment, as shown in fig. 6, step 205 includes the following steps:

and step 2051, acquiring type information of the corresponding attack link in the target vulnerability attack information.

Furthermore, the type information of the attack link corresponding to the target vulnerability is included in the target vulnerability attack information, so that the type information of the corresponding attack link can be directly obtained from the target vulnerability attack information.

Optionally, the type of the attack link corresponding to the obtained target vulnerability may be any one of a near field attack link, a remote attack link and a local attack link.

And step 2052, determining attack information of the attack link according to the type information of the attack link.

Further, in this embodiment, the mapping relationship between each attack link attack information and the type of the corresponding attack link is stored in advance. And determining attack information of the attack link corresponding to the target vulnerability according to the type information of the attack link and the mapping relation.

It should be noted that the following steps 206-208 are an alternative implementation of step 103 in the first embodiment of the present application.

And step 206, determining the evaluation value of the attack link corresponding to the target vulnerability according to the type information of the attack link and the attack information.

As an alternative implementation, in this embodiment, as shown in fig. 7, step 206 includes the following steps:

step 2061, inputting the type information and the attack information of the attack link into the HEAVENS vulnerability scoring system, and evaluating the attack link through the HEAVENS vulnerability scoring system.

Step 2062, outputting the evaluation value of the attack link through the HEAVENS vulnerability scoring system.

Further, in this embodiment, the type information and the attack information of the attack link are input into the HEAVENS vulnerability scoring system, and the HEAVENS vulnerability scoring system evaluates the attack link at the angle of the attack link, specifically evaluates the influence of the attack link after being attacked successfully. Influence evaluation can be carried out from the aspects of personal safety, property loss, functional failure, privacy safety and the like, and the evaluation value of the attack link is output.

And step 207, determining the attack value of the target vulnerability in the corresponding attack link according to the target vulnerability attack information.

As an alternative implementation, in this embodiment, as shown in fig. 8, step 207 includes the following steps:

step 2071, determining the weight corresponding to the attack node attacked by the target vulnerability on the corresponding attack link in the target vulnerability attack information.

Further, in this embodiment, if the number of attack nodes that the target vulnerability is attacked on the corresponding attack link is 0, the weight corresponding to the attack node that the target vulnerability is attacked on the corresponding attack link is determined to be 0. And if the number of the attack nodes attacked by the target vulnerability on the corresponding attack link is 1, determining the weight of the target vulnerability on the corresponding attack link corresponding to the attacked node. And if a plurality of attack nodes attacked by the target vulnerability on the corresponding attack link exist, determining the weight of the target vulnerability on the corresponding attack link corresponding to the plurality of attacked nodes.

And 2072, determining a control value corresponding to the attack node which is attacked on the corresponding attack link by the target vulnerability according to the target vulnerability attack information.

As an alternative implementation, in this embodiment, as shown in fig. 9, step 2072 includes the following steps:

step 2072a, determining control degree information of the attacked node in the target vulnerability attack information.

Further, in this embodiment, the determined control degree information of the attacking node in the target vulnerability attack information may be complete control, critical control, or incomplete control.

And 2072b, determining a control value corresponding to the attacked node according to the control degree information.

Optionally, in this embodiment, if the control degree information of the attacked node in the target vulnerability attack information is complete control or key control, it is determined that the control value corresponding to the attacked node is 1. If the control degree information of the attacked node in the target vulnerability attack information is incomplete control, determining that the control value corresponding to the attacked node can be 0.5.

And 2073, calculating a attack value according to the control value and the weight corresponding to the attacked node.

As an alternative embodiment, as shown in fig. 10, if the attacked node includes at least one, step 2073 comprises the following steps:

and 2073a, multiplying the control value corresponding to each attacked node by the weight to obtain each sub-attacked value.

And 2073b, summing the sub-attack values to obtain the attack value.

Further, in this embodiment, the attack value b of the target vulnerability in the corresponding attack link₂Can be represented by formula (1):

wherein each term ω_i*μ_iFor each sub-attack value, i is the attack node to be attacked, and n is the number of attack nodes to be attacked. n is 1 or more.

For example, if an illegal user can directly control the vehicle after a target vulnerability of a local attack node is attacked, the attack node attacked by the target vulnerability includes: local attack node, MCU attack node and gateway attack node for calculationAttack value b of mark vulnerability in corresponding attack link₂And respectively calculating the sub-attack value of the local attack node, the sub-attack value of the MCU attack node and the sub-attack value of the gateway attack node, and adding the three sub-attack values to obtain the attack value of the target vulnerability in the corresponding attack link.

It can be understood that, if the number of attacked nodes is 0, the attack value of the determined target vulnerability in the corresponding attack link is 0.

And step 208, calculating a contribution value according to the evaluation value and the attack value of the attack link.

As an alternative embodiment, step 208 includes:

and multiplying the evaluation value and the attack value of the attack link to obtain a contribution value.

Further, in this embodiment, the contribution value of the target vulnerability in the corresponding attack link may be represented by formula (2):

b is the contribution value of the target vulnerability in the corresponding attack link, b₁Evaluation value for attacking link, b₂And the attack value of the target vulnerability in the corresponding attack link is obtained.

And step 209, determining the self evaluation value of the target vulnerability according to the target vulnerability attack information.

As an alternative embodiment, as shown in fig. 11, step 209 includes the following steps:

step 2091, inputting the relevant attack information in the target vulnerability attack information into a preset vulnerability scoring system, so as to evaluate the target vulnerability through the preset vulnerability scoring system.

Step 2092, outputting the evaluation value of the system itself through a preset vulnerability scoring system.

The preset vulnerability scoring system is a CVSS vulnerability scoring system or a HEAVANS vulnerability scoring system.

Further, in this embodiment, the attack information related to the target vulnerability itself is input into the CVSS vulnerability scoring system or the HEAVENS vulnerability scoring system, so as to evaluate the influence of the target vulnerability by the CVSS vulnerability scoring system or the HEAVENS vulnerability scoring system, and output the evaluation value of the target vulnerability itself.

And step 210, calculating a final evaluation value of the target vulnerability according to the evaluation value and the contribution value.

As an alternative embodiment, step 210 includes:

and carrying out summation operation on the evaluation value and the contribution value to obtain a final evaluation value of the target vulnerability.

Specifically, the final evaluation value of the target vulnerability may be expressed as shown in equation (3):

wherein c represents the final evaluation value of the target vulnerability, a represents the evaluation value of the target vulnerability itself, and b represents the contribution value of the target vulnerability in the corresponding attack link.

EXAMPLE III

Fig. 12 is a signaling flowchart of an evaluation method for vehicle information security vulnerabilities according to a third embodiment of the present application, and as shown in fig. 12, the evaluation method for vehicle information security vulnerabilities according to the present embodiment includes the following steps:

step 301, the electronic device obtains the association relationship between attack nodes in the information system from the information system.

Further, in this embodiment, the electronic device may send an acquisition request of an association relationship between attack nodes to the information system, and the information system acquires the association relationship between the attack nodes according to the acquisition request of the association relationship between the attack nodes and sends the association relationship between the attack nodes to the electronic device.

Step 302, the electronic device constructs at least one attack link corresponding to the information system according to the incidence relation between the attack nodes, and sets the weight corresponding to each attack node existing in each attack link.

It can be understood that, since at least one attack link of the constructed information system is constructed according to the incidence relation between attack nodes, the actual attack link condition in the information system can be reflected. And at least one attack link information corresponding to the constructed information system can be stored in the information system. When an illegal user attacks the information system, attack characteristic information on an attack node corresponding to an attack link included in the attack information of the target vulnerability can be quickly determined.

Step 303, the electronic device obtains target vulnerability attack information corresponding to the information system of the vehicle from the information system.

Further, in this embodiment, the electronic device may send a target vulnerability attack information acquisition request to the information system, and the information system acquires attack information of a target vulnerability according to the target vulnerability attack information acquisition request and sends the target vulnerability attack information to the electronic device.

And step 304, the electronic equipment determines attack link attack information corresponding to the target vulnerability.

In step 305, the electronic device determines a contribution value of the target vulnerability in the corresponding attack link according to the attack information of the attack link and the attack information of the target vulnerability.

And step 306, the electronic equipment determines the evaluation value of the target vulnerability according to the target vulnerability attack information.

And 307, the electronic equipment calculates a final evaluation value of the target vulnerability according to the evaluation value and the contribution value.

In this embodiment, the implementation manners of steps 304 to 307 are similar to the implementation manners of the related steps in the second embodiment of the present application, and are not described in detail here.

And 308, the electronic equipment calculates the repair grade of the target vulnerability according to the final evaluation value of the target vulnerability.

Further, in this embodiment, a mapping relationship between a final evaluation value and a repair level of a target vulnerability may be preset. And after the final evaluation value of the target vulnerability is determined, determining the repair grade of the target vulnerability according to the mapping relation.

It can be understood that the higher the final evaluation value of the target vulnerability is, the higher the repair level corresponding to the target vulnerability is. Conversely, the lower the final evaluation value of the target vulnerability is, the lower the repair level corresponding to the target vulnerability is.

Step 309, the electronic device sends the repair level of the target vulnerability to an information system.

Further, in this embodiment, the electronic device sends the repair level of the target bug to the information system, so that the information system repairs the target bug according to the repair level. And the information system preferentially repairs the target loopholes with high grade according to the repair grade of the target loopholes, and repairs the target loopholes with low grade after the target loopholes with high repair grade are repaired.

And step 310, the information system repairs the target vulnerability according to the repair level.

Further, in this embodiment, when the information system repairs the target vulnerability, the target vulnerability may be repaired by using a patching method, or a corresponding link of the information system is improved, and the target vulnerability is detected again after the improvement until the target vulnerability cannot be detected. Or other target vulnerability repair methods are adopted to repair the target vulnerability, which is not limited in this embodiment.

Example four

Fig. 13 is a schematic structural diagram of an apparatus for evaluating a vehicle information security breach according to a fourth embodiment of the present application, and as shown in fig. 13, the apparatus for evaluating a vehicle information security breach according to the present embodiment is located in an electronic device, and the electronic device communicates with an information system of a vehicle. The vehicle information security vulnerability assessment apparatus 1300 includes: a vulnerability information acquisition module 1301, an attack link information determination module 1302, a contribution value determination module 1303, a self evaluation value determination module 1304 and a final evaluation value calculation module 1305.

The vulnerability information obtaining module 1301 is used for obtaining target vulnerability attack information corresponding to an information system of the vehicle. The attack link information determining module 1302 is configured to determine attack link attack information corresponding to the target vulnerability. And the contribution value determining module 1303 is configured to determine, according to the attack information of the attack link and the target vulnerability attack information, a contribution value of the target vulnerability in the corresponding attack link. And a self-evaluation value determining module 1304, configured to determine a self-evaluation value of the target vulnerability according to the target vulnerability attack information. And a final evaluation value calculating module 1305, configured to calculate a final evaluation value of the target vulnerability according to the self evaluation value and the contribution value.

The evaluation apparatus for vehicle information security vulnerabilities provided in this embodiment may implement the technical solution of the method embodiment shown in fig. 3, and the implementation principle and technical effect thereof are similar to those of the method embodiment shown in fig. 3, and are not described in detail here.

EXAMPLE five

Fig. 14 is a schematic structural diagram of an apparatus for evaluating a vehicle information security vulnerability according to a fifth embodiment of the present application, and as shown in fig. 14, an apparatus 1400 for evaluating a vehicle information security vulnerability according to the present embodiment further includes, in addition to the apparatus 1300 for evaluating a vehicle information security vulnerability provided in fig. 13: an attack link construction module 1401 and a repair level calculation module 1402.

Further, an attack link construction module 1401 for:

determining an incidence relation between attack nodes included in an information system; constructing at least one attack link corresponding to the information system according to the incidence relation among the attack nodes; and setting the weight corresponding to each attack node existing in each attack link.

Further, the attack link information determining module 1302 is specifically configured to:

acquiring type information of a corresponding attack link in target vulnerability attack information; and determining attack information of the attack link according to the type information of the attack link.

Wherein, the types of the attack link comprise: near-field attack links, remote attack links, and local attack links.

Further, the contribution value determining module 1303 is specifically configured to:

determining an evaluation value of an attack link corresponding to the target vulnerability according to the type information and the attack information of the attack link; determining the attack value of the target vulnerability in the corresponding attack link according to the target vulnerability attack information; and calculating a contribution value according to the evaluation value and the attack value of the attack link.

Further, the contribution value determining module 1303, when determining the evaluation value of the attack link corresponding to the target vulnerability according to the type information of the attack link and the attack information, is specifically configured to:

inputting the type information and the attack information of the attack link into a HEAVENS vulnerability scoring system so as to evaluate the attack link through the HEAVENS vulnerability scoring system; and outputting the evaluation value of the attack link through a HEAVENS vulnerability scoring system.

Further, the contribution value determining module 1303, when determining the attack value of the target vulnerability in the corresponding attack link according to the target vulnerability attack information, is specifically configured to:

determining the weight corresponding to the attack node which is attacked on the corresponding attack link by the target vulnerability in the target vulnerability attack information; determining a control value corresponding to an attack node which is attacked on a corresponding attack link by the target vulnerability according to the target vulnerability attack information; and calculating a breaking value according to the control value and the weight corresponding to the broken attacking node.

Further, the contribution value determining module 1303, when determining, according to the target vulnerability attack information, a control value corresponding to the attack node that the target vulnerability is attacked on the corresponding attack link, is specifically configured to:

Further, the contribution value determining module 1303, when calculating the attack value according to the control value and the weight corresponding to the attacked node, is specifically configured to:

respectively carrying out multiplication operation on the control value corresponding to each attacked attack node and the weight to obtain each sub-attack value;

and summing the sub-attack values to obtain the attack values.

Further, the contribution value determining module 1303, when calculating the contribution value according to the evaluation value and the attack value of the attack link, is specifically configured to:

Further, the evaluation value determining module 1304 is specifically configured to:

inputting self-related attack information in the target vulnerability attack information into a preset vulnerability scoring system so as to evaluate the target vulnerability through the preset vulnerability scoring system; outputting a self evaluation value through a preset vulnerability scoring system; the preset vulnerability scoring system is a CVSS vulnerability scoring system or a HEAVANS vulnerability scoring system.

Further, the final evaluation value calculating module 1305 is specifically configured to:

Further, a repair level calculation module 1305, configured to:

calculating the repair grade of the target vulnerability according to the final evaluation value of the target vulnerability; and sending the repair grade of the target vulnerability to an information system so that the information system repairs the target vulnerability according to the repair grade.

The device for evaluating the vehicle information security vulnerability provided in this embodiment may implement the technical solutions of the method embodiments shown in fig. 4 and fig. 6 to 12, and the implementation principles and technical effects thereof are similar to those of the method embodiments shown in fig. 4 and fig. 6 to 12, and are not described in detail herein.

According to an embodiment of the present application, an electronic device and a readable storage medium are also provided.

As shown in fig. 15, the present disclosure is a block diagram of an electronic device according to an evaluation method for vehicle information security vulnerabilities according to an embodiment of the present disclosure. Electronic devices are intended for various forms of digital computers, such as laptops, desktops, workstations, personal digital assistants, servers, blade servers, mainframes, and other appropriate computers. The electronic device may also represent various forms of mobile devices, such as personal digital processing, cellular phones, smart phones, wearable devices, and other similar computing devices. The components shown herein, their connections and relationships, and their functions, are meant to be examples only, and are not meant to limit implementations of the present application that are described and/or claimed herein.

As shown in fig. 15, the electronic apparatus includes: one or more processors 1501, memory 1502, and interfaces for connecting the various components, including high-speed interfaces and low-speed interfaces. The various components are interconnected using different buses and may be mounted on a common motherboard or in other manners as desired. The processor may process instructions for execution within the electronic device, including instructions stored in or on the memory to display graphical information of a GUI on an external input/output apparatus (such as a display device coupled to the interface). In other embodiments, multiple processors and/or multiple buses may be used, along with multiple memories and multiple memories, as desired. Also, multiple electronic devices may be connected, with each device providing portions of the necessary operations (e.g., as a server array, a group of blade servers, or a multi-processor system). Fig. 15 illustrates an example of a processor 1501.

The memory 1502 is a non-transitory computer readable storage medium provided herein. The memory stores instructions executable by the at least one processor, so that the at least one processor executes the method for evaluating the vehicle information security vulnerability provided by the application. The non-transitory computer-readable storage medium of the present application stores computer instructions for causing a computer to execute the method for evaluating a vehicle information security vulnerability provided by the present application.

The memory 1502, which is a non-transitory computer-readable storage medium, may be used to store non-transitory software programs, non-transitory computer-executable programs, and modules, such as program instructions/modules corresponding to the evaluation method of vehicle information security vulnerabilities in the embodiment of the present application (for example, a vulnerability information acquisition module 1301, an attack link information determination module 1302, a contribution value determination module 1303, a self-evaluation value determination module 1304, and a final evaluation value calculation module 1305). The processor 1501 executes various functional applications of the server and data processing by running non-transitory software programs, instructions, and modules stored in the memory 1502, that is, implements the method for evaluating vehicle information security vulnerabilities in the above-described method embodiments.

The memory 1502 may include a program storage area that may store an operating system, an application program required for at least one function, and a data storage area; the storage data area may store data created according to the use of the electronic device of fig. 15, and the like. Further, the memory 1502 may include high speed random access memory, and may also include non-transitory memory, such as at least one magnetic disk storage device, flash memory device, or other non-transitory solid state storage device. In some embodiments, the memory 1502 may optionally include memory located remotely from the processor 1501, which may be connected to the electronic device of fig. 15 via a network. Examples of such networks include, but are not limited to, the internet, intranets, local area networks, mobile communication networks, and combinations thereof.

The electronic device of fig. 15 may further include: an input device 1503 and an output device 1504. The processor 1501, the memory 1502, the input device 1503, and the output device 1504 may be connected by a bus or other means, such as the bus connection shown in fig. 15.

The input device 1503 may receive input voice, numeric, or character information and generate key signal inputs associated with user settings and function control of the electronic device of fig. 15, such as a touch screen, a keypad, a mouse, a track pad, a touch pad, a pointing stick, one or more mouse buttons, a track ball, a joystick, or other input devices. The output devices 1504 may include voice playback devices, display devices, auxiliary lighting devices (e.g., LEDs), and haptic feedback devices (e.g., vibrating motors), among others. The display device may include, but is not limited to, a Liquid Crystal Display (LCD), a Light Emitting Diode (LED) display, and a plasma display. In some implementations, the display device can be a touch screen.

Various implementations of the systems and techniques described here can be realized in digital electronic circuitry, integrated circuitry, application specific ASICs (application specific integrated circuits), computer hardware, firmware, software, and/or combinations thereof. These various embodiments may include: implemented in one or more computer programs that are executable and/or interpretable on a programmable system including at least one programmable processor, which may be special or general purpose, receiving data and instructions from, and transmitting data and instructions to, a storage system, at least one input device, and at least one output device.

These computer programs (also known as programs, software applications, or code) include machine instructions for a programmable processor, and may be implemented using high-level procedural and/or object-oriented programming languages, and/or assembly/machine languages. As used herein, the terms "machine-readable medium" and "computer-readable medium" refer to any computer program product, apparatus, and/or device (e.g., magnetic discs, optical disks, memory, Programmable Logic Devices (PLDs)) used to provide machine instructions and/or data to a programmable processor, including a machine-readable medium that receives machine instructions as a machine-readable signal. The term "machine-readable signal" refers to any signal used to provide machine instructions and/or data to a programmable processor.

To provide for interaction with a user, the systems and techniques described here can be implemented on a computer having: a display device (e.g., a CRT (cathode ray tube) or LCD (liquid crystal display) monitor) for displaying information to a user; and a keyboard and a pointing device (e.g., a mouse or a trackball) by which a user can provide input to the computer. Other kinds of devices may also be used to provide for interaction with a user; for example, feedback provided to the user can be any form of sensory feedback (e.g., visual feedback, auditory feedback, or tactile feedback); and input from the user may be received in any form, including acoustic, speech, or tactile input.

The systems and techniques described here can be implemented in a computing system that includes a back-end component (e.g., as a data server), or that includes a middleware component (e.g., an application server), or that includes a front-end component (e.g., a user computer having a graphical user interface or a web browser through which a user can interact with an implementation of the systems and techniques described here), or any combination of such back-end, middleware, or front-end components. The components of the system can be interconnected by any form or medium of digital data communication (e.g., a communication network). Examples of communication networks include: local Area Networks (LANs), Wide Area Networks (WANs), and the Internet.

The computer system may include clients and servers. A client and server are generally remote from each other and typically interact through a communication network. The relationship of client and server arises by virtue of computer programs running on the respective computers and having a client-server relationship to each other.

According to the technical scheme of the embodiment of the application, when the target vulnerability is evaluated, the evaluation value of the target vulnerability is calculated, and the contribution value of the target vulnerability in the corresponding attack link is combined, so that the final evaluation is carried out on the information security vulnerability of the vehicle. Therefore, under the condition of considering the comprehensive action of a plurality of information security vulnerabilities, how to evaluate the influence of a single information security vulnerability is achieved. Therefore, the evaluation of the vehicle information security system loophole is more reasonable, the accuracy of the evaluation of the vehicle information security system loophole is improved, and the vehicle information security system loophole can be repaired more reasonably.

It should be understood that various forms of the flows shown above may be used, with steps reordered, added, or deleted. For example, the steps described in the present application may be executed in parallel, sequentially, or in different orders, and the present invention is not limited thereto as long as the desired results of the technical solutions disclosed in the present application can be achieved.

The above-described embodiments should not be construed as limiting the scope of the present application. It should be understood by those skilled in the art that various modifications, combinations, sub-combinations and substitutions may be made in accordance with design requirements and other factors. Any modification, equivalent replacement, and improvement made within the spirit and principle of the present application shall be included in the protection scope of the present application.

Claims

1. The method for evaluating the vehicle information security vulnerability is applied to electronic equipment which is communicated with an information system of a vehicle, and comprises the following steps:

acquiring target vulnerability attack information corresponding to an information system of the vehicle;

determining attack link attack information corresponding to the target vulnerability;

determining the contribution value of the target vulnerability in the corresponding attack link according to the attack information of the attack link and the attack information of the target vulnerability;

determining the evaluation value of the target vulnerability according to the target vulnerability attack information;

and calculating the final evaluation value of the target vulnerability according to the self evaluation value and the contribution value.

2. The method of claim 1, wherein before determining the attack link information corresponding to the target vulnerability, the method further comprises:

determining an incidence relation between attack nodes included in the information system;

constructing at least one attack link corresponding to the information system according to the incidence relation among the attack nodes;

and setting the weight corresponding to each attack node existing in each attack link.

3. The method according to claim 2, wherein the determining attack link attack information corresponding to the target vulnerability includes:

acquiring type information of a corresponding attack link in the target vulnerability attack information;

and determining the attack information of the attack link according to the type information of the attack link.

4. The method of claim 3, wherein the type of the attacking link comprises: near-field attack links, remote attack links, and local attack links.

5. The method according to claim 3 or 4, wherein the determining the contribution value of the target vulnerability in the corresponding attack link according to the attack link information and the target vulnerability attack information comprises:

determining an evaluation value of an attack link corresponding to the target vulnerability according to the type information and the attack information of the attack link;

determining a attack value of the target vulnerability in a corresponding attack link according to the target vulnerability attack information;

and calculating the contribution value according to the evaluation value of the attack link and the attack value.

6. The method according to claim 5, wherein the determining the evaluation value of the attack link corresponding to the target vulnerability according to the type information and the attack information of the attack link comprises:

7. The method of claim 5, wherein the determining the attack value of the target vulnerability in the corresponding attack link according to the target vulnerability attack information comprises:

determining the weight corresponding to the attack node which is attacked on the corresponding attack link by the target vulnerability in the target vulnerability attack information;

determining a control value corresponding to an attack node which is attacked on a corresponding attack link by the target vulnerability according to the target vulnerability attack information;

and calculating the attack value according to the control value and the weight corresponding to the attacked node.

8. The method according to claim 7, wherein the determining, according to the target vulnerability attack information, a control value corresponding to an attack node that the target vulnerability attacks on a corresponding attack link includes:

determining control degree information of the attacked nodes in the target vulnerability attack information;

and determining a control value corresponding to the attacked node according to the control degree information.

9. The method of claim 8, wherein the calculating the attack value according to the control value and the weight corresponding to the attacked node comprises:

respectively carrying out multiplication operation on the control value corresponding to each attacked node and the weight to obtain each sub-attacked value;

and carrying out summation operation on the sub-attack values to obtain the attack values.

10. The method of claim 5, wherein the calculating the contribution value according to the evaluation value and the attack value of the attack link comprises:

11. The method according to any one of claims 1 to 4, wherein the determining the self-evaluation value of the target vulnerability according to the target vulnerability attack information comprises:

inputting relevant attack information in the target vulnerability attack information into a preset vulnerability scoring system so as to evaluate the target vulnerability through the preset vulnerability scoring system;

outputting the evaluation value per se through the preset vulnerability scoring system;

12. The method according to any one of claims 1-4, wherein the calculating a final evaluation value of the target vulnerability from the self evaluation value and the contribution value comprises:

13. The method according to any one of claims 1 to 4, wherein after calculating the final evaluation value of the target vulnerability according to the self evaluation value and the contribution value, the method further comprises:

14. An apparatus for evaluating a vehicle information security hole, the apparatus being located in an electronic device that communicates with an information system of a vehicle, the apparatus comprising:

the vulnerability information acquisition module is used for acquiring target vulnerability attack information corresponding to the information system of the vehicle;

the attack link information determining module is used for determining attack link attack information corresponding to the target vulnerability;

the contribution value determining module is used for determining the contribution value of the target vulnerability in the corresponding attack link according to the attack link attack information and the target vulnerability attack information;

the self evaluation value determining module is used for determining the self evaluation value of the target vulnerability according to the target vulnerability attack information;

and the final evaluation value calculation module is used for calculating the final evaluation value of the target vulnerability according to the self evaluation value and the contribution value.

15. The apparatus of claim 14, further comprising: an attack link construction module to:

16. The apparatus of claim 15, wherein the attack link information determining module is specifically configured to:

17. The apparatus of claim 16, wherein the type of the attacking link comprises: near-field attack links, remote attack links, and local attack links.

18. The apparatus according to claim 16 or 17, wherein the contribution value determining module is specifically configured to:

19. The apparatus according to claim 18, wherein the contribution value determining module, when determining the evaluation value of the attack link corresponding to the target vulnerability according to the type information of the attack link and the attack information, is specifically configured to:

20. The apparatus according to claim 18, wherein the contribution value determining module, when determining the attack value of the target vulnerability in the corresponding attack link according to the target vulnerability attack information, is specifically configured to:

21. The apparatus according to claim 20, wherein the contribution value determining module, when determining, according to the target vulnerability attack information, a control value corresponding to an attack node that the target vulnerability attacks on a corresponding attack link, is specifically configured to:

22. The apparatus according to claim 21, wherein the contribution value determining module, when calculating the attack value according to the control value and the weight corresponding to the attacked node, is specifically configured to:

23. The apparatus according to claim 18, wherein the contribution value determining module, when calculating the contribution value according to the evaluation value and the attack value of the attack link, is specifically configured to:

24. The apparatus according to any one of claims 14 to 17, wherein the self-evaluation-value determining module is specifically configured to:

25. The apparatus according to any one of claims 14 to 17, wherein the final evaluation value calculation module is specifically configured to:

26. The apparatus of any one of claims 14-17, further comprising: a repair level calculation module to:

27. An electronic device, comprising:

at least one processor; and

a memory communicatively coupled to the at least one processor; wherein the content of the first and second substances,

the memory stores instructions executable by the at least one processor to enable the at least one processor to perform the method of any one of claims 1-13.

28. A non-transitory computer readable storage medium having stored thereon computer instructions for causing the computer to perform the method of any one of claims 1-13.