CN112597500A - Automobile information security risk assessment method and device, electronic equipment and storage medium - Google Patents
Automobile information security risk assessment method and device, electronic equipment and storage medium Download PDFInfo
- Publication number
- CN112597500A CN112597500A CN202011444678.0A CN202011444678A CN112597500A CN 112597500 A CN112597500 A CN 112597500A CN 202011444678 A CN202011444678 A CN 202011444678A CN 112597500 A CN112597500 A CN 112597500A
- Authority
- CN
- China
- Prior art keywords
- risk assessment
- behavior
- automobile information
- information security
- security risk
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000012502 risk assessment Methods 0.000 title claims abstract description 96
- 238000000034 method Methods 0.000 title claims abstract description 79
- 230000008569 process Effects 0.000 claims abstract description 38
- 238000011156 evaluation Methods 0.000 claims abstract description 14
- 230000006399 behavior Effects 0.000 claims description 98
- 238000004422 calculation algorithm Methods 0.000 claims description 35
- 238000004458 analytical method Methods 0.000 claims description 19
- 230000015654 memory Effects 0.000 claims description 18
- 238000000605 extraction Methods 0.000 claims description 17
- 230000003542 behavioural effect Effects 0.000 claims description 5
- 238000012854 evaluation process Methods 0.000 abstract description 10
- 238000004891 communication Methods 0.000 abstract description 4
- 231100000279 safety data Toxicity 0.000 abstract description 3
- 238000005516 engineering process Methods 0.000 description 5
- 238000010586 diagram Methods 0.000 description 4
- 238000012545 processing Methods 0.000 description 4
- 235000017399 Caesalpinia tinctoria Nutrition 0.000 description 2
- 241000388430 Tara Species 0.000 description 2
- 230000000694 effects Effects 0.000 description 2
- 238000001914 filtration Methods 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 239000007787 solid Substances 0.000 description 2
- 238000012549 training Methods 0.000 description 2
- 206010063385 Intellectualisation Diseases 0.000 description 1
- 241000700605 Viruses Species 0.000 description 1
- 230000002776 aggregation Effects 0.000 description 1
- 238000004220 aggregation Methods 0.000 description 1
- 238000003491 array Methods 0.000 description 1
- 238000007635 classification algorithm Methods 0.000 description 1
- 230000000295 complement effect Effects 0.000 description 1
- 238000004590 computer program Methods 0.000 description 1
- 238000010276 construction Methods 0.000 description 1
- 230000008878 coupling Effects 0.000 description 1
- 238000010168 coupling process Methods 0.000 description 1
- 238000005859 coupling reaction Methods 0.000 description 1
- 238000007405 data analysis Methods 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000018109 developmental process Effects 0.000 description 1
- 230000006870 function Effects 0.000 description 1
- 238000010295 mobile communication Methods 0.000 description 1
- 230000006855 networking Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000004044 response Effects 0.000 description 1
- 238000010845 search algorithm Methods 0.000 description 1
- 230000011218 segmentation Effects 0.000 description 1
- 238000012163 sequencing technique Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q10/00—Administration; Management
- G06Q10/06—Resources, workflows, human or project management; Enterprise or organisation planning; Enterprise or organisation modelling
- G06Q10/063—Operations research, analysis or management
- G06Q10/0635—Risk analysis of enterprise or organisation activities
Landscapes
- Engineering & Computer Science (AREA)
- Business, Economics & Management (AREA)
- Human Resources & Organizations (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Entrepreneurship & Innovation (AREA)
- Physics & Mathematics (AREA)
- Strategic Management (AREA)
- General Physics & Mathematics (AREA)
- Economics (AREA)
- Development Economics (AREA)
- Educational Administration (AREA)
- Game Theory and Decision Science (AREA)
- Computing Systems (AREA)
- Marketing (AREA)
- Operations Research (AREA)
- Quality & Reliability (AREA)
- Tourism & Hospitality (AREA)
- General Business, Economics & Management (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
Abstract
The invention discloses an automobile information security risk assessment method, an automobile information security risk assessment device, electronic equipment and a storage medium, wherein the automobile information security risk assessment method comprises the following steps: extracting characteristic contents of behavior description in a preset automobile information security risk assessment process; determining a behavior intention of the behavior description according to the characteristic content; and determining a risk assessment result of the behavior description according to the behavior intention, and recommending the risk assessment result. Therefore, accurate and detailed safety data support can be provided for automobile information safety risk assessment personnel, so that the assessment personnel can refer to the automobile information safety risk assessment personnel to make a correct assessment result, and the accuracy and the integrity in the assessment process can be improved; meanwhile, the whole evaluation process is electronized, so that the efficiency of evaluation work is greatly improved, the evaluation process is standardized, and the problems of difficult cooperation and inconsistent communication of personnel in the evaluation process can be effectively solved.
Description
Technical Field
The invention relates to the technical field of automobile information safety, in particular to an automobile information safety risk assessment method and device, electronic equipment and a storage medium.
Background
In recent years, with the further development of networking and intellectualization, information security incidents increase year by year, and automobile information security is a growing concern directly related to the security of the lives and properties of passengers and personal privacy. Both the automobile and the information safety have high complexity, and as the automobile information safety under the high coupling of the automobile and the information safety, the complexity is far higher than the sum of the automobile and the information safety, and the difficulty is very high.
At present, the automobile information safety risk assessment basically depends on the manual experience of an evaluator, a mobile phone or Office software (Microsoft Office) mode is adopted, the efficiency is low, meanwhile, the assessment result extremely depends on the level of the evaluator, the subjectivity is high, large assessment deviation is easy to occur, the assessment result is scattered, and the information safety of an automobile is affected.
Disclosure of Invention
In view of this, embodiments of the present invention provide a method and an apparatus for evaluating an automobile information security risk, an electronic device, and a storage medium, so as to solve the problems of low accuracy, low evaluation efficiency, and scattered evaluation results of the current automobile information security risk evaluation.
According to a first aspect, an embodiment of the present invention provides an automobile information security risk assessment method, including:
extracting characteristic contents of behavior description in a preset automobile information security risk assessment process;
determining a behavior intention of the behavior description according to the characteristic content;
and determining a risk assessment result of the behavior description according to the behavior intention, and recommending the risk assessment result.
According to the automobile information safety risk assessment method provided by the embodiment of the invention, the characteristic content of the behavior description is extracted from the preset automobile information safety risk assessment process, the behavior intention of the behavior description is determined according to the characteristic content, the risk assessment result of the behavior description is determined according to the behavior intention, and the risk assessment result is recommended, so that accurate and detailed safety data support can be provided for automobile information safety risk assessment personnel, so that the assessment personnel can refer to the result to make a correct assessment result, and the accuracy and the integrity in the assessment process can be improved; meanwhile, the whole evaluation process is electronized, so that the efficiency of evaluation work is greatly improved, the evaluation process is standardized, and the problems of difficult cooperation and inconsistent communication of personnel in the evaluation process can be effectively solved.
With reference to the first aspect, in a first implementation manner of the first aspect, the determining the behavior intent of the behavior description according to the feature content includes:
and inputting the characteristic content into a preset behavior prediction model to obtain the behavior intention of the behavior description.
With reference to the first aspect, in a second implementation manner of the first aspect, the determining a risk assessment result of the behavior description according to the behavior intent includes:
and inputting the behavior intention into a preset question-answer database to obtain a risk evaluation result of the behavior description.
With reference to the first aspect, in a third implementation manner of the first aspect, the extracting feature contents of the behavior description in a preset automobile information security risk assessment process includes:
acquiring behavior description in the automobile information security risk assessment process;
and extracting the characteristic content of the behavior description by utilizing a preset semantic analysis algorithm.
With reference to the first aspect, in a fourth implementation manner of the first aspect, the preset semantic analysis algorithm includes a first extraction algorithm in a general scene and a second extraction algorithm that performs weighting processing on a preset term.
With reference to the first aspect, in a fifth implementation manner of the first aspect, before recommending the risk assessment result, the method further includes:
and carrying out de-duplication and/or sorting on the risk assessment results.
With reference to the first aspect, in a sixth implementation manner of the first aspect, after recommending the risk assessment result, the method further includes:
acquiring feedback information of the risk assessment result;
and updating a recommendation algorithm in the behavior prediction model by using the feedback information.
According to a second aspect, an embodiment of the present invention provides an automobile information security risk assessment apparatus, including:
the extraction module is used for extracting the characteristic content of the behavior description in a preset automobile information safety risk assessment process;
the analysis module is used for determining the behavior intention of the behavior description according to the characteristic content;
and the recommending module is used for determining a risk evaluation result of the behavior description according to the behavior intention and recommending the risk evaluation result.
According to a third aspect, an embodiment of the present invention provides an electronic device, including: the storage and the processor are connected with each other in a communication manner, the storage stores computer instructions, and the processor executes the computer instructions to execute the automobile information security risk assessment method in the first aspect or any one of the implementation manners of the first aspect.
According to a fourth aspect, an embodiment of the present invention provides a computer-readable storage medium, which stores computer instructions for causing a computer to execute the automobile information security risk assessment method described in the first aspect or any one of the implementation manners of the first aspect.
Drawings
The features and advantages of the present invention will be more clearly understood by reference to the accompanying drawings, which are illustrative and not to be construed as limiting the invention in any way, and in which:
fig. 1 is a schematic flow chart of a method for evaluating the security risk of vehicle information in embodiment 1 of the present invention;
FIG. 2 is a schematic view of a risk assessment business process in a standard automobile information security risk assessment process;
fig. 3 is a schematic flowchart of a vehicle information security risk assessment method according to a specific example of embodiment 1 of the present invention;
fig. 4 is a schematic structural diagram of an automobile information security risk assessment apparatus according to embodiment 2 of the present invention;
fig. 5 is a schematic structural diagram of a specific example of the automobile information security risk assessment device.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, but not all, embodiments of the present invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Example 1
The embodiment 1 of the invention provides an automobile information security risk assessment method. Fig. 1 is a schematic flow chart of a method for evaluating automobile information security risk in embodiment 1 of the present invention, and as shown in fig. 1, the method for evaluating automobile information security risk in embodiment 1 of the present invention includes the following steps:
s101: and extracting the characteristic content of the behavior description in a preset automobile information security risk assessment process.
In embodiment 1 of the present invention, the preset car information security risk assessment process may be a standard car information security risk assessment process, or may also be a process in a car information security TARA analysis method and a digital modeling system (the TARA method is recommended by the ISO21434 standard). Fig. 2 is a schematic view of a risk assessment business process in a standard automobile information security risk assessment process, and as shown in fig. 2, the risk assessment business mainly includes threat assessment and impact assessment in the automobile information security risk assessment process.
It should be noted that the behavior description may be a whole behavior description in the whole car information security risk assessment process, or may be a behavior description of one or more sub-processes in the car information security risk assessment process, such as a behavior description of threat assessment or/and a behavior description of impact assessment in fig. 2.
As a specific embodiment, before step S101, an automobile information security risk assessment system may be constructed according to an automobile information security risk assessment process. For example, the following technical solutions can be adopted for the construction method: the automobile information safety risk assessment process is realized on line through online form controls based on SpreadJS technology and programming languages such as JSP, a front end of a basic software application platform is built, and a rear end adopts common WEB management technology, including general database technology and background Linux technology.
As a specific implementation manner, the following method may be adopted to extract the feature content of the behavior description in the preset automobile information security risk assessment process: acquiring behavior description in the automobile information security risk assessment process; and extracting the characteristic content of the behavior description by utilizing a preset semantic analysis algorithm.
Further, the preset semantic analysis algorithm includes a first extraction algorithm in a general scene and a second extraction algorithm for performing weighting processing on the preset proper nouns. Specifically, the proper nouns may be proper nouns in an automobile information security scene, and in the second extraction algorithm, the proper nouns related to the automobile information security scene are extracted and given high weight. The proper nouns are from the existing automobile information safety noun library, and the noun library is updated periodically. For example, asset description content, attributes and asset use case scenario content in the asset definition flow; the threat in the threat definition process relates to an information security virus number (CVE, NVD or CNVD), a threat attribute and a threat description content; the threat analysis part in the threat assessment process comprises the professionality of threat content, the knowledge understanding degree of an attack target, an opportunity window and auxiliary attack equipment professional content; the life safety, the economical efficiency, the operability and the privacy and the regularity content in the evaluation process are influenced.
For the first extraction algorithm, a conventional NLP semantic extraction algorithm may be adopted (which NLP algorithm is not limited herein and meets conventional requirements).
For descriptions that do not include the above high weight value, a general NLP semantic model analysis is adopted (the present invention is not limited to a specific method).
S102: and determining the behavior intention of the behavior description according to the characteristic content.
As a specific implementation, the determining the behavior intention of the behavior description according to the feature content may adopt the following technical solutions: and inputting the characteristic content into a preset behavior prediction model to obtain the behavior intention of the behavior description.
Specifically, the behavior prediction model may be obtained by training based on a preset recommendation algorithm. The recommendation algorithm may be selected according to the characteristic that similar problems have similar behavior characteristics, for example, the recommendation algorithm may adopt a classical recommendation algorithm based on an association rule, a collaborative filtering recommendation algorithm based on a user behavior, or of course, other recommendation algorithms may also be adopted, which are not described herein again.
S103: and determining a risk assessment result of the behavior description according to the behavior intention, and recommending the risk assessment result.
As a specific implementation manner, the following technical solution may be adopted for determining the risk assessment result of the behavior description according to the behavior intention: and inputting the behavior intention into a preset question-answer database to obtain a risk evaluation result of the behavior description.
As a further embodiment, before recommending the risk assessment result, the method further includes: and carrying out de-duplication and/or sorting on the risk assessment results. The de-duplication can enable the risk assessment result obtained by the user to be more accurate and refined; the ranking may enable the user to more easily obtain highly important risk assessment results.
As a further embodiment, after recommending the risk assessment result, the method further includes: acquiring feedback information of the risk assessment result; and updating a recommendation algorithm in the behavior prediction model by using the feedback information. Therefore, the whole recommendation model can be further optimized, the recommended content can better meet the actual requirement through the actual evaluation feedback of the user on the recommended content, and the irrelevance and the error rate of recommendation are reduced.
As a specific example, as shown in fig. 3, in embodiment 1 of the present invention, an automobile information security risk assessment method includes four steps of extracting a question, understanding the question, answering the question, and feeding back an answer.
Specifically, the extraction problem is equivalent to the NLP semantic extraction in fig. 3, and specifically includes the following steps: and extracting characteristic contents (also called key contents) of behavior description in the automobile information security risk assessment process based on a semantic word segmentation technology.
Understanding the problem is equivalent to the recognition by the recommendation algorithm in fig. 3, and specifically includes the following steps: and inputting the obtained key content into a behavior prediction model trained in advance, and understanding the behavior intention of the input content.
The answering questions are equivalent to the question-answer reordering in fig. 3, and specifically include the following steps: and inputting the behavior intention into a preset question-answer database, matching answers of the behavior description, sorting and de-duplicating related answers, and recommending the answers to the user.
The feedback response corresponds to the feedback record in fig. 3, and comprises the following steps: and recording the operation behaviors of the evaluators on the answer contents so as to optimize a recommendation algorithm in the subsequently updated behavior prediction model.
For example, in an automobile information security risk assessment process constructed according to a standard automobile information security risk assessment process, behaviors are described as follows: in the asset identification process of risk assessment, a Boshi ECU is widely used in the series E luxury vehicle models, and recently, the defects related to the ECU are found, wherein the serial number of the ECU is CVE:00001, and the serious influence is generated on an automobile IVI system.
The characteristic contents of the behavior description extracted by the semantic analysis algorithm are as follows: asset identification, Bosch, ECU, CVE:00001, Benz E, IVI.
In the above feature contents, ECU, CVE:00001, IVI, asset are identified as proper nouns and obtained through a second extraction algorithm. Bosch, coursing E was obtained by a first extraction algorithm.
The characteristic contents of the behavior description (namely asset identification, Bosch, ECU, CVE:00001, Benz E, IVI) are transmitted into a previously trained behavior prediction model to obtain the behavior intention of the behavior description. Specifically, the resulting behavioral intent is: and acquiring the influence and solution of the CVE 00001 loophole in the Bosch ECU in the series IVI car machine of the Benz.
And matching the behavior intention with a question-answer database, performing deduplication and sequencing on the content matched with the result, and outputting the content to an assessment flow interface of an evaluator for selection or rejection by the evaluator.
And acquiring feedback (selection, rejection or comment) information of an evaluator, adding the feedback information into the attribute of the safety information of the evaluator, and taking the feedback information as an important attribute to participate in training of a recommendation algorithm in the behavior prediction model.
According to the automobile information safety risk assessment method provided by the embodiment 1 of the invention, the characteristic content of the behavior description is extracted from the preset automobile information safety risk assessment process, the behavior intention of the behavior description is determined according to the characteristic content, the risk assessment result of the behavior description is determined according to the behavior intention, and the risk assessment result is recommended, so that accurate and detailed safety data support can be provided for automobile information safety risk assessment personnel, so that the assessment personnel can refer to the result to make a correct assessment result, and the accuracy and the integrity in the assessment process can be improved; meanwhile, the whole evaluation process is electronized, so that the efficiency of evaluation work is greatly improved, the evaluation process is standardized, and the problems of difficult cooperation and inconsistent communication of personnel in the evaluation process can be effectively solved.
Example 2
Corresponding to embodiment 1 of the invention, embodiment 2 of the invention provides an automobile information security risk assessment device. Fig. 4 is a schematic structural diagram of an automobile information security risk assessment apparatus in embodiment 2 of the present invention, and as shown in fig. 4, the automobile information security risk assessment apparatus in embodiment 2 of the present invention includes an extraction module 20, an analysis module 22, and a recommendation module 24.
Specifically, the extracting module 20 is configured to extract feature contents of behavior description in a preset automobile information security risk assessment process;
an analysis module 22, configured to determine a behavior intention of the behavior description by using the feature content;
and the recommending module 24 is used for determining a risk assessment result corresponding to the behavior description according to the behavior intention and recommending the risk assessment result.
As a specific example, fig. 5 is a schematic structural diagram of a specific example of the automobile information security risk assessment apparatus. As shown in FIG. 5, the system includes an acquisition layer, a storage layer, an algorithm layer, a business layer, and an application. Wherein:
an acquisition layer: a crawler interface, an active reporting interface, a scanning interface, etc.
A storage layer: mysql structured storage and Hardoop unstructured storage.
And an algorithm layer: classification algorithm, aggregation algorithm, complement recommendation, rule association algorithm, collaborative recommendation and search algorithm.
And (4) a service layer: and outputting, sorting and filtering a recommendation feedback result.
An application layer: the method comprises the steps of security asset analysis, security case (scene) analysis, vulnerability data analysis, threat analysis, influence analysis and security statement reference.
And (3) a management layer: account management, authority management, log recording, scheduling management and the like.
The details of the above-mentioned car information security risk assessment apparatus can be understood by referring to the corresponding related descriptions and effects in the embodiments shown in fig. 1 to fig. 3, which are not described herein again.
Example 3
Embodiments of the present invention further provide an electronic device, which may include a processor and a memory, where the processor and the memory may be connected by a bus or in another manner.
The processor may be a Central Processing Unit (CPU). The Processor may also be other general purpose processors, Digital Signal Processors (DSPs), Application Specific Integrated Circuits (ASICs), Field Programmable Gate Arrays (FPGAs) or other Programmable logic devices, discrete Gate or transistor logic devices, discrete hardware components, or a combination thereof.
The memory, which is a non-transitory computer readable storage medium, may be used to store non-transitory software programs, non-transitory computer executable programs, and modules, such as program instructions/modules (e.g., the extraction module 20, the analysis module 22, and the recommendation module 24 shown in fig. 4) corresponding to the automobile information security risk assessment method in the embodiment of the present invention. The processor executes various functional applications and data processing of the processor by running the non-transitory software programs, instructions and modules stored in the memory, so as to implement the automobile information security risk assessment method in the above method embodiment.
The memory may include a storage program area and a storage data area, wherein the storage program area may store an operating system, an application program required for at least one function; the storage data area may store data created by the processor, and the like. Further, the memory may include high speed random access memory, and may also include non-transitory memory, such as at least one disk storage device, flash memory device, or other non-transitory solid state storage device. In some embodiments, the memory optionally includes memory located remotely from the processor, and such remote memory may be coupled to the processor via a network. Examples of such networks include, but are not limited to, the internet, intranets, local area networks, mobile communication networks, and combinations thereof.
The one or more modules are stored in the memory and, when executed by the processor, perform the vehicle information security risk assessment method of the embodiment shown in fig. 1-3.
The details of the electronic device may be understood by referring to the corresponding descriptions and effects in the embodiments shown in fig. 1 to fig. 5, which are not described herein again.
It will be understood by those skilled in the art that all or part of the processes of the methods of the embodiments described above can be implemented by a computer program, which can be stored in a computer-readable storage medium, and when executed, can include the processes of the embodiments of the methods described above. The storage medium may be a magnetic Disk, an optical Disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a Flash Memory (Flash Memory), a Hard Disk (Hard Disk Drive, abbreviated as HDD), a Solid State Drive (SSD), or the like; the storage medium may also comprise a combination of memories of the kind described above.
Although the embodiments of the present invention have been described in conjunction with the accompanying drawings, those skilled in the art may make various modifications and variations without departing from the spirit and scope of the invention, and such modifications and variations fall within the scope defined by the appended claims.
Claims (10)
1. A method for evaluating the safety risk of automobile information is characterized by comprising the following steps:
extracting characteristic contents of behavior description in a preset automobile information security risk assessment process;
determining a behavior intention of the behavior description according to the characteristic content;
and determining a risk assessment result of the behavior description according to the behavior intention, and recommending the risk assessment result.
2. The method of claim 1, wherein the determining the behavioral intent of the behavioral description according to the feature content comprises:
and inputting the characteristic content into a preset behavior prediction model to obtain the behavior intention of the behavior description.
3. The method of claim 1, wherein determining a risk assessment result for the behavioral description based on the behavioral intent comprises:
and inputting the behavior intention into a preset question-answer database to obtain a risk evaluation result of the behavior description.
4. The method of claim 1, wherein the step of extracting the characteristic content of the behavior description in the preset automobile information security risk assessment process comprises the following steps:
acquiring behavior description in the automobile information security risk assessment process;
and extracting the characteristic content of the behavior description by utilizing a preset semantic analysis algorithm.
5. The method of claim 1, wherein:
the preset semantic analysis algorithm comprises a first extraction algorithm under a general scene and a second extraction algorithm for weighting preset special nouns.
6. The method of claim 1, further comprising, prior to recommending the risk assessment result:
and carrying out de-duplication and/or sorting on the risk assessment results.
7. The method of claim 2, further comprising, after recommending the risk assessment result:
acquiring feedback information of the risk assessment result;
and updating a recommendation algorithm in the behavior prediction model by using the feedback information.
8. An automobile information security risk assessment device, characterized by comprising:
the extraction module is used for extracting the characteristic content of the behavior description in a preset automobile information safety risk assessment process;
the analysis module is used for determining the behavior intention of the behavior description according to the characteristic content;
and the recommending module is used for determining a risk evaluation result of the behavior description according to the behavior intention and recommending the risk evaluation result.
9. An electronic device, comprising:
a memory and a processor, wherein the memory and the processor are communicatively connected with each other, the memory stores computer instructions, and the processor executes the computer instructions to execute the automobile information security risk assessment method according to any one of claims 1 to 7.
10. A computer-readable storage medium storing computer instructions for causing a computer to execute the automobile information security risk assessment method according to any one of claims 1 to 7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011444678.0A CN112597500A (en) | 2020-12-08 | 2020-12-08 | Automobile information security risk assessment method and device, electronic equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011444678.0A CN112597500A (en) | 2020-12-08 | 2020-12-08 | Automobile information security risk assessment method and device, electronic equipment and storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN112597500A true CN112597500A (en) | 2021-04-02 |
Family
ID=75192386
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202011444678.0A Pending CN112597500A (en) | 2020-12-08 | 2020-12-08 | Automobile information security risk assessment method and device, electronic equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112597500A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116932921A (en) * | 2023-09-18 | 2023-10-24 | 湘江实验室 | Personalized recommendation method and related equipment for automobiles |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108874917A (en) * | 2018-05-30 | 2018-11-23 | 北京五八信息技术有限公司 | Intension recognizing method, device, equipment and storage medium |
| CN108897867A (en) * | 2018-06-29 | 2018-11-27 | 北京百度网讯科技有限公司 | For the data processing method of knowledge question, device, server and medium |
| CN109145579A (en) * | 2018-08-18 | 2019-01-04 | 北京航空航天大学 | Intelligent network joins automobile information secure authentication testing method and system |
| CN109146240A (en) * | 2018-07-03 | 2019-01-04 | 北京航空航天大学 | A kind of Information Security Risk Assessment Methods and system towards intelligent network connection vehicle |
| CN110298077A (en) * | 2019-05-27 | 2019-10-01 | 中国汽车技术研究中心有限公司 | The safe TARA analysis method of automobile information and digitization modeling system |
| CN111985789A (en) * | 2020-07-29 | 2020-11-24 | 惠州市德赛西威智能交通技术研究院有限公司 | Vehicle-mounted terminal information security threat analysis and risk assessment system and method |
-
2020
- 2020-12-08 CN CN202011444678.0A patent/CN112597500A/en active Pending
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108874917A (en) * | 2018-05-30 | 2018-11-23 | 北京五八信息技术有限公司 | Intension recognizing method, device, equipment and storage medium |
| CN108897867A (en) * | 2018-06-29 | 2018-11-27 | 北京百度网讯科技有限公司 | For the data processing method of knowledge question, device, server and medium |
| CN109146240A (en) * | 2018-07-03 | 2019-01-04 | 北京航空航天大学 | A kind of Information Security Risk Assessment Methods and system towards intelligent network connection vehicle |
| CN109145579A (en) * | 2018-08-18 | 2019-01-04 | 北京航空航天大学 | Intelligent network joins automobile information secure authentication testing method and system |
| CN110298077A (en) * | 2019-05-27 | 2019-10-01 | 中国汽车技术研究中心有限公司 | The safe TARA analysis method of automobile information and digitization modeling system |
| CN111985789A (en) * | 2020-07-29 | 2020-11-24 | 惠州市德赛西威智能交通技术研究院有限公司 | Vehicle-mounted terminal information security threat analysis and risk assessment system and method |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116932921A (en) * | 2023-09-18 | 2023-10-24 | 湘江实验室 | Personalized recommendation method and related equipment for automobiles |
| CN116932921B (en) * | 2023-09-18 | 2023-12-12 | 湘江实验室 | Personalized recommendation method and related equipment for automobiles |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US20200335002A1 (en) | Guiding creation of an electronic survey | |
| EP3413221A1 (en) | Risk assessment method and system | |
| CN109299280B (en) | Short text clustering analysis method and device and terminal equipment | |
| CN110442712B (en) | Risk determination method, risk determination device, server and text examination system | |
| Kherwa et al. | An approach towards comprehensive sentimental data analysis and opinion mining | |
| US11755841B2 (en) | Method for updating a knowledge base of a sentiment analysis system | |
| US11586815B2 (en) | Method, system and computer program product for generating artificial documents | |
| CN109325121B (en) | Method and device for determining keywords of text | |
| CN109189935B (en) | APP propagation analysis method and system based on knowledge graph | |
| US20190362024A1 (en) | Systems and methods for intelligent content filtering and persistence | |
| US20190220924A1 (en) | Method and device for determining key variable in model | |
| CN112597500A (en) | Automobile information security risk assessment method and device, electronic equipment and storage medium | |
| CN105405051A (en) | Financial event prediction method and apparatus | |
| CN110377706B (en) | Search sentence mining method and device based on deep learning | |
| CN114969018B (en) | Data monitoring method and system | |
| CN111639161A (en) | System information processing method, apparatus, computer system and medium | |
| Alvarez‐Iglesias et al. | Summarising censored survival data using the mean residual life function | |
| CN113935788B (en) | Model evaluation method, device, equipment and computer readable storage medium | |
| US20210374533A1 (en) | Fully Explainable Document Classification Method And System | |
| US20220138584A1 (en) | Artificial content identification using subset scanning over generative model activations | |
| CN112115237A (en) | Method and device for constructing tobacco scientific and technical literature data recommendation model | |
| CN111159351A (en) | Legal flow analysis system and method for enterprise | |
| US11182448B1 (en) | Content quality management service | |
| CN111815442B (en) | Link prediction method and device and electronic equipment | |
| CN116126367A (en) | Model updating method and device, electronic equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |