CN115314315A - Network security risk assessment system based on big data - Google Patents

Network security risk assessment system based on big data Download PDF

Info

Publication number
CN115314315A
CN115314315A CN202210988900.6A CN202210988900A CN115314315A CN 115314315 A CN115314315 A CN 115314315A CN 202210988900 A CN202210988900 A CN 202210988900A CN 115314315 A CN115314315 A CN 115314315A
Authority
CN
China
Prior art keywords
asset
updating
project
update
data
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202210988900.6A
Other languages
Chinese (zh)
Inventor
宋超
武建双
许建锋
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hefei Tianwei Information Security Technology Co ltd
Original Assignee
Hefei Tianwei Information Security Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hefei Tianwei Information Security Technology Co ltd filed Critical Hefei Tianwei Information Security Technology Co ltd
Priority to CN202210988900.6A priority Critical patent/CN115314315A/en
Publication of CN115314315A publication Critical patent/CN115314315A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

The invention discloses a network security risk assessment system based on big data, which comprises: the updating management and control module is used for acquiring and recording an updating request, wherein the updating request comprises updating time, an updating project and updating person information, and the updating project comprises software upgrading, equipment replacement and addition of network software and hardware; the asset comparison database records asset evaluation data of each project and an asset evaluation report of a current system in the network operation process, wherein the project comprises software and hardware; the asset detection module is used for periodically extracting the update record in the update management and control module, acquiring all update requests in the update record, acquiring the update project and acquiring asset evaluation data of the updated project through the asset comparison database; and updating the asset evaluation report in the asset comparison database according to the new asset evaluation data. The invention can record and update the asset data in the system, thereby improving the accuracy of safety assessment.

Description

Network security risk assessment system based on big data
Technical Field
The invention relates to the technical field of network security, in particular to a network security risk assessment system based on big data.
Background
The existing society is a society with high-speed development, developed science and technology and information circulation, people communicate with each other more and more closely, the life is more and more convenient, and big data is a product of the high-tech era. The big data is information assets which need a new processing mode and have stronger decision-making power, insight discovery power and process optimization capability to adapt to the mass, high growth rate and diversification. The definition given by the global research on makentin is: a data set with large scale which greatly exceeds the capability range of the traditional database software tools in the aspects of acquisition, storage, management and analysis has the four characteristics of large data scale, rapid data circulation, various data types and low value density.
From the index of risk evaluation, the network security risk index system is composed of three major parts, namely a network layer index system, a transmission network risk index system and a physical security risk index, and indicates the direction for implementing internal control measures. Meanwhile, each index system also comprises three elements of assets, threats and vulnerabilities. However, in the daily operation process, the system may generate new changes at any time, such as addition of new network software and hardware, software upgrading and equipment updating, which all cause asset changes, and at this time, the previous risk assessment conclusion loses meaning.
Disclosure of Invention
The invention aims to provide a network security risk assessment system based on big data, which solves the following technical problems:
and in the running process of the system, the asset change caused by the updating of the system is not in the evaluation system of the system, so that the evaluation result is deviated.
The purpose of the invention can be realized by the following technical scheme:
a big data based cyber-security risk assessment system, comprising:
the updating management and control module is used for acquiring and recording an updating request, wherein the updating request comprises updating time, an updating project and updating person information, and the updating project comprises software upgrading, equipment replacement and addition of network software and hardware;
the asset comparison database records asset evaluation data of each project and an asset evaluation report of the current system in the network operation process, wherein the project comprises software and hardware;
the asset detection module is used for periodically extracting the update record in the update management and control module, acquiring all update requests in the update record, acquiring the update project and acquiring asset evaluation data of the updated project through the asset comparison database; and updating the asset evaluation report in the asset comparison database according to the new asset evaluation data.
As a further scheme of the invention: the updating management and control module runs in a preset period, receives an updating request and records when the period starts, and deletes all updating records in the period after backing up the updating records after the period ends, and enters the next period.
As a further scheme of the invention: the asset assessment report records asset assessment data of all items in the system in the previous period.
As a further scheme of the invention: and when the updated asset evaluation data of the item is not recorded in the asset comparison database in the updated item, judging that the item is an unfamiliar item.
As a further scheme of the invention: and when the project is an unfamiliar project, acquiring updater information in the updating request, wherein the updater information comprises identity information and contact information of the updater, sending a corresponding project evaluation questionnaire to the updater, and performing asset evaluation on the unfamiliar project after the questionnaire information is input to generate asset evaluation data.
As a further scheme of the invention: and when the item is a strange item, taking the name and the content of the updated item as retrieval information, retrieving the information of the same or similar item through the Internet, and generating asset evaluation data.
As a further scheme of the invention: and after a new asset evaluation report is generated, binding the original asset evaluation report with the update record of the previous period and then backing up.
As a further scheme of the invention: when the updating item exceeds the set threshold value, the period is ended in advance and the next period is entered immediately.
The invention has the beneficial effects that: the invention can add, delete, upgrade and replace the software or hardware in the system after recording, thereby ensuring that the change in the system can be traced; and periodically recording the change of the system, and counting all updating projects in the period after the period is finished, so that the assets of the system are evaluated again, and the accuracy of safety evaluation is improved.
Drawings
The invention will be further described with reference to the accompanying drawings.
Fig. 1 is a schematic structural diagram of a big data-based cyber security risk assessment system according to the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Referring to fig. 1, the present invention is a big data based network security risk assessment system, including:
the updating management and control module is used for acquiring and recording an updating request, wherein the updating request comprises updating time, an updating project and updating person information, and the updating project comprises software upgrading, equipment replacement and addition of network software and hardware;
the asset comparison database records asset evaluation data of each project and an asset evaluation report of a current system in the network operation process, wherein the project comprises software and hardware;
the asset detection module is used for periodically extracting the update record in the update management and control module, acquiring all update requests in the update record, acquiring the update project and acquiring asset evaluation data of the updated project through the asset comparison database; and updating the asset evaluation report in the asset comparison database according to the new asset evaluation data.
In a preferred embodiment of the present invention, the update management and control module operates at a preset period, receives an update request and records the update request when the period starts, and deletes all update records in the period after the period ends after backing up, and enters the next period.
In another preferred embodiment of the present invention, in the asset assessment report, asset assessment data of all items in the system in the previous period are recorded.
In this embodiment, when the updated asset assessment data of the item is not recorded in the asset comparison database in the updated item, it is determined that the item is a strange item.
It is worth noting that when the project is a strange project, the updater information in the updating request is obtained, the updater information comprises identity information and a contact way of the updater, a corresponding project evaluation questionnaire is sent to the updater, after the questionnaire information is input, asset evaluation is carried out on the strange project, and asset evaluation data are generated.
In another preferred embodiment of the present invention, when the item is an unfamiliar item, the updated name and content of the item are used as retrieval information, information of the same or similar item is retrieved through the internet, and asset assessment data is generated.
As a further scheme of the invention, after a new asset assessment report is generated, the original asset assessment report is bound with the update record of the previous period and then backed up.
In another preferred embodiment of the present invention, when the update item exceeds the set threshold, the present cycle is ended in advance and the next cycle is immediately entered.
The functions that can be realized by the big data based network security risk assessment system are all completed by a computer device, and the computer device comprises one or more processors and one or more memories, wherein at least one program code is stored in the one or more memories, and is loaded and executed by the one or more processors to realize the functions of the distributed data analysis task scheduling system and method.
The processor fetches instructions and analyzes the instructions from the memory one by one, then completes corresponding operations according to the instruction requirements, generates a series of control commands, enables all parts of the computer to automatically, continuously and coordinately act to form an organic whole, realizes the input of programs, the input of data, the operation and the output of results, and the arithmetic operation or the logic operation generated in the process is completed by the arithmetic unit; the Memory comprises a Read-Only Memory (ROM) for storing a computer program, and a protection device is arranged outside the Memory.
Illustratively, a computer program can be partitioned into one or more modules, which are stored in memory and executed by a processor to implement the present invention. One or more of the modules may be a series of computer program instruction segments capable of performing certain functions, which are used to describe the execution of the computer program in the terminal device.
It will be appreciated by those skilled in the art that the above description of the serving device is merely an example and does not constitute a limitation of the terminal device, and may include more or less components than those described above, or some of the components may be combined, or different components may include, for example, input output devices, network access devices, buses, etc.
The Processor may be a Central Processing Unit (CPU), other general purpose Processor, a Digital Signal Processor (DSP), an Application Specific Integrated Circuit (ASIC), an off-the-shelf Programmable Gate Array (FPGA) or other Programmable logic device, discrete Gate or transistor logic, discrete hardware components, etc. The general-purpose processor may be a microprocessor or the processor may be any conventional processor or the like, which is the control center of the terminal equipment and connects the various parts of the entire user terminal using various interfaces and lines.
The memory may be used to store computer programs and/or modules, and the processor may implement various functions of the terminal device by operating or executing the computer programs and/or modules stored in the memory and calling data stored in the memory. The memory mainly comprises a storage program area and a storage data area, wherein the storage program area can store an operating system, application programs required by at least one function (such as an information acquisition template display function, a product information publishing function and the like) and the like; the storage data area may store data created according to the use of the berth-state display system (e.g., product information acquisition templates corresponding to different product types, product information that needs to be issued by different product providers, etc.), and the like. In addition, the memory may include high-speed random access memory, and may also include non-volatile memory, such as a hard disk, a memory, a plug-in hard disk, a Smart Media Card (SMC), a Secure Digital (SD) Card, a Flash memory Card (Flash Card), at least one magnetic disk storage device, a Flash memory device, or other volatile solid state storage device.
The terminal device integrated modules/units, if implemented in the form of software functional units and sold or used as separate products, may be stored in a computer readable storage medium. Based on such understanding, all or part of the modules/units in the system according to the above embodiment may be implemented by a computer program, which may be stored in a computer-readable storage medium and used by a processor to implement the functions of the embodiments of the system. Wherein the computer program comprises computer program code, which may be in the form of source code, object code, an executable file or some intermediate form, etc. The computer readable medium may include: any entity or device capable of carrying computer program code, recording medium, U.S. disk, removable hard disk, magnetic disk, optical disk, computer Memory, read-Only Memory (ROM), random Access Memory (RAM), electrical carrier wave signals, telecommunications signals, software distribution media, and the like.
While one embodiment of the present invention has been described in detail, the description is only a preferred embodiment of the present invention and should not be taken as limiting the scope of the invention. All equivalent changes and modifications made within the scope of the present invention shall fall within the scope of the present invention.

Claims (8)

1. A big data-based network security risk assessment system is characterized by comprising:
the updating management and control module is used for acquiring and recording an updating request, wherein the updating request comprises updating time, an updating project and updating person information, and the updating project comprises software upgrading, equipment replacement and addition of network software and hardware;
the asset comparison database records asset evaluation data of each project and an asset evaluation report of a current system in the network operation process, wherein the project comprises software and hardware;
the asset detection module is used for periodically extracting the update record in the update management and control module, acquiring all update requests in the update record, acquiring the update project and acquiring asset evaluation data of the updated project through the asset comparison database; and updating the asset evaluation report in the asset comparison database according to the new asset evaluation data.
2. The system according to claim 1, wherein the update management and control module operates at a preset period, receives an update request and records the update request when the period starts, and deletes all update records in the period after the period ends and enters the next period.
3. The big data based cyber security risk assessment system according to claim 1, wherein asset assessment data of all items in the system in the previous period is recorded in the asset assessment report.
4. The big data-based cyber security risk assessment system according to claim 1, wherein when the asset assessment data of the updated project is not recorded in the asset comparison database in the updated project, it is determined that the project is an unfamiliar project.
5. The big data-based network security risk assessment system according to claim 4, wherein when the item is an unfamiliar item, updater information in the update request is obtained, the updater information includes identity information and contact information of the updater, a corresponding item assessment questionnaire is sent to the updater, and after the questionnaire information is entered, asset assessment is performed on the unfamiliar item to generate asset assessment data.
6. The big data-based cyber security risk assessment system according to claim 4, wherein when the item is an unfamiliar item, the updated name and content of the item are used as retrieval information, information of the same or similar item is retrieved through the internet, and asset assessment data is generated.
7. The big-data-based cyber security risk assessment system according to claim 1, wherein after a new asset assessment report is generated, the original asset assessment report is backed up after being bound with the updated record of the previous period.
8. The big data-based cyber security risk assessment system according to claim 1, wherein when the updated item exceeds the set threshold, the period is ended in advance and the next period is entered immediately.
CN202210988900.6A 2022-08-17 2022-08-17 Network security risk assessment system based on big data Pending CN115314315A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210988900.6A CN115314315A (en) 2022-08-17 2022-08-17 Network security risk assessment system based on big data

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210988900.6A CN115314315A (en) 2022-08-17 2022-08-17 Network security risk assessment system based on big data

Publications (1)

Publication Number Publication Date
CN115314315A true CN115314315A (en) 2022-11-08

Family

ID=83862347

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210988900.6A Pending CN115314315A (en) 2022-08-17 2022-08-17 Network security risk assessment system based on big data

Country Status (1)

Country Link
CN (1) CN115314315A (en)

Similar Documents

Publication Publication Date Title
CN108363602B (en) Intelligent UI (user interface) layout method and device, terminal equipment and storage medium
CN113610239B (en) Feature processing method and feature processing system for machine learning
CN108509547B (en) Information management method, information management system and electronic equipment
CN112241506B (en) User behavior backtracking method, device, equipment and system
CN110489120B (en) Page development method based on components and server
Hasic et al. Towards assessing the theoretical complexity of the decision model and notation (DMN)
CN110275889B (en) Feature processing method and device suitable for machine learning
CN114385652A (en) Data blood relationship construction method and system, electronic device and storage medium
CN108234392B (en) Website monitoring method and device
CN115525652A (en) User access data processing method and device
CN106156904B (en) Cross-platform virtual asset tracing method based on eID
CN111125087B (en) Data storage method and device
CN115314315A (en) Network security risk assessment system based on big data
CN113283677B (en) Index data processing method, device, equipment and storage medium
CN114860932A (en) Log information acquisition and monitoring method
JP2022122266A (en) Device and method for safe storage of media including personal data and erasing of stored personal data
CN113704272A (en) Digital object state expression method and device under man-machine-object fusion environment
CN113901077A (en) Method and system for producing entity object label, storage medium and electronic equipment
CN113504904A (en) User-defined function implementation method and device, computer equipment and storage medium
CN112328779A (en) Training sample construction method and device, terminal equipment and storage medium
CN107025615B (en) Learning condition statistical method based on learning tracking model
Butterfield et al. Automated digital forensics
CN113535737B (en) Feature generation method and device, electronic equipment and computer storage medium
CN116483735B (en) Method, device, storage medium and equipment for analyzing influence of code change
CN110830358A (en) Information interaction method and device, storage medium and processor

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination