CN115314315A - A network security risk assessment system based on big data - Google Patents

A network security risk assessment system based on big data Download PDF

Info

Publication number
CN115314315A
CN115314315A CN202210988900.6A CN202210988900A CN115314315A CN 115314315 A CN115314315 A CN 115314315A CN 202210988900 A CN202210988900 A CN 202210988900A CN 115314315 A CN115314315 A CN 115314315A
Authority
CN
China
Prior art keywords
asset
update
data
item
project
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202210988900.6A
Other languages
Chinese (zh)
Inventor
宋超
武建双
许建锋
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hefei Tianwei Information Security Technology Co ltd
Original Assignee
Hefei Tianwei Information Security Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hefei Tianwei Information Security Technology Co ltd filed Critical Hefei Tianwei Information Security Technology Co ltd
Priority to CN202210988900.6A priority Critical patent/CN115314315A/en
Publication of CN115314315A publication Critical patent/CN115314315A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

本发明公开了一种基于大数据的网络安全风险评估系统,包括:更新管控模块,用于获取更新请求并进行记录,所述的更新请求包括更新时间、更新项目和更新人信息,所述的更新项目包括软件升级、设备更换和网络软硬件的增添;资产比对数据库,记录网络运行过程中各个项目的资产评估数据和当前系统的资产评估报告,所述的项目包括软件和硬件;资产检测模块,用于周期性提取更新管控模块中的更新记录,获取更新记录中的所有更新请求,获取所述的更新项目,并通过资产比对数据库获取所述的更新后的项目的资产评估数据;根据新的资产评估数据对资产比对数据库中的资产评估报告进行更新。本发明可以记录和更新系统中资产数据,从而提高安全评估的准确性。

Figure 202210988900

The invention discloses a network security risk assessment system based on big data, comprising: an update management and control module for acquiring and recording an update request, wherein the update request includes update time, update item and updater information; Update items include software upgrade, equipment replacement, and addition of network hardware and software; asset comparison database, which records asset assessment data of various projects during network operation and asset assessment reports of the current system, including software and hardware; asset detection a module for periodically extracting update records in the update management and control module, acquiring all update requests in the update records, acquiring the update items, and acquiring the asset evaluation data of the updated items through the asset comparison database; The asset appraisal report in the asset comparison database is updated according to the new asset appraisal data. The present invention can record and update asset data in the system, thereby improving the accuracy of security assessment.

Figure 202210988900

Description

一种基于大数据的网络安全风险评估系统A network security risk assessment system based on big data

技术领域technical field

本发明涉及网络安全技术领域,具体涉及一种基于大数据的网络安全风险评估系统。The invention relates to the technical field of network security, in particular to a network security risk assessment system based on big data.

背景技术Background technique

现在的社会是一个高速发展的社会,科技发达,信息流通,人们之间的交流越来越密切,生活也越来越方便,大数据就是这个高科技时代的产物。“大数据”是需要新处理模式才能具有更强的决策力、洞察发现力和流程优化能力来适应海量、高增长率和多样化的信息资产。麦肯锡全球研究所给出的定义是:一种规模大到在获取、存储、管理、分析方面大大超出了传统数据库软件工具能力范围的数据集合,具有海量的数据规模、快速的数据流转、多样的数据类型和价值密度低四大特征。Today's society is a rapidly developing society, with advanced technology, information flow, people's communication is getting closer and closer, and life is becoming more and more convenient. Big data is the product of this high-tech era. "Big data" requires a new processing model to have stronger decision-making power, insight and process optimization capabilities to adapt to massive, high-growth and diverse information assets. The definition given by the McKinsey Global Institute is: a data collection that is so large that it greatly exceeds the capabilities of traditional database software tools in terms of acquisition, storage, management, and analysis. It has massive data scale, fast data flow, and diverse Four major characteristics of low data type and value density.

从风险评估的指标上来看,网络安全风险指标体系由三大部分组成,分别是网络层指标体系、传输网风险指标体系和物理安全风险指标,为内部控制措施实施指明了方向。同时,每种指标体系中还包含资产、威胁和脆弱性三要素。而现有的风险评估系统,在运行之前都会对系统内的资产做一次统计,但是在日常运行的过程中,系统随时都有可能产生新的变化,例如增添新的网络软硬件、软件升级、设备更新,这些都将导致资产发生变化,这时先前的风险评估结论就失去了意义。From the perspective of risk assessment indicators, the network security risk indicator system consists of three parts, namely the network layer indicator system, the transmission network risk indicator system and the physical security risk indicator, which point out the direction for the implementation of internal control measures. At the same time, each indicator system also includes three elements: assets, threats and vulnerabilities. The existing risk assessment system will make a statistics on the assets in the system before operation, but in the process of daily operation, the system may produce new changes at any time, such as adding new network software and hardware, software upgrades, Equipment updates, all of which will lead to changes in assets, at this time the previous risk assessment conclusions lose their meaning.

发明内容Contents of the invention

本发明的目的在于提供一种基于大数据的网络安全风险评估系统,解决以下技术问题:The purpose of the present invention is to provide a network security risk assessment system based on big data to solve the following technical problems:

系统运行过程中,系统更新所造成的资产变化不在系统的评估体系之内,所造成的评估结果偏离的问题。During the operation of the system, the asset changes caused by the system update are not within the evaluation system of the system, resulting in the deviation of the evaluation results.

本发明的目的可以通过以下技术方案实现:The purpose of the present invention can be achieved through the following technical solutions:

一种基于大数据的网络安全风险评估系统,包括:A network security risk assessment system based on big data, including:

更新管控模块,用于获取更新请求并进行记录,所述的更新请求包括更新时间、更新项目和更新人信息,所述的更新项目包括软件升级、设备更换和网络软硬件的增添;The update management and control module is used to obtain and record the update request, the update request includes update time, update item and updater information, and the update item includes software upgrade, equipment replacement, and addition of network software and hardware;

资产比对数据库,记录网络运行过程中各个项目的资产评估数据和当前系统的资产评估报告,所述的项目包括软件和硬件;The asset comparison database records the asset evaluation data of various items in the network operation process and the asset evaluation report of the current system, and the items mentioned include software and hardware;

资产检测模块,用于周期性提取更新管控模块中的更新记录,获取更新记录中的所有更新请求,获取所述的更新项目,并通过资产比对数据库获取所述的更新后的项目的资产评估数据;根据新的资产评估数据对资产比对数据库中的资产评估报告进行更新。The asset detection module is used to periodically extract the update records in the update management and control module, obtain all update requests in the update records, obtain the updated items, and obtain the asset evaluation of the updated items through the asset comparison database data; update the asset appraisal report in the asset comparison database according to the new asset appraisal data.

作为本发明进一步的方案:所述的更新管控模块以预设的周期进行运行,在周期开始时接收更新请求并进行记录,在周期结束后将本周期内的所有更新记录进行备份后删除,并进入下一周期。As a further solution of the present invention: the update control module operates at a preset cycle, receives and records an update request at the beginning of the cycle, and after the cycle ends, all update records in this period are backed up and deleted, and into the next cycle.

作为本发明进一步的方案:所述的资产评估报告中,记录有上一周期中系统内部所有项目的资产评估数据。As a further solution of the present invention: in the asset evaluation report, the asset evaluation data of all items in the system in the previous period are recorded.

作为本发明进一步的方案:当所述的更新项目中,更新后的项目的资产评估数据并未记录于资产比对数据库中时,判定所述的项目为陌生项目。As a further solution of the present invention: when the asset evaluation data of the updated item is not recorded in the asset comparison database among the updated items, it is determined that the item is an unfamiliar item.

作为本发明进一步的方案:当所述的项目为陌生项目时,获取所述的更新请求中的更新人信息,所述的更新人信息包括更新人的身份信息和联系方式,发送相应的项目评估问卷至更新人处,并在录入问卷信息后对所述的陌生项目进行资产评估,生成资产评估数据。As a further solution of the present invention: when the project is an unfamiliar project, obtain the updater information in the update request, the updater information includes the updater's identity information and contact information, and send the corresponding project evaluation The questionnaire is sent to the updater, and after the questionnaire information is entered, asset evaluation is performed on the unfamiliar items described to generate asset evaluation data.

作为本发明进一步的方案:当所述的项目为陌生项目时,以更新后的项目的名称和内容作为检索信息,通过互联网检索相同或者相似的项目的信息,并生成资产评估数据。As a further solution of the present invention: when the item is an unfamiliar item, use the name and content of the updated item as retrieval information, retrieve the information of the same or similar items through the Internet, and generate asset evaluation data.

作为本发明进一步的方案:最生成新的资产评估报告后,原先的资产评估报告与上一周期的更新记录绑定后进行备份。As a further solution of the present invention: after the new asset evaluation report is generated, the original asset evaluation report is bound with the update record of the previous cycle and then backed up.

作为本发明进一步的方案:当所述的更新项目超过所设定的阈值时,提前结束本周期并立即进入下一周期。As a further solution of the present invention: when the update item exceeds the set threshold, end this cycle ahead of time and enter the next cycle immediately.

本发明的有益效果:本发明需要经过记录之后才能对系统内部的软件或硬件进行增添、删减、升级和替换等操作,从而让系统内部的变化有迹可循;周期性的记录系统的变化,并在周期结束之后,统计本周期所有的更新项目,从而重新对系统的资产进行评估,进而提高安全评估的准确性。Beneficial effects of the present invention: the present invention needs to be recorded before adding, deleting, upgrading and replacing the software or hardware inside the system, so that the changes inside the system can be traced; the changes in the system are recorded periodically , and after the cycle is over, count all the update items in this cycle, so as to re-evaluate the assets of the system, thereby improving the accuracy of the security evaluation.

附图说明Description of drawings

下面结合附图对本发明作进一步的说明。The present invention will be further described below in conjunction with the accompanying drawings.

图1是本发明一种基于大数据的网络安全风险评估系统的结构示意图。FIG. 1 is a schematic structural diagram of a network security risk assessment system based on big data in the present invention.

具体实施方式Detailed ways

下面将结合本发明实施例中的附图,对本发明实施例中的技术方案进行清楚、完整地描述,显然,所描述的实施例仅仅是本发明一部分实施例,而不是全部的实施例。基于本发明中的实施例,本领域普通技术人员在没有作出创造性劳动前提下所获得的所有其它实施例,都属于本发明保护的范围。The following will clearly and completely describe the technical solutions in the embodiments of the present invention with reference to the accompanying drawings in the embodiments of the present invention. Obviously, the described embodiments are only some, not all, embodiments of the present invention. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without creative efforts fall within the protection scope of the present invention.

请参阅图1所示,本发明为一种基于大数据的网络安全风险评估系统,包括:Please refer to shown in Fig. 1, the present invention is a kind of network security risk assessment system based on big data, comprising:

更新管控模块,用于获取更新请求并进行记录,所述的更新请求包括更新时间、更新项目和更新人信息,所述的更新项目包括软件升级、设备更换和网络软硬件的增添;The update management and control module is used to obtain and record the update request, the update request includes update time, update item and updater information, and the update item includes software upgrade, equipment replacement, and addition of network software and hardware;

资产比对数据库,记录网络运行过程中各个项目的资产评估数据和当前系统的资产评估报告,所述的项目包括软件和硬件;The asset comparison database records the asset evaluation data of various items in the network operation process and the asset evaluation report of the current system, and the items mentioned include software and hardware;

资产检测模块,用于周期性提取更新管控模块中的更新记录,获取更新记录中的所有更新请求,获取所述的更新项目,并通过资产比对数据库获取所述的更新后的项目的资产评估数据;根据新的资产评估数据对资产比对数据库中的资产评估报告进行更新。The asset detection module is used to periodically extract the update records in the update management and control module, obtain all update requests in the update records, obtain the updated items, and obtain the asset evaluation of the updated items through the asset comparison database data; update the asset appraisal report in the asset comparison database according to the new asset appraisal data.

在本发明一种优选的实施例中,所述的更新管控模块以预设的周期进行运行,在周期开始时接收更新请求并进行记录,在周期结束后将本周期内的所有更新记录进行备份后删除,并进入下一周期。In a preferred embodiment of the present invention, the update management and control module operates in a preset cycle, receives an update request and records it at the beginning of the cycle, and backs up all update records in this period after the cycle ends Then delete it and enter the next cycle.

在本发明另一种优选的实施例中,所述的资产评估报告中,记录有上一周期中系统内部所有项目的资产评估数据。In another preferred embodiment of the present invention, the asset evaluation report records the asset evaluation data of all items in the system in the last cycle.

在本实施例中,当所述的更新项目中,更新后的项目的资产评估数据并未记录于资产比对数据库中时,判定所述的项目为陌生项目。In this embodiment, when the asset evaluation data of the updated item is not recorded in the asset comparison database among the updated items, it is determined that the item is an unfamiliar item.

值得注意的是,当所述的项目为陌生项目时,获取所述的更新请求中的更新人信息,所述的更新人信息包括更新人的身份信息和联系方式,发送相应的项目评估问卷至更新人处,并在录入问卷信息后对所述的陌生项目进行资产评估,生成资产评估数据。It is worth noting that when the project is an unfamiliar project, obtain the updater information in the update request, the updater information includes the updater's identity information and contact information, and send the corresponding project evaluation questionnaire to Update the person's office, and after entering the questionnaire information, perform asset evaluation on the unfamiliar items described, and generate asset evaluation data.

在本发明另一种优选的实施例中,当所述的项目为陌生项目时,以更新后的项目的名称和内容作为检索信息,通过互联网检索相同或者相似的项目的信息,并生成资产评估数据。In another preferred embodiment of the present invention, when the item is an unfamiliar item, the name and content of the updated item are used as retrieval information to retrieve the information of the same or similar items through the Internet and generate an asset evaluation data.

作为本发明进一步的方案,最生成新的资产评估报告后,原先的资产评估报告与上一周期的更新记录绑定后进行备份。As a further solution of the present invention, after the new asset evaluation report is generated, the original asset evaluation report is bound with the update record of the previous period and then backed up.

在本发明另一种优选的实施例中,当所述的更新项目超过所设定的阈值时,提前结束本周期并立即进入下一周期。In another preferred embodiment of the present invention, when the update item exceeds the set threshold, the current cycle ends ahead of schedule and immediately enters the next cycle.

所述一种基于大数据的网络安全风险评估系统所能实现的功能均由计算机设备完成,所述计算机设备包括一个或多个处理器和一个或多个存储器,所述一个或多个存储器中存储有至少一条程序代码,所述程序代码由所述一个或多个处理器加载并执行以实现所述一种分布式的数据分析任务调度系统及方法的功能。The functions that can be realized by the network security risk assessment system based on big data are all completed by computer equipment, and the computer equipment includes one or more processors and one or more memories, and the one or more memories At least one piece of program code is stored, and the program code is loaded and executed by the one or more processors to realize the functions of the distributed data analysis task scheduling system and method.

处理器从存储器中逐条取出指令、分析指令,然后根据指令要求完成相应操作,产生一系列控制命令,使计算机各部分自动、连续并协调动作,成为一个有机的整体,实现程序的输入、数据的输入以及运算并输出结果,这一过程中产生的算术运算或逻辑运算均由运算器完成;所述存储器包括只读存储器(Read-Only Memory,ROM),所述只读存储器用于存储计算机程序,所述存储器外部设有保护装置。The processor takes out the instructions one by one from the memory, analyzes the instructions, and then completes the corresponding operations according to the instruction requirements, and generates a series of control commands, so that the various parts of the computer can automatically, continuously and coordinate actions to form an organic whole, and realize the input of programs and the exchange of data. Input and calculation and output results, the arithmetic operation or logic operation generated in this process is completed by the arithmetic unit; the memory includes a read-only memory (Read-Only Memory, ROM), and the read-only memory is used to store computer programs , a protection device is provided outside the memory.

示例性的,计算机程序可以被分割成一个或多个模块,一个或者多个模块被存储在存储器中,并由处理器执行,以完成本发明。一个或多个模块可以是能够完成特定功能的一系列计算机程序指令段,该指令段用于描述计算机程序在终端设备中的执行过程。Exemplarily, a computer program can be divided into one or more modules, and one or more modules are stored in a memory and executed by a processor to implement the present invention. One or more modules may be a series of computer program instruction segments capable of accomplishing specific functions, and the instruction segments are used to describe the execution process of the computer program in the terminal device.

本领域技术人员可以理解,上述服务设备的描述仅仅是示例,并不构成对终端设备的限定,可以包括比上述描述更多或更少的部件,或者组合某些部件,或者不同的部件,例如可以包括输入输出设备、网络接入设备、总线等。Those skilled in the art can understand that the above description of the service device is only an example, and does not constitute a limitation on the terminal device, and may include more or less components than the above description, or combine certain components, or different components, such as It can include input and output devices, network access devices, buses, etc.

所称处理器可以是中央处理单元(Central Processing Unit,CPU),还可以是其他通用处理器、数字信号处理器(Digital Signal Processor,DSP)、专用集成电路(Application Specific Integrated Circuit,ASIC)、现成可编程门阵列(Field-Programmable Gate Array,FPGA)或者其他可编程逻辑器件、分立门或者晶体管逻辑器件、分立硬件组件等。通用处理器可以是微处理器或者该处理器也可以是任何常规的处理器等,上述处理器是上述终端设备的控制中心,利用各种接口和线路连接整个用户终端的各个部分。The so-called processor can be a central processing unit (Central Processing Unit, CPU), and can also be other general-purpose processors, digital signal processors (Digital Signal Processor, DSP), application specific integrated circuits (Application Specific Integrated Circuit, ASIC), off-the-shelf Programmable gate array (Field-Programmable Gate Array, FPGA) or other programmable logic devices, discrete gate or transistor logic devices, discrete hardware components, etc. The general-purpose processor may be a microprocessor or any conventional processor, etc. The above-mentioned processor is the control center of the above-mentioned terminal equipment, and uses various interfaces and lines to connect various parts of the entire user terminal.

上述存储器可用于存储计算机程序和/或模块,上述处理器通过运行或执行存储在存储器内的计算机程序和/或模块,以及调用存储在存储器内的数据,实现上述终端设备的各种功能。存储器可主要包括存储程序区和存储数据区,其中,存储程序区可存储操作系统、至少一个功能所需的应用程序(比如信息采集模板展示功能、产品信息发布功能等)等;存储数据区可存储根据泊位状态显示系统的使用所创建的数据(比如不同产品种类对应的产品信息采集模板、不同产品提供方需要发布的产品信息等)等。此外,存储器可以包括高速随机存取存储器,还可以包括非易失性存储器,例如硬盘、内存、插接式硬盘,智能存储卡(Smart Media Card,SMC),安全数字(Secure Digital,SD)卡,闪存卡(Flash Card)、至少一个磁盘存储器件、闪存器件、或其他易失性固态存储器件。The above-mentioned memory can be used to store computer programs and/or modules, and the above-mentioned processor realizes various functions of the above-mentioned terminal device by running or executing the computer programs and/or modules stored in the memory, and calling the data stored in the memory. The memory can mainly include a storage program area and a storage data area, wherein the storage program area can store an operating system, at least one application program required by a function (such as information collection template display function, product information release function, etc.); Store the data created according to the use of the berth status display system (such as product information collection templates corresponding to different product categories, product information to be released by different product providers, etc.), etc. In addition, the memory may include high-speed random access memory, and may also include non-volatile memory, such as hard disk, memory, plug-in hard disk, smart memory card (Smart Media Card, SMC), secure digital (Secure Digital, SD) card , a flash memory card (Flash Card), at least one magnetic disk storage device, flash memory device, or other volatile solid-state storage devices.

终端设备集成的模块/单元如果以软件功能单元的形式实现并作为独立的产品销售或使用时,可以存储在一个计算机可读取存储介质中。基于这样的理解,本发明实现上述实施例系统中的全部或部分模块/单元,也可以通过计算机程序来指令相关的硬件来完成,上述的计算机程序可存储于计算机可读存储介质中,该计算机程序在被处理器执行时,可实现上述各个系统实施例的功能。其中,计算机程序包括计算机程序代码,计算机程序代码可以为源代码形式、对象代码形式、可执行文件或某些中间形式等。计算机可读介质可以包括:能够携带计算机程序代码的任何实体或装置、记录介质、U盘、移动硬盘、磁碟、光盘、计算机存储器、只读存储器(ROM,Read-Only Memory)、随机存取存储器(RAM,Random AccessMemory)、电载波信号、电信信号以及软件分发介质等。If the integrated module/unit of the terminal device is realized in the form of a software function unit and sold or used as an independent product, it can be stored in a computer-readable storage medium. Based on this understanding, the present invention realizes all or part of the modules/units in the system of the above-mentioned embodiments, and it can also be completed by instructing related hardware through a computer program. The above-mentioned computer program can be stored in a computer-readable storage medium. The computer When the program is executed by the processor, the functions of the above-mentioned various system embodiments can be realized. Wherein, the computer program includes computer program code, and the computer program code may be in the form of source code, object code, executable file or some intermediate form. The computer-readable medium may include: any entity or device capable of carrying computer program code, recording medium, U disk, removable hard disk, magnetic disk, optical disk, computer memory, read-only memory (ROM, Read-Only Memory), random access Memory (RAM, Random Access Memory), electrical carrier signal, telecommunication signal, and software distribution medium, etc.

以上对本发明的一个实施例进行了详细说明,但所述内容仅为本发明的较佳实施例,不能被认为用于限定本发明的实施范围。凡依本发明申请范围所作的均等变化与改进等,均应仍归属于本发明的专利涵盖范围之内。An embodiment of the present invention has been described in detail above, but the content described is only a preferred embodiment of the present invention, and cannot be considered as limiting the implementation scope of the present invention. All equivalent changes and improvements made according to the application scope of the present invention shall still belong to the scope covered by the patent of the present invention.

Claims (8)

1. A big data-based network security risk assessment system is characterized by comprising:
the updating management and control module is used for acquiring and recording an updating request, wherein the updating request comprises updating time, an updating project and updating person information, and the updating project comprises software upgrading, equipment replacement and addition of network software and hardware;
the asset comparison database records asset evaluation data of each project and an asset evaluation report of a current system in the network operation process, wherein the project comprises software and hardware;
the asset detection module is used for periodically extracting the update record in the update management and control module, acquiring all update requests in the update record, acquiring the update project and acquiring asset evaluation data of the updated project through the asset comparison database; and updating the asset evaluation report in the asset comparison database according to the new asset evaluation data.
2. The system according to claim 1, wherein the update management and control module operates at a preset period, receives an update request and records the update request when the period starts, and deletes all update records in the period after the period ends and enters the next period.
3. The big data based cyber security risk assessment system according to claim 1, wherein asset assessment data of all items in the system in the previous period is recorded in the asset assessment report.
4. The big data-based cyber security risk assessment system according to claim 1, wherein when the asset assessment data of the updated project is not recorded in the asset comparison database in the updated project, it is determined that the project is an unfamiliar project.
5. The big data-based network security risk assessment system according to claim 4, wherein when the item is an unfamiliar item, updater information in the update request is obtained, the updater information includes identity information and contact information of the updater, a corresponding item assessment questionnaire is sent to the updater, and after the questionnaire information is entered, asset assessment is performed on the unfamiliar item to generate asset assessment data.
6. The big data-based cyber security risk assessment system according to claim 4, wherein when the item is an unfamiliar item, the updated name and content of the item are used as retrieval information, information of the same or similar item is retrieved through the internet, and asset assessment data is generated.
7. The big-data-based cyber security risk assessment system according to claim 1, wherein after a new asset assessment report is generated, the original asset assessment report is backed up after being bound with the updated record of the previous period.
8. The big data-based cyber security risk assessment system according to claim 1, wherein when the updated item exceeds the set threshold, the period is ended in advance and the next period is entered immediately.
CN202210988900.6A 2022-08-17 2022-08-17 A network security risk assessment system based on big data Pending CN115314315A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210988900.6A CN115314315A (en) 2022-08-17 2022-08-17 A network security risk assessment system based on big data

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210988900.6A CN115314315A (en) 2022-08-17 2022-08-17 A network security risk assessment system based on big data

Publications (1)

Publication Number Publication Date
CN115314315A true CN115314315A (en) 2022-11-08

Family

ID=83862347

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210988900.6A Pending CN115314315A (en) 2022-08-17 2022-08-17 A network security risk assessment system based on big data

Country Status (1)

Country Link
CN (1) CN115314315A (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111431753A (en) * 2020-04-02 2020-07-17 深信服科技股份有限公司 Asset information updating method, device, equipment and storage medium
CN111611592A (en) * 2020-05-27 2020-09-01 中国信息安全测评中心 A kind of big data platform security assessment method and device
CN113225358A (en) * 2021-07-09 2021-08-06 四川大学 Network security risk assessment system
CN113570274A (en) * 2021-08-03 2021-10-29 西安热工研究院有限公司 An asset whole process management system

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111431753A (en) * 2020-04-02 2020-07-17 深信服科技股份有限公司 Asset information updating method, device, equipment and storage medium
CN111611592A (en) * 2020-05-27 2020-09-01 中国信息安全测评中心 A kind of big data platform security assessment method and device
CN113225358A (en) * 2021-07-09 2021-08-06 四川大学 Network security risk assessment system
CN113570274A (en) * 2021-08-03 2021-10-29 西安热工研究院有限公司 An asset whole process management system

Similar Documents

Publication Publication Date Title
Callaghan et al. Statistical stopping criteria for automated screening in systematic reviews
CN110956269B (en) Method, device, equipment and computer storage medium for generating data model
US8566903B2 (en) Enterprise evidence repository providing access control to collected artifacts
CN109241358A (en) Metadata management method, device, computer equipment and storage medium
CN111831636A (en) Data processing method, device, computer system and readable storage medium
CN110109905A (en) Risk list data generation method, device, equipment and computer storage medium
CN112328592B (en) Data storage method, electronic device, and computer-readable storage medium
CN110765750B (en) Report data input method and terminal equipment
CN112732763B (en) Data aggregation method, device, electronic device and medium
CN114860932A (en) Log information acquisition and monitoring method
CN114036187B (en) File acquisition method, device, computer equipment and storage medium
CN114004542A (en) Enterprise task management method, system, computer equipment and storage medium
CN114254918A (en) Calculation method, device, readable medium and electronic device for index data
US20150169515A1 (en) Data driven synthesizer
CN118132367A (en) A method, device, electronic device and storage medium for identifying alarm levels
JP2023507688A (en) edge table representation of the process
CN115314315A (en) A network security risk assessment system based on big data
CN117236624A (en) A method and device for recommending issue fixers based on dynamic graphics
CN111582833A (en) Document processing method and device based on life cycle and electronic equipment
CN115081853A (en) Task distribution method and device, terminal equipment and storage medium
CN114237798A (en) Data processing method, device, server and storage medium
CN117408648B (en) Information processing method, device, management platform and storage medium
CN118964501B (en) Data processing system and method based on relational database
CN118553390A (en) Clinical trial SOP management method, system, electronic equipment and storage medium
CN119441269A (en) A method, device, equipment and medium for generating SQL for expressing blood relationship

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination