CN116719512B - Safety design rule marking method based on scoring and unsupervised self-learning - Google Patents
Safety design rule marking method based on scoring and unsupervised self-learning Download PDFInfo
- Publication number
- CN116719512B CN116719512B CN202311005148.XA CN202311005148A CN116719512B CN 116719512 B CN116719512 B CN 116719512B CN 202311005148 A CN202311005148 A CN 202311005148A CN 116719512 B CN116719512 B CN 116719512B
- Authority
- CN
- China
- Prior art keywords
- security
- scoring
- rules
- rule
- design rule
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000013461 design Methods 0.000 title claims abstract description 124
- 238000000034 method Methods 0.000 title claims abstract description 41
- 230000008569 process Effects 0.000 claims abstract description 17
- 238000011161 development Methods 0.000 claims abstract description 14
- 238000004891 communication Methods 0.000 claims description 6
- 239000002131 composite material Substances 0.000 claims description 6
- 238000012545 processing Methods 0.000 claims description 4
- 238000003909 pattern recognition Methods 0.000 claims description 3
- 230000002265 prevention Effects 0.000 claims description 3
- 238000012163 sequencing technique Methods 0.000 claims description 3
- 238000002372 labelling Methods 0.000 abstract description 2
- 238000005457 optimization Methods 0.000 description 4
- 238000005516 engineering process Methods 0.000 description 3
- 230000007246 mechanism Effects 0.000 description 2
- 230000006399 behavior Effects 0.000 description 1
- 238000003339 best practice Methods 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 238000010924 continuous production Methods 0.000 description 1
- 230000007123 defense Effects 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 230000006870 function Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000011160 research Methods 0.000 description 1
- 238000012552 review Methods 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
- 230000009897 systematic effect Effects 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/20—Software design
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/24—Querying
- G06F16/245—Query processing
- G06F16/2457—Query processing with adaptation to user needs
- G06F16/24578—Query processing with adaptation to user needs using ranking
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/28—Databases characterised by their database models, e.g. relational or object models
- G06F16/284—Relational databases
- G06F16/285—Clustering or classification
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F18/00—Pattern recognition
- G06F18/20—Analysing
- G06F18/21—Design or setup of recognition systems or techniques; Extraction of features in feature space; Blind source separation
- G06F18/214—Generating training patterns; Bootstrap methods, e.g. bagging or boosting
- G06F18/2155—Generating training patterns; Bootstrap methods, e.g. bagging or boosting characterised by the incorporation of unlabelled data, e.g. multiple instance learning [MIL], semi-supervised techniques using expectation-maximisation [EM] or naïve labelling
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F18/00—Pattern recognition
- G06F18/20—Analysing
- G06F18/24—Classification techniques
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06N—COMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N5/00—Computing arrangements using knowledge-based models
- G06N5/02—Knowledge representation; Symbolic representation
- G06N5/022—Knowledge engineering; Knowledge acquisition
- G06N5/025—Extracting rules from data
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/40—Network security protocols
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02P—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN THE PRODUCTION OR PROCESSING OF GOODS
- Y02P90/00—Enabling technologies with a potential contribution to greenhouse gas [GHG] emissions mitigation
- Y02P90/30—Computing systems specially adapted for manufacturing
Abstract
The invention discloses a safety design rule marking method based on scoring and unsupervised self-learning, which relates to the field of computer safety and comprises the following steps: s1: recording the safety design rule and corresponding user practice data into a knowledge base; s2: designing and implementing a system for multi-dimensional scoring of the security design rules in the knowledge base according to industry standards and user practice data; s3: classifying all safety design rules into different categories by adopting an unsupervised learning algorithm; s4: labeling the use scenes of different categories, and recommending all safety design rules corresponding to the use scene categories to developers; or the developer may look for other security design rules within the category of the validated security design rule as references to other security design rules to be used in its development process. The invention can improve the efficiency and convenience of the developer for selecting the safety design rule.
Description
Technical Field
The invention relates to the field of computer security, in particular to a security design rule marking method based on scoring and unsupervised self-learning.
Background
With rapid development of information technology and wide application of internet application, security design has become an important link in the development process. In this process, the security design rules play an important role. These rules can help developers formulate and implement design schemes that can effectively prevent various security threats. However, in the currently existing technology, there are often the following problems:
1) Existing security design rules are often static, and the developer needs to manually select the appropriate rules according to his own needs. This process is not only time consuming, but may also affect the security of the overall system by choosing inappropriate rules because of insufficient experience or underunderstanding of the rules by the developer.
2) In the current technology, a complete and systematic security design rule scoring mechanism has not been established. This makes it impossible for the developer to fully understand the merits of each rule when selecting the rule, further increasing the risk of selecting unsuitable rules.
3) Although some techniques have attempted to categorize and label security design rules, they still have significant limitations. For example, rule classification is often based on a single criterion, such as security level or application scenario, while other factors that may affect rule selection, such as ease of use, compliance with industry standards, etc., are ignored.
4) Most of the current common security design rules are aimed at specific application scenes, such as Web application, mobile application and the like, and support for emerging application scenes, such as cloud computing, internet of things and the like is relatively few.
Therefore, how to intelligently recommend the safety design rules, perfect the rule scoring mechanism, effectively classify and label the rules and enlarge the application range of the rules becomes a problem to be solved in the current safety design field.
Disclosure of Invention
The invention aims to provide a safety design rule marking method based on scoring and unsupervised self-learning to solve the problems in the background art.
In order to achieve the above purpose, the invention adopts the following technical scheme:
a security design rule marking method based on scoring and unsupervised self-learning, comprising:
s1: collecting and arranging a series of safety design rules, and recording the safety design rules and corresponding user practice data into a knowledge base;
s2: designing and implementing a system for multi-dimensional scoring of security design rules in a knowledge base according to industry standards and user practice data, wherein each dimension comprises, but is not limited to, usability, security and degree of compliance with the industry standards, and scoring data is correspondingly set for each dimension;
s3: adopting an unsupervised learning algorithm, taking the multidimensional grading data generated in the step S2 as input, carrying out data processing and pattern recognition, gathering rules with similar grading and characteristics together to form a category, and finally classifying all safety design rules into different categories;
s4: marking use scenes of different categories, recommending all security design rules of the corresponding categories to a developer when a subsequent developer needs to develop the corresponding scenes, and providing grading data of all security design rules in the categories in different dimensions; or when the developer finds a security design rule suitable for the development scene, the developer can search other security design rules in the category of the security design rule as references of other security design rules to be used in the development process.
Further, the security design rules include, but are not limited to, password strength rules, data encryption rules, user authentication rules, network communication security rules.
Further, the user practice data includes, but is not limited to, the frequency with which the security design rule is deployed by the developer, the convenience score of the developer for the security design rule deployment process, the convenience score of the user for the security design rule, and the historical success rate of the security design rule, wherein the historical success rate is the frequency with which the security design rule successfully prevents the historical attack.
Further, the application scenarios include, but are not limited to, web application security, mobile application security, cloud computing security, and internet of things security.
Further, the scoring process of the multi-dimensional scoring system in S2 includes the following steps:
s21: assigning an independent vector to each security design rule, each dimension of the vector representing a scoring dimension including, but not limited to, ease of use, security, compliance with industry standards;
s22: setting a scoring standard for each dimension according to the user practice data and the industry standard;
s23: and scoring each dimension of each safety design rule according to the scoring standard set in the step S22, and obtaining multi-dimension scoring data of each rule.
In some embodiments, the usability dimension further comprises a plurality of sub-dimensions, wherein at least two sub-dimensions are scored based on convenience of the developer for deployment of the security design rule and convenience of the user for use of the security design rule, respectively; the security dimension also includes a plurality of sub-dimensions and includes at least two sub-dimensions: historical success rate of the security design rules for preventing attacks and threat model coverage of the security design rules.
In some embodiments, in S3, the method further includes finding out the rule with the optimal performance as the representative rule of the category, and specifically includes the following steps:
s31: in each category, calculating a composite score for each security design rule;
s32: and sequencing the comprehensive scores of the rules, and selecting the rule with the highest comprehensive score as the representative rule of the category.
Further, the composite score is an average value of scores of each dimension, or a value obtained by weighted summation according to the degree of importance manually set by each dimension.
The invention has the advantages compared with the prior art that:
the invention can increase the development efficiency, and particularly, the invention classifies and marks the safety design rules and provides safety design rule recommendation under corresponding scenes for developers. Therefore, a developer can find out a proper safety design rule under one scene, and can find out other safety design rules possibly needed by referring to the safety design rule, so that the working efficiency of the developer is greatly improved.
The invention can optimize the decision process, particularly, the invention carries out multidimensional grading on each rule based on the grading and the unsupervised self-learning safety design rule marking method, which provides more comprehensive information with reference value for the developer and is helpful for the developer to make better decisions.
The invention can reduce the risk of misoperation, in particular, the invention provides more accurate rule recommendation, and a developer can know which rule should be used under which condition more clearly, so that the risk of misoperation caused by misunderstanding the rule is greatly reduced.
The invention also has the function of real-time learning and updating, and particularly, because an unsupervised self-learning mode is adopted, the system applied by the invention can continuously learn and update according to the latest user practice data, thereby continuously optimizing rule recommendation and ensuring that the most effective safety design rule can be provided under the changed environment and scene.
Drawings
FIG. 1 is a schematic flow chart of the method of the present invention.
Detailed Description
The following describes specific embodiments of the present invention with reference to the drawings.
Referring to fig. 1, the method for marking the safety design rule based on scoring and unsupervised self-learning comprises the following steps:
s1: collecting and arranging a series of safety design rules, and recording the safety design rules and corresponding user practice data into a knowledge base;
s2: designing and implementing a system for multi-dimensional scoring of security design rules in a knowledge base according to industry standards and user practice data, wherein each dimension comprises, but is not limited to, usability, security and degree of compliance with the industry standards, and scoring data is correspondingly set for each dimension;
s3: adopting an unsupervised learning algorithm, taking the multidimensional grading data generated in the step S2 as input, carrying out data processing and pattern recognition, gathering rules with similar grading and characteristics together to form a category, and finally classifying all safety design rules into different categories;
s4: marking use scenes of different categories, recommending all security design rules of the corresponding categories to a developer when a subsequent developer needs to develop the corresponding scenes, and providing grading data of all security design rules in the categories in different dimensions; or when the developer finds a security design rule suitable for the development scene, the developer can search other security design rules in the category of the security design rule as references of other security design rules to be used in the development process.
The security design rules include, but are not limited to, password strength rules, data encryption rules, user authentication rules, and network communication security rules.
The user practice data includes, but is not limited to, the frequency of deployment of the safety design rule by a developer, convenience scoring of the developer on the safety design rule deployment process, convenience scoring of the user on the safety design rule, and historical success rate of the safety design rule, wherein the historical success rate is the frequency of successful prevention of historical attack by the safety design rule.
The application scene comprises, but is not limited to, web application security, mobile application security, cloud computing security and Internet of things security.
In some embodiments, the scoring process of the multi-dimensional scoring system in S2 includes the steps of:
s21: assigning an independent vector to each security design rule, each dimension of the vector representing a scoring dimension including, but not limited to, ease of use, security, compliance with industry standards;
s22: setting a scoring standard for each dimension according to the user practice data and the industry standard;
s23: and scoring each dimension of each safety design rule according to the scoring standard set in the step S22, and obtaining multi-dimension scoring data of each rule.
In some embodiments, the usability dimension further comprises a plurality of sub-dimensions, wherein at least two sub-dimensions are scored based on convenience of the developer for deployment of the security design rule and convenience of the user for use of the security design rule, respectively; the security dimension also includes a plurality of sub-dimensions and includes at least two of the following sub-dimensions: historical success rate of the security design rules for preventing attacks and threat model coverage of the security design rules.
In some embodiments, in S3, the method further includes finding out the rule with the optimal performance as the representative rule of the category, and specifically includes the following steps:
s31: in each category, calculating a composite score for each security design rule;
s32: and sequencing the comprehensive scores of the rules, and selecting the rule with the highest comprehensive score as the representative rule of the category.
Further, the composite score is an average value of scores of each dimension, or a value obtained by weighted summation according to the degree of importance manually set by each dimension.
In the following examples, the present invention will be described in one specific context of the method of the present invention:
suppose we are developing a security design rule recommendation system for a broad range of developers. The goal of this system is to provide the developer with the appropriate security design rules to improve their development efficiency and to ensure the security of the software.
At system start-up (S1), various security design rules may be collected from various open source communities, forums, blogs, and industry standards, for example, the password contains at least 8 characters and must contain numbers and letters (password strength rules), hash storage of sensitive information is required (data encryption rules), and the rules are recorded in a knowledge base. More specifically, the following examples are also possible:
1) Some of which are password strength rules:
the password must contain at least 8 characters.
The password must contain both uppercase and lowercase letters.
The code must contain at least one number and one special characters (e.g., @ # $ +% &.
The password should not contain consecutive letters or numbers (e.g., "1234" or "abcd").
The password should not contain obvious personal information (e.g., date of birth, name, etc.).
2) Some of which are data encryption rules:
all sensitive data, such as credit card information or social security numbers, must be encrypted at the time of storage and transmission.
An authenticated encryption standard, such as AES (advanced encryption standard), must be used.
For asymmetric encryption, the public/private key pair must be replaced periodically.
The encryption keys should be managed and protected by a suitable key management flow.
3) Some of which are user authentication rules:
the user should be authenticated by a username and password.
For sensitive operations (e.g., online payments), two-factor authentication or multi-factor authentication should be implemented.
For successive failed login attempts, an account locking policy should be implemented.
4) Some of which are network communication security rules:
all network traffic must be encrypted over HTTPS.
SSL certificates that have expired or are not authenticated should not be accepted.
For the disclosed network API, appropriate rate limiting should be implemented to prevent abuse.
All network communications should implement DDoS defenses.
Meanwhile, practical data of the rules in practical application, such as the frequency of deployment of the safety design rules by developers, convenience scoring of the developers on the safety design rule deployment process, convenience scoring of users on the safety design rules, historical success rate of the safety design rules (the historical success rate is the frequency of successful prevention of historical attack by the safety design rules) and the like, are collected.
During system operation (S2), a scoring system is designed and implemented that multi-dimensionally scores rules in a knowledge base based on industry standards, user practice data. For example, for a password strength rule, we can score in multiple dimensions based on its password complexity, user convenience score, protection effect (security), and whether industry standards are met.
The system then processes the multidimensional scoring data by an unsupervised learning algorithm (S3), such as the K-means algorithm, to find rules with similar scores and aggregate them together to form a category. In each category, the system will find the rule that performs optimally in each dimension as a representative rule for that category.
Then, the applicable scenes (such as Web application security, mobile application security, etc.) of each category need to be manually annotated, and when the developer develops in the corresponding scene, the security design rule of the whole category is directed to them.
Finally, the system continuously collects and processes feedback of developers and users, and optimizes and adjusts safety design rules, scoring systems and unsupervised learning algorithms in the knowledge base according to feedback content so as to realize self iteration and optimization of the rules.
The clustering is performed because some security design rules suitable for specific scenes are often required to be found according to own requirements. For example, in general, the higher the complexity of a password, the higher its security. But at the same time, the complexity also affects the ease of use of the password. For example, a password containing capital letters, lowercase letters, numbers, and special characters, while highly secure, may be perceived by the user as being difficult to remember due to excessive complexity, thereby negatively evaluating its ease of use.
Therefore, only for the password, a proper balance point needs to be found between security and usability in many cases, so that the password can meet the security requirement and cannot cause excessive use burden to users.
While in a specific scenario, the security and usability bias may be different, so that other classes may be searched, such as security bias scenarios. Once the password usage rule corresponding to the security scene type is found, other rules such as a data encryption rule, a user authentication rule, a network communication security rule and the like can be found in the category of the password usage rule, and the rules are also security-biased, so that the rules can be packed and recommended to a developer for development and use, the time for searching the rules is saved, and therefore, a user can obtain the recommendation of various rules required for development at one time and can attach scores of corresponding dimensions for reference.
In addition, how does it determine what kind of scene corresponds to each category? Manual labeling may be based on different criteria, such as:
1. domain expert knowledge. Professional domain experts can be asked to participate, and they may have a deeper understanding of the security requirements and specifications of different scenarios. They may provide insight about specific scenarios, helping to determine the scenarios for which each category applies.
2. The user needs to be studied. Research is being conducted for developers and end users to understand their needs and preferences for security and ease of use in different scenarios. Data is collected through methods such as questionnaires, user feedback, user behavior analysis and the like, and the data is analyzed to determine requirements of different scenes.
3. Industry standards and specifications. Reference is made to industry standards and specifications, such as security specifications provided by OWASP (open Web application security project), PCI DSS (payment card industry data security standard), and the like. These standards and specifications will generally provide security requirements and recommendations for a particular scenario, which may be used as a reference.
4. And (5) analyzing actual cases. Security events and attacks that have occurred are studied and the scene and cause of their occurrence are analyzed. In this way, security challenges and requirements in a particular scenario can be identified and appropriate security design rules inferred from these cases.
In addition, we can also assist in the decision by collecting and analyzing user feedback. If the developer feeds back that when building a Web application, they find the data encryption rule particularly useful, this rule may also be marked as a representative rule for the category associated with the scenario "Web application secure".
By this method we can determine the scene associated with each category and recommend the most appropriate security design rules based on the scene. These recommendation rules are then stored in the best practice recommendation library. When a developer finds the best security design rule under different development scenarios, the relevant suggestions can be obtained from this recommendation library.
In addition, optimization based on user feedback is a continuous process requiring updates and optimization involving safety design rules in the knowledge base, scoring systems, and unsupervised learning algorithms. Specifically, the method may comprise the following steps:
if the user feedback is problematic in the actual use of a rule or the processing of a scene is not perfect, the rule can be modified and optimized. For example, if a user feeds back that a data encryption rule does not provide adequate security in a particular situation, we need to review the rule again, possibly modifying the rule content, or adding additional conditional constraints, etc.
The user's feedback may include opinion scoring the rules. For example, a user may consider that the usability score of a rule is too high, and find that the rule is not easy to use in actual use, and then we need to check the scoring system, adjust the usability scoring criteria, and even adjust the weight of each dimension to make it closer to the actual situation.
The unsupervised learning algorithm is a rule cluster learned through historical data, and feedback of a user can help us to optimize the algorithm. For example, if the user feedback states that some two rules are in fact very similar, but are not clustered together in the current clustering result, then we need to check our unsupervised learning algorithm, possibly requiring adjustment of algorithm parameters, or try to use other clustering algorithms.
These steps can be performed in parallel, and by continuous optimization, the accuracy and practicality of the system will be gradually improved.
The foregoing is only a preferred embodiment of the present invention, but the scope of the present invention is not limited thereto, and any person skilled in the art, who is within the scope of the present invention, should be covered by the protection scope of the present invention by making equivalents and modifications to the technical solution and the inventive concept thereof.
Claims (8)
1. A security design rule marking method based on scoring and unsupervised self-learning, comprising:
s1: collecting and arranging a series of safety design rules, and recording the safety design rules and corresponding user practice data into a knowledge base;
s2: designing and implementing a system for multi-dimensional scoring of security design rules in a knowledge base according to industry standards and user practice data, wherein each dimension comprises, but is not limited to, usability, security and degree of compliance with the industry standards, and scoring data is correspondingly set for each dimension;
s3: adopting an unsupervised learning algorithm, taking the multidimensional grading data generated in the step S2 as input, carrying out data processing and pattern recognition, gathering rules with similar grading and characteristics together to form a category, and finally classifying all safety design rules into different categories;
s4: marking use scenes of different categories, recommending all security design rules of the corresponding categories to a developer when a subsequent developer needs to develop the corresponding scenes, and providing grading data of all security design rules in the categories in different dimensions; or when the developer finds a security design rule suitable for the development scene, the developer can search other security design rules in the category of the security design rule as references of other security design rules to be used in the development process.
2. The security design rule marking method based on scoring and unsupervised self-learning according to claim 1, wherein the security design rules include, but are not limited to, password strength rules, data encryption rules, user authentication rules, network communication security rules.
3. The security design rule marking method based on scoring and unsupervised self-learning according to claim 1 or 2, wherein the user practice data includes, but is not limited to, frequency of security design rule deployment by developer, convenience score of developer for security design rule deployment process, convenience score of user for security design rule, historical success rate of security design rule, the historical success rate being frequency of successful prevention of historical attack by the security design rule.
4. The security design rule marking method based on scoring and unsupervised self-learning according to claim 1, wherein the usage scenarios include, but are not limited to, web application security, mobile application security, cloud computing security, internet of things security.
5. The scoring and unsupervised self-learning based security design rule marking method according to claim 1, wherein the scoring process of the system for multi-dimensional scoring of security design rules in the knowledge base in S2 comprises the steps of:
s21: assigning an independent vector to each security design rule, each dimension of the vector representing a scoring dimension including, but not limited to, ease of use, security, compliance with industry standards;
s22: setting a scoring standard for each dimension according to the user practice data and the industry standard;
s23: and scoring each dimension of each safety design rule according to the scoring standard set in the step S22, and obtaining multi-dimension scoring data of each rule.
6. The security design rule marking method based on scoring and unsupervised self-learning of claim 1 or 5, wherein the usability dimension further comprises a plurality of sub-dimensions, wherein at least two sub-dimensions are respectively scored based on convenience of a developer for deployment of the security design rule and convenience of a user for use of the security design rule; the security dimension also includes a plurality of sub-dimensions and includes at least two of the following sub-dimensions: historical success rate of the security design rules for preventing attacks and threat model coverage of the security design rules.
7. The method for marking safety design rules based on scoring and unsupervised self-learning according to claim 1, wherein the step of finding out the rule with the optimal performance as the representative rule of the category in S3 comprises the following steps:
s31: in each category, calculating a composite score for each security design rule;
s32: and sequencing the comprehensive scores of the rules, and selecting the rule with the highest comprehensive score as the representative rule of the category.
8. The method for marking safety design rules based on scoring and unsupervised self-learning as claimed in claim 7, wherein the composite score is an average value of scores of each dimension or a value obtained by weighted summation according to the degree of importance manually set by each dimension.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311005148.XA CN116719512B (en) | 2023-08-10 | 2023-08-10 | Safety design rule marking method based on scoring and unsupervised self-learning |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311005148.XA CN116719512B (en) | 2023-08-10 | 2023-08-10 | Safety design rule marking method based on scoring and unsupervised self-learning |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN116719512A CN116719512A (en) | 2023-09-08 |
| CN116719512B true CN116719512B (en) | 2023-12-08 |
Family
ID=87872021
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202311005148.XA Active CN116719512B (en) | 2023-08-10 | 2023-08-10 | Safety design rule marking method based on scoring and unsupervised self-learning |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN116719512B (en) |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US10810106B1 (en) * | 2017-03-28 | 2020-10-20 | Amazon Technologies, Inc. | Automated application security maturity modeling |
| CN113395251A (en) * | 2021-01-20 | 2021-09-14 | 腾讯科技(深圳)有限公司 | Machine learning safety scene detection method and device |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US11115421B2 (en) * | 2019-06-26 | 2021-09-07 | Accenture Global Solutions Limited | Security monitoring platform for managing access rights associated with cloud applications |
-
2023
- 2023-08-10 CN CN202311005148.XA patent/CN116719512B/en active Active
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US10810106B1 (en) * | 2017-03-28 | 2020-10-20 | Amazon Technologies, Inc. | Automated application security maturity modeling |
| CN113395251A (en) * | 2021-01-20 | 2021-09-14 | 腾讯科技(深圳)有限公司 | Machine learning safety scene detection method and device |
Non-Patent Citations (1)
| Title |
|---|
| 基于机器学习的SSH应用分类研究;孟姣等;计算机研究与发展 2012(S2);全文 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN116719512A (en) | 2023-09-08 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Halim et al. | An effective genetic algorithm-based feature selection method for intrusion detection systems | |
| Papamartzivanos et al. | Dendron: Genetic trees driven rule induction for network intrusion detection systems | |
| US10911471B1 (en) | Systems and methods for network-based intrusion detection | |
| US10063562B1 (en) | Flexible access management framework based on measuring application usage behavior | |
| CN108292414A (en) | The automatic recommendation of deployment in data center | |
| Dong et al. | Detection of rogue certificates from trusted certificate authorities using deep neural networks | |
| CN112532596B (en) | Network security scheme and strategy generation method and device | |
| Kreso et al. | Data mining privacy preserving: Research agenda | |
| Chen et al. | {Cost-Aware} robust tree ensembles for security applications | |
| Ariyadasa et al. | Combining long-term recurrent convolutional and graph convolutional networks to detect phishing sites using URL and HTML | |
| US11038927B1 (en) | Multidimensional vectors for analyzing and visually displaying identity permissions | |
| Gade et al. | Evaluation of multi criteria decision making methods for potential use in application security | |
| Weir | Using probabilistic techniques to aid in password cracking attacks | |
| CN116719512B (en) | Safety design rule marking method based on scoring and unsupervised self-learning | |
| Vijayalakshmi et al. | Hybrid dual-channel convolution neural network (DCCNN) with spider monkey optimization (SMO) for cyber security threats detection in internet of things | |
| Yang et al. | A comparative study of ML-ELM and DNN for intrusion detection | |
| CN110457387B (en) | Method and related device applied to user tag determination in network | |
| Lal et al. | IOT-based cyber security identification model through machine learning technique | |
| Chiba et al. | A hybrid optimization framework based on genetic algorithm and simulated annealing algorithm to enhance performance of anomaly network intrusion detection system based on bp neural network | |
| Muhammad et al. | Device-type profiling for network access control systems using clustering-based multivariate Gaussian outlier score | |
| Esmaeili et al. | Stream data mining and anomaly detection | |
| US9332034B2 (en) | System and methods for automatic designation of encryption policies for user devices | |
| CA3131616A1 (en) | System and method for detecting anomalous activity based on a data distribution | |
| Marin et al. | Exploring Malicious Hacker Communities: Toward Proactive Cyber-Defense | |
| Patil | Security vulnerability detection with enhanced privacy preservation for edge computing using hybrid machine learning approach |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |