CN109245944A - Network safety evaluation method and system - Google Patents
Network safety evaluation method and system Download PDFInfo
- Publication number
- CN109245944A CN109245944A CN201811229575.5A CN201811229575A CN109245944A CN 109245944 A CN109245944 A CN 109245944A CN 201811229575 A CN201811229575 A CN 201811229575A CN 109245944 A CN109245944 A CN 109245944A
- Authority
- CN
- China
- Prior art keywords
- factor
- confidence level
- risk factors
- deterrent
- network security
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/14—Network analysis or design
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/14—Network analysis or design
- H04L41/145—Network analysis or design involving simulating, designing, planning or modelling of a network
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
This application discloses a kind of network safety evaluation methods.This method includes obtaining network security risk factor, wherein the risk factors include assets factor, fragile sexual factor and deterrent;Evaluation Model of Computer Network Security is established according to the risk factors according to the first preset rules;The assessed value of the risk factors is obtained using the Evaluation Model of Computer Network Security;The confidence level of the risk factors is obtained according to the second preset rules;Network security assessment value is obtained according to the confidence level of the assessed value of the risk factors and the risk factors, wherein the network security assessment value is multiplied to obtain by the assessed value of the risk factors with the confidence level of the risk factors.Present invention also provides a kind of network security assessment systems for implementing the above method.Present application addresses Prevention-Security technologies in the related technology due to taking action after an event occurs, the technical problem of the caused internet security difference of the unpredictable possible assault occurred.
Description
Technical field
This application involves internet security evaluation areas, in particular to a kind of network safety evaluation method and system.
Background technique
With the rapid development of computer networking technology, and extensive, distributed type high speed network is largely applied, mutually
Networking has penetrated into the study of people, the every aspect in work and life, and it is total to become information interchange and resource between people
The important means enjoyed.While internet scale rapidly develops, relative network safety event but occurs again and again, network
Security issues become increasingly urgent.The security situation that current internet faces is mainly manifested in the following aspects: after website is implanted
The concealments attacks such as door are in continuous growing trend, and the user information of website becomes the emphasis that hacker steals;Phishing day
Become savage, seriously affects the development of on-line finance service and e-commerce;Denial of Service attack is still to influence network security fortune
One of capable most important threat;The various security breaches continued to increase are brought to information system security to be seriously threatened.Each time
The generation of network safety event all can bring massive losses to country, enterprise and individual.For that purpose it is necessary to take appropriate measures
To guarantee the safe operation of network system.
Passive-type Prevention-Security technology in the related technology (recognize by Intrusion Detection Technique, firewall technology and user identity
Card mechanism etc.) needs of enterprises and individuals' information security have been unable to satisfy, there is an urgent need to new active defence methods by people.Its
Main reasons is that: on the one hand, these defensive measures belong to passively security protection means, they are occurred in attack
When or just take corresponding action after occurring;On the other hand, defensive measure in the related technology mostly uses greatly the side of rule match
Method is attacked to detect, and is unsuitable for detecting unknown attack, while may be unexpected by the attack that may occur.Therefore,
The Network Safety Analysis of active and appraisal procedure are particularly important.
For the problems in the relevant technologies, currently no effective solution has been proposed.
Summary of the invention
The main purpose of the application is to provide a kind of network safety evaluation method, with solve it is at least the above in the related technology
One of the problem of.
To achieve the goals above, according to the one aspect of the application, a kind of network safety evaluation method, the party are provided
Method includes:
Obtain network security risk factor, wherein the risk factors include assets factor, fragile sexual factor and threaten because
Element;Evaluation Model of Computer Network Security is established according to the risk factors according to the first preset rules;Utilize the network security assessment
Model obtains the assessed value of the risk factors;The confidence level of the risk factors is obtained according to the second preset rules;According to institute
The confidence level of the assessed value and the risk factors of stating risk factors obtains network security assessment value, wherein the network security
Assessed value is multiplied to obtain by the assessed value of the risk factors with the confidence level of the risk factors.
Further, method as the aforementioned, it is described to establish network peace according to the risk factors according to the first preset rules
Full assessment models, comprising: obtain respectively the assets factor, the sub- factor of the fragile sexual factor and the deterrent and
Object event caused by the sub- factor;The confidence level and the object event for obtaining the sub- factor respectively occur credible
Degree.
Further, method as the aforementioned, it is described to establish network peace according to the risk factors according to the first preset rules
Full assessment models, further includes: obtain the weight system of the assets factor, the fragile sexual factor and the deterrent respectively
Number.
Further, method as the aforementioned, the confidence level that the risk factors are obtained according to the second preset rules, packet
Include: respectively by the confidence level of the sub- factor of the assets factor, the fragile sexual factor and the deterrent with it is described
The confidence level that object event occurs, which is multiplied, obtains confidence level product;The credible of the risk factors is obtained according to third preset rules
Degree.
Further, method as the aforementioned, the confidence level that the risk factors are obtained according to third preset rules, packet
It includes: respectively by each confidence level product of the assets factor, the fragile sexual factor and the deterrent according to big
Small sequence chooses the maximum confidence product in the assets factor, the fragile sexual factor and the deterrent as institute
State the confidence level of assets factor, the fragile sexual factor and the deterrent;According to the assets factor, the fragility because
The confidence level and weight coefficient of the plain and described deterrent obtain the confidence level of the risk factors.
To achieve the goals above, according to the another aspect of the application, a kind of network security assessment system is provided, this is
System includes assessment modeling unit, the first computing unit, the second computing unit and third computing unit, in which: the assessment modeling
Unit, for obtaining network security risk factor, wherein the risk factors include assets factor, fragile sexual factor and threat
Factor;The assessment modeling unit is also used to establish network security assessment according to the risk factors according to the first preset rules
Model;First computing unit, for obtaining the assessed value of the risk factors using the Evaluation Model of Computer Network Security;Institute
The second computing unit is stated, for obtaining the confidence level of the risk factors according to the second preset rules;The third computing unit,
For obtaining network security assessment value according to the assessed value of the risk factors and the confidence level of the risk factors, wherein institute
Network security assessment value is stated to be multiplied to obtain with the confidence level of the risk factors by the assessed value of the risk factors.
Further, system as the aforementioned, the assessment modeling unit are also used to obtain the assets factor, institute respectively
Object event caused by the sub- factor and the sub- factor of fragile sexual factor and the deterrent is stated, obtains the son respectively
The confidence level that the confidence level of factor and the object event occur.
Further, system as the aforementioned, system according to claim 7, which is characterized in that the assessment modeling
Unit is also used to obtain the weight coefficient of the assets factor, the fragile sexual factor and the deterrent respectively.
Further, system as the aforementioned, second computing unit are also used to the assets factor, described respectively
The confidence level of the sub- factor of fragile sexual factor and the deterrent is multiplied with the confidence level that the object event occurs to be obtained
Obtain confidence level product;Second computing unit is also used to obtain the confidence level of the risk factors according to third preset rules.
Further, system as the aforementioned, the confidence level that the risk factors are obtained according to third preset rules, packet
It includes: respectively by each confidence level product of the assets factor, the fragile sexual factor and the deterrent according to big
Small sequence chooses the maximum confidence product in the assets factor, the fragile sexual factor and the deterrent as institute
State the confidence level of assets factor, the fragile sexual factor and the deterrent;According to the assets factor, the fragility because
The confidence level and weight coefficient of the plain and described deterrent obtain the confidence level of the risk factors.
In the embodiment of the present application, by the way of establishing network security risk evaluation model, pass through comprehensive consideration risk
The assessed value and confidence level of factor have achieved the purpose that assess network security, to realize before the generation of network security accident
Prediction, assessment network security risk technical effect, and then solve in the related technology Prevention-Security technology due to being sent out in event
It takes action after life, the technical problem of the caused internet security difference of the unpredictable possible assault occurred.
Detailed description of the invention
The attached drawing constituted part of this application is used to provide further understanding of the present application, so that the application's is other
Feature, objects and advantages become more apparent upon.The illustrative examples attached drawing and its explanation of the application is for explaining the application, not
Constitute the improper restriction to the application.In the accompanying drawings:
Fig. 1 is a kind of flow diagram for network safety evaluation method that the application one embodiment provides;And
Fig. 2 is a kind of structural schematic diagram for network security assessment system that the application one embodiment provides.
Specific embodiment
In order to make those skilled in the art more fully understand application scheme, below in conjunction in the embodiment of the present application
Attached drawing, the technical scheme in the embodiment of the application is clearly and completely described, it is clear that described embodiment is only
The embodiment of the application a part, instead of all the embodiments.Based on the embodiment in the application, ordinary skill people
Member's every other embodiment obtained without making creative work, all should belong to the model of the application protection
It encloses.
It should be noted that in the absence of conflict, the features in the embodiments and the embodiments of the present application can phase
Mutually combination.The application is described in detail below with reference to the accompanying drawings and in conjunction with the embodiments.
According to embodiments of the present invention, a kind of network safety evaluation method is provided, as shown in Figure 1, this method includes as follows
Step S1 to step S5:
S1. network security risk factor is obtained, wherein the risk factors include assets factor, fragile sexual factor and prestige
Side of body factor;
S2. Evaluation Model of Computer Network Security is established according to the risk factors according to the first preset rules, comprising: obtain respectively
Target thing caused by the sub- factor and the sub- factor of the assets factor, the fragile sexual factor and the deterrent
Part;
Specifically, the data assets and physical asset that assets factor refers mainly to system are due to accidental operation or natural calamity
Caused destruction, and assets are more important, influence degree is bigger.Wherein, data assets refer to being stored on information media
Various data informations and provided calculating service, as program source code, application software, systems technology document, detection report
Accuse and invade log monitoring etc.;Physical asset includes the network equipment, computer equipment, stores equipment and safety guarantee equipment etc.,
Such as router, vpn gateway, interchanger, desktop computer, server, portable computer, mobile hard disk, printer and hardware
Firewall etc.;Fragile sexual factor, which refers mainly to defect present in system, can increase a possibility that system is attacked, and assets
Fragility severity is higher, bigger using caused harm by threatening.The fragility of network system can be divided into technology
Fragility and management two class of fragility: technology fragility includes the existing design fragility of system software and realizes fragility
Deng;Managing fragility includes the fragility of system relevant operation and the fragility of software configuration etc.;Deterrent refer mainly to by
In unauthorized operation to the influence degree of the security attributes such as the confidentiality, integrality and availability of network system assets.Here
Threat source mostly come from malicious persons, and malicious persons refer to internal staff to network system carry out malicious sabotage or
Person external staff attacks system using the fragility of network system, to obtain its interests.
The confidence level that the confidence level and the object event for obtaining the sub- factor respectively occur;Specifically, rule of thumb
Or one section of period observed value judges that the desired value of the credibility of a things or phenomenon is known as confidence level, using confidence level etc.
The confidence level that the confidence level and event of grade description factor occur, different confidence levels correspond to different confidence scores.
The weight coefficient of the assets factor, the fragile sexual factor and the deterrent is obtained respectively.Specifically, by
It is different in influence degree of each evaluation index to final assessment result, so according to the significance level of each risk factors
One weight coefficient of different definition, the weight coefficient of each factor is calculated using analytic hierarchy process (AHP).
S3. the assessed value of the risk factors is obtained using the Evaluation Model of Computer Network Security;Specifically, for example, for
Every sub- factor, firstly evaluates its risk class, estimates the number that each risk occurs, then by risk class and the generation wind
The number power of the confidence level of danger is multiplied to obtain the assessed value of each sub- factor, finally by the assessed value of each sub- factor multiplied by respective
The assessed value for obtaining assets factor, fragile sexual factor and deterrent respectively is added after corresponding weight coefficient.
S4. the confidence level of the risk factors is obtained according to the second preset rules, comprising: respectively by the assets factor,
The confidence level phase that the confidence level of the sub- factor of the fragility sexual factor and the deterrent occurs with the object event
Multiply and obtains confidence level product;
Each confidence level product of the assets factor, the fragile sexual factor and the deterrent is pressed respectively
It sorts according to size, the maximum confidence product chosen in the assets factor, the fragile sexual factor and the deterrent is made
For the assets factor, the confidence level of the fragile sexual factor and the deterrent;
Institute is obtained according to the confidence level and weight coefficient of the assets factor, the fragile sexual factor and the deterrent
State the confidence level of risk factors.
S5. network security assessment value is obtained according to the confidence level of the assessed value of the risk factors and the risk factors,
Wherein, the network security assessment value is multiplied to obtain by the assessed value of the risk factors with the confidence level of the risk factors.
It can be seen from the above description that the present invention realizes following technical effect:
In the embodiment of the present application, each by comprehensive consideration by the way of establishing network security risk evaluation model
Risk class, assessed value and the confidence level of sub- risk factors, and according to estimating risk frequency, sub- factor confidence level, event
The factors such as confidence level occur to risk factors comprehensive consideration, have achieved the purpose that effective assessment network security, to realize
Network security accident is predicted before occurring, assesses the technical effect of network security risk, and then it is anti-to solve safety in the related technology
Imperial technology due to taking action after an event occurs, the caused network security of the unpredictable possible assault occurred
Property difference technical problem.
It should be noted that the description and claims of this application and term " first " in above-mentioned attached drawing, "
Two " etc. be to be used to distinguish similar objects, without being used to describe a particular order or precedence order.For example, the first default rule
It is then only used for distinguishing the method for obtaining Evaluation Model of Computer Network Security and confidence level with the second preset rules, it should be appreciated that second is default
It may be using the content in the first preset rules, so as to embodiments herein described herein in rule.In addition, term " packet
Include " and " having " and their any deformation, it is intended that cover it is non-exclusive include, for example, containing a series of contents
Evaluation Model of Computer Network Security those of be not necessarily limited to be clearly listed element, such as calculating formula, experience factor, but may include
Other elements being not clearly listed or intrinsic for these models.
It should be noted that step shown in the flowchart of the accompanying drawings can be in such as a group of computer-executable instructions
It is executed in computer system, although also, logical order is shown in flow charts, and it in some cases, can be with not
The sequence being same as herein executes shown or described step.
According to embodiments of the present invention, a kind of network security for implementing above-mentioned network safety evaluation method is additionally provided to comment
System is estimated, as shown in Fig. 2, the system includes: that assessment modeling unit, the first computing unit, the second computing unit and third calculate
Unit, in which:
The assessment modeling unit, for obtaining network security risk factor, wherein the risk factors include assets because
Element, fragile sexual factor and deterrent;
The assessment modeling unit is also used to establish network security according to the risk factors according to the first preset rules and comment
Estimate model;
The assessment modeling unit is also used to obtain the assets factor, the fragile sexual factor and the threat respectively
Object event caused by the sub- factor of factor and the sub- factor obtains the confidence level and the target of the sub- factor respectively
The confidence level that event occurs;
Specifically, the data assets and physical asset that assets factor refers mainly to system are due to accidental operation or natural calamity
Caused destruction, and assets are more important, influence degree is bigger.Wherein, data assets refer to being stored on information media
Various data informations and provided calculating service, as program source code, application software, systems technology document, detection report
Accuse and invade log monitoring etc.;Physical asset includes the network equipment, computer equipment, stores equipment and safety guarantee equipment etc.,
Such as router, vpn gateway, interchanger, desktop computer, server, portable computer, mobile hard disk, printer and hardware
Firewall etc.;Fragile sexual factor, which refers mainly to defect present in system, can increase a possibility that system is attacked, and assets
Fragility severity is higher, bigger using caused harm by threatening.The fragility of network system can be divided into technology
Fragility and management two class of fragility: technology fragility includes the existing design fragility of system software and realizes fragility
Deng;Managing fragility includes the fragility of system relevant operation and the fragility of software configuration etc.;Deterrent refer mainly to by
In unauthorized operation to the influence degree of the security attributes such as the confidentiality, integrality and availability of network system assets.Here
Threat source mostly come from malicious persons, and malicious persons refer to internal staff to network system carry out malicious sabotage or
Person external staff attacks system using the fragility of network system, to obtain its interests.
Specifically, rule of thumb or one section of period observed value judges that the desired value of the credibility of a things or phenomenon claims
For confidence level, the confidence level of factor and the confidence level of event generation, different confidence levels are described using confidence level
Corresponding different confidence score.
The assessment modeling unit is also used to obtain the assets factor, the fragile sexual factor and the threat respectively
The weight coefficient of factor.Specifically, since influence degree of each evaluation index to final assessment result is different, so root
According to one weight coefficient of different definition of the significance level of each risk factors, each factor is calculated using analytic hierarchy process (AHP)
Weight coefficient.
First computing unit, for obtaining the assessment of the risk factors using the Evaluation Model of Computer Network Security
Value;Specifically, for example, firstly evaluating its risk class for every sub- factor, the number that each risk occurs is estimated, then
Risk class is multiplied to obtain the assessed value of each sub- factor with the number power for the confidence level that the risk occurs, finally by each height
The assessed value of factor is multiplied by being added the assets factor that obtains respectively, fragile sexual factor and deterrent after respective weight coefficient
Assessed value.
Second computing unit, for obtaining the confidence level of the risk factors according to the second preset rules, comprising: point
Not by the confidence level and the target thing of the sub- factor of the assets factor, the fragile sexual factor and the deterrent
The confidence level that part occurs, which is multiplied, obtains confidence level product;Respectively by the assets factor, the fragile sexual factor and the threat
Each confidence level product of factor in magnitude order, chooses the assets factor, the fragile sexual factor and the prestige
Maximum confidence product in side of body factor is as the credible of the assets factor, the fragile sexual factor and the deterrent
Degree;The wind is obtained according to the confidence level and weight coefficient of the assets factor, the fragile sexual factor and the deterrent
The confidence level of dangerous factor.
The third computing unit, for being obtained according to the assessed value of the risk factors and the confidence level of the risk factors
Network security assessment value, wherein the network security assessment value by the risk factors assessed value and the risk factors
Confidence level be multiplied to obtain.
Obviously, those skilled in the art should be understood that each module of the above invention or each step can be with general
Computing device realize that they can be concentrated on a single computing device, or be distributed in multiple computing devices and formed
Network on, optionally, they can be realized with the program code that computing device can perform, it is thus possible to which they are stored
Be performed by computing device in the storage device, perhaps they are fabricated to each integrated circuit modules or by they
In multiple modules or step be fabricated to single integrated circuit module to realize.In this way, the present invention is not limited to any specific
Hardware and software combines.
The foregoing is merely preferred embodiment of the present application, are not intended to limit this application, for the skill of this field
For art personnel, various changes and changes are possible in this application.Within the spirit and principles of this application, made any to repair
Change, equivalent replacement, improvement etc., should be included within the scope of protection of this application.
Claims (10)
1. a kind of network safety evaluation method characterized by comprising
Obtain network security risk factor, wherein the risk factors include assets factor, fragile sexual factor and deterrent;
Evaluation Model of Computer Network Security is established according to the risk factors according to the first preset rules;
The assessed value of the risk factors is obtained using the Evaluation Model of Computer Network Security;
The confidence level of the risk factors is obtained according to the second preset rules;
Network security assessment value is obtained according to the confidence level of the assessed value of the risk factors and the risk factors, wherein institute
Network security assessment value is stated to be multiplied to obtain with the confidence level of the risk factors by the assessed value of the risk factors.
2. the method according to claim 1, wherein it is described according to the first preset rules according to the risk factors
Establish Evaluation Model of Computer Network Security, comprising:
The assets factor, the sub- factor of the fragile sexual factor and the deterrent and the sub- factor is obtained respectively to make
At object event;
The confidence level that the confidence level and the object event for obtaining the sub- factor respectively occur.
3. according to the method described in claim 2, it is characterized in that, it is described according to the first preset rules according to the risk factors
Establish Evaluation Model of Computer Network Security, further includes:
The weight coefficient of the assets factor, the fragile sexual factor and the deterrent is obtained respectively.
4. according to the method described in claim 3, it is characterized in that, described obtain the risk factors according to the second preset rules
Confidence level, comprising:
Respectively by the confidence level of the sub- factor of the assets factor, the fragile sexual factor and the deterrent with it is described
The confidence level that object event occurs, which is multiplied, obtains confidence level product;
The confidence level of the risk factors is obtained according to third preset rules.
5. according to the method described in claim 4, it is characterized in that, described obtain the risk factors according to third preset rules
Confidence level, comprising:
Respectively by each confidence level product of the assets factor, the fragile sexual factor and the deterrent according to big
Small sequence chooses the maximum confidence product in the assets factor, the fragile sexual factor and the deterrent as institute
State the confidence level of assets factor, the fragile sexual factor and the deterrent;
The wind is obtained according to the confidence level and weight coefficient of the assets factor, the fragile sexual factor and the deterrent
The confidence level of dangerous factor.
6. a kind of network security assessment system, which is characterized in that calculated including assessment modeling unit, the first computing unit, second
Unit and third computing unit, in which:
The assessment modeling unit, for obtaining network security risk factor, wherein the risk factors include assets factor,
Fragile sexual factor and deterrent;
The assessment modeling unit is also used to establish network security assessment mould according to the risk factors according to the first preset rules
Type;
First computing unit, for obtaining the assessed value of the risk factors using the Evaluation Model of Computer Network Security;
Second computing unit, for obtaining the confidence level of the risk factors according to the second preset rules;
The third computing unit, for obtaining net according to the assessed value of the risk factors and the confidence level of the risk factors
Network security evaluation value, wherein the network security assessment value by the risk factors assessed value and the risk factors can
Reliability is multiplied to obtain.
7. system according to claim 6, which is characterized in that the assessment modeling unit is also used to obtain respectively described
Object event caused by the sub- factor and the sub- factor of assets factor, the fragile sexual factor and the deterrent, point
The confidence level that the confidence level and the object event for not obtaining the sub- factor occur.
8. system according to claim 7, which is characterized in that the assessment modeling unit is also used to obtain respectively described
The weight coefficient of assets factor, the fragile sexual factor and the deterrent.
9. system according to claim 8, which is characterized in that second computing unit is also used to the money respectively
What the confidence level of the sub- factor of production factor, the fragile sexual factor and the deterrent and the object event occurred can
Reliability, which is multiplied, obtains confidence level product;
Second computing unit is also used to obtain the confidence level of the risk factors according to third preset rules.
10. system according to claim 6, which is characterized in that it is described according to third preset rules obtain the risk because
The confidence level of element, comprising:
Respectively by each confidence level product of the assets factor, the fragile sexual factor and the deterrent according to big
Small sequence chooses the maximum confidence product in the assets factor, the fragile sexual factor and the deterrent as institute
State the confidence level of assets factor, the fragile sexual factor and the deterrent;
The wind is obtained according to the confidence level and weight coefficient of the assets factor, the fragile sexual factor and the deterrent
The confidence level of dangerous factor.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201811229575.5A CN109245944A (en) | 2018-10-22 | 2018-10-22 | Network safety evaluation method and system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201811229575.5A CN109245944A (en) | 2018-10-22 | 2018-10-22 | Network safety evaluation method and system |
Publications (1)
Publication Number | Publication Date |
---|---|
CN109245944A true CN109245944A (en) | 2019-01-18 |
Family
ID=65081161
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201811229575.5A Pending CN109245944A (en) | 2018-10-22 | 2018-10-22 | Network safety evaluation method and system |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN109245944A (en) |
Cited By (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110336806A (en) * | 2019-06-27 | 2019-10-15 | 四川大学 | A kind of covert communications detection method of combination session behavior and correspondence |
CN110472839A (en) * | 2019-07-25 | 2019-11-19 | 上海电力大学 | Thermal power plant's control system Information Security Evaluation system based on SA-PSO-AHP |
CN112351005A (en) * | 2020-10-23 | 2021-02-09 | 杭州安恒信息技术股份有限公司 | Internet of things communication method and device, readable storage medium and computer equipment |
CN113408948A (en) * | 2021-07-15 | 2021-09-17 | 恒安嘉新(北京)科技股份公司 | Network asset management method, device, equipment and medium |
CN114070650A (en) * | 2022-01-11 | 2022-02-18 | 浙江国利网安科技有限公司 | Network asset evaluation method and device, electronic equipment and readable storage medium |
CN115643107A (en) * | 2022-12-13 | 2023-01-24 | 北京源堡科技有限公司 | Network security risk assessment method and device, computer equipment and storage medium |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101436967A (en) * | 2008-12-23 | 2009-05-20 | 北京邮电大学 | Method and system for evaluating network safety situation |
CN103246762A (en) * | 2013-04-10 | 2013-08-14 | 哈尔滨工程大学 | Method of comprehensive evaluation for simulation credibility of electric propulsion system |
US20180295148A1 (en) * | 2017-04-06 | 2018-10-11 | Fortinet, Inc. | Predicting the risk associated with a network flow, such as one involving an iot device, and applying an appropriate level of security inspection based thereon |
-
2018
- 2018-10-22 CN CN201811229575.5A patent/CN109245944A/en active Pending
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101436967A (en) * | 2008-12-23 | 2009-05-20 | 北京邮电大学 | Method and system for evaluating network safety situation |
CN103246762A (en) * | 2013-04-10 | 2013-08-14 | 哈尔滨工程大学 | Method of comprehensive evaluation for simulation credibility of electric propulsion system |
US20180295148A1 (en) * | 2017-04-06 | 2018-10-11 | Fortinet, Inc. | Predicting the risk associated with a network flow, such as one involving an iot device, and applying an appropriate level of security inspection based thereon |
Non-Patent Citations (2)
Title |
---|
武志锋等: "军工网络安全模拟仿真***可信度研究", 《电子产品可靠性与环境试验》 * |
高翔: "网络安全评估理论及其关键技术研究", 《中国博士学位论文全文数据库 信息科技辑》 * |
Cited By (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110336806A (en) * | 2019-06-27 | 2019-10-15 | 四川大学 | A kind of covert communications detection method of combination session behavior and correspondence |
CN110472839A (en) * | 2019-07-25 | 2019-11-19 | 上海电力大学 | Thermal power plant's control system Information Security Evaluation system based on SA-PSO-AHP |
CN112351005A (en) * | 2020-10-23 | 2021-02-09 | 杭州安恒信息技术股份有限公司 | Internet of things communication method and device, readable storage medium and computer equipment |
CN112351005B (en) * | 2020-10-23 | 2022-11-15 | 杭州安恒信息技术股份有限公司 | Internet of things communication method and device, readable storage medium and computer equipment |
CN113408948A (en) * | 2021-07-15 | 2021-09-17 | 恒安嘉新(北京)科技股份公司 | Network asset management method, device, equipment and medium |
CN114070650A (en) * | 2022-01-11 | 2022-02-18 | 浙江国利网安科技有限公司 | Network asset evaluation method and device, electronic equipment and readable storage medium |
CN114070650B (en) * | 2022-01-11 | 2022-05-17 | 浙江国利网安科技有限公司 | Network asset assessment method and device, electronic equipment and readable storage medium |
CN115643107A (en) * | 2022-12-13 | 2023-01-24 | 北京源堡科技有限公司 | Network security risk assessment method and device, computer equipment and storage medium |
CN115643107B (en) * | 2022-12-13 | 2023-04-21 | 北京源堡科技有限公司 | Network security risk assessment method, device, computer equipment and storage medium |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US11886575B1 (en) | Methods and systems for fraud containment | |
US11212299B2 (en) | System and method for monitoring security attack chains | |
CN109245944A (en) | Network safety evaluation method and system | |
US10491623B2 (en) | Social network security monitoring | |
US10587640B2 (en) | System and method for attribution of actors to indicators of threats to a computer system and prediction of future threat actions | |
US10708290B2 (en) | System and method for prediction of future threat actions | |
Zahra et al. | Detecting Covid-19 chaos driven phishing/malicious URL attacks by a fuzzy logic and data mining based intelligence system | |
Shaikh et al. | A literature review on phishing crime, prevention review and investigation of gaps | |
US10289838B2 (en) | Scoring for threat observables | |
US20140165195A1 (en) | Method and system for thwarting insider attacks through informational network analysis | |
Cho et al. | A method of monitoring and detecting APT attacks based on unknown domains | |
Gong et al. | A reliability comparison method for OSINT validity analysis | |
CN110598404A (en) | Security risk monitoring method, monitoring device, server and storage medium | |
Singh et al. | Detecting malicious users in Twitter using classifiers | |
CA3081327A1 (en) | Consumer threat intelligence service | |
Shah et al. | Detect phishing website by fuzzy multi-criteria decision making | |
Wang et al. | Privacy threat modeling framework for online social networks | |
Toapanta et al. | Analysis of cyberattacks in public organizations in Latin America | |
CN117478433B (en) | Network and information security dynamic early warning system | |
Wilson et al. | The fight against phishing: Technology, the end user and legislation | |
Williams et al. | Small business-a cyber resilience vulnerability | |
Alotaibi et al. | Threats, crimes and issues of privacy of users’ information shared on online social networks | |
Motlhabi et al. | Context-aware cyber threat intelligence exchange platform | |
Pandhurnekar et al. | Proposed Method for Threat Detection Using User Behavior Analysis | |
Wei et al. | Assessment of information security impacts on mobile social media |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20190118 |
|
RJ01 | Rejection of invention patent application after publication |