CN109245944A - Network safety evaluation method and system - Google Patents

Network safety evaluation method and system Download PDF

Info

Publication number
CN109245944A
CN109245944A CN201811229575.5A CN201811229575A CN109245944A CN 109245944 A CN109245944 A CN 109245944A CN 201811229575 A CN201811229575 A CN 201811229575A CN 109245944 A CN109245944 A CN 109245944A
Authority
CN
China
Prior art keywords
factor
confidence level
risk factors
deterrent
network security
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201811229575.5A
Other languages
Chinese (zh)
Inventor
梁宗文
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Southwest Petroleum University
Original Assignee
Southwest Petroleum University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Southwest Petroleum University filed Critical Southwest Petroleum University
Priority to CN201811229575.5A priority Critical patent/CN109245944A/en
Publication of CN109245944A publication Critical patent/CN109245944A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/14Network analysis or design
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/14Network analysis or design
    • H04L41/145Network analysis or design involving simulating, designing, planning or modelling of a network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

This application discloses a kind of network safety evaluation methods.This method includes obtaining network security risk factor, wherein the risk factors include assets factor, fragile sexual factor and deterrent;Evaluation Model of Computer Network Security is established according to the risk factors according to the first preset rules;The assessed value of the risk factors is obtained using the Evaluation Model of Computer Network Security;The confidence level of the risk factors is obtained according to the second preset rules;Network security assessment value is obtained according to the confidence level of the assessed value of the risk factors and the risk factors, wherein the network security assessment value is multiplied to obtain by the assessed value of the risk factors with the confidence level of the risk factors.Present invention also provides a kind of network security assessment systems for implementing the above method.Present application addresses Prevention-Security technologies in the related technology due to taking action after an event occurs, the technical problem of the caused internet security difference of the unpredictable possible assault occurred.

Description

Network safety evaluation method and system
Technical field
This application involves internet security evaluation areas, in particular to a kind of network safety evaluation method and system.
Background technique
With the rapid development of computer networking technology, and extensive, distributed type high speed network is largely applied, mutually Networking has penetrated into the study of people, the every aspect in work and life, and it is total to become information interchange and resource between people The important means enjoyed.While internet scale rapidly develops, relative network safety event but occurs again and again, network Security issues become increasingly urgent.The security situation that current internet faces is mainly manifested in the following aspects: after website is implanted The concealments attacks such as door are in continuous growing trend, and the user information of website becomes the emphasis that hacker steals;Phishing day Become savage, seriously affects the development of on-line finance service and e-commerce;Denial of Service attack is still to influence network security fortune One of capable most important threat;The various security breaches continued to increase are brought to information system security to be seriously threatened.Each time The generation of network safety event all can bring massive losses to country, enterprise and individual.For that purpose it is necessary to take appropriate measures To guarantee the safe operation of network system.
Passive-type Prevention-Security technology in the related technology (recognize by Intrusion Detection Technique, firewall technology and user identity Card mechanism etc.) needs of enterprises and individuals' information security have been unable to satisfy, there is an urgent need to new active defence methods by people.Its Main reasons is that: on the one hand, these defensive measures belong to passively security protection means, they are occurred in attack When or just take corresponding action after occurring;On the other hand, defensive measure in the related technology mostly uses greatly the side of rule match Method is attacked to detect, and is unsuitable for detecting unknown attack, while may be unexpected by the attack that may occur.Therefore, The Network Safety Analysis of active and appraisal procedure are particularly important.
For the problems in the relevant technologies, currently no effective solution has been proposed.
Summary of the invention
The main purpose of the application is to provide a kind of network safety evaluation method, with solve it is at least the above in the related technology One of the problem of.
To achieve the goals above, according to the one aspect of the application, a kind of network safety evaluation method, the party are provided Method includes:
Obtain network security risk factor, wherein the risk factors include assets factor, fragile sexual factor and threaten because Element;Evaluation Model of Computer Network Security is established according to the risk factors according to the first preset rules;Utilize the network security assessment Model obtains the assessed value of the risk factors;The confidence level of the risk factors is obtained according to the second preset rules;According to institute The confidence level of the assessed value and the risk factors of stating risk factors obtains network security assessment value, wherein the network security Assessed value is multiplied to obtain by the assessed value of the risk factors with the confidence level of the risk factors.
Further, method as the aforementioned, it is described to establish network peace according to the risk factors according to the first preset rules Full assessment models, comprising: obtain respectively the assets factor, the sub- factor of the fragile sexual factor and the deterrent and Object event caused by the sub- factor;The confidence level and the object event for obtaining the sub- factor respectively occur credible Degree.
Further, method as the aforementioned, it is described to establish network peace according to the risk factors according to the first preset rules Full assessment models, further includes: obtain the weight system of the assets factor, the fragile sexual factor and the deterrent respectively Number.
Further, method as the aforementioned, the confidence level that the risk factors are obtained according to the second preset rules, packet Include: respectively by the confidence level of the sub- factor of the assets factor, the fragile sexual factor and the deterrent with it is described The confidence level that object event occurs, which is multiplied, obtains confidence level product;The credible of the risk factors is obtained according to third preset rules Degree.
Further, method as the aforementioned, the confidence level that the risk factors are obtained according to third preset rules, packet It includes: respectively by each confidence level product of the assets factor, the fragile sexual factor and the deterrent according to big Small sequence chooses the maximum confidence product in the assets factor, the fragile sexual factor and the deterrent as institute State the confidence level of assets factor, the fragile sexual factor and the deterrent;According to the assets factor, the fragility because The confidence level and weight coefficient of the plain and described deterrent obtain the confidence level of the risk factors.
To achieve the goals above, according to the another aspect of the application, a kind of network security assessment system is provided, this is System includes assessment modeling unit, the first computing unit, the second computing unit and third computing unit, in which: the assessment modeling Unit, for obtaining network security risk factor, wherein the risk factors include assets factor, fragile sexual factor and threat Factor;The assessment modeling unit is also used to establish network security assessment according to the risk factors according to the first preset rules Model;First computing unit, for obtaining the assessed value of the risk factors using the Evaluation Model of Computer Network Security;Institute The second computing unit is stated, for obtaining the confidence level of the risk factors according to the second preset rules;The third computing unit, For obtaining network security assessment value according to the assessed value of the risk factors and the confidence level of the risk factors, wherein institute Network security assessment value is stated to be multiplied to obtain with the confidence level of the risk factors by the assessed value of the risk factors.
Further, system as the aforementioned, the assessment modeling unit are also used to obtain the assets factor, institute respectively Object event caused by the sub- factor and the sub- factor of fragile sexual factor and the deterrent is stated, obtains the son respectively The confidence level that the confidence level of factor and the object event occur.
Further, system as the aforementioned, system according to claim 7, which is characterized in that the assessment modeling Unit is also used to obtain the weight coefficient of the assets factor, the fragile sexual factor and the deterrent respectively.
Further, system as the aforementioned, second computing unit are also used to the assets factor, described respectively The confidence level of the sub- factor of fragile sexual factor and the deterrent is multiplied with the confidence level that the object event occurs to be obtained Obtain confidence level product;Second computing unit is also used to obtain the confidence level of the risk factors according to third preset rules.
Further, system as the aforementioned, the confidence level that the risk factors are obtained according to third preset rules, packet It includes: respectively by each confidence level product of the assets factor, the fragile sexual factor and the deterrent according to big Small sequence chooses the maximum confidence product in the assets factor, the fragile sexual factor and the deterrent as institute State the confidence level of assets factor, the fragile sexual factor and the deterrent;According to the assets factor, the fragility because The confidence level and weight coefficient of the plain and described deterrent obtain the confidence level of the risk factors.
In the embodiment of the present application, by the way of establishing network security risk evaluation model, pass through comprehensive consideration risk The assessed value and confidence level of factor have achieved the purpose that assess network security, to realize before the generation of network security accident Prediction, assessment network security risk technical effect, and then solve in the related technology Prevention-Security technology due to being sent out in event It takes action after life, the technical problem of the caused internet security difference of the unpredictable possible assault occurred.
Detailed description of the invention
The attached drawing constituted part of this application is used to provide further understanding of the present application, so that the application's is other Feature, objects and advantages become more apparent upon.The illustrative examples attached drawing and its explanation of the application is for explaining the application, not Constitute the improper restriction to the application.In the accompanying drawings:
Fig. 1 is a kind of flow diagram for network safety evaluation method that the application one embodiment provides;And
Fig. 2 is a kind of structural schematic diagram for network security assessment system that the application one embodiment provides.
Specific embodiment
In order to make those skilled in the art more fully understand application scheme, below in conjunction in the embodiment of the present application Attached drawing, the technical scheme in the embodiment of the application is clearly and completely described, it is clear that described embodiment is only The embodiment of the application a part, instead of all the embodiments.Based on the embodiment in the application, ordinary skill people Member's every other embodiment obtained without making creative work, all should belong to the model of the application protection It encloses.
It should be noted that in the absence of conflict, the features in the embodiments and the embodiments of the present application can phase Mutually combination.The application is described in detail below with reference to the accompanying drawings and in conjunction with the embodiments.
According to embodiments of the present invention, a kind of network safety evaluation method is provided, as shown in Figure 1, this method includes as follows Step S1 to step S5:
S1. network security risk factor is obtained, wherein the risk factors include assets factor, fragile sexual factor and prestige Side of body factor;
S2. Evaluation Model of Computer Network Security is established according to the risk factors according to the first preset rules, comprising: obtain respectively Target thing caused by the sub- factor and the sub- factor of the assets factor, the fragile sexual factor and the deterrent Part;
Specifically, the data assets and physical asset that assets factor refers mainly to system are due to accidental operation or natural calamity Caused destruction, and assets are more important, influence degree is bigger.Wherein, data assets refer to being stored on information media Various data informations and provided calculating service, as program source code, application software, systems technology document, detection report Accuse and invade log monitoring etc.;Physical asset includes the network equipment, computer equipment, stores equipment and safety guarantee equipment etc., Such as router, vpn gateway, interchanger, desktop computer, server, portable computer, mobile hard disk, printer and hardware Firewall etc.;Fragile sexual factor, which refers mainly to defect present in system, can increase a possibility that system is attacked, and assets Fragility severity is higher, bigger using caused harm by threatening.The fragility of network system can be divided into technology Fragility and management two class of fragility: technology fragility includes the existing design fragility of system software and realizes fragility Deng;Managing fragility includes the fragility of system relevant operation and the fragility of software configuration etc.;Deterrent refer mainly to by In unauthorized operation to the influence degree of the security attributes such as the confidentiality, integrality and availability of network system assets.Here Threat source mostly come from malicious persons, and malicious persons refer to internal staff to network system carry out malicious sabotage or Person external staff attacks system using the fragility of network system, to obtain its interests.
The confidence level that the confidence level and the object event for obtaining the sub- factor respectively occur;Specifically, rule of thumb Or one section of period observed value judges that the desired value of the credibility of a things or phenomenon is known as confidence level, using confidence level etc. The confidence level that the confidence level and event of grade description factor occur, different confidence levels correspond to different confidence scores.
The weight coefficient of the assets factor, the fragile sexual factor and the deterrent is obtained respectively.Specifically, by It is different in influence degree of each evaluation index to final assessment result, so according to the significance level of each risk factors One weight coefficient of different definition, the weight coefficient of each factor is calculated using analytic hierarchy process (AHP).
S3. the assessed value of the risk factors is obtained using the Evaluation Model of Computer Network Security;Specifically, for example, for Every sub- factor, firstly evaluates its risk class, estimates the number that each risk occurs, then by risk class and the generation wind The number power of the confidence level of danger is multiplied to obtain the assessed value of each sub- factor, finally by the assessed value of each sub- factor multiplied by respective The assessed value for obtaining assets factor, fragile sexual factor and deterrent respectively is added after corresponding weight coefficient.
S4. the confidence level of the risk factors is obtained according to the second preset rules, comprising: respectively by the assets factor, The confidence level phase that the confidence level of the sub- factor of the fragility sexual factor and the deterrent occurs with the object event Multiply and obtains confidence level product;
Each confidence level product of the assets factor, the fragile sexual factor and the deterrent is pressed respectively It sorts according to size, the maximum confidence product chosen in the assets factor, the fragile sexual factor and the deterrent is made For the assets factor, the confidence level of the fragile sexual factor and the deterrent;
Institute is obtained according to the confidence level and weight coefficient of the assets factor, the fragile sexual factor and the deterrent State the confidence level of risk factors.
S5. network security assessment value is obtained according to the confidence level of the assessed value of the risk factors and the risk factors, Wherein, the network security assessment value is multiplied to obtain by the assessed value of the risk factors with the confidence level of the risk factors.
It can be seen from the above description that the present invention realizes following technical effect:
In the embodiment of the present application, each by comprehensive consideration by the way of establishing network security risk evaluation model Risk class, assessed value and the confidence level of sub- risk factors, and according to estimating risk frequency, sub- factor confidence level, event The factors such as confidence level occur to risk factors comprehensive consideration, have achieved the purpose that effective assessment network security, to realize Network security accident is predicted before occurring, assesses the technical effect of network security risk, and then it is anti-to solve safety in the related technology Imperial technology due to taking action after an event occurs, the caused network security of the unpredictable possible assault occurred Property difference technical problem.
It should be noted that the description and claims of this application and term " first " in above-mentioned attached drawing, " Two " etc. be to be used to distinguish similar objects, without being used to describe a particular order or precedence order.For example, the first default rule It is then only used for distinguishing the method for obtaining Evaluation Model of Computer Network Security and confidence level with the second preset rules, it should be appreciated that second is default It may be using the content in the first preset rules, so as to embodiments herein described herein in rule.In addition, term " packet Include " and " having " and their any deformation, it is intended that cover it is non-exclusive include, for example, containing a series of contents Evaluation Model of Computer Network Security those of be not necessarily limited to be clearly listed element, such as calculating formula, experience factor, but may include Other elements being not clearly listed or intrinsic for these models.
It should be noted that step shown in the flowchart of the accompanying drawings can be in such as a group of computer-executable instructions It is executed in computer system, although also, logical order is shown in flow charts, and it in some cases, can be with not The sequence being same as herein executes shown or described step.
According to embodiments of the present invention, a kind of network security for implementing above-mentioned network safety evaluation method is additionally provided to comment System is estimated, as shown in Fig. 2, the system includes: that assessment modeling unit, the first computing unit, the second computing unit and third calculate Unit, in which:
The assessment modeling unit, for obtaining network security risk factor, wherein the risk factors include assets because Element, fragile sexual factor and deterrent;
The assessment modeling unit is also used to establish network security according to the risk factors according to the first preset rules and comment Estimate model;
The assessment modeling unit is also used to obtain the assets factor, the fragile sexual factor and the threat respectively Object event caused by the sub- factor of factor and the sub- factor obtains the confidence level and the target of the sub- factor respectively The confidence level that event occurs;
Specifically, the data assets and physical asset that assets factor refers mainly to system are due to accidental operation or natural calamity Caused destruction, and assets are more important, influence degree is bigger.Wherein, data assets refer to being stored on information media Various data informations and provided calculating service, as program source code, application software, systems technology document, detection report Accuse and invade log monitoring etc.;Physical asset includes the network equipment, computer equipment, stores equipment and safety guarantee equipment etc., Such as router, vpn gateway, interchanger, desktop computer, server, portable computer, mobile hard disk, printer and hardware Firewall etc.;Fragile sexual factor, which refers mainly to defect present in system, can increase a possibility that system is attacked, and assets Fragility severity is higher, bigger using caused harm by threatening.The fragility of network system can be divided into technology Fragility and management two class of fragility: technology fragility includes the existing design fragility of system software and realizes fragility Deng;Managing fragility includes the fragility of system relevant operation and the fragility of software configuration etc.;Deterrent refer mainly to by In unauthorized operation to the influence degree of the security attributes such as the confidentiality, integrality and availability of network system assets.Here Threat source mostly come from malicious persons, and malicious persons refer to internal staff to network system carry out malicious sabotage or Person external staff attacks system using the fragility of network system, to obtain its interests.
Specifically, rule of thumb or one section of period observed value judges that the desired value of the credibility of a things or phenomenon claims For confidence level, the confidence level of factor and the confidence level of event generation, different confidence levels are described using confidence level Corresponding different confidence score.
The assessment modeling unit is also used to obtain the assets factor, the fragile sexual factor and the threat respectively The weight coefficient of factor.Specifically, since influence degree of each evaluation index to final assessment result is different, so root According to one weight coefficient of different definition of the significance level of each risk factors, each factor is calculated using analytic hierarchy process (AHP) Weight coefficient.
First computing unit, for obtaining the assessment of the risk factors using the Evaluation Model of Computer Network Security Value;Specifically, for example, firstly evaluating its risk class for every sub- factor, the number that each risk occurs is estimated, then Risk class is multiplied to obtain the assessed value of each sub- factor with the number power for the confidence level that the risk occurs, finally by each height The assessed value of factor is multiplied by being added the assets factor that obtains respectively, fragile sexual factor and deterrent after respective weight coefficient Assessed value.
Second computing unit, for obtaining the confidence level of the risk factors according to the second preset rules, comprising: point Not by the confidence level and the target thing of the sub- factor of the assets factor, the fragile sexual factor and the deterrent The confidence level that part occurs, which is multiplied, obtains confidence level product;Respectively by the assets factor, the fragile sexual factor and the threat Each confidence level product of factor in magnitude order, chooses the assets factor, the fragile sexual factor and the prestige Maximum confidence product in side of body factor is as the credible of the assets factor, the fragile sexual factor and the deterrent Degree;The wind is obtained according to the confidence level and weight coefficient of the assets factor, the fragile sexual factor and the deterrent The confidence level of dangerous factor.
The third computing unit, for being obtained according to the assessed value of the risk factors and the confidence level of the risk factors Network security assessment value, wherein the network security assessment value by the risk factors assessed value and the risk factors Confidence level be multiplied to obtain.
Obviously, those skilled in the art should be understood that each module of the above invention or each step can be with general Computing device realize that they can be concentrated on a single computing device, or be distributed in multiple computing devices and formed Network on, optionally, they can be realized with the program code that computing device can perform, it is thus possible to which they are stored Be performed by computing device in the storage device, perhaps they are fabricated to each integrated circuit modules or by they In multiple modules or step be fabricated to single integrated circuit module to realize.In this way, the present invention is not limited to any specific Hardware and software combines.
The foregoing is merely preferred embodiment of the present application, are not intended to limit this application, for the skill of this field For art personnel, various changes and changes are possible in this application.Within the spirit and principles of this application, made any to repair Change, equivalent replacement, improvement etc., should be included within the scope of protection of this application.

Claims (10)

1. a kind of network safety evaluation method characterized by comprising
Obtain network security risk factor, wherein the risk factors include assets factor, fragile sexual factor and deterrent;
Evaluation Model of Computer Network Security is established according to the risk factors according to the first preset rules;
The assessed value of the risk factors is obtained using the Evaluation Model of Computer Network Security;
The confidence level of the risk factors is obtained according to the second preset rules;
Network security assessment value is obtained according to the confidence level of the assessed value of the risk factors and the risk factors, wherein institute Network security assessment value is stated to be multiplied to obtain with the confidence level of the risk factors by the assessed value of the risk factors.
2. the method according to claim 1, wherein it is described according to the first preset rules according to the risk factors Establish Evaluation Model of Computer Network Security, comprising:
The assets factor, the sub- factor of the fragile sexual factor and the deterrent and the sub- factor is obtained respectively to make At object event;
The confidence level that the confidence level and the object event for obtaining the sub- factor respectively occur.
3. according to the method described in claim 2, it is characterized in that, it is described according to the first preset rules according to the risk factors Establish Evaluation Model of Computer Network Security, further includes:
The weight coefficient of the assets factor, the fragile sexual factor and the deterrent is obtained respectively.
4. according to the method described in claim 3, it is characterized in that, described obtain the risk factors according to the second preset rules Confidence level, comprising:
Respectively by the confidence level of the sub- factor of the assets factor, the fragile sexual factor and the deterrent with it is described The confidence level that object event occurs, which is multiplied, obtains confidence level product;
The confidence level of the risk factors is obtained according to third preset rules.
5. according to the method described in claim 4, it is characterized in that, described obtain the risk factors according to third preset rules Confidence level, comprising:
Respectively by each confidence level product of the assets factor, the fragile sexual factor and the deterrent according to big Small sequence chooses the maximum confidence product in the assets factor, the fragile sexual factor and the deterrent as institute State the confidence level of assets factor, the fragile sexual factor and the deterrent;
The wind is obtained according to the confidence level and weight coefficient of the assets factor, the fragile sexual factor and the deterrent The confidence level of dangerous factor.
6. a kind of network security assessment system, which is characterized in that calculated including assessment modeling unit, the first computing unit, second Unit and third computing unit, in which:
The assessment modeling unit, for obtaining network security risk factor, wherein the risk factors include assets factor, Fragile sexual factor and deterrent;
The assessment modeling unit is also used to establish network security assessment mould according to the risk factors according to the first preset rules Type;
First computing unit, for obtaining the assessed value of the risk factors using the Evaluation Model of Computer Network Security;
Second computing unit, for obtaining the confidence level of the risk factors according to the second preset rules;
The third computing unit, for obtaining net according to the assessed value of the risk factors and the confidence level of the risk factors Network security evaluation value, wherein the network security assessment value by the risk factors assessed value and the risk factors can Reliability is multiplied to obtain.
7. system according to claim 6, which is characterized in that the assessment modeling unit is also used to obtain respectively described Object event caused by the sub- factor and the sub- factor of assets factor, the fragile sexual factor and the deterrent, point The confidence level that the confidence level and the object event for not obtaining the sub- factor occur.
8. system according to claim 7, which is characterized in that the assessment modeling unit is also used to obtain respectively described The weight coefficient of assets factor, the fragile sexual factor and the deterrent.
9. system according to claim 8, which is characterized in that second computing unit is also used to the money respectively What the confidence level of the sub- factor of production factor, the fragile sexual factor and the deterrent and the object event occurred can Reliability, which is multiplied, obtains confidence level product;
Second computing unit is also used to obtain the confidence level of the risk factors according to third preset rules.
10. system according to claim 6, which is characterized in that it is described according to third preset rules obtain the risk because The confidence level of element, comprising:
Respectively by each confidence level product of the assets factor, the fragile sexual factor and the deterrent according to big Small sequence chooses the maximum confidence product in the assets factor, the fragile sexual factor and the deterrent as institute State the confidence level of assets factor, the fragile sexual factor and the deterrent;
The wind is obtained according to the confidence level and weight coefficient of the assets factor, the fragile sexual factor and the deterrent The confidence level of dangerous factor.
CN201811229575.5A 2018-10-22 2018-10-22 Network safety evaluation method and system Pending CN109245944A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201811229575.5A CN109245944A (en) 2018-10-22 2018-10-22 Network safety evaluation method and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201811229575.5A CN109245944A (en) 2018-10-22 2018-10-22 Network safety evaluation method and system

Publications (1)

Publication Number Publication Date
CN109245944A true CN109245944A (en) 2019-01-18

Family

ID=65081161

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201811229575.5A Pending CN109245944A (en) 2018-10-22 2018-10-22 Network safety evaluation method and system

Country Status (1)

Country Link
CN (1) CN109245944A (en)

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110336806A (en) * 2019-06-27 2019-10-15 四川大学 A kind of covert communications detection method of combination session behavior and correspondence
CN110472839A (en) * 2019-07-25 2019-11-19 上海电力大学 Thermal power plant's control system Information Security Evaluation system based on SA-PSO-AHP
CN112351005A (en) * 2020-10-23 2021-02-09 杭州安恒信息技术股份有限公司 Internet of things communication method and device, readable storage medium and computer equipment
CN113408948A (en) * 2021-07-15 2021-09-17 恒安嘉新(北京)科技股份公司 Network asset management method, device, equipment and medium
CN114070650A (en) * 2022-01-11 2022-02-18 浙江国利网安科技有限公司 Network asset evaluation method and device, electronic equipment and readable storage medium
CN115643107A (en) * 2022-12-13 2023-01-24 北京源堡科技有限公司 Network security risk assessment method and device, computer equipment and storage medium

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101436967A (en) * 2008-12-23 2009-05-20 北京邮电大学 Method and system for evaluating network safety situation
CN103246762A (en) * 2013-04-10 2013-08-14 哈尔滨工程大学 Method of comprehensive evaluation for simulation credibility of electric propulsion system
US20180295148A1 (en) * 2017-04-06 2018-10-11 Fortinet, Inc. Predicting the risk associated with a network flow, such as one involving an iot device, and applying an appropriate level of security inspection based thereon

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101436967A (en) * 2008-12-23 2009-05-20 北京邮电大学 Method and system for evaluating network safety situation
CN103246762A (en) * 2013-04-10 2013-08-14 哈尔滨工程大学 Method of comprehensive evaluation for simulation credibility of electric propulsion system
US20180295148A1 (en) * 2017-04-06 2018-10-11 Fortinet, Inc. Predicting the risk associated with a network flow, such as one involving an iot device, and applying an appropriate level of security inspection based thereon

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
武志锋等: "军工网络安全模拟仿真***可信度研究", 《电子产品可靠性与环境试验》 *
高翔: "网络安全评估理论及其关键技术研究", 《中国博士学位论文全文数据库 信息科技辑》 *

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110336806A (en) * 2019-06-27 2019-10-15 四川大学 A kind of covert communications detection method of combination session behavior and correspondence
CN110472839A (en) * 2019-07-25 2019-11-19 上海电力大学 Thermal power plant's control system Information Security Evaluation system based on SA-PSO-AHP
CN112351005A (en) * 2020-10-23 2021-02-09 杭州安恒信息技术股份有限公司 Internet of things communication method and device, readable storage medium and computer equipment
CN112351005B (en) * 2020-10-23 2022-11-15 杭州安恒信息技术股份有限公司 Internet of things communication method and device, readable storage medium and computer equipment
CN113408948A (en) * 2021-07-15 2021-09-17 恒安嘉新(北京)科技股份公司 Network asset management method, device, equipment and medium
CN114070650A (en) * 2022-01-11 2022-02-18 浙江国利网安科技有限公司 Network asset evaluation method and device, electronic equipment and readable storage medium
CN114070650B (en) * 2022-01-11 2022-05-17 浙江国利网安科技有限公司 Network asset assessment method and device, electronic equipment and readable storage medium
CN115643107A (en) * 2022-12-13 2023-01-24 北京源堡科技有限公司 Network security risk assessment method and device, computer equipment and storage medium
CN115643107B (en) * 2022-12-13 2023-04-21 北京源堡科技有限公司 Network security risk assessment method, device, computer equipment and storage medium

Similar Documents

Publication Publication Date Title
US11886575B1 (en) Methods and systems for fraud containment
US11212299B2 (en) System and method for monitoring security attack chains
CN109245944A (en) Network safety evaluation method and system
US10491623B2 (en) Social network security monitoring
US10587640B2 (en) System and method for attribution of actors to indicators of threats to a computer system and prediction of future threat actions
US10708290B2 (en) System and method for prediction of future threat actions
Zahra et al. Detecting Covid-19 chaos driven phishing/malicious URL attacks by a fuzzy logic and data mining based intelligence system
Shaikh et al. A literature review on phishing crime, prevention review and investigation of gaps
US10289838B2 (en) Scoring for threat observables
US20140165195A1 (en) Method and system for thwarting insider attacks through informational network analysis
Cho et al. A method of monitoring and detecting APT attacks based on unknown domains
Gong et al. A reliability comparison method for OSINT validity analysis
CN110598404A (en) Security risk monitoring method, monitoring device, server and storage medium
Singh et al. Detecting malicious users in Twitter using classifiers
CA3081327A1 (en) Consumer threat intelligence service
Shah et al. Detect phishing website by fuzzy multi-criteria decision making
Wang et al. Privacy threat modeling framework for online social networks
Toapanta et al. Analysis of cyberattacks in public organizations in Latin America
CN117478433B (en) Network and information security dynamic early warning system
Wilson et al. The fight against phishing: Technology, the end user and legislation
Williams et al. Small business-a cyber resilience vulnerability
Alotaibi et al. Threats, crimes and issues of privacy of users’ information shared on online social networks
Motlhabi et al. Context-aware cyber threat intelligence exchange platform
Pandhurnekar et al. Proposed Method for Threat Detection Using User Behavior Analysis
Wei et al. Assessment of information security impacts on mobile social media

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20190118

RJ01 Rejection of invention patent application after publication