Network risk analysis method

A risk analysis and network technology, applied in the field of quantitative assessment technology for network risks, can solve the problems of being attacked, not considering security requirements, inaccurate assessment results, etc., to achieve the real effect of assessment results

Inactive Publication Date: 2008-04-16
哈尔滨英赛克信息技术有限公司
View PDF0 Cites 24 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] In a nutshell, the existing quantitative evaluation methods for network security generally have the following shortcomings: 1) Lack of analysis of the correlation between weaknesses
Due to the high interconnection of hosts in the network and the existence of penetrating attack methods, some hosts originally protected by firewalls also have the risk of being attacked. Existing quantitative

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Network risk analysis method
  • Network risk analysis method
  • Network risk analysis method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0032] The present invention is described in more detail below in conjunction with accompanying drawing example:

[0033] In order to realize the purpose of the present invention, the present invention provides a series of definitions at first:

[0034] Definition 1 (Attack Complexity). Attack complexity is a measure of how easy it is for an attacker to successfully exploit a weakness.

[0035] Definition 2 (Vulnerabilities). Vulnerabilities are represented by the following quintuples (IP, VID, W, E, P). Among them, IP is the name of the host where the vulnerability is located; VID is the number of the vulnerability in the Bugtraq vulnerability database; the degree of impact of the vulnerability on the security of the host is a triplet W=(W C , W I , W A ), W C , W I and W A are respectively the impact coefficients of the vulnerability on the confidentiality, integrity and service availability of the host; E is the attack complexity of the vulnerability; P is used to sto...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides an analysis method of network risks. Firstly, informations, such as topology, weaknesses, services, etc., are collected in order to structure a network attack map; secondly, according to the network attack map, the probability that each weakness is successfully utilized by attackers is calculated; thirdly, the probability of the successful utilization of each weakness is combined with the influence of the weaknesses affecting the services and data of hosts in order to calculate the risks of each weakness affecting the availability, security and integrality of the hosts; fourthly, considering the security requirement of each host, the comprehensive risk of each host is calculated; fifthly, according to the comprehensive risk of each host, the comprehensive risk of a network is calculated. The invention has the advantages of that the influence of the association among weaknesses, which affects the security of hosts and networks, is sufficiently considered and that the quantitative evaluation of the risk states of hosts is carried out according to security requirements, so that the results of evaluation are more real and reliable.

Description

(1) Technical field [0001] The invention relates to a network security evaluation technology, in particular to a quantitative evaluation technology for network risk. (2) Background technology [0002] The scale of the network is gradually expanding, the structure is becoming more and more complex, especially the continuous emergence of various new attack methods aimed at system weaknesses, which makes the risks faced by the network increasingly serious. In order to ensure the normal operation of the network, it is necessary for managers to conduct security assessments on the network, actively discover potential system security risks, and formulate effective security measures based on this. [0003] According to the data source, network security assessment methods can be divided into: 1) Dynamic assessment, which evaluates the security of the network according to the frequency of attack events and the threats they pose to the system. Most of these methods are quantitative an...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L9/00H04L12/26
Inventor 杨武苘大鹏
Owner 哈尔滨英赛克信息技术有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap