Software security evaluation system, user capability and confidence level evaluation system and method

Abstract

A software safety evaluation system, a user ability and trust degree evaluation system and a method are disclosed. The collaborative software safety evaluation system comprises: a plurality of software safety evaluation modules arranged on the client are used for extracting the safety information of arranged or being-arranged software; the user ability and trust degree evaluation module arranged on the side of the server is used for evaluating the ability and trust degree index of each user according to the safety information sent by the client of each user; and a software safety evaluation module used for determining the safety of the software of the client according to the ability and trust degree index evaluated by the user ability and trust degree evaluation module. Due to introducing the user ability and trust degree determination, the precision and evaluation processing efficiency of the collaborative software safety evaluation system is further improved. Due to establishing the user ability and trust degree determining system, the precision and processing efficiency of the mass-participating-in patterned software safety evaluation is improved.

Description

technical field [0001] The invention relates to software security, in particular to a system and method for assessing user capability and trust, which can improve the accuracy and speed of collaborative software security assessment. Background technique [0002] The basic steps of a traditional software security company’s solution to malicious and rogue software include: a limited number of security detection servers or software analysis experts continuously search, analyze and sort out possible The detection server submits malware report information); through pattern extraction and mass testing, security assessment conclusions are given for different software. [0003] For identified malicious software, add its pattern features (Pattern Features) or software fingerprint (Fingerprint) to the company's security software upgrade package, and remind users to protect against new or variant malicious and rogue software; users update software upgrades After the package is complet...

AI Technical Summary

Problems solved by technology

[0005] With the rapid development of the Internet, the development of new and variant malicious and rogue software is getting faster and faster. The above-mentioned traditional software security companies use machines or expert systems for automatic or manual identification. Security requirements, this is because: (1) the response speed to new or variant malicious and rogue software is low (the average response period is about one month); (2) the introduction of simple user reporting mechanism has great limitations: The huge number of reports submitted by users leads to low processing efficiency of the server, the different levels of user capabilities and the existence of malicious users lead to extremely low accuracy of reports submitted by users; (3) the maintenance and use of machine recognition systems and expert recognition systems is huge, However, its ability to identify malicious and rogue software is severely limited by the ability, quantity, and level of the expert system; (4) the machine identification system is only effective for the analysis of target objects (such as computer viruses) with binary code characteristics, but for The ability to identify highly artificial targets (such as malicious or rogue software, spam) is relatively weak

[0006] It can be seen that although the public collaborative evaluation model is adopted by some software security evaluation systems, the public users have not fully participated in the entire chain of the evaluation system. Users only submit their own evaluation results, and the background is still completely dependent on complex expert systems. Detailed analysis

In addition, the large number of reports submitted by users leads to low processing efficiency of the server, and the different levels of user capabilities and the existence of malicious users lead to extremely low accuracy of reports submitted by users

Images