Risk evaluation method and system based on security dependence relation

A dependency and risk assessment technology, applied in the field of security risk assessment of computer network information systems, can solve security threats, ignore risk propagation, spread to other hosts or even the entire network, and achieve accurate risk assessment

Inactive Publication Date: 2009-09-09
BEIJING VENUS INFORMATION TECH
View PDF0 Cites 14 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

But this method often ignores the fact that the risk is disseminated: due to the high interconnection of computers, the risk caused by the victim computer may spread to other hosts or even the entire network, so that those computers that are not directly at risk, due to the victim computer. Risk propagation, and security threats

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Risk evaluation method and system based on security dependence relation
  • Risk evaluation method and system based on security dependence relation
  • Risk evaluation method and system based on security dependence relation

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0019] This embodiment is a risk assessment method based on security dependencies, the hardware used by the method includes: the Internet, and the steps of the method are as follows:

[0020] Step 1: According to the elements of access or service type, determine the risk probability of connection events between dependent nodes. Establish a dependency network between nodes and evaluate the probability of each connection event. If node X i and x j There is a security dependency between Then establish the risk probability of its connection event with express.

[0021] Step 2: Establish a security dependency tree rooted at the evaluated node;

[0022] Step 3: Calculate the risk probability of the evaluated node;

[0023] Step 4: Multiply the risk probability of the evaluated node by the importance of the evaluated node to obtain the risk of the evaluated node. It can be expressed with a simple formula: R=V×P to calculate its risk. Where R represents the risk of the evalu...

Embodiment 2

[0041] This embodiment is the preferred solution of Embodiment 1, which is a refinement of the step of establishing a security dependency tree rooted at the evaluated node in Embodiment 1, and the step of establishing a security dependency tree rooted at the evaluated node Substeps include:

[0042] (1). Take the target node to be evaluated as the starting root node of the security dependency tree, and add it to the security dependency tree;

[0043] (2). For each newly added node of the security dependency tree, add all its directly dependent nodes as its direct child nodes to the security dependency tree;

[0044] (3). If the newly-added node in the substep (2) is already the root node of a certain subtree that includes the node, then delete the branch of the root node that includes the newly-added node;

[0045] (4). Repeat steps (2) to (3) above until the dependency tree no longer grows, and finally form a safe dependency tree without loops.

Embodiment 3

[0047] This embodiment is a preferred solution of Embodiment 1. In Embodiment 1, the step of calculating the risk probability of the evaluated node is refined, and the sub-steps include:

[0048] (1). Take the node to be evaluated as the starting root node, stratify according to the distance between each node and the starting root node, and according to the formula

[0049] P ( Y ) = P ( U i = 1 n X i E X i , Y ) = 1 - Π i = 1 n ( 1 ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to a method and a system for risk evaluation based on security dependence relation, in particular to a method and a system which are applied to network security of the computer. The hardware used in the method comprises an internet; the method comprises the following steps: the risk probability of a connection event between dependency nodes is determined according to all the factors of the visit or service type; a security dependence tree is established by taking evaluated nodes as the root; the risk probability of the evaluated node is calculated; the calculated risk probability of the evaluated nodes is multiplied with the degree of significance of the evaluated nodes to obtain the risk of the evaluated nodes; and the invention establishes the security dependence relation between the evaluated nodes and other nodes by establishing the security dependence tree taking the evaluated nodes as the root and introduces a risk propagation mechanism into the risk evaluation. The invention not only considers the direct risk, but also considers the indirect risk caused by the dependence relation, therefore, the risk evaluation is more accurate and more objective.

Description

technical field [0001] The present invention relates to a risk assessment method and system based on security dependencies. The present invention relates to the field of information security, and is a method and system for security risk assessment applied to computer network information systems. Background technique [0002] The risk assessment methods of computer network can be divided into manual assessment and automatic assessment. Manual assessment is usually carried out in the form of questionnaires, relying on expert experience. Although the assessment is relatively comprehensive, it is easy to introduce subjective factors, and the complex assessment process leads to huge costs for users; automatic assessment usually adopts the method of automatically identifying weaknesses or attacks Evaluation of the target network is favored by users because of its automation, efficiency and ease of management. At present, there are many related research works on automatic assessme...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L12/24
Inventor 胡振宇叶润国骆拥政李博朱钱杭
Owner BEIJING VENUS INFORMATION TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap