Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Network security situation evaluating method

A security posture and network security technology, applied in the field of network security, can solve problems such as single network security indicators, high requirements for administrator experience, and inaccurate quantitative algorithm results, etc., to achieve the effect of accurate security situation

Inactive Publication Date: 2010-10-20
INST OF SOFTWARE - CHINESE ACAD OF SCI
View PDF0 Cites 35 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] At present, there are mainly four types of methods for network security situation assessment: The first type is the visualization method. Allow administrators to have an intuitive understanding of the current network status, and use experience to judge whether the network is threatened by attacks, but the network security indicators reflected by this method are relatively single, and require a high level of experience for administrators
The second category is the method of data fusion based on the distributed sensors of the intrusion detection system, which evaluates the security situation of the computer network, and evaluates the security of the computer network through data fusion and data mining, but does not implement a specific prototype system
The fourth category is the hierarchical network security threat situation quantitative assessment method, which uses the intrusion detection system alarm information and network performance indicators, and combines the vulnerability information of the host to perform hierarchical security quantitative assessment on services, hosts, and networks to obtain intuitive security threats. situation map, but the selected situation assessment indicators are not comprehensive enough, and the quantitative algorithm results are not accurate enough

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Network security situation evaluating method
  • Network security situation evaluating method
  • Network security situation evaluating method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0028] The input of the invention is alarm information, vulnerability information, host performance information and service information, network component performance information, network topology information and host trust relationship. Input information can come from various devices in any network system, such as hosts, servers, intrusion detection systems, routers, firewalls, and so on. After the data streams on these devices are processed by corresponding preprocessing devices, the extracted information can be used as input information of the present invention. The above information is required to be complete and comprehensive, and the more complete the information, the more accurate the evaluation result. Through the layer-by-layer processing and analysis of the input information, the network security situation assessment results are finally obtained, which are displayed in the network security situation curve diagram.

[0029] The detailed procedure is given below.

[...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a network security situation evaluating method, and belongs to the technical field of network security. The method comprises the following steps of: 1) performing correlation analysis on input alarm information to obtain a host attack graph; 2) performing association analysis on the host attack graph according to input host vulnerability information to obtain a host expectation state graph; 3) calculating a host threat value by utilizing intrusive expectant threat and the host expectation state graph; 4) calculating a host comprehensive security situation by utilizing weight information of services provided by hosts and threat values of the hosts; 5) calculating a network component comprehensive security situation by utilizing network component performance information and weight values of network components; and 6) performing weighted calculation by utilizing the host comprehensive security situation and the network component comprehensive security situation to obtain a network security situation. The method can more accurately analyze the actual influence of attacks on the network hosts and the network components, analyzes threat caused by unknown attacks, and reflects the network security situation more accurately compared with the traditional method.

Description

technical field [0001] The invention belongs to the technical field of network security, and in particular relates to a network security situation assessment method. Background technique [0002] With the rapid development of computer technology and communication technology and the continuous increase of user needs, computer networks have been used more and more widely. The network has the characteristics of resource distribution and sharing, user decentralization and management distribution, and provides a basis for realizing large-scale parallel computing and information services. However, the current network is facing a severe situation of information security, and security issues have become a major obstacle restricting its development. The security situation assessment technology can reflect the dynamic security situation of the network as a whole, and predict and warn the development trend of the security situation. Therefore, the security situation assessment model a...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L12/26H04L12/24H04L29/06
Inventor 韦勇连一峰冯登国
Owner INST OF SOFTWARE - CHINESE ACAD OF SCI
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com