Intrusion process layering online risk assessment method

A risk assessment and hierarchical technology, applied in the direction of digital transmission systems, electrical components, transmission systems, etc., to achieve the effects of increasing adaptability, increasing tolerance, and reducing the risk of false alarms causing false responses

Inactive Publication Date: 2012-03-28
穆成坡
View PDF1 Cites 12 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Most of the risk assessment models and methods proposed by researchers are offline, focusing on system vulnerabili...

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Intrusion process layering online risk assessment method
  • Intrusion process layering online risk assessment method
  • Intrusion process layering online risk assessment method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0023] The present invention will be further described below in conjunction with accompanying drawing and specific examples:

[0024] The protected network system is composed of various hosts, on which the operating system and various application network service programs are running: the first level of risk assessment is carried out at the application service level of each host; the second level is at the level of each host above; finally, at the network level, forming such figure 1 The risk assessment tree shown.

[0025] Definition 1. The risk index RI (risk index) is the degree of danger caused by the intrusion process to a specific target.

[0026] Definition 2. Target risk distribution (risk distribution). Risk distribution refers to the distribution of high, medium and low risk ranges that the target system can tolerate.

[0027] Step A: Risk assessment at the service level

[0028] Suppose there are m hosts H on the protected network i (i=1, 2,..., m), each operatin...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses an intrusion process layering online risk assessment system and a method, which are used for assessing the risk condition produced on three layers of the service, the host and the network of an occurrent intrusion process in real time. In the invention, on the layer of the service, an evidence theory is used for fusing multi vectors in an alarm thread to compute a risk index, wherein the vectors can response risk change conditions, the objective condition of intrusion risks is reflected by the risk index, and simultaneously, with target risk distribution reflected by subjective safety awareness, the risk condition of a target is comprehensively assessed; on the layer of the host, a risk assessment method based on a cask principle is provided; and on the layer of the network, a safety dependence network concept is provided, and an improved risk spreading algorithm is utilized so as to complete the risk assessment of the layer of the network. According to the invention, the alarm processes of alarm verification, aggregation and correlation as well as alarm confidence learning are closely combined with the risk assessment, so that the subjectivity, the fuzziness, the uncertainty and other problems in the risk assessment are better processed.

Description

technical field [0001] The present invention relates to an online risk assessment method for an intrusion process, especially a method for assessing the risk of an intrusion process by using the analytic hierarchy process, especially using the alarm calculation risk of various security devices collected in real time on the security management platform. The service layer, the host layer, and the network layer carry out risk assessment on the intrusion process, which belongs to the field of computer information security. Background technique [0002] As an important means of network defense, IDS (intrusion detection system) can identify intruders and intrusion behaviors, detect and monitor successful intrusions, and respond to intrusions. However, the existing IDSs generally have the problems of high false alarm rate, false negative rate, and a large number of repeated alarms. Most of the attacks detected by IDS are single attack actions during the intrusion process, and the d...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L12/24H04L29/06
Inventor 穆成坡
Owner 穆成坡
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap