Establishing method and multiplexing method for multiplex attack mode in software security development

A technology for software security and establishment methods, applied in computer security devices, instruments, electrical digital data processing, etc., to achieve the effects of improving efficiency and accuracy, improving software security evaluation and testing efficiency, and improving efficiency

Inactive Publication Date: 2012-12-05
TIANJIN UNIV
View PDF1 Cites 7 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, based on structural and semi-structured descriptions of attack modes, better detection of software system sec

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Establishing method and multiplexing method for multiplex attack mode in software security development
  • Establishing method and multiplexing method for multiplex attack mode in software security development
  • Establishing method and multiplexing method for multiplex attack mode in software security development

Examples

Experimental program
Comparison scheme
Effect test

example

[0025] Instantiation: This step instantiates the abstract attack methods and their corresponding mitigation solutions, and applies them to the threat modeling process for specific systems to complete the reuse of attack patterns.

[0026] When applying the attack pattern to the threat modeling process for a specific system, it is necessary to perform the matching, modification and instantiation steps of the attack pattern reuse technology. The overall process is as follows: figure 1 shown. First, match the attack pattern number, this step is optional; then, match the description information, preconditions and postconditions of the attack pattern; if the above conditions are met, then further judge the method of applying the attack pattern ; If the functional model of the system contains the same system function targeted by the attack pattern, the method of applying the attack pattern of the first type - the method of directly applying the attack pattern is adopted; if the func...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses an establishing method and a multiplexing method for a multiplex attack mode in software security development, wherein the establishing method comprises four key steps: abstraction, matching, modification and instantiation. The multiplexing method comprises the following steps: the descriptive information, the precondition and the post condition of the attack mode are matched; a method applying the attack mode is further judged if the conditions are met; the first class of method applying the attack mode--a multiplexing method directly applying the attack mode is adopted if the function model of a system contains the identical system function for the attack mode; and a second class of method applying the attack mode--a multiplexing method applying the modified attack mode is adopted if the function model of the system contains a similar system function for the attack mode. Compared with the prior art, the multiplexing method of the attack mode improves the efficiency and the accuracy of modeling threatening, so that the software security evaluation and test efficiency of threatening model drive is improved, and the security of a software system is enhanced.

Description

technical field [0001] The invention relates to the technical field of software security, in particular to a method for developing security software based on a unified threat model. Background technique [0002] With the rapid development of the Internet and various Internet-based computer applications, people are more and more dependent on software as the carrier of these applications, and their attention to software security is also increasing. However, the state of software security is not satisfactory. Software is often attacked, resulting in endless computer security incidents, resulting in serious economic losses and loss of reputation. Therefore, how to ensure its security during software development and improve the efficiency of software security evaluation and testing is of great significance to the development of trusted software. [0003] In the process of software security research, many experts have given the paradigm of software security development, and ther...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F21/00
Inventor 李晓红闫璐何可冯志勇许光全胡静
Owner TIANJIN UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap