Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Network risk assessment method based on combination of Bayesian algorithm and matrix method

A Bayesian algorithm and risk assessment technology, applied in the field of network security assessment, can solve problems such as lack of, lack of overall consideration of network node relevance, lack of consideration of risk time occurrence probability, etc., to improve accuracy and improve practical guidance meaning effect

Inactive Publication Date: 2013-05-08
706 INST SECOND RES INST OF CHINAAEROSPACE SCI & IND
View PDF0 Cites 16 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, there are still the following deficiencies in the implementation of this specification: 1. In the specification, the collection of threats and vulnerabilities mainly considers the vulnerability of a single device in the network to be
[0005] Threats are exploited to form risk events; but there is a lack of overall consideration of the relevance of network nodes;
[0006]2. The algorithm in the specification is mainly based on qualitative analysis and manual judgment, lacks quantitative and accurate formula calculation, and lacks consideration of the probability of occurrence of risk time

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Network risk assessment method based on combination of Bayesian algorithm and matrix method
  • Network risk assessment method based on combination of Bayesian algorithm and matrix method
  • Network risk assessment method based on combination of Bayesian algorithm and matrix method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0025] Step 1: Use the topology auto-discovery tool to use the SNMP protocol to automatically detect network devices and build a network topology. Collect the basic information of the network devices, and use the matrix algorithm or the geometric mean algorithm to evaluate the confidentiality, integrity, and availability of the collected devices equipment value.

[0026] Step 2: Build a threat knowledge base. Methods A threat questionnaire was established automatically based on the knowledge base to collect network threats and the frequency of threats.

[0027] Step 3: Build a vulnerability knowledge base. Vulnerabilities are mainly divided into technical vulnerabilities and management vulnerabilities. Technical vulnerabilities are mainly automatically discovered and identified through vulnerability scanning tools. The vulnerability of the management category is automatically established through the knowledge base to collect the vulnerability through the vulnerability quest...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

Provided is a network risk assessment method based on the combination of a Bayesian algorithm and a matrix method. The network risk assessment method based on the combination of the Bayesian algorithm and the matrix method comprises the steps of researching network assets and assessing asset value, researching and collecting network threats, scanning system bugs and collecting system vulnerability, assessing occurrence frequency of threats, assessing severity of the vulnerability, combining the Bayesian conditional probability computational formula with the matrix algorithm, thus a factor for judging the severity of risk events is added, namely the probability of occurrence of the risk events brought by internal node relevance, the precision of assessment results of the risk assessment method is improved. When the network risk assessment method based on the combination of the Bayesian algorithm and the matrix method are used for analyzing risks in the network, the relevance of network nodes are taken into consideration, an adjacent deceive of the device is used, and then the conditional probability of risk events caused by attacks on the device serves as a factor of weighing for calculating the severity of the device risk, thus precision of analysis result is improved, and the actual guiding significance of method assessment results to network security protection is promoted.

Description

technical field [0001] The invention belongs to the field of network security assessment, and is a method for network risk assessment based on Bayesian algorithm and matrix method combined with network node correlation. Background technique [0002] With the rapid development of computer networks, network security has gradually become the focus of attention. In terms of testing and evaluation models, the most widely used in foreign research is the risk assessment model, mainly including the ALE risk assessment model issued by the US Bureau of Standards and the OCTAVE-related risk assessment model. The model elements of these risk assessment models basically adopt information assets, security threats, vulnerabilities, and security control measures. Using the above factors to describe information methods, various risk assessment models use different factor combinations and calculation methods. In addition to risk assessment models, there are also assessment models developed f...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L12/24H04L29/06G06F21/57
Inventor 于石林王泽玉王晓程王斌海然
Owner 706 INST SECOND RES INST OF CHINAAEROSPACE SCI & IND
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com