Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

A method for automatic real-time judging of IT system security situation

A technology of an IT system and a determination method, applied in the field of network information system security, can solve the problems of inability to ensure the predictable threat control of system vulnerability security management, inability to reflect the security threat status of the IT system in real time, and inability to automatically determine the security situation of vulnerabilities in real time, etc. Achieve the effect of improving timeliness and targeting, shortening window time, and reducing system security risks

Active Publication Date: 2016-01-27
INST OF SOFTWARE - CHINESE ACAD OF SCI +1
View PDF3 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

At present, IT system administrators are in a passive state of vulnerability security situation awareness, relying on manual collection of security vulnerability information and analysis of system security status, which makes managers lack initiative, timeliness, and overall awareness of IT system vulnerability security situation. Can only respond to security incidents passively, and cannot ensure that system vulnerability security management achieves predictable threat control
[0003] 针对上述问题,文献:Ascalableapproachtoattackgraphgeneration.XinmingOu,WayneF.Boyer,andMilesA.McQueen.In13thACMConferenceonComputerandCommunicationsSecurity(CCS2006),Alexandria,VA,U.S.A.,October2006.;MulVAL:Alogic-basednetworksecurityanalyzer.XinmingOu,SudhakarGovindavajhala,andAndrewW.Appel.In14thUSENIXSecuritySymposium,Baltimore, Maryland,U.S.A.,August2005;JohnWilliams,PramodKalapa,StevenNoel,″TopologicalVulnerabilityAnalysis--AutomaticallyPredictingPossiblePathsofCyberAttack,″10thAnnualAirForceIntelligence,Surveillance,andReconnaissance(ISR)AgencyCommunicationsandInformationConference,SanAntonio,Texas,November2010.试图使用攻击图方法来分析IT系统的安全状态,但是因为 The vulnerability information of the IT system evolves dynamically, and the known attack graph cannot reflect the security threat status of the IT system in real time. At the same time, this method does not consider the impact of threat correlation
Therefore, it is impossible to automatically determine the security situation of IT system vulnerabilities in real time

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A method for automatic real-time judging of IT system security situation
  • A method for automatic real-time judging of IT system security situation
  • A method for automatic real-time judging of IT system security situation

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0045] The method for system security situation analysis proposed by the present invention comprises the following steps:

[0046] 1) Establish a database identifying IT system characteristics and environments. The system characteristic information mainly includes OS system name and version number, database system name and version number, application system name and version number. These feature information can be collected automatically or manually through network management software.

[0047] 2) Establish a threat information source website library. The website library is the status library of the IT system software version. Select a number of current mainstream security websites and add them to the website library as the source of information capture.

[0048] 3) Implement a program for automatically extracting web pages, which automatically downloads web pages from the threat information source website database, mines security situation vulnerability data, extrac...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a method for automatically judging the security situation of an IT (information technology) system in real time, and belongs to the technical field of network information. The method includes the steps: 1) automatically acquiring security flaw situation data of the IT system to generate a flaw threat database; 2) extracting flaws of nodes and pre-conditions and post-conditions used by flaw threat from the flaw threat database and generating an internal association diagram of each node; 3) building a knowledge base describing the threat influence relation among the nodes according to association of the nodes and setting a relation predicate set and a threat predicate calculus set for each node; and 4) determining a node set M with the threat influence relation with each node X according to the knowledge base, calculating the node X and each node Y in the set M according to the predicate calculus set, and judging the threat relation between the node X and the node Y. By the method, sensing of the security situation of the system is greatly accelerated, and the security risk of the system is reduced.

Description

technical field [0001] The invention relates to a method for judging a security situation of a network information system (IT system), in particular to an automatic real-time judging method for a security situation of an IT system, belonging to the technical field of network information system security. Background technique [0002] IT system vulnerability security situation awareness / judgment can be understood as knowing the distribution of vulnerabilities and deducing the impact of exploiting vulnerabilities by mastering IT system configuration information, as well as the potential security threat pathways and security threat evolution of IT systems. At present, IT system administrators are in a passive state of vulnerability security situation awareness, relying on manual collection of security vulnerability information and analysis of system security status, which makes managers lack initiative, timeliness, and overall awareness of IT system vulnerability security situati...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L12/24H04L29/06
Inventor 蒋建春丁丽萍蔡志强贺喜金波
Owner INST OF SOFTWARE - CHINESE ACAD OF SCI
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com