Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Network security evaluation device based on attack graph adjacent matrix

A technology of network security assessment and adjacency matrix, which is applied to electrical components, transmission systems, etc., can solve the problems of not being able to identify key hosts on critical paths, not being able to generate attacking network nodes, etc., and achieve easy viewing, fast calculation speed, and strong real-time performance Effect

Active Publication Date: 2013-10-23
UNIV OF ELECTRONICS SCI & TECH OF CHINA
View PDF8 Cites 46 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0015] This patent uses each node to store the top K attack paths with the highest cumulative probability, mainly to solve the problem in the network security assessment algorithm based on the access level vector: only the path with the highest probability of generating an attack on each node of the network can be identified but cannot generate an attack The top K attack paths with the highest probability of network nodes
The patent does not identify important information such as critical paths and critical hosts

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Network security evaluation device based on attack graph adjacent matrix
  • Network security evaluation device based on attack graph adjacent matrix
  • Network security evaluation device based on attack graph adjacent matrix

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0065] Embodiment of information collection device

[0066] The connection mode of each host in the network can be obtained from the network topology diagram. Usually, a network is divided into several different areas separated by firewalls or routers, and the hosts in each area are interconnected. If you do not know the network topology map, use various routing search algorithms and related protocols including: DNS, ICMP, SNMP, RIP, OSPF, operating system and architecture-related protocols to obtain the routing information of each device in the entire network, and then use The obtained information automatically generates the required topology diagram. Use scanning tools or network management software to obtain network device and host configuration information. Since the host needs to provide services and must open its own port, there is a possibility of being attacked remotely. At the same time, the host itself is also vulnerable. Therefore, it is necessary to obtain the vu...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a network security evaluation device based on an attack graph adjacent matrix. The network security evaluation device comprises an information collection device, an atom attack graph generation device, a matrix calculation device, a network safety analyzing device and a result appearing device, wherein the information collection device is used for collecting all information in a network; the atom attack graph generation device is used for generating an initial atom attack graph between a main engine pair needed for carrying out subsequent analysis on network safety; the matrix calculation device is used for converting the generated atom attack graph into the corresponding adjacent matrix and is also used for calculating a corresponding iteration matrix of the adjacent matrix through setting iteration times; the network safety analyzing device is used for obtaining information including a key main engine, a key path and the like on the basis of the finally-generated iteration matrix; the result appearing device is used for visually appearing the found key main engine and key path and a network vulnerability index. The network security evaluation device disclosed by the invention is high in efficiency and is suitable for large-scale and high-speed networks. The network security evaluation device can improve the instantaneity of evaluating a target network. The evaluation accuracy rate is high, and the key path and the key main engine can be accurately recognized. The visualization degree is high so that the network security evaluation device is convenient for a manager to check, analyze and maintain.

Description

technical field [0001] A network security assessment device based on an attack graph adjacency matrix proposed by the invention belongs to the technical field of computer network security. Background technique [0002] With the promotion of informatization, the number of Internet users in our country continues to rise. According to the 31st Statistical Report on Internet Development in China released by China Internet Network Information Center (CNNIC) in January 2013, by the end of December 2012, my country had 564 million Internet users, an increase compared with the statistics at the end of June 2012. 26 million people; the Internet penetration rate has reached 42.1%, an increase of 3.8 percentage points compared with the end of 2011. Industrialization and network technology are constantly updated and improved. Computer networks have penetrated into all aspects of our work, life and study, bringing great convenience to our daily life. For example, we can use the Internet ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
Inventor 张小松牛伟纳陈瑞东王东张建松李建彬
Owner UNIV OF ELECTRONICS SCI & TECH OF CHINA
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com