An information security early warning method and device
What is Al technical title?
Al technical title is built by PatSnap Al team. It summarizes the technical point description of the patent document.
An information security and information network technology, applied in the field of information security early warning methods and devices, can solve problems such as inability to perform accurate early warning
Active Publication Date: 2019-02-26
CHINA MOBILE GROUP DESIGN INST
View PDF4 Cites 0 Cited by
Summary
Abstract
Description
Claims
Application Information
AI Technical Summary
This helps you quickly interpret patents by identifying the three key elements:
Problems solved by technology
Method used
Benefits of technology
Problems solved by technology
[0010] The embodiment of the present invention provides an information security early warning method and device to solve the problem in the prior art that accurate early warning operations cannot be performed
Method used
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more
Image
Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
Click on the blue label to locate the original text in one second.
Reading with bidirectional positioning of images and text.
Smart Image
Examples
Experimental program
Comparison scheme
Effect test
Embodiment 1
[0054] It should be noted that, in this method, a meta-model can be established in advance, and the meta-model is set with an information asset type attribute, which corresponds to at least the following asset types: operating system, middleware (carrier server), database, application. Wherein, the operating system may include a windows operating system, a Linux operating system, etc.; the application may include system applications, various third-party applications, and the like.
[0055] When conducting information security assessment for any information network system, according to the types of information assets in the preset meta-model, each information asset can be counted and an information asset library can be established; it should be noted that, in the preset meta-model The types of information assets can be added or deleted, so each information asset in the information asset database obtained by statistics can only be related to the type of information assets retaine...
Embodiment 2
[0091] like figure 2 As shown, it is an information security early warning device provided in Embodiment 2 of the present invention, and the early warning device includes the following units:
[0092] The matching unit 201 is configured to perform correlation matching between each vulnerability in the vulnerability database in the current period and all information assets contained in the information asset database, and screen vulnerabilities whose correlation degree is not less than a preset threshold.
[0093] Preferably, the matching unit 201 is specifically used for:
[0094] Count each information asset contained in the current information asset library, and normalize to obtain the sum of the unit vectors of each information asset: in, represents the unit vector of the jth information asset;
[0095] Count the information assets threatened by the i-th vulnerability in the current vulnerability database, and normalize to obtain the sum of the unit vectors of each inf...
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more
PUM
Login to view more
Abstract
The present invention discloses an information security early-warning method and device. The information security early-warning method mainly comprises the steps of establishing an information asset library by utilization of meta models, respectively performing relevancy matching between bugs in a bug library obtained by collection and the total information asset amount in the information asset library, screening the bugs with the relevancy no less than a preset threshold value, summing risk values of the screened bugs, calculating and obtaining a total risk value relative to the total information asset amount, comparing the total risk value with a preset early-warning value, and executing early-warning operation when the total risk value is no less than the preset early-warning value. Through performing relevancy matching between the bugs and the total information asset amount, the bugs which can threaten the information asset library can be accurately determined, so that security of information assets is improved, early-warning determining operation can be automatically performed in a preset period, the early-warning operation can be executed when the total risk value reaches the preset early-warning value, and managers can be accurately reminded to maintain an information network system in real time.
Description
technical field [0001] The invention relates to the field of communication technology, in particular to an information security early warning method and device. Background technique [0002] In the existing technology, with the development of information technology, each company has a large number of information assets to meet the company's daily production and operation needs, and these information assets have become an important cornerstone of the company's survival and development. Therefore, the security of assets and information assets has become an important factor to ensure the operation of the company. For the protection of information assets in terms of information security, early warning is mainly carried out in the following two ways: [0003] Method 1: Intrusion detection technology is a technology designed to ensure the security of computer systems that can detect and report unauthorized or abnormal phenomena in the system in a timely manner. It is a technology...
Claims
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more
Application Information
Patent Timeline
Application Date:The date an application was filed.
Publication Date:The date a patent or application was officially published.
First Publication Date:The earliest publication date of a patent with the same application number.
Issue Date:Publication date of the patent grant document.
PCT Entry Date:The Entry date of PCT National Phase.
Estimated Expiry Date:The statutory expiry date of a patent right according to the Patent Law, and it is the longest term of protection that the patent right can achieve without the termination of the patent right due to other reasons(Term extension factor has been taken into account ).
Invalid Date:Actual expiry date is based on effective date or publication date of legal transaction data of invalid patent.
Login to view more 
Login to view more