Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

A method and system for determining the sequence of vulnerability rectification based on attack chain

A technology for determining methods and vulnerabilities, applied in transmission systems, electrical components, etc., and can solve problems such as high data, reduction, and inability to calculate vulnerability hazards.

Active Publication Date: 2019-10-01
STATE GRID CORP OF CHINA +1
View PDF6 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Usually, only emergency, high-risk, medium-risk, low-risk and other levels are evaluated, and the traditional static vulnerability scoring system is limited to the static evaluation of a single host, and cannot calculate the harmfulness of vulnerabilities based on the network topology
However, in the organization's internal information network, the data in the deep intranet is often of high value. Once it is leaked, the loss will be huge. On the other hand, after repeated firewall filtering, the probability of hackers penetrating into the intranet will decrease, thereby reducing the loss expectation.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A method and system for determining the sequence of vulnerability rectification based on attack chain
  • A method and system for determining the sequence of vulnerability rectification based on attack chain
  • A method and system for determining the sequence of vulnerability rectification based on attack chain

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0046] The following will clearly and completely describe the technical solutions in the embodiments of the present invention with reference to the accompanying drawings in the embodiments of the present invention. Obviously, the described embodiments are only some, not all, embodiments of the present invention. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without creative efforts fall within the protection scope of the present invention.

[0047] The embodiment of the present invention discloses a method and system for determining the order of vulnerability rectification based on the attack chain, so as to evaluate the vulnerabilities and determine the most urgent vulnerabilities in the information network, so that the operation and maintenance personnel can give priority to rectification and quickly improve the overall security of the network loophole.

[0048] see figure 1 , a method for determini...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a vulnerability restructuring sequence determining method and system based on attack links. The method comprises the steps of determining an indirect loss coefficient corresponding to each host according to attack link information of an access connection structure; through utilization of the indirect loss coefficient of each host and the direct loss coefficient of each host, determining a total loss coefficient of each host; and determining a final score and a vulnerability restructuring sequence corresponding to each vulnerability according to the total loss coefficient of each host corresponding to each vulnerability and a weight coefficient of each vulnerability. Visibly, different vulnerabilities are scored through combination of the attack link information of an information network; the harmfulness scores of the vulnerabilities and the hosts can be calculated according to the harmfulness of the vulnerabilities themselves and a topological structure, so under the condition that the manpower is limited, the vulnerabilities and hosts badly in need of restoration are distinguished, the operation and maintenance personnel are prevented from excessively paying close attention to the internal network high-risk vulnerabilities hardly possible to be used, while the external network high-risk vulnerabilities with higher risk are ignored.

Description

technical field [0001] The present invention relates to the technical field of information network vulnerability rectification, and more specifically, relates to a method and system for determining the order of vulnerability rectification based on attack chains. Background technique [0002] At present, the traditional static vulnerability scoring system is isolated and based on a single host, and does not rely on other information such as network structure and asset value for evaluation. Usually, only emergency, high-risk, medium-risk, and low-risk levels are evaluated, and the traditional static vulnerability scoring system is limited to the static evaluation of a single host, and cannot calculate the harmfulness of vulnerabilities based on the network topology. However, in the organization's internal information network, the data in the deep intranet is often of high value. Once it is leaked, the loss will be huge. On the other hand, after repeated firewall filtering, the...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06
Inventor 刘安王栋陈连栋王婵卢晓梅李静程杰玄佳兴
Owner STATE GRID CORP OF CHINA
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com