Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Network security risk assessment method

A risk assessment and network security technology, applied in the field of network security, can solve the problems of inability to effectively restore attack scenarios, predict attack behavior, and have not yet found a solution, and achieve the effect of improving accuracy and real-time performance.

Inactive Publication Date: 2017-09-26
成都网络空间安全技术有限公司
View PDF0 Cites 87 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Threat-based risk assessment methods cannot effectively restore attack scenarios and predict attack behavior
[0006] At present, the research on network security risk assessment is still in the stage of continuous exploration. No matter whether the vulnerability-based or threat-based risk assessment method is used to analyze network security risks, a good solution has not yet been found.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Network security risk assessment method
  • Network security risk assessment method
  • Network security risk assessment method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0024] The present invention will be further described in detail below in conjunction with the accompanying drawings and specific embodiments. The method of the invention dynamically evaluates the security of the target network by combining the intrusion detection system, the loophole detection and the real-time attack events acquired by the third party on the basis of the static risk assessment. Assets, Threats and Vulnerabilities are the 3 basic elements of risk assessment.

[0025] In risk assessment, asset value is usually defined by experts or managers during static assessment, and there will be no major changes over a period of time. The threat and vulnerability information acquisition can be carried out with the help of corresponding tools. After the static risk assessment, the system risk is reduced to an acceptable range. Over time, under the influence of internal and external factors, and threats and vulnerabilities change, system risk will increase beyond the acce...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a network security risk assessment method. The security of a target network is assessed dynamically by combining an intrusion detection system, vulnerability detection and real-time attack events obtained by a third party on the basis of static risk assessment. With regard to risk assessment, the asset value is usually defined by specialists or managers during static assessment and no great change occurs in a certain period; dynamic changes of threatening and vulnerable information can be assessed by aid of corresponding tools; the intrusion detection system and a firewall are taken as monitoring systems and can warn of anomalous events at any time, and warning information is possible threats to a system and is also an important basis for assessment of a system risk condition. With the adoption of the network security risk assessment method, the accuracy and instantaneity of network risk assessment can be improved effectively, security defense measures can be carried out according to risk assessment results, and risks can be controlled effectively in time.

Description

technical field [0001] The invention belongs to the technical field of network security, in particular to a network security risk assessment method. Background technique [0002] There are two main types of network security risk assessment methods: static assessment and dynamic assessment. Static assessment comprehensively evaluates the risk level of the network by statically evaluating the value of the target network, security vulnerabilities, and the frequency of security incidents. Currently, the information security risk assessment methods used by people are basically limited to static assessment methods. The research on dynamic network security risk assessment is still in the exploratory stage at home and abroad, and the risk assessment is mainly based on two aspects based on vulnerabilities and threats. [0003] The vulnerability-based risk assessment method uses existing vulnerability scanning tools to assist in finding vulnerabilities that may be exploited by threa...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L12/24H04L29/06
CPCH04L41/14H04L63/1416H04L63/1433
Inventor 高强黄元飞林星辰杨鹏王鹏翩陈亮李燕伟应志军张家旺陈禹林宏刚
Owner 成都网络空间安全技术有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com