Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

A Quantitative Network Security Evaluation Method and Evaluation System

A technology for network security assessment and network flow, applied in transmission systems, digital transmission systems, data exchange networks, etc., can solve the problems that cannot reflect the actual function and effect of security control measures, and it is difficult to quantitatively analyze the real security and confidentiality of the network. Explain the actual threat of the system and the possibility of the threat, so as to achieve a more certain effect of the evaluation result

Active Publication Date: 2020-09-29
BEIJING PENGCHUANG TIANDI TECH
View PDF7 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] Traditional network security and confidentiality analysis is difficult to quantitatively analyze the real security and confidentiality of the network
For example, traditional system security risk assessment methods include benchmarking inspection, security vulnerability scanning, analysis and evaluation based on intrusion detection results, and network security situation analysis based on network flow detection, among which benchmarking inspection is a static security Standard comparative evaluation cannot reflect the actual functions and effects of various security control measures in the system. The evaluation method based on security vulnerability scanning cannot explain the actual threat and the possibility of the threat faced by the system, that is, it cannot reflect the real risk level of the system. Based on intrusion detection The risk analysis and evaluation of the results are affected by the accuracy rate and false negative rate of the intrusion detection system, and the results are not reliable. On the one hand, the security situation analysis based on network flow detection faces the same security effects and security efficiency problems as the former. On the other hand, there is no evaluation mechanism specifically for system security capabilities

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A Quantitative Network Security Evaluation Method and Evaluation System
  • A Quantitative Network Security Evaluation Method and Evaluation System
  • A Quantitative Network Security Evaluation Method and Evaluation System

Examples

Experimental program
Comparison scheme
Effect test

Embodiment

[0046] image 3 For the logical diagram of the quantitative network security assessment of the present invention, in image 3 Among them, the network computer and network transmission equipment are the network nodes of the target system, the network flow database is the network flow data storage module, the network security confidentiality assessment platform is the network security assessment module, and the network communication analysis model training platform is the model parameter calculation module. Network computers and network transmission equipment send network traffic information to the network flow database, and the network communication analysis model training platform extracts training data from the network flow database, calculates and updates model parameters and sends them to the network security and confidentiality assessment platform to update the network communication analysis Model, the network security confidentiality assessment platform receives network t...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a quantitative network security evaluation method and evaluation system. The method of the present invention includes: using the network flow data acquisition module to monitor the network flow in each network node in the target system, and collecting the network flow data of the network node and sending it to the model parameter calculation module and the network security evaluation module; using the model parameter calculation module Calculate the network communication analysis model parameters according to the network flow data and send them to the network security assessment module; use the network security assessment module to receive the network communication analysis model parameters, establish a network communication analysis model according to the network communication analysis model parameters, and pass the network communication analysis model Calculate the security level assessment report of the target system based on the network flow data. The evaluation method and evaluation system of the present invention calculate the non-directly measurable security level through the measurable network flow data, solve the problem that the network security confidentiality ability cannot be directly measured, and can provide scientific basis for data security protection.

Description

technical field [0001] The invention relates to the technical field of information security, in particular to a quantitative network security evaluation method and evaluation system. Background technique [0002] Network security confidentiality assessment is very important for data security protection. Generally speaking, it is impossible to directly measure the network security and confidentiality capabilities in a real system, but different levels of network security and confidentiality capabilities will be displayed through its global network flow. For example, in a system with weak network security and confidentiality capabilities, information from The possibility of high-trust level security domains flowing to low-security-level security domains, the number of network flows, and the scope of occurrence are relatively large. In systems with high network security and confidentiality capabilities, information flows from high-trust level security domains to low-security le...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L12/26H04L29/06G06K9/62
CPCH04L43/06H04L63/20G06F18/295
Inventor 李晓勇郭煜
Owner BEIJING PENGCHUANG TIANDI TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com