Network situation quantitative evaluation method based on attack chain factors
A quantitative assessment and situation assessment technology, applied in the field of network security, can solve problems such as lack of integrity, inaccurate assessment results, and inability to correlate analysis, and achieve the effect of improving active defense capabilities
Active Publication Date: 2020-06-05
BEIJING UNIV OF TECH
View PDF4 Cites 7 Cited by
- Summary
- Abstract
- Description
- Claims
- Application Information
AI Technical Summary
Problems solved by technology
In order to reduce the risk of the network system, many network security scanning tools have appeared in the field of network risk assessment, such as IDS, NESSUS, ISS, etc., and their stand-alone inspection functions are relatively strong. Safely configured and running application services can detect security vulnerabilities in a timely manner, but the overall analysis function is relatively weak, and it is impossible to conduct correlation analysis on various configuration vulnerabilities, software vulnerabilities, security incidents and the relationship between them, resulting in inaccurate evaluation results. Precise and lack of integrity
Method used
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View moreImage
Smart Image Click on the blue labels to locate them in the text.
Smart ImageViewing Examples
Examples
Experimental program
Comparison scheme
Effect test
Embodiment Construction
[0019] In order to make the purposes, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present invention. Obviously, the described embodiments These are some embodiments of the present invention, but not all embodiments. Based on the embodiments of the present invention, all other embodiments obtained by those of ordinary skill in the art without creative work fall within the protection scope of the present invention.
[0020] Below in conjunction with accompanying drawing, the present invention is described in further detail:
[0021] like figure 1 As shown, according to a method for quantitative assessment of network situation based on the attack chain factor provided by the present invention, the method includes: identifying evaluation indicators of eac...
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More PUM
Login to View More Abstract
The invention discloses a network situation quantitative evaluation method based on an attack chain factor. The method comprises the following steps: identifying evaluation indexes of each stage of network attack, and constructing a situation evaluation index system; establishing an evaluation model from bottom to top in a manner of firstly local and then integral; defining the weight or score ofeach evaluation index in the situation factor layer of the evaluation model to establish a scoring criterion; acquiring safety logs and flow data in a preset period, and acquiring all secondary indexscore data in the evaluation model according to a scoring criterion; performing calculation according to the second-level index score data to obtain first-level index score data; and calculating to obtain a network overall situation value according to the first-level index score data. Through the technical scheme of the invention, the attack threat condition of the network can be more accurately and comprehensively quantified, so that the security weakness is quickly found, targeted countermeasures are taken, and a strong support is provided for improving the active defense capability of knownthreats and unknown threats.
Description
technical field [0001] The invention relates to the technical field of network security, in particular to a quantitative assessment method of network situation based on an attack chain factor. Background technique [0002] At present, with the increasing expansion, dynamic and complexity of the network information system, the security threats from the network are also increasing exponentially. Hackers use various vulnerabilities to conduct multi-stage attacks on the network, which makes network security risk assessment more and more important. In order to reduce the risk of network systems, many network security scanning tools have appeared in the field of network risk assessment, such as IDS, NESSUS, ISS, etc., and their stand-alone inspection functions are relatively strong. The application services that are configured and run securely can detect security vulnerabilities in time, but the overall analysis function is relatively weak, and it is impossible to correlate vario...
Claims
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More Application Information
Patent Timeline
Login to View More Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06G06Q10/06
CPCH04L63/1416H04L63/1433G06Q10/06393G06Q10/0635
Inventor 何泾沙段梦园朱娜斐杨玥腾达李文欣王亚芹
Owner BEIJING UNIV OF TECH