Quantitative assessment method of network situation based on attack chain factor
A quantitative evaluation and situational technology, applied in the field of network security, can solve problems such as lack of integrity, inaccurate evaluation results, weak analysis functions, etc., and achieve the effect of improving active defense capabilities
Active Publication Date: 2022-05-17
BEIJING UNIV OF TECH
View PDF4 Cites 0 Cited by
- Summary
- Abstract
- Description
- Claims
- Application Information
AI Technical Summary
Problems solved by technology
In order to reduce the risk of the network system, many network security scanning tools have appeared in the field of network risk assessment, such as IDS, NESSUS, ISS, etc., and their stand-alone inspection functions are relatively strong. Safely configured and running application services can detect security vulnerabilities in a timely manner, but the overall analysis function is relatively weak, and it is impossible to conduct correlation analysis on various configuration vulnerabilities, software vulnerabilities, security incidents and the relationship between them, resulting in inaccurate evaluation results. Precise and lack of integrity
Method used
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View moreImage
Smart Image Click on the blue labels to locate them in the text.
Smart ImageViewing Examples
Examples
Experimental program
Comparison scheme
Effect test
Embodiment Construction
[0019] In order to make the purpose, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below in conjunction with the drawings in the embodiments of the present invention. Obviously, the described embodiments It is a part of embodiments of the present invention, but not all embodiments. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without making creative efforts belong to the protection scope of the present invention.
[0020] Below in conjunction with accompanying drawing, the present invention is described in further detail:
[0021] like figure 1 As shown, a network situation quantitative evaluation method based on attack chain factors provided by the present invention includes: identifying evaluation indicators for each stage of network attack, and cons...
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More PUM
Login to View More Abstract
The invention discloses a network situation quantitative evaluation method based on attack chain factors, which includes: identifying evaluation indicators of each stage of network attack, and constructing a situation evaluation index system; establishing an evaluation model from bottom to top, first partly and then overall; Define the weight or score of each evaluation index in the situation factor layer of the evaluation model to establish scoring criteria; collect security logs and traffic data within a preset period, and obtain all secondary index score data in the evaluation model according to the scoring criteria; The score data of the first-level indicators is calculated to obtain the score data of the first-level indicators; the overall situation value of the network is calculated according to the score data of the first-level indicators. Through the technical solution of the present invention, it is possible to more accurately and comprehensively quantify the attack and threat situation of the network, so as to quickly find security weaknesses, take targeted countermeasures, and provide a powerful solution for improving the active defense capabilities of known threats and unknown threats. support.
Description
technical field [0001] The invention relates to the technical field of network security, in particular to a network situation quantitative evaluation method based on an attack chain factor. Background technique [0002] At present, with the increasing expansion, dynamics and complexity of the network information system, the security threats from the network are also increasing exponentially. Hackers use various loopholes to carry out multi-stage attacks on the network, which makes network security risk assessment more and more people's attention. In order to reduce the risk of the network system, many network security scanning tools have appeared in the field of network risk assessment, such as IDS, NESSUS, ISS, etc., and their stand-alone inspection functions are relatively strong. Safely configured and running application services can detect security vulnerabilities in a timely manner, but the overall analysis function is relatively weak, and it is impossible to conduct c...
Claims
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More Application Information
Patent Timeline
Login to View More Patent Type & Authority Patents(China)
IPC IPC(8): H04L9/40G06Q10/06
CPCH04L63/1416H04L63/1433G06Q10/06393G06Q10/0635
Inventor 何泾沙段梦园朱娜斐杨玥腾达李文欣王亚芹
Owner BEIJING UNIV OF TECH