Unlock instant, AI-driven research and patent intelligence for your innovation.

Risk assessment method and device, computer system and medium

A technology of risk assessment and system to be tested, applied in the field of information security, it can solve problems such as complexity, high requirements for personnel capabilities, and lack of priority in handling threat events, and achieves the effect of reducing professional requirements and effectively dealing with them.

Pending Publication Date: 2020-10-30
INDUSTRIAL AND COMMERCIAL BANK OF CHINA
View PDF4 Cites 12 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

But each step is very complicated. At present, the construction of threat models in the industry is mainly based on the construction of known threat events and scenarios, or the construction of a sufficient understanding of its own system, and the application and implementation of threat modeling and risk assessment based on PASTA. There are still some difficulties, such as the threat scenarios are not comprehensive and accurate, the requirements for personnel capabilities are too high, and the handling of threat events lacks priority
Moreover, in the process of building and maintaining a threat model, not only personnel with a deep understanding of the system are required, but also a lot of time and energy are required to update the model and strengthen the system, but the results are often not ideal

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Risk assessment method and device, computer system and medium
  • Risk assessment method and device, computer system and medium
  • Risk assessment method and device, computer system and medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0032] Hereinafter, embodiments of the present disclosure will be described with reference to the drawings. However, it should be understood that these descriptions are only exemplary and are not intended to limit the scope of the present disclosure. In the following detailed description, for ease of explanation, many specific details are set forth to provide a comprehensive understanding of the embodiments of the present disclosure. However, obviously, one or more embodiments may also be implemented without these specific details. In addition, in the following description, descriptions of well-known structures and technologies are omitted to avoid unnecessarily obscuring the concept of the present disclosure.

[0033] The terms used here are only for describing specific embodiments, and are not intended to limit the present disclosure. The terms "including", "including", etc. used herein indicate the existence of the described features, steps, operations and / or components, but...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a risk assessment method, and relates to the field of information security, and the method comprises the steps: obtaining the monitoring data of a to-be-tested system; matchingthe monitoring data with a threat rule base to determine that the monitoring data hitting the threat rule base is the threat data, wherein the threat rule base is constructed based on a knowledge base; determining a risk level of the threat data; and determining a defense strategy of the to-be-tested system based on the risk level of the threat data. The invention further provides a risk assessment device, a computer system and a medium.

Description

Technical field [0001] The present disclosure relates to the field of information security, and more specifically, to a risk assessment method, device, computer system and medium. Background technique [0002] The risk assessment scheme based on PASTA (The Process for Attack Simulation and Threat Analysis, risk-centric attack simulation and threat analysis process) is mainly composed of seven sub-steps: definition of objectives, definition of technical scope, application decomposition, threat analysis, and vulnerability And vulnerability analysis, attack modeling, risk and impact analysis. But each step is very complicated. At present, the industry's construction of threat models is mainly based on known threat events and scenarios, or construction with sufficient understanding of their own systems, and the application and landing of threat modeling and risk assessment based on PASTA There are still certain difficulties, such as insufficient comprehensive and accurate threat sce...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/57G06N5/02
CPCG06F21/577G06N5/022G06F2221/034
Inventor 李亚敏苏建明刘婉娇孟宪哲
Owner INDUSTRIAL AND COMMERCIAL BANK OF CHINA