Risk-based vulnerability threat degree dynamic calculation method

A calculation method and threat level technology, applied in the field of vulnerability risk level assessment, can solve problems such as inability to repair vulnerabilities, unreliable vulnerability scores, and unreliable threat ratings, and achieve the effect of reducing work pressure

Inactive Publication Date: 2021-03-09
山东泽鹿安全技术有限公司
View PDF5 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] However, these core features will not change over time, and they will not change in different business systems in different units, which causes the static vulnerability risk program to be incompatible with actual business sce...

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0028] The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the embodiments of the present invention. Obviously, the described embodiments are only a part of the embodiments of the present invention, rather than all the embodiments. Based on the embodiments of the present invention, all other embodiments obtained by those of ordinary skill in the art without creative efforts shall fall within the protection scope of the present invention.

[0029] The embodiment of the present invention provides a technical solution: a risk-based dynamic calculation method of vulnerability threat degree, the calculation method specifically includes:

[0030] S1. Use the crawler engine to obtain the vulnerability data in the NVD and CVE vulnerability databases in a targeted and timed manner, as the basic vulnerability database, and perform extraction processing according to its utilization method and CVSS score as th...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a risk-based vulnerability threat degree dynamic calculation method which specifically comprises the following steps: S1, directionally collecting vulnerability data in an NVDand CVE vulnerability database by adopting a crawler engine, carrying out timed incremental updating, taking the vulnerability data as a basic vulnerability database, and carrying out dissociation processing by taking a utilization mode and a CVSS score of the basic vulnerability database as classification directions to obtain a dissociated vulnerability database. The invention relates to the technical field of vulnerability risk level evaluation. Compared with a vulnerability rating standard in a general vulnerability scoring system, the risk-based vulnerability threat degree dynamic calculation method has the advantages that the RTS scoring mode judges the threat degree of the vulnerability according to the standard of 0-3000 scores, so that the threat degree of each vulnerability can bejudged more meticulously; The traditional high, medium and low levels are no longer used as the unique measurement standard of the vulnerability hazard degree.

Description

technical field [0001] The invention relates to the technical field of vulnerability risk level assessment, in particular to a risk-based dynamic calculation method of vulnerability threat degree. Background technique [0002] There are always defects and deficiencies in the design of computer systems. These deficiencies and deficiencies are called loopholes. Vulnerabilities can be exploited by illegal users to obtain system permissions, and then perform illegal operations on the system, causing serious consequences, such as hackers attacking corporate servers. , leading to the paralysis of the enterprise operating system, or stealing the core business, thereby causing economic losses to the enterprise. [0003] In order to better repair the vulnerabilities, it is necessary to perform vulnerability detection on the system, find and fix the vulnerabilities before they are exploited. Usually, a vulnerability scanner is used to detect the target, and the risk level of each vul...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F21/57G06K9/62
CPCG06F21/577G06F18/241
Inventor 杨森李嘉明刘通
Owner 山东泽鹿安全技术有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap