Network system security vulnerability relevance modeling and analysis method

A network system and analysis method technology, which is applied in the field of network system security vulnerability correlation modeling and analysis, can solve the problem of inaccurate network harm degree measurement standards, and achieve the effect of thorough vulnerability analysis, comprehensive evaluation perspective and high accuracy

Active Publication Date: 2021-08-13
XIAN UNIV OF TECH
View PDF8 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0008] The purpose of the present invention is to provide a method for modeling and analyzing the correlation of network system security vulnerabilities, which solves the problem of inaccurate measurement standards for the degree of network harm existing in the prior art

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Network system security vulnerability relevance modeling and analysis method
  • Network system security vulnerability relevance modeling and analysis method
  • Network system security vulnerability relevance modeling and analysis method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment

[0061] In the network system, the leakage of certain user information will activate system vulnerabilities and then be infiltrated. Some infiltration results can even be used again, step by step into the system, and obtain higher permissions. In order to cover up the infiltration behavior, the infiltrator Infiltration traces are erased, and infiltrators leave backdoors for the convenience of the next attack.

[0062] Record A as a vulnerability caused by a system version that is too low. The attacker uses this vulnerability to cause an overflow vulnerability B in the system. Through the overflow, the infiltrator can obtain the system shell, and then use the shell to trigger a privilege escalation vulnerability C. The infiltrator logs in through an ordinary user system, escalate privileges, obtain administrator information, log in to the background, make changes to the database or other information of the website, and finally the attacker successfully escalates privileges. Acco...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a network system security vulnerability relevance modeling and analysis method, which is specifically implemented according to the following steps: 1, selecting a network scene, and detecting network vulnerabilities existing in the specific network scene; 2, performing correlation analysis on the vulnerabilities obtained in the step 1, and cutting the vulnerabilities in two dimensions of a system level and a network level; 3, combining a system section and a network section, adding vulnerability hazards as a third dimension, and establishing a three-dimensional evaluation model; and 4, analyzing the model in the step 3, and establishing a vulnerability hazard degree assessment mechanism to assess the health state of the system. The problem that in the prior art, the network hazard degree measurement standard is not accurate enough is solved.

Description

technical field [0001] The invention belongs to the technical field of network attack and defense, and relates to a correlation modeling and analysis method for network system security loopholes. Background technique [0002] With the continuous development of the Internet and the increasing complexity of network attack methods, network security issues have become increasingly serious. Attackers often use low-level software vulnerabilities to trigger high-level software vulnerabilities to damage or control network systems. The network security situation is becoming more and more serious, security incidents occur frequently, and it is a huge challenge to assess and protect network security. [0003] For the exploitation of network and system vulnerabilities, different user permissions have different impacts, the order in which vulnerabilities are exploited is different, and the resulting harm is also different. How to mine network system vulnerabilities and analyze the harm...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L12/24
CPCH04L63/1433H04L41/145
Inventor 张亚玲张贵玲王一川姬文江朱磊任炬
Owner XIAN UNIV OF TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap