A Modeling and Analysis Method for Network System Security Vulnerabilities Correlation

A network system and analysis method technology, which is applied in the field of network system security vulnerability correlation modeling and analysis, can solve the problem of inaccurate network harm degree measurement standards, and achieve the effect of thorough vulnerability analysis, high accuracy, and comprehensive evaluation perspective

Active Publication Date: 2022-06-21
XIAN UNIV OF TECH
View PDF5 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0008] The purpose of the present invention is to provide a method for modeling and analyzing the correlation of network system security vulnerabilities, which solves the problem of inaccurate measurement standards for the degree of network harm existing in the prior art

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A Modeling and Analysis Method for Network System Security Vulnerabilities Correlation
  • A Modeling and Analysis Method for Network System Security Vulnerabilities Correlation
  • A Modeling and Analysis Method for Network System Security Vulnerabilities Correlation

Examples

Experimental program
Comparison scheme
Effect test

Embodiment

[0061] In the network system, the leakage of some user information will activate the system loopholes and then infiltrate them. Some infiltration results can even be used again. Step by step, they can penetrate deep into the system to obtain higher rights. In order to cover up the infiltration behavior, the infiltrator The infiltration traces are erased. In order to facilitate the next attack, the infiltrator will leave a back door.

[0062] Note that A is the vulnerability caused by the system version being too low. The attacker uses this vulnerability to cause an overflow vulnerability B in the system. Through the overflow, the infiltrator can obtain the system shell, and then use the shell to trigger the privilege escalation vulnerability C. The infiltrator logs in through ordinary users. System, escalate privileges, obtain administrator information, log in to the background, make changes to the database or other information of the website, and finally the attacker successfu...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a method for modeling and analyzing the correlation of network system security loopholes, which is specifically implemented according to the following steps: Step 1, select a network scene, and detect the network loopholes existing in a specific network scene; Step 2, the obtained in step 1 Correlation analysis is performed on the vulnerabilities, and two dimensions of the vulnerability are cut at the system level and the network level; step 3, the system aspect and the network aspect are merged, and the vulnerability hazard is added as the third dimension, and a three-dimensional evaluation model is established; step 4, Analyze the model in step 3, and establish a vulnerability assessment mechanism to evaluate the health status of the system. The problem that the measurement standard of the degree of network harm existing in the prior art is not accurate enough is solved.

Description

technical field [0001] The invention belongs to the technical field of network attack and defense, and relates to a network system security vulnerability correlation modeling and analysis method. Background technique [0002] With the continuous development of the Internet and the increasingly complex network attack methods, network security problems are becoming more and more serious. Attackers often exploit low-level software vulnerabilities to trigger high-level software vulnerabilities to damage or control network systems. The network security situation is becoming more and more serious, and security incidents occur frequently. Assessing and protecting network security faces enormous challenges. [0003] For the exploitation of network and system vulnerabilities, the impact of different user rights is different, the sequence in which the vulnerabilities are exploited is different, and the harmfulness is also different. How to mine network system vulnerabilities and ana...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): H04L9/40H04L41/14
CPCH04L63/1433H04L41/145
Inventor 张亚玲张贵玲王一川姬文江朱磊任炬
Owner XIAN UNIV OF TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap