Network asset risk assessment method, device and system

A network asset and risk assessment technology, applied in the Internet field, can solve the problems of unprofessional and inaccurate assessment, strong subjectivity, and unprofessional assessment.

Active Publication Date: 2021-12-24
BEIJING TOPSEC NETWORK SECURITY TECH +2
View PDF4 Cites 8 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, in practice, it is found that the existing technology usually determines the weight value manually, which leads to artificial definition and strong subjectivity in risk assessment, which in turn leads to unprofessional and inaccurate assessment, so that it is impossible to conduct a comprehensive assessment of network threat events
It can be seen that the existing methods require manual participation in the assessment, and the assessment is not professional and accurate, so that it is impossible to conduct a comprehensive assessment of network threat events

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Network asset risk assessment method, device and system
  • Network asset risk assessment method, device and system
  • Network asset risk assessment method, device and system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0052] Please see figure 1 , figure 1 A schematic flowchart of a network asset risk assessment method is provided for this embodiment of the application. Among them, the network asset risk assessment method includes:

[0053] S101. Obtain various types of probe data in the network, asset data of target network assets, and a current assessment time period.

[0054] In the embodiment of the present application, the asset data specifically includes network asset data, etc., which is not limited in the embodiment of the present application. The network asset risk assessment method is specifically used for network asset risk assessment.

[0055] In the embodiment of the present application, various types of original probe data include traffic audit data, vulnerability data, security log data, etc., which is not limited in the embodiment of the present application.

[0056] In this embodiment of the application, the asset data of the target network asset includes asset name, IP ...

Embodiment 2

[0069] Please see figure 2 , figure 2 It is a schematic flowchart of another network asset risk assessment method provided in the embodiment of this application. Such as figure 2 As shown, among them, the network asset risk assessment method includes:

[0070] S201. Acquire various original probe data in the network, asset data of target network assets, and a preset evaluation period, where the original various probe data includes traffic audit data, vulnerability data, and security log data.

[0071] In the embodiment of the present application, the evaluation cycle may specifically be evaluated every 2 minutes, every 5 minutes, every 60 minutes, etc., which are preset, and are not limited in this embodiment.

[0072] S202. Perform unified standardized processing on the original data of various types of probes to obtain data of various types of probes.

[0073] S203. Determine the current assessment time period in which the target network asset needs to be assessed acc...

Embodiment 3

[0147] Please see image 3 , image 3 It is a schematic structural diagram of a network asset risk assessment device provided in the embodiment of this application. Such as image 3 As shown, the network asset risk assessment device includes:

[0148] An acquisition unit 310, configured to acquire various types of probe data in the network, asset data of target network assets, and a current assessment time period;

[0149] The first calculation unit 320 is configured to calculate the asset value of the target network asset according to various types of probe data and asset data;

[0150] The second calculation unit 330 is configured to calculate the vulnerability risk value of the target network asset according to various probe data and asset data;

[0151]The third calculation unit 340 is configured to calculate the threat event risk value of the target network asset according to the current evaluation time period, various probe data and asset data;

[0152] The fourth c...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The embodiment of the invention provides a network asset risk assessment method, device and system, and relates to the technical field of Internet. The network asset risk assessment method comprises the following steps: firstly, obtaining various kinds of probe data in a network, asset data of target network assets and a current assessment time period; calculating an asset value of the target network assets according to the various kinds of probe data and the asset data; calculating a vulnerability risk value of the target network assets according to the various probe data and the asset data; further calculating a threat event risk value of the target network assets according to the current assessment time period, the various probe data and the asset data; and finally, according to the asset value, the vulnerability risk value and the threat event risk value, calculating a network asset risk assessment result of the target network assets in the current assessment time period. Therefore, comprehensive assessment of network asset risks can be realized, artificial participation in assessment is not needed, and an assessment result is accurate, objective and highly professional.

Description

technical field [0001] The present application relates to the field of Internet technology, in particular, to a method, device and system for network asset risk assessment. Background technique [0002] With the continuous discovery of the Internet, network security issues are becoming more and more serious, and the demand for accurate quantitative assessment of network security risks is increasing day by day. The existing network asset risk assessment method usually sets the corresponding weight value according to the importance of the network equipment, uses the weight value to weight the equipment risk score of each network equipment, and obtains all the network assets in the network to be tested. The weighted sum of devices to assess the risk of the network under test. However, in practice, it is found that the existing technology usually determines the weight value manually, which leads to the artificial definition in the risk assessment, which is highly subjective, wh...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L12/24H04L29/06
CPCH04L41/147H04L41/142H04L63/20
Inventor 姚杰许世超苏伟
Owner BEIJING TOPSEC NETWORK SECURITY TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap