31 results about "Risk vulnerability" patented technology

The invention discloses a social network-based fraud group detection method and system. The method comprises the following steps of S1, obtaining test source data through a social graph; S2, testing atested system by the test source data and generating a prediction model; and S3, executing operation through a social network-based fraud group detection technology. According to the social network-based fraud group detection method and system provided by the invention, through the social network-based fraud group detection technology, a user can mine potential group fraud according to a social relationship and predict fraud groups, so that global risk identification capability of a network can be improved and unnecessary risk vulnerabilities are avoided.

The invention provides a method for evaluating the vulnerability of regional environmental risk receptors based on multi-index and spatial visualization technology. The method includes the following three steps: first, select the sensitivity and adaptability of the exposed receptors, and construct the vulnerability index model of the regional environmental risk receptors; According to the vulnerability evaluation index of environmental risk receptors, regional socio-economic vulnerability and ecosystem vulnerability are evaluated; finally, based on GIS technology, the layers of regional socio-economic vulnerability and ecosystem vulnerability are directly superimposed or The weighted superposition calculation is used to obtain the distribution map of the comprehensive vulnerability index of the regional environmental risk receptors. This evaluation method is widely used in regional environmental risk management, industrial layout optimization and adjustment, etc., and has the characteristics of high efficiency, low cost, and high precision.

The invention discloses a vulnerability restructuring sequence determining method and system based on attack links. The method comprises the steps of determining an indirect loss coefficient corresponding to each host according to attack link information of an access connection structure; through utilization of the indirect loss coefficient of each host and the direct loss coefficient of each host, determining a total loss coefficient of each host; and determining a final score and a vulnerability restructuring sequence corresponding to each vulnerability according to the total loss coefficient of each host corresponding to each vulnerability and a weight coefficient of each vulnerability. Visibly, different vulnerabilities are scored through combination of the attack link information of an information network; the harmfulness scores of the vulnerabilities and the hosts can be calculated according to the harmfulness of the vulnerabilities themselves and a topological structure, so under the condition that the manpower is limited, the vulnerabilities and hosts badly in need of restoration are distinguished, the operation and maintenance personnel are prevented from excessively paying close attention to the internal network high-risk vulnerabilities hardly possible to be used, while the external network high-risk vulnerabilities with higher risk are ignored.

The invention relates to the technical field of information monitoring, in particular to a walk-through test technique based information security audit implementation method and system. The method includes: recognizing business sensitive information waiting for audit and access right of the business sensitive information; tracking flow paths of the business sensitive information in one or more information systems based on the access right; performing audit analysis on risk vulnerabilities existing in the process that the systems with access right process the business sensitive information according to tracking results; based on audit analysis results of the risk vulnerabilities, acquiring a risk value of the business sensitive information. By the method and system, risks existing in the process that the sensitive information flows in full life circles of the multiple information systems can be monitored.

Individual health vulnerability is assessed by obtaining health risk prevalence level data containing health risk prevalence levels for one or more health risks over a given geographical area. The health risk prevalence level data to generate for each health risk a prevalence level forecast as a function of time and location. A health risk prevalence level map is generated for the given geographical area illustrating current and future health risk prevalence levels for each health risk at a plurality of locations within the given geographical area. Personal health status data are obtained for a given individual along with a proposed travel itinerary f covering at least a portion of the geographical area over a given time duration. The personal health status data, travel itinerary and map generate a personal health risk vulnerability model containing a quantification of vulnerability to the one or more health risks resulting from the travel itinerary.

Individual health vulnerability is assessed by obtaining health risk prevalence level data containing health risk prevalence levels for one or more health risks over a given geographical area. The health risk prevalence level data to generate for each health risk a prevalence level forecast as a function of time and location. A health risk prevalence level map is generated for the given geographical area illustrating current and future health risk prevalence levels for each health risk at a plurality of locations within the given geographical area. Personal health status data are obtained for a given individual along with a proposed travel itinerary f covering at least a portion of the geographical area over a given time duration. The personal health status data, travel itinerary and map generate a personal health risk vulnerability model containing a quantification of vulnerability to the one or more health risks resulting from the travel itinerary.

Individual health vulnerability is assessed by obtaining health risk prevalence level data containing health risk prevalence levels for one or more health risks over a given geographical area. The health risk prevalence level data to generate for each health risk a prevalence level forecast as a function of time and location. A health risk prevalence level map is generated for the given geographical area illustrating current and future health risk prevalence levels for each health risk at a plurality of locations within the given geographical area. Personal health status data are obtained for a given individual along with a proposed travel itinerary f covering at least a portion of the geographical area over a given time duration. The personal health status data, travel itinerary and map generate a personal health risk vulnerability model containing a quantification of vulnerability to the one or more health risks resulting from the travel itinerary.

The embodiment of the invention provides a big data-based security interception rule updating method and an artificial intelligence security system, and the method comprises the steps: carrying out the matching of a security interception rule cluster of an information security operation framework for intercepting an application service according to a service risk vulnerability; and screening a plurality of target screening security interception rule clusters for the service risk vulnerability according to the security interception service interval of each security interception rule in the security interception rule clusters, and performing vulnerability pre-repair according to the target screening security interception rule clusters. According to the technical scheme, the security interception rule characteristics of the information security operation framework for intercepting the application service are considered, and the security interception service interval of the security interception rule is also considered, so that the matching degree with the intercepted application service can be improved during vulnerability pre-repair, and the vulnerability repair effect can be improved.

The invention discloses a power network information physical potential safety hazard assessment method, a power network information physical potential safety hazard assessment system and a power system. The power network information physical potential safety hazard assessment method comprises the steps of: comprehensively considering a basic index, a time index and a network attack capability index, and calculating high-risk vulnerability availability of power information equipment; establishing a power information equipment network security vulnerability assessment model, and calculating an attack success probability of defense measures of the power information equipment; establishing a network attack graph model according to the high-risk vulnerability availability of the power information equipment and the attack success probability of the defense measures of the power information equipment, and calculating an attack success probability of the power information equipment; and establishing a power information equipment-physical element failure association model, and assessing physical consequences caused by network attacks on the power information equipment. The power network information physical potential safety hazard assessment method overcomes the defects that an existing method is insufficient in attack behavior analysis and lacks consideration of power business features, and improves the accuracy and credibility of power network potential safety hazard risk assessment.

The invention discloses a special network security event management system for an enterprise. The system comprises a plurality of terminal network equipment management systems, a network security management platform and a security event library, and is characterized in that the plurality of terminal network equipment management systems are connected with the network security management platform. In the present invention, through a security vulnerability scanning unit, risk vulnerabilities in the terminal network equipment systems as well as software installed in terminal network equipment arescanned; meanwhile, risk vulnerability scanning is carried out on a system server, a router and a switch associated with the terminal network equipment; when network security monitoring and information acquisition are carried out, the security status data of network connected with the terminal network equipment is acquired in time, information acquisition of the terminal network equipment is realized, and security scanning of associated equipment of the terminal network equipment is also realized, so that the acquired information is more comprehensive, and comprehensive and effective network security management is realized.

The embodiment of the invention provides a method and a device for evaluating network assets, and the method comprises the steps: calculating a component vulnerability parameter, reflecting a networkasset component level, corresponding to each classification according to the classification of vulnerabilities in the network assets and the vulnerability parameter of each vulnerability; according toall the component vulnerability parameters corresponding to all the classifications, calculating overall vulnerability parameters reflecting the overall level of the network assets; determining the number of high-risk vulnerabilities and the total number of vulnerabilities according to all vulnerability parameters in the network assets; and determining a total evaluation value reflecting the overall vulnerability of the network assets according to the overall vulnerability parameters, the number of the high-risk vulnerabilities and the evaluation values corresponding to the total number of the vulnerabilities, and evaluating the overall vulnerability level of the network assets according to the total evaluation value. The device executes the method. According to the method and the deviceprovided by the embodiment of the invention, the vulnerability of the network assets can be accurately and comprehensively evaluated.

The invention provides a method and device for evaluating risk vulnerability of mobile network. The method provided by the invention comprises the steps of traversing a to-be-evaluated mobile network, and obtaining basic information data of the to-be-evaluated mobile network; comparing the basic information data with a preset comparison database to obtain initial processing data, wherein the comparison database is established according to historical information data and historical determination results of experts; inputting the initial processing data into a pre-trained first evaluation model to obtain a first evaluation result; inputting the initial processing data into a pre-trained second evaluation model to obtain a second evaluation result, wherein the second evaluation model comprises a corresponding relationship between the initial processing data and the evaluation result; and determining an evaluation result according to the initial processing data, the first evaluation result and the second evaluation result. According to the embodiment of the invention, the comparison database is adopted, and subjective factors are introduced in a mobile network risk assessment process, so that the evaluation process is more targeted.

The invention discloses an Internet of Things admission gateway for a video network system. The Internet of Things admission gateway comprises hardware equipment and a cloud shield gateway system, wherein the hardware equipment comprises an acquisition and analysis engine and a detection engine; the cloud shield gateway system comprises a device and asset management module, a device security admission control module, a device availability monitoring module, a security attack prevention module, a video device risk vulnerability detection module and an infrastructure management module. The system integrates the functions of equipment management, security admission, availability monitoring, attack prevention, vulnerability detection, equipment automatic discovery, equipment state detection, vulnerability automatic detection, access automatic discrimination, behavior automatic analysis, violation automatic blocking and the like, three-dimensional monitoring is formed from boundaries to core data, deep defense is established, security operation management is enhanced, functions of clear assets in the video private network at a glance, real-time alarm of equipment faults, real-time control of safety risks, timely blocking of illegal invasion and the like are realized, and the problem of safe operation of the video private network is solved.

The invention provides a server asset management system based on integrated monitoring. The server asset management system comprises a production service cluster, a data analysis center and an operation and maintenance management system, wherein the production service cluster is composed of a plurality of independent servers and collects data through service nodes and data nodes; after receiving the data, the data analysis center distributes the data to an asset monitoring subsystem, an intrusion monitoring subsystem and a risk perception subsystem for processing according to data types, and sends a processing result to the operation and maintenance management system; the asset monitoring subsystem judges whether the server has the problem of performance excess or performance shortage; the intrusion monitoring subsystem mainly aims at network access flow data, and judges whether an intrusion risk exists or not according to a network access behavior; the risk perception subsystem mainly aims at network flow data and risk vulnerabilities of the server; and the operation and maintenance management system allocates the processing results to different management subsystems according to the types of the processing results, and gives corresponding management prompts and operations.

The invention discloses a method for actively discovering a distributed self-built system and scanning security vulnerabilities, and relates to the technical field of information security. The methodcan be applied to management of distributed self-built systems deployed by subordinate units in large enterprises. According to the invention, active discovery of the whole-network self-built information system is realized by using a port scanning technology, an HTTP/HTTPS fingerprint identification technology, a distributed message queue technology, a browser engine rendering technology and a multi-process concurrent vulnerability scanning technology, and high-risk vulnerability scanning is carried out, so that explosive growth of the self-built information system and high-risk vulnerabilities is effectively restrained; a user can actively discover a database and a high-risk vulnerability database from a self-built system to guide out a scanning result report and a high-risk vulnerabilityreport of a self-built application system, and real-time and reliable data support is provided for a company informatization management layer for informatization construction conditions and information security conditions of organizational structure units at all levels.

The invention discloses an AADL-based automatic generation method of an attack defense tree. The method comprises the following steps: modeling an information physical fusion system by adopting an AADL model; determining vulnerabilities of each component of the cyber-physical fusion system, and tracking and determining an attack path; selecting a final attack target of the system according to the attack path; taking the AADL model and an attack target as input, and obtaining an attack defense tree through a template library; and calculating the attack defense tree to obtain a minimum defense measure, performing quantitative evaluation on an attack probability value and a defense cost by combining a Bayesian network and a CVSS score value, and calculating a risk value of the system. The problems that a complex system is difficult to model, and risk vulnerabilities in the system are difficult to determine, track and solve, including the influence of network attacks on a physical system and an information system, are solved.

The invention provides an audit-based secure data transmission method and system from inside to outside and electronic equipment, and the method comprises the steps that an intranet module receives an internal data transmission instruction lifted by a user, and audits user information and internal data information; if the audit is passed, the intranet module transmits internal data; and if the audit is not passed, rejecting the internal data transmission instruction, and ending the operation. According to the data security transmission method, the risk vulnerability that sensitive data in the rail transit system is transmitted outwards can be avoided, so that the risk caused by the complex system structure of the rail transit system is effectively made up, and a technical support is provided for establishing and perfecting a data security migration protection system based on the rail transit system.

The embodiment of the invention discloses an information processing method based on a fingerprint attendance system and a fingerprint attendance service system, and the method comprises the steps: carrying out the abnormal monitoring activity variable mining of abnormal monitoring activity big data, and outputting an abnormal monitoring activity variable; outputting each abnormal trajectory variable in the abnormal monitoring activity big data and a corresponding risk vulnerability positioning variable and a risk vulnerability field variable according to the abnormal monitoring activity variable, and outputting each risk vulnerability abnormal trajectory variable according to the risk vulnerability positioning variable and each abnormal trajectory variable, and performing connectivity aggregation on each risk vulnerability abnormal trajectory variable, and outputting risk vulnerability aggregation features in the abnormal monitoring activity big data, thereby performing comprehensive analysis of risk vulnerability categories by combining the aggregation dimension of the abnormal trajectory of the risk vulnerability and the risk vulnerability field dimension. Compared with a traditional scheme in which analysis is carried out only based on risk vulnerability field variables, the method can improve the accuracy of risk vulnerability category identification.