34 results about "Security metric" patented technology

A method for evaluating access rules violations, the method includes: receiving, a model of a computer network; and determining security metrics associated with a violation of an access rule in response to: the model of the computer network, multiple network nodes of the computer network accessible according to at least one violated access rule or according to the network model, at least one vulnerability associated with the multiple network nodes, and damage associated with an exploitation of the at least one vulnerability.

A method for evaluating potential attacks of worms, the method includes: associating, in response to information representative of a network and of worm entities, between worm entities and potential worm sources to provide associated worm sources; determining potential worm attacks that start from the associated worm sources; and evaluating at least one potential worm attack security metric associated with the potential worm attacks.

Techniques for monitoring site security are disclosed herein. Sites are scanned for security metric values associated with one or more security metrics. Normalized values for those scanned security metric values are calculated based on previously obtained values associated with one or more other security metrics associated with other scanned sites. Site security metrics are then calculated for the sites based on a subset of the normalized values and based at least in part on a comparison to other scanned sites.

A system and method are provided for managing data, such as for example security or other business data. For the example of security data, security data is received from a plurality of assets that may or may not be remotely located. A plurality of security metrics are computed and normalized according to thresholds. Security metrics are aggregated to generate an aggregate score, this may include weighting the metrics according to metric priorities. A change effort corresponding to each metric is also received and a corresponding change effort for the aggregate score is calculated. Aggregate scores and aggregate change efforts are analyzed to generate risk reduction recommendations. Upon instruction, metrics corresponding to an aggregate score may be displayed including recommendations of metrics for risk reduction. The recommended metrics may be selected according to analysis of change-to-effort ratios for the metrics.

An embodiment of the present invention is directed to a code audit tool that intelligently analyzes and profiles code, such as Python code, based on a variety of previously unmeasured factors and metrics including a set of software dimensions, such as Algorithmic Complexities; Software Sizing Metrics; Anti-Pattern Implementations; Maintainability Metrics; Dependency Mappings; Runtime Metrics; Testing Metrics; and Security Metrics. Once this analysis is complete, a standardized report card or other scoring interface may be generated. This may include analytical findings as well as suggestions and recommend steps so that developers can make informed decisions, enhance their code bases and improve the score assigned to their code.

This disclosure is directed to methods and systems for managing difficulty of use and security for a transaction. A transaction manager operating on a computing device may determine a range of possible steps for a transaction comprising security measures available for the transaction. The transaction manager may identify a threshold for a security metric to be exceeded for authorizing the transaction, the security metric to be determined based on performance of steps selected for the transaction. The transaction manager may select for the transaction at least one step from the range of possible steps, based on optimizing between (i) a difficulty of use quotient of the transaction from subjecting a user to the at least one step, and (ii) the security metric relative to the determined threshold.

The invention discloses a safety analysis and automatic evaluation method based on an index threshold value and semantic analysis. The method comprises the following steps: firstly, extracting a semantic relationship from an unstructured security analysis report, a regulation standard and other security analysis original corpus, and constructing a normalized security knowledge base; meanwhile, a safety index entity set is constructed according to the dimensions of activities, items and the like, and the safety index set is classified and divided in a layered mode; based on a semantic similarity calculation method, safety index entities and threshold attributes are identified and extracted from corpora such as regulatory standards, technical requirements and judgment bases, and the safety index entities and monitoring data attributes can be identified and extracted from a safety analysis report; and according to a semantic analysis result, automatic benchmarking and judgment can be carried out on a safety index satisfaction condition, and an expert experience method can be combined to carry out re-checking on an index initial judgment result. According to the method, the requirements of users on rapid, accurate and intelligent safety analysis and automatic evaluation of different activities and items are met, and the safety evaluation efficiency and accuracy can be effectively improved.

A static code security diagnosis method and device provided by the embodiment of the invention can be applied to the technical field of information security. The method comprises the steps of obtaining a static code of a to-be-diagnosed program; performing lexical analysis on each segmented word to obtain a segmented word symbol table; and performing vulnerability detection on the segmented wordsunder each entry according to the feature information of each segmented word, determining vulnerability segmented words under each entry, and further diagnosing vulnerability codes. On the basis of atext analysis technology, a lexical analyzer is constructed, lexical analysis is carried out on static codes to obtain a symbol table corresponding to the codes, and under the condition that developers do not need to carry out manual operation, the security index condition of application codes, finer-grained vulnerability description, specific vulnerability detailed information and a vulnerabilityrectification scheme are obtained, the obtained data can be subjected to vulnerability overall data analysis and data mining, and security code vulnerability test inspection and analysis do not needto be conducted manually.

A system and a method for predicting failure in a power system in real-time. The method comprises obtaining, by a processing unit, state estimation data corresponding to electrical quantities of the power system received from one or more sources in real-time, extracting a feature vector from the received state estimation data based on contingency analysis information using a trained machine learning model, wherein the feature vector corresponds to one or more parameters pertaining to the power system in real-time, determining a security index for the received state estimation data based on the extracted feature vector using the trained machine learning model and, predicting a failure of the power system based on the determined security index.

The invention relates to a power grid safety evaluation method and device, computer equipment, a storage medium and a computer program product. According to the invention, the operation safety and stability of the power grid system can be improved. The method comprises the following steps: taking each device of a transformer substation as a node, mapping a connection relationship among the devices as an edge among the nodes, and calculating security risk class, security state class and attack loss class evaluation elements of each node to obtain a current local security measure; calculating a first global security metric according to all the current local security metrics and the associated edges thereof; calculating various evaluation elements of each divided area, and calculating comprehensive security measurement of each divided area according to the various elements of each divided area and the first global security measurement; and calculating various evaluation elements of the target power network, and carrying out overall fusion on the various elements of the target power network and the comprehensive security measurement of each divided region by using a volleyball super-match algorithm to obtain a network security evaluation total measurement of the target power network.

The embodiment of the invention discloses a security detection method and device, electronic equipment and a storage medium, relates to the technical field of computers, and the adaptability of the security detection method can be improved. The method comprises the steps of obtaining a security index corresponding to a current operation platform based on a security index library; according to a corresponding security detection item in the security index, querying related operation parameters of the security detection item in the current operation platform; and determining whether the current operation platform has potential security hazards or not according to whether the operation parameters accord with the security indexes or not. The method is suitable for a security detection process.

The invention provides a security modeling and quantification method for network space mimicry defense based on the vulnerability consistency rate. The method comprises: step 1: determining the defense parameter information that affects the security of the DHR system; step 2: determining the attack parameter information that affects the attacker's ability; step 3: establishing the DHR system about the defense parameter information and the attack parameter information Model; step 4: deriving the DHR system security metrics about the defense parameter information and the attack parameter information, the metrics include: the system attack success rate of an attack and the system attack success rate of the attack task; step 5 : According to the DHR system model, the system attack success rate of an attack and the system attack success rate of an attack task, calculate the system attack success rate of the DHR system for a specific vulnerability and the system attack success rate of the DHR system for a combination of vulnerabilities. A mathematical model is established for the DHR system, and the security of the system is represented by indicators such as output consistency rate and system attack success rate, and the security and anti-attack ability of the DHR system are analyzed by solving the model.

The invention discloses a method capable of automatically responding to a security problem in a modular environment. The method is characterized by comprising the following steps of performing modularization on a process of a server through a module management system, and acquiring security performance indexes of all modules in real time; the module management system automatically predicts and analyzes the acquired related safety indexes, matches a safety strategy database to automatically start safety countermeasures, and displays normal performance data in a modular manner; the security policy database continuously recommends coping policies to an administrator in accordance with changes in confidence levels of the presented threats. The system is advantaged in that a modular managementsystem is used, and the safety performance indexes of the detection object are modularized; monitoring objects with normal safety performance index data can be displayed in different modules, coping strategies can be continuously and dynamically provided for safety threat events, safety event processing efficiency is greatly improved, and meanwhile the processing time is saved.

The invention discloses a student safety consciousness evaluation system and a method. According to the method, an evaluation framework based on multiple scale indexes such as security thought, security skills, security mentality and security behaviors is formed; education feedback guiding significance is achieved in the form of a safety consciousness evaluation report, an index system based on safety indexes is established, the dimension scientificity of investigation is improved, and the education requirements of schools in grades and levels are met. A B/S mode is adopted in hardware, only asmall amount of service logic is achieved on a front-end browser, main transaction logic is achieved on a server side, a three-layer structure is formed, and the expenditure cost of system maintenance and upgrading is reduced.