Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Risk assessment method and apparatus for software system vulnerability

A software system and risk assessment technology, applied in the field of information security, can solve problems such as the inability to comprehensively assess the security risks of software systems, and achieve the effect of intuitive and accurate security risks

Inactive Publication Date: 2015-11-11
北京系统工程研究所
View PDF4 Cites 19 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0010] Existing software system security risk assessment methods cannot comprehensively assess the security risks of software systems intuitively and accurately

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Risk assessment method and apparatus for software system vulnerability
  • Risk assessment method and apparatus for software system vulnerability
  • Risk assessment method and apparatus for software system vulnerability

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0034] An embodiment of the present invention provides a software system vulnerability risk assessment method, such as figure 1 As shown, the software system vulnerability risk assessment method includes:

[0035] S11. Preprocessing the software package dependency metadata in the software system to construct a software dependency network, wherein the software package dependency metadata is a file recording information of all software packages in the software system.

[0036] For example: in the / dists / lucid / main / binary-i386 / packages.gz file in the Ubuntu system, the information of each software package in the system can be obtained from the metadata, including the package name, dependent software package, priority, etc.

[0037] Construct the dependency network graph G(V, E) of all software packages in the system by relying on software package information, that is, the software dependency network, where V represents the set of all nodes in the graph, and E represents the set o...

Embodiment 2

[0066] This embodiment provides a software system vulnerability risk assessment device, such as Figure 7 As shown, the software system vulnerability risk assessment device includes:

[0067] Dependent network construction unit 11, used to preprocess the software package dependent metadata in the software system, and build a software dependent network, wherein the software package dependent metadata is a file recording all software package information in the software system;

[0068] An association relationship building unit 12, configured to acquire vulnerability information, and construct an association relationship between the vulnerability and the software package according to the vulnerability information;

[0069] The dependency subgraph construction unit 13 is used to query software packages with vulnerabilities and other software packages that directly or indirectly depend on the software packages according to the software dependency network and the association between...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

Embodiments of the present invention disclose a risk assessment method and apparatus for software system vulnerability, and relate to the technical field of information security, solving the problems in the prior art that comprehensive assessment on security risks in a software system cannot be performed visually and accurately. The risk assessment method for software system vulnerability comprises: preprocessing software package dependency metadata in a software system and establishing a software dependency network; obtaining vulnerability information, and according to the vulnerability information, constructing an association relationship between vulnerability and software packages; according to the software dependency network and the association relationship between vulnerability and software packages, searching for a software package with vulnerability and other software packages that directly or indirectly depend on the software package, and constructing a software package dependency relationship subgraph; based on importance of each node in the software package dependency relationship subgraph, assessing a security risk imposed by the vulnerability on the entire software system. The method and the apparatus provided by the embodiments of the present invention are mainly used for assessing a risk of vulnerability of a complex software system.

Description

technical field [0001] The present invention relates to the technical field of information security, in particular to a software system vulnerability risk assessment method and device. Background technique [0002] As software systems become more complex and larger in scale, the application of modern software engineering methods such as componentized software development is promoted, and software systems are often not developed from scratch, but heavily referenced or dependent on other third-party software . These softwares exist in the form of software packages, components, function libraries, modules, Web services, etc., and through consistent interface specifications, use function calls, data transfers, module combinations, etc. to interact, and together form large-scale and complex large-scale software systems. The componentized software engineering development method is conducive to the reuse of components, and can quickly use existing components to build complex appli...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F21/57G06F21/56H04L29/06
CPCG06F21/56G06F21/563G06F21/577H04L63/1433
Inventor 王兵邓波李海龙赵亮王峰施寅生许帅
Owner 北京系统工程研究所
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com