Multilayer impact factor-based security vulnerability threat quantification method

An impact factor, multi-level technology, applied in the field of network security, can solve the problems of regardless of the degree of attention of the vulnerability, the evaluation is highly subjective, and the objective threat of the vulnerability cannot be well reflected, so as to achieve efficient acquisition and avoid bias. Effect

Active Publication Date: 2017-10-24
BEIJING INST OF COMP TECH & APPL
View PDF4 Cites 5 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] Therefore, only focusing on the vulnerability itself and the environment without considering the degree of concern about the vulnerability will lead to a decrease in the reference value of the vulnerability score
In addition, the environmental factors ...

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Multilayer impact factor-based security vulnerability threat quantification method
  • Multilayer impact factor-based security vulnerability threat quantification method
  • Multilayer impact factor-based security vulnerability threat quantification method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0038] In order to make the purpose, content, and advantages of the present invention clearer, the specific implementation manners of the present invention will be further described in detail below in conjunction with the accompanying drawings and embodiments.

[0039] figure 1 Shown is a schematic diagram of the basic framework of a distributed crawler, such as figure 1 As shown, the distributed crawler includes five functional modules: crawling module 2, parsing module 3, verification module 6, merging module 5 and transformation module 7. Crawling module 2 generates a list to be crawled according to the website list 4 in the URL library 11, and then sends the list segmentation to the crawler node to crawl the webpage; Parse, save the external chain address parsed in the external chain URL library 14; verification module 6 is to verify that the link in the external chain URL library 14 ensures that the address that has been visited is removed; the merging module is to link ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a multilayer impact factor-based security vulnerability threat quantification method. The method comprises the following steps of: 1, determining a website to be crawled, crawling website data and processing the website data to obtain content related to heat assessment; 2, processing the crawled website data, carrying out heat assessment and correcting the score of a CVSS basic factor through a formula 1: ScoreBase=min [(ScoreBasc+ScoreConcerned), 8] (Formula 1), ScoreSconcerned=5*Publish*Click*Transmit (Formula2), wherein ScoreConcerned is a heat score, ScoreBasc is a basic score, Publish is a publish frequency, Click is a click frequency and Transmit is a transmit frequency; 3, carrying out asset assessment; and 4, fusing an asset assessment result obtained in the step 3 with a CVSS basic score by referring to a CVSS algorithm so as to obtain a final hole score, and substituting the final hole score into a CVSS assessment algorithm to obtain a final hole score.

Description

technical field [0001] The invention belongs to the technical field of network security, and designs a security loophole threat quantification method based on multi-level impact factors. Background technique [0002] The wide application of information technology and the rapid development of cyberspace have greatly promoted the prosperity and progress of society. However, in the process of informatization development, information security issues have become increasingly prominent. And destruction opens the door to convenience. In order to prevent problems before they happen, quantitative analysis of security vulnerabilities in advance, and taking corresponding protective measures according to the degree of harm of security vulnerabilities can effectively reduce asset losses. [0003] Quantitative analysis of security vulnerabilities is to comprehensively consider the security vulnerabilities themselves, occurrence conditions, scope of occurrence, and the degree of damage to...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F21/57
CPCG06F21/577
Inventor 贾琼温泉吴明杰王斌陈志浩于石林常承伟毛利旻达小文
Owner BEIJING INST OF COMP TECH & APPL
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap