CN108881325A - A kind of network security risk evaluation system - Google Patents
A kind of network security risk evaluation system Download PDFInfo
- Publication number
- CN108881325A CN108881325A CN201811110914.8A CN201811110914A CN108881325A CN 108881325 A CN108881325 A CN 108881325A CN 201811110914 A CN201811110914 A CN 201811110914A CN 108881325 A CN108881325 A CN 108881325A
- Authority
- CN
- China
- Prior art keywords
- node
- network
- risk
- risk assessment
- bigger
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The present invention provides a kind of network security risk evaluation systems, including node risk evaluation module, node importance evaluation module and Network Risk Assessment module, the node risk evaluation module is for assessing the security risk of each network node, the node importance evaluation module is for assessing the significance level of network node, and the Network Risk Assessment module is for assessing the security risk of network according to the security risk assessment result of each network node.Beneficial effects of the present invention are:A kind of network security risk evaluation system is provided, according to node difference, the security risk and significance level of node is assessed, network security risk evaluation is realized.
Description
Technical field
The present invention relates to technical field of network security, and in particular to a kind of network security risk evaluation system.
Background technique
Since internet comes out, earth-shaking variation is therefore had occurred in the economy of the mankind, culture, life.People can
It is exchanged with the people at any time with different geographical;Can stay indoors home buying, sit back and wait delivery to door;The people to leave home can be by remote
Range monitoring knows all in family clearly;Huge transnational enterprise can be organized the business backbone being globally distributed by video conference
It holds a meeting together;Business contact between enterprise and enterprise is often that mouse one is dynamic, and an envelope mail is easily settled.Internet is not
Only people provide various conveniences, but also change and pushed the development of entire society.
While bringing human society epoch-making change, brought risk is also inevitable network.People institute
What can be done only reduces risk as far as possible, and inscribed by risk in certain range.For this purpose, risk management technology is come into being.
Summary of the invention
In view of the above-mentioned problems, the present invention is intended to provide a kind of network security risk evaluation system.
The purpose of the present invention is realized using following technical scheme:
A kind of network security risk evaluation system is provided, including node risk evaluation module, node importance assess mould
Block and Network Risk Assessment module, the node risk evaluation module are used to assess the security risk of each network node,
The node importance evaluation module for assessing the significance level of network node, use by the Network Risk Assessment module
The security risk of network is assessed according to the security risk assessment result of each network node.
Beneficial effects of the present invention are:A kind of network security risk evaluation system is provided, according to node difference, to node
Security risk and significance level assessed, realize network security risk evaluation.
Detailed description of the invention
The present invention will be further described with reference to the accompanying drawings, but the embodiment in attached drawing is not constituted to any limit of the invention
System, for those of ordinary skill in the art, without creative efforts, can also obtain according to the following drawings
Other attached drawings.
Fig. 1 is structural schematic diagram of the invention;
Appended drawing reference:
Node risk evaluation module 1, node importance evaluation module 2, Network Risk Assessment module 3.
Specific embodiment
The invention will be further described with the following Examples.
Referring to Fig. 1, a kind of network security risk evaluation system of the present embodiment, including node risk evaluation module 1, node
Importance evaluation module 2 and Network Risk Assessment module 3, the node risk evaluation module 1 are used for the peace to each network node
Full blast is nearly assessed, and the node importance evaluation module 2 is for assessing the significance level of network node, the net
Network risk evaluation module 3 is for assessing the security risk of network according to the security risk assessment result of each network node.
A kind of network security risk evaluation system is present embodiments provided, according to node difference, to the security risk of node
It is assessed with significance level, realizes network security risk evaluation.
Preferably, the node risk evaluation module 1 includes the first evaluation module, the second evaluation module and comprehensive assessment mould
Block, first evaluation module are used to obtain the first risk assessment value of node, and second evaluation module is for obtaining node
The second risk assessment value, the comprehensive assessment module be used for according to the first risk assessment value and the second risk assessment value to node
Risk is assessed;
First evaluation module is used to obtain the first risk assessment value of node, specially:
Using the first risk assessment value of following formula calculate node:
In formula, C1Indicate the first risk assessment value of node, precondition needed for p expression attacking network node and node leak
Matching degree between the information of hole, p ∈ [0,1], p is bigger, precondition needed for indicating attacking network node and node vulnerability information
Between matching it is better, a indicates to take security protection measure intensity by attacking network node, and b indicates sensitivity coefficient, b ∈ [0.5,
1.5], b is bigger, indicates a to C1It influences bigger;
The a is determined in the following ways:Work as a=0, security protection measure is not taken in expression, works as a=0.4, and expression, which takes, attacks
A=1 is worked as in the security protection measure for hitting detection, indicates the safety measure for taking attack detecting and attack protection;
The first risk assessment value is bigger, indicates that network node is bigger by attack cost;
Assessment of this preferred embodiment by the risk assessment value of calculate node to node risk, improves node risk and comments
The accuracy estimated, specifically, reflecting the probability of success of attack by the first risk assessment of calculate node value.
Preferably, second evaluation module is used to obtain the second risk assessment value of node, specially:
Using the second risk assessment value of following formula calculate node:
In formula, C2Second risk assessment value of expression node, warning information intensity when y indicates under attack, y ∈ 1,2,
3 }, y is bigger, indicates that early warning intensity is bigger, and s indicates that stage position where attack, n indicate to attack total number of stages;
The second risk assessment value is bigger, indicates that attack is bigger to the threat of network node;
This preferred embodiment is realized node and is on the hazard the assessment of degree by the second risk assessment of calculate node value.
Preferably, the comprehensive assessment module is used for the first risk assessment value and the second risk assessment value pair according to node
Node risk is assessed, specially:
The risk assessment value of node is determined according to the first risk assessment value and the second risk assessment value:
In formula, F indicates the risk assessment value of node;The risk assessment value of the node is bigger, indicates the safety wind of node
Danger is higher.
Risk assessment value of this preferred embodiment according to the first risk assessment value and the second risk assessment value calculate node, reality
The comprehensive assessment of node security risk is showed, has laid a good foundation for subsequent network security evaluation.
Preferably, the node importance evaluation module 2 is for assessing the significance level of network node, specifically
For:
Using the significance level assessed value of following formula calculate node:
In formula, Q indicates the significance level assessed value of node, q1Indicate the confidentiality metric of node, q2Indicate the complete of node
Metric, q are spent well3Indicate the Measurement for availability value of node;q1∈ (0,1], q1It is bigger, indicate that the confidentiality requirement of node is higher,
Bring security risk is bigger when being attacked, q2∈ (0,1], q2It is bigger, it is higher to indicate that the integrity of node requires, when being tampered
Bring security risk is bigger, q3∈ (0,1], q3It is bigger, indicate higher to the dependence of node, bring safety when being attacked
Risk is bigger;
The significance level assessed value of the node is bigger, indicates that a possibility that network node is more important, under attack is bigger;
This preferred embodiment passes through the significance level assessed value of calculate node, the significance level of node according to node difference
The assessed value concentrated expression confidentiality requirement of node, integrity requires and availability, establishes for subsequent network security evaluation
Basis.
Preferably, the Network Risk Assessment module 3 is used for the security risk assessment result according to each network node to net
The security risk of network is assessed, specially:
Calculate the risk assessment value F of each network nodei, i=1,2 ..., n, the number of n expression network node;
Calculate the significance level assessed value Q of each network nodei, i=1,2 ..., n, the number of n expression network node;
The risk assessment value of network is determined according to the risk assessment of each network node:
In formula, W indicates the risk assessment value of network;The risk assessment value of the network is bigger, indicates the safety wind of network
Danger is higher.
This preferred embodiment realizes network security by the risk assessment value and significance level assessed value of each node of calculating
The accurate evaluation of risk.
Through the above description of the embodiments, those skilled in the art can be understood that it should be appreciated that can
To realize the embodiments described herein with hardware, software, firmware, middleware, code or its any appropriate combination.For hardware
It realizes, processor can be realized in one or more the following units:Specific integrated circuit (ASIC), digital signal processor
(DSP), digital signal processing appts (DSPD), programmable logic device (PLD), field programmable gate array (FPGA), processing
Device, controller, microcontroller, microprocessor, other electronic units designed for realizing functions described herein or combinations thereof.
For software implementations, some or all of embodiment process can instruct relevant hardware to complete by computer program.
When realization, above procedure can be stored in computer-readable medium or as the one or more on computer-readable medium
Instruction or code are transmitted.Computer-readable medium includes computer storage media and communication media, wherein communication media packet
It includes convenient for from a place to any medium of another place transmission computer program.Storage medium can be computer can
Any usable medium of access.Computer-readable medium can include but is not limited to RAM, ROM, EEPROM, CD-ROM or other
Optical disc storage, magnetic disk storage medium or other magnetic storage apparatus or can be used in carry or store have instruction or data
The desired program code of structure type simultaneously can be by any other medium of computer access.
Finally it should be noted that the above embodiments are merely illustrative of the technical solutions of the present invention, rather than the present invention is protected
The limitation of range is protected, although explaining in detail referring to preferred embodiment to the present invention, those skilled in the art are answered
Work as understanding, it can be with modification or equivalent replacement of the technical solution of the present invention are made, without departing from the reality of technical solution of the present invention
Matter and range.
Claims (8)
1. a kind of network security risk evaluation system, which is characterized in that assessed including node risk evaluation module, node importance
Module and Network Risk Assessment module, the node risk evaluation module is for commenting the security risk of each network node
Estimate, the node importance evaluation module is for assessing the significance level of network node, the Network Risk Assessment mould
Block is for assessing the security risk of network according to the security risk assessment result of each network node.
2. network security risk evaluation system according to claim 1, which is characterized in that the node risk evaluation module
Including the first evaluation module, the second evaluation module and comprehensive assessment module, first evaluation module is used to obtain the of node
One risk assessment value, second evaluation module are used to obtain the second risk assessment value of node, and the comprehensive assessment module is used
Node risk is assessed according to the first risk assessment value and the second risk assessment value.
3. network security risk evaluation system according to claim 2, which is characterized in that first evaluation module is used for
The first risk assessment value of node is obtained, specially:
Using the first risk assessment value of following formula calculate node:
In formula, C1Indicate the first risk assessment value of node, precondition needed for p expression attacking network node and node loophole are believed
Matching degree between breath, p ∈ [0,1], p is bigger, indicates needed for attacking network node between precondition and node vulnerability information
Matching it is better, a indicates to take security protection measure intensity by attacking network node, and b indicates sensitivity coefficient, b ∈ [0.5,1.5], b
It is bigger, indicate a to C1It influences bigger.
4. network security risk evaluation system according to claim 3, which is characterized in that a is true in the following ways
It is fixed:Work as a=0, security protection measure is not taken in expression, works as a=0.4, indicates the security protection measure for taking attack detecting, works as a=1, table
Show the safety measure for taking attack detecting and attack protection;
The first risk assessment value is bigger, indicates that network node is bigger by attack cost.
5. network security risk evaluation system according to claim 4, which is characterized in that second evaluation module is used for
The second risk assessment value of node is obtained, specially:
Using the second risk assessment value of following formula calculate node:
In formula, C2Indicate the second risk assessment value of node, warning information intensity when y indicates under attack, y ∈ { 1,2,3 }, y is got over
Greatly, indicate that early warning intensity is bigger, s indicates that stage position where attack, n indicate to attack total number of stages;
The second risk assessment value is bigger, indicates that attack is bigger to the threat of network node.
6. network security risk evaluation system according to claim 5, which is characterized in that the comprehensive assessment module is used for
Node risk is assessed according to the first risk assessment value of node and the second risk assessment value, specially:
The risk assessment value of node is determined according to the first risk assessment value and the second risk assessment value:
In formula, F indicates the risk assessment value of node;The risk assessment value of the node is bigger, indicates that the security risk of node is got over
It is high.
7. network security risk evaluation system according to claim 6, which is characterized in that the node importance assesses mould
Block is for assessing the significance level of network node, specially:
Using the significance level assessed value of following formula calculate node:
In formula, Q indicates the significance level assessed value of node, q1Indicate the confidentiality metric of node, q2Indicate the intact degree of node
Metric, q3Indicate the Measurement for availability value of node;q1∈ (0,1], q1It is bigger, it indicates that the confidentiality requirement of node is higher, is attacked
Bring security risk is bigger when hitting, q2∈ (0,1], q2It is bigger, it is higher to indicate that the integrity of node requires, is brought when being tampered
Security risk it is bigger, q3∈ (0,1], q3It is bigger, indicate, when being attacked bring security risk higher to the dependence of node
It is bigger;
The significance level assessed value of the node is bigger, indicates that a possibility that network node is more important, under attack is bigger.
8. network security risk evaluation system according to claim 7, which is characterized in that the Network Risk Assessment module
For being assessed according to the security risk assessment result of each network node the security risk of network, specially:
Calculate the risk assessment value F of each network nodei, i=1,2 ..., n, the number of n expression network node;
Calculate the significance level assessed value Q of each network nodei, i=1,2 ..., n, the number of n expression network node;
The risk assessment value of network is determined according to the risk assessment of each network node:
In formula, W indicates the risk assessment value of network;The risk assessment value of the network is bigger, indicates that the security risk of network is got over
It is high.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811110914.8A CN108881325A (en) | 2018-09-22 | 2018-09-22 | A kind of network security risk evaluation system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811110914.8A CN108881325A (en) | 2018-09-22 | 2018-09-22 | A kind of network security risk evaluation system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN108881325A true CN108881325A (en) | 2018-11-23 |
Family
ID=64324545
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201811110914.8A Pending CN108881325A (en) | 2018-09-22 | 2018-09-22 | A kind of network security risk evaluation system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN108881325A (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN118802344A (en) * | 2024-07-12 | 2024-10-18 | 中国移动通信集团福建有限公司 | Network situation awareness method, device, computer equipment and storage medium |
| CN119697053A (en) * | 2024-11-26 | 2025-03-25 | 深圳市佳鑫产业发展有限公司 | Network security testing and evaluation system based on big data |
| CN119945722A (en) * | 2024-12-23 | 2025-05-06 | 广东电网有限责任公司广州供电局 | Network environment security protection system based on network support platform |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20140089189A1 (en) * | 2012-09-27 | 2014-03-27 | S. Rao Vasireddy | System, method, and apparatus to evaluate transaction security risk |
| CN106341414A (en) * | 2016-09-30 | 2017-01-18 | 重庆邮电大学 | Bayesian network-based multi-step attack security situation assessment method |
-
2018
- 2018-09-22 CN CN201811110914.8A patent/CN108881325A/en active Pending
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20140089189A1 (en) * | 2012-09-27 | 2014-03-27 | S. Rao Vasireddy | System, method, and apparatus to evaluate transaction security risk |
| CN106341414A (en) * | 2016-09-30 | 2017-01-18 | 重庆邮电大学 | Bayesian network-based multi-step attack security situation assessment method |
Non-Patent Citations (1)
| Title |
|---|
| 葛海慧等: "基于动态关联分析的网络安全风险评估方法", 《电子与信息学报》 * |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN118802344A (en) * | 2024-07-12 | 2024-10-18 | 中国移动通信集团福建有限公司 | Network situation awareness method, device, computer equipment and storage medium |
| CN119697053A (en) * | 2024-11-26 | 2025-03-25 | 深圳市佳鑫产业发展有限公司 | Network security testing and evaluation system based on big data |
| CN119945722A (en) * | 2024-12-23 | 2025-05-06 | 广东电网有限责任公司广州供电局 | Network environment security protection system based on network support platform |
| CN119945722B (en) * | 2024-12-23 | 2025-11-28 | 广东电网有限责任公司广州供电局 | Network environment safety protection system based on network support platform |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN108009915B (en) | Marking method and related device for fraudulent user community | |
| US9602526B2 (en) | User login monitoring device and method | |
| US9544320B2 (en) | Detection of intrusion in a wireless network | |
| CN105243715B (en) | A kind of automatic register method of cell visiting subscriber and system based on dynamic two-dimension code | |
| WO2019193583A2 (en) | Methods, systems, apparatuses and devices for facilitating provisioning of audit data related to energy consumption, water consumption, water quality, greenhouse gas emissions, and air emissions using blockchain | |
| CN109167786A (en) | A kind of Information Security Management System | |
| CN108881325A (en) | A kind of network security risk evaluation system | |
| WO2016095626A1 (en) | Process monitoring method and device | |
| CN107682345B (en) | IP address detection method and device and electronic equipment | |
| CN104040963A (en) | System and methods for spam detection using frequency spectra of character strings | |
| US20120215704A1 (en) | Identification of regions including unauthorized products | |
| CN115277490B (en) | Network target range evaluation method, system, equipment and storage medium | |
| WO2017101874A1 (en) | Detection method for apt attack, terminal device, server and system | |
| US7596810B2 (en) | Apparatus and method of detecting network attack situation | |
| CN116015857A (en) | Risk assessment method, device, electronic equipment and storage medium for network assets | |
| CN117149082A (en) | Solid state disk data processing method and device, solid state disk and storage medium | |
| CN111756745A (en) | Alarm method, alarm device and terminal equipment | |
| CN109002253A (en) | A kind of processing method and processing device for damaging band | |
| CN109246114A (en) | A kind of Intelligent network monitoring system | |
| CN113127878A (en) | Risk assessment method and device for threat event | |
| CN114564753A (en) | A blockchain-based forestry carbon sink carbon asset public service method and system | |
| CN117094574A (en) | Method, system, equipment and readable storage medium for efficiently managing enterprise assets | |
| CN105046147B (en) | Method and device for monitoring attack degree of system | |
| CN116261139A (en) | Online data security transmission method and system based on 5G message and electronic equipment | |
| CN118509235B (en) | DGA domain name detection methods, devices, electronic equipment, and storage media |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20181123 |
|
| RJ01 | Rejection of invention patent application after publication |