首页>
外国专利>
A VULNERABILITY FIXING METHOD BASED ON HIERARCHICAL VULNERABILITY THREAT EVALUATION
A VULNERABILITY FIXING METHOD BASED ON HIERARCHICAL VULNERABILITY THREAT EVALUATION
展开▼
机译:基于层次脆弱性评估的脆弱性修复方法。
展开▼
页面导航
摘要
著录项
相似文献
摘要
A vulnerability fixing method based on hierarchical vulnerability threat evaluation is disclosed. The method includes: 1) retrieving a plurality of information security properties of the target system, a vulnerability to be test, and the required attack conditions during a process of using the vulnerability; 2) attacking the vulnerability and recording the values of required attack conditions during the process of being used and the degree of loss caused by successful utilization; 3) obtaining a qualitative grade score of the vulnerability according to the loss degree; 4) obtaining an attack utilization score of the vulnerability according to the values for the required attack conditions; 5) obtaining a quantitative grade score of the vulnerability according to the attack utilization score and the qualitative scoring score; 6) determining the processing order for the vulnerability according to the quantitative grade score of the vulnerability and fixes them. The method combines the advantage of the qualitative and quantitative vulnerability evaluation methods.
展开▼