首页> 外国专利> A VULNERABILITY FIXING METHOD BASED ON HIERARCHICAL VULNERABILITY THREAT EVALUATION

A VULNERABILITY FIXING METHOD BASED ON HIERARCHICAL VULNERABILITY THREAT EVALUATION

机译：基于层次脆弱性评估的脆弱性修复方法。

页面导航

摘要
著录项
相似文献

摘要

A vulnerability fixing method based on hierarchical vulnerability threat evaluation is disclosed. The method includes: 1) retrieving a plurality of information security properties of the target system, a vulnerability to be test, and the required attack conditions during a process of using the vulnerability; 2) attacking the vulnerability and recording the values of required attack conditions during the process of being used and the degree of loss caused by successful utilization; 3) obtaining a qualitative grade score of the vulnerability according to the loss degree; 4) obtaining an attack utilization score of the vulnerability according to the values for the required attack conditions; 5) obtaining a quantitative grade score of the vulnerability according to the attack utilization score and the qualitative scoring score; 6) determining the processing order for the vulnerability according to the quantitative grade score of the vulnerability and fixes them. The method combines the advantage of the qualitative and quantitative vulnerability evaluation methods.

机译：公开了一种基于分级漏洞威胁评估的漏洞修复方法。该方法包括：1）在使用该漏洞的过程中，获取目标系统的多个信息安全属性，待测试的漏洞以及所需的攻击条件; 2）在使用过程中对漏洞进行攻击并记录所需攻击条件的值以及成功利用所造成的损失程度; 3）根据损失程度获得脆弱性的定性等级分数; 4）根据所需攻击条件的值获取漏洞的攻击利用得分; 5）根据攻击利用率得分和定性得分，获得漏洞的定量等级得分; 6）根据漏洞的定量等级分数确定漏洞的处理顺序并进行修复。该方法结合了定性和定量漏洞评估方法的优势。

著录项

公开/公告号WO2012034304A1

专利类型
公开/公告日2012-03-22

原文格式PDF
申请/专利权人 GRADUATE UNIVERSITY OF CHINESE ACADEMY OF SCIENCES;ZHANG YUQING;LIU QIXU;FU ANMIN;
展开▼

申请/专利号WO2010CN78492
发明设计人 ZHANG YUQING;LIU QIXU;FU ANMIN;
展开▼

申请日2010-11-08
分类号G06F21;
国家 WO
入库时间 2022-08-21 17:17:10

相似文献

专利
外文文献
中文文献