NETWORK RISK ANALYSIS METHOD USING INFORMATION HIERARCHY STRUCTURE
First Claim
Patent Images
1. A network risk analysis method, comprising the steps of:
- a) storing information on a network environment as a target of a risk analysis, in a 1st layer of a database;
b) storing an active discovery result on the network in a 2nd layer of the database;
c) storing a passive discovery result on the network in a 3rd layer of the database;
d) storing a network vulnerability result obtained by using a vulnerability checking tool in a 4th layer of the database;
e) storing an asset analysis result and an expected attack path on the network in a 5th layer of the database;
f) storing a risk analysis result of the network in a 6th layer of the database; and
g) storing a security countermeasure for the network in a 7th layer of the database.
1 Assignment
0 Petitions
Accused Products
Abstract
A network risk analysis method using an information hierarchy structure is divided into 7 steps and results derived from each of the process steps are stored in a database to get a hierarchy structure for the respective steps. By using the information hierarchy structure, a network manager can easily comprehend the relationship between the derived results from each step to make a risk analysis in an efficient manner.
-
Citations
10 Claims
-
1. A network risk analysis method, comprising the steps of:
-
a) storing information on a network environment as a target of a risk analysis, in a 1st layer of a database; b) storing an active discovery result on the network in a 2nd layer of the database; c) storing a passive discovery result on the network in a 3rd layer of the database; d) storing a network vulnerability result obtained by using a vulnerability checking tool in a 4th layer of the database; e) storing an asset analysis result and an expected attack path on the network in a 5th layer of the database; f) storing a risk analysis result of the network in a 6th layer of the database; and g) storing a security countermeasure for the network in a 7th layer of the database. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A database comprising:
-
a 1st layer storing information on a network environment as a target of a risk analysis; a 2nd layer storing an active discovery result on the network; a 3rd layer storing a passive discovery result on the network; a 4th layer storing a network vulnerability result obtained by using a vulnerability checking tool; a 5th layer storing an asset analysis result and an expected attack path on the network; a 6th layer storing a risk analysis result of the network; and a 7th layer storing a security countermeasure for the network. - View Dependent Claims (9, 10)
-
Specification