System and method for network vulnerability detection and reporting
원문보기
IPC분류정보
국가/구분
United States(US) Patent
등록
국제특허분류(IPC7판)
G06F-015/173
G06F-015/16
출원번호
US-0387221
(2003-03-10)
등록번호
US-7257630
(2007-08-14)
발명자
/ 주소
Cole,David M.
Hanzlik,Dennis J.
Caso,Erik
출원인 / 주소
McAfee, Inc.
대리인 / 주소
Zilka Kotab, PC
인용정보
피인용 횟수 :
161인용 특허 :
12
초록▼
A system and method provide comprehensive and highly automated testing of vulnerabilities to intrusion on a target network, including identification of operating system, identification of target network topology and target computers, identification of open target ports, assessment of vulnerabilities
A system and method provide comprehensive and highly automated testing of vulnerabilities to intrusion on a target network, including identification of operating system, identification of target network topology and target computers, identification of open target ports, assessment of vulnerabilities on target ports, active assessment of vulnerabilities based on information acquired from target computers, quantitative assessment of target network security and vulnerability, and hierarchical graphical representation of the target network, target computers, and vulnerabilities in a test report. The system and method employ minimally obtrusive techniques to avoid interference with or damage to the target network during or after testing.
대표청구항▼
What is claimed is: 1. A method of objectively assessing the security of a networks, said method comprising: assigning a vulnerability risk level to each of a plurality of vulnerabilities found on the network; assigning a vulnerability risk level to each of a plurality of nodes on the network based
What is claimed is: 1. A method of objectively assessing the security of a networks, said method comprising: assigning a vulnerability risk level to each of a plurality of vulnerabilities found on the network; assigning a vulnerability risk level to each of a plurality of nodes on the network based on vulnerabilities found on each of the plurality of nodes; assigning an exposure risk level to each exposure found on the network; providing a security score that is dependent on at least the vulnerability risk levels of the vulnerabilities, the vulnerability risk levels of the nodes, and a number of nodes on the network; wherein the security score is derived from a formula of form F=a-V-E, wherein F is the security score, a is a constant, V is a vulnerability loss, and E is an exposure loss. 2. The method of claim 1, further comprising the step of assigning an exposure risk level to each of a plurality of exposures found on the network, and wherein the security score is further dependent on the exposure risk levels. 3. The method of claim 2, wherein the security score is based on selected vulnerabilities and exposures that affect internal network security. 4. The method of claim 3, wherein the selected exposures include rogue applications, wireless access points, trojan horses, and backdoors. 5. The method of claim 1, wherein V is derived from a formula of form V=min (b, (cVhHh+dVmHm+eVlHl) /Hn)), where V is the vulnerability loss, min( . . . , . . . ) is a standard minimum function, Vh is a number of high level vulnerabilities detected, Hh is a number of hosts on which high level vulnerabilities are detected, Vm is a number of medium level vulnerabilities detected, Hm is a number of hosts on which medium level venerabilities are detected, Vl is a number of low level vulnerabilities detected, Hl is a number of hosts on which low level vulnerabilities are detected, and Hn is a total number of hosts on the network. 6. The method of claim 5, wherein E is derived from a formula E=min(f, Σ(y=l→Hn){gRy +hWy+iTy}), where E is the exposure loss, min ( . . . , . . . ) is the standard minimum function, Σ is a summation symbol, Ry is a number of Rogue applications found on a host y, WY is a number of wireless access points found on the host y, and Ty is a number of trojan horses or backdoors found on the host y. 7. A method of objectively assessing the security of a network, said method comprising the steps of: assigning a vulnerability risk level to each of a plurality of vulnerabilities found on the network; assigning a vulnerability risk level to each of a plurality of nodes on the network based on vulnerabilities found on each of the plurality of nodes; assigning an exposure risk level to each exposure found on the network; assigning an exposure risk level to each of a plurality of exposures found on the network; providing a security score that is dependent on at least the vulnerability risk levels of the vulnerabilities, the vulnerability risk levels of the nodes, and a number of nodes on the network; wherein to security score is further dependent on the exposure risk levels; wherein the security score is derived from a formula of form F=a-V-E, wherein F is the security score, a is a constant, V is a vulnerability loss, and E is an exposure loss. 8. A system for selectively calculating one of a plurality of network security scores, the system comprising: a network security score calculation module adapted to run computer instructions for calculating a network security score, the network security score being calculated according to defined vulnerabilities and exposures found in a network and defined numerical weights for each defined vulnerability and exposure; a plurality of network security calculation instruction sets, the plurality of network security calculation instruction sets adapted to define the vulnerabilities and exposures included in the calculation, and to define the numerical weights for each vulnerability and exposure; and a calculation selection module adapted to allow a computer user to select one of the plurality of network security calculation instruction sets to be run by the network security score calculation module; wherein the network security score is derived from formula of form F=a-V-E, wherein F is the network security score, a is a constant, V is a vulnerability loss, and E is an exposure loss. 9. The system of claim 8, wherein the plurality of network security calculation instruction sets includes a first set of network security calculation instruction sets adapted to provide a network security score that focuses on security vulnerabilities and exposures that affect external security of the network and a second set of network security calculation instruction sets adapted to provide a network security score that focuses on security vulnerabilities and exposures that affect internal security of the network. 10. A computer program product embodied on a tangible computer readable medium for objectively assessing the security of a network, said computer program product comprising: computer code for assigning a vulnerability risk level to each of a plurality of vulnerabilities found on the network; computer code for assigning a vulnerability risk level to each of a plurality of nodes on the network based on vulnerabilities found on each of the plurality of nodes; computer code for assigning an exposure risk level to each exposure found on the network; computer code for providing a security score that is dependent on at least the vulnerability risk levels of the vulnerabilities, the vulnerability risk levels of the nodes, and a number of nodes on the network; wherein the security score is derived front a formula of form F=a-V-E, wherein F is the security score, a is a constant, V is a vulnerability loss, and E is an exposure loss. 11. The computer program product of claim 10, further comprising computer code for assigning an exposure risk level to each of a plurality of exposures found on the network, and wherein the security score is further dependent on the exposure risk levels. 12. The computer program product of claim 11, wherein the security score is based on selected vulnerabilities and exposures that affect internal network security. 13. The computer program product of claim 12, wherein the selected exposures include rogue applications, wireless access points, trojan horses, and backdoors. 14. The computer program product of claim 10, wherein V is derived from a formula of form V=min (b, (cVhHh+dVmHm+eVlHl) /Hn)), where V is the vulnerability loss, min( . . . , . . . ) is a standard minimum function, Vh is a number of high level venerabilities detected, Hh is a number of hosts on which high level vulnerabilities are detected, Vm is a number of medium level vulnerabilities detected, Hm is a number of hosts on which medium level vulnerabilities are detected, Vl is a number of low level vulnerabilities detected, Hl is a number of hosts on which low level vulnerabilities are detected, and Hn is a total number of hosts on the network. 15. The computer program product of claim 14, wherein E is derived from a formula E=min(f, Σ(y=l→Hn){(gRy +hWy+iTy}), where E is the exposure loss, min ( . . . , . . . ) is the standard minimum function, Σ is a summation symbol, Ry is a number of Rogue applications found on a host y, Wy is a number of wireless access points found on the host y, and Ty is a number of trojan horses or backdoors found on the host y.
연구과제 타임라인
LOADING...
LOADING...
LOADING...
LOADING...
LOADING...
이 특허에 인용된 특허 (12)
Banzhof,Carl E., Automated computer vulnerability resolution system.
Gleichauf Robert E. ; Randall William A. ; Teal Daniel M. ; Waddell Scott V. ; Ziese Kevin J., Method and system for adaptive network security using network vulnerability assessment.
Sampath Srivats ; Balasubramaniam Chandrasekar ; Lingarkar Ravi ; Katchapalayam Babu ; Kannan Ravi, Method and system for securing, managing or optimizing a personal computer.
Gleichauf Robert ; Shanklin Steven, System and method for real-time insertion of data into a multi-dimensional database for network intrusion detection and vulnerability assessment.
Grauzer, Attila; Bourbour, Feraidoon; Yoseloff, Mark L., Apparatus, system, method, and computer-readable medium for casino card handling with multiple hand recall feature.
Grauzer, Attila; Bourbour, Feraidoon; Yoseloff, Mark L., Apparatus, system, method, and computer-readable medium for casino card handling with multiple hand recall feature.
Grauzer, Attila; Bourbour, Feraidoon; Yoseloff, Mark L., Apparatus, system, method, and computer-readable medium for casino card handling with multiple hand recall feature.
Scheper, Paul K.; Grauzer, Attila; Kelly, James V.; Stasson, James B.; Swanson, Ronald R.; Bourbour, Feraidoon; Nelson, Troy D.; Lopez, David B.; Yoseloff, Mark L.; Dunn, R. Brooke; Krenn, Peter; Blaha, Ernst, Automatic card shuffler with pivotal card weight and divider gate.
Stasson, James B.; Rynda, Robert J.; Scheper, Paul K.; Swanson, Ronald R.; Grauzer, Attila, Batch card shuffling apparatuses including multi card storage compartments.
Stasson, James B.; Rynda, Robert J.; Scheper, Paul K.; Swanson, Ronald R.; Grauzer, Attila, Batch card shuffling apparatuses including multi card storage compartments, and related methods.
Grauzer, Attila; Schubert, Oliver M.; Kelly, James V.; Stasson, James B.; Bourbour, Feraidoon; Scheper, Paul K.; Nelson, Troy D., Card handling devices and related methods.
Grauzer, Attila; Bourbour, Feraidoon; Nelson, Troy D.; Rynda, Robert J.; Scheper, Paul K.; Stasson, James B.; Swanson, Ronald R., Card-handling devices.
Cosquer, Francois J. N.; Marquet, Bertrand; MacIntosh, Robert W.; Leclerc, Yvon; D'Souza, Scott David, Communication network security risk exposure management systems and methods.
Roesch, Martin Frederick; Novak, Judy Hollis; Sturges, Steven, Device, system and method for analysis of segments in a transmission control protocol (TCP) session.
Stasson, James B.; Rynda, Robert J.; Helgesen, James P.; Nelson, Troy D.; Scheper, Paul K.; Swanson, Ronald R.; Helsen, Colin A.; Wadds, Nathan J., Hand-forming card shuffling apparatuses including multi-card storage compartments, and related methods.
Stasson, James B.; Rynda, Robert J.; Helgesen, James P.; Nelson, Troy D.; Scheper, Paul K.; Swanson, Ronald R.; Helsen, Collin A.; Wadds, Nathan J., Hand-forming card shuffling apparatuses including multi-card storage compartments, and related methods.
Anderson, Brooke Madsen; Bunn, Wiliam C.; Karnes, Mary; Lieberman, Sarah M.; Wilczek, Mira E., Method and apparatus for graphical presentation of firewall security policy.
Vasireddy, S. Rao; Chandrashekhar, Uma; Sabnis, Suhasini; McGee, Andrew R.; Solari, Carlos, Method and apparatus to measure the security of a system, network, or application.
Schloegel, Kirk A.; Bhatt, Devesh, Method for software vulnerability flow analysis, generation of vulnerability-covering code, and multi-generation of functionally-equivalent code.
Scheper, Paul K.; Grauzer, Attila; Kelly, James V.; Stasson, James B.; Swanson, Ronald R.; Bourbour, Feraidoon; Nelson, Troy D.; Lopez, David B.; Yoseloff, Mark L.; Dunn, R. Brooke; Krenn, Peter; Blaha, Ernst, Method of readying a card shuffler.
Czyzewski, Zbigniew; Zvercov, Vladislav; Grauzer, Attila, Methods and apparatuses for an automatic card handling device and communication networks including same.
Kelly, James V.; Zvercov, Vladislav; Miller, Brian, Methods for automatically generating a card deck library and master images for a deck of cards, and a related card processing apparatus.
Grauzer, Attila; Bourbour, Feraidoon; Nelson, Troy D.; Rynda, Robert J.; Scheper, Paul K.; Stasson, James B.; Swanson, Ronald R., Methods of randomizing cards.
Grauzer, Attila; Schubert, Oliver M.; Kelly, James V.; Stasson, James B.; Bourbour, Feraidoon; Scheper, Paul K.; Nelson, Troy D., Multiple mode card shuffler and card reading device.
Stasson, James B.; Swanson, Ronald R.; Scheper, Paul K.; Nelson, Troy D.; Bourbour, Feraidoon; Grauzer, Attila, Shuffler and method of shuffling cards.
Sturges, Steven; Norton, Marc, Speed and memory optimization of intrusion detection system (IDS) and intrusion prevention system (IPS) rule processing.
Williams, John Leslie; Costello, Brian; Ravenel, John Patrick; Ritter, Stephen J.; Pelly, John; Rutherford, M. Celeste; Payne, John, System and method for automated policy audit and remediation management.
Williams, John Leslie; Costello, Brian; Ravenel, John Patrick; Ritter, Stephen J.; Pelly, John; Rutherford, M. Celeste; Payne, John, System and method for automated policy audit and remediation management.
Lucangeli Obes, Jorge; Sarraute Yamada, Carlos Emilio; Richarte, Gerardo Gabriel, System and method for extending automated penetration testing to develop an intelligent and cost efficient security strategy.
Williams, John Leslie; Costello, Brian; Ravenel, John Patrick; Walpoie, Thomas Paul, System and method for interfacing with heterogeneous network data gathering tools.
Williams, John Leslie; Costello, Brian; Ravenel, John Patrick; Walpole, Thomas Paul, System and method for interfacing with heterogeneous network data gathering tools.
Williams, John Leslie; Costello, Brian; Ravenel, John Patrick; Walpole, Thomas Paul, System and method for interfacing with heterogeneous network data gathering tools.
Hoyt, Travis E.; Cimijotti, Mark T.; Upchurch, II, Jack D.; Legette, Tyron; Stranathan, William T.; Lang, Robert A., System and method for management of vulnerability assessment.
Force, Paul; Crumb, Anthony; Hutson, James; Cox, Steven, System and method for monitoring network communications originating in monitored jurisdictions.
Olney, Matthew; Mullen, Patrick; Grenier, Lurene; Houghton, Nigel; Pentney, Ryan, System and method for near-real time network attack detection, and system and method for unified detection via detection routing.
McClure, Stuart C.; Kurtz, George; Keir, Robin; Beddoe, Marshall A.; Morton, Michael J.; Prosise, Christopher M.; Cole, David M.; Abad, Christopher, System and method for network vulnerability detection and reporting.
McClure, Stuart C.; Kurtz, George; Keir, Robin; Beddoe, Marshall A.; Morton, Michael J.; Prosise, Christopher M.; Cole, David M.; Abad, Christopher, System and method for network vulnerability detection and reporting.
McClure, Stuart C.; Kurtz, George; Keir, Robin; Beddoe, Marshall A.; Morton, Michael J.; Prosise, Christopher M.; Cole, David M.; Abad, Christopher, System and method for network vulnerability detection and reporting.
McClure, Stuart C.; Kurtz, George; Keir, Robin; Beddoe, Marshall A.; Morton, Michael J.; Prosise, Christopher M.; Cole, David M.; Abad, Christopher, System and method for network vulnerability detection and reporting.
Bascle, Jeff P.; Blair, Jr., Stephen M.; Mahaffey, Jr., Paul David; Quest, Jason J., System and method for reducing the vulnerability of a computer network to virus threats.
Nash, Michael Gregory; Vasile, Tony; Hamilton, Ian Kennedy, System and method for sending and/or receiving digital content based on a delivery specification.
Andres, Steven G.; Cole, David M.; Cummings, Thomas Gregory; Garcia, Roberto Ramon; Kenyon, Brian Michael; Kurtz, George R.; McClure, Stuart Cartier; Moore, Christopher William; O'Dea, Michael J.; Saruwatari, Ken D., System and method of managing network security risks.
Roesch, Martin; Vogel, III, William Andrew; Watchinski, Matt, Systems and methods for determining characteristics of a network and analyzing vulnerabilities.
Roesch, Martin; Dempster, Ronald A.; Baker, Andrew; Gustafson, Eric, Systems and methods for determining characteristics of a network and enforcing policy.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.