Patenton — panteon of patents

(19)

RU

(11)

2 783 224

(13)

C1

(51)

IPC

G06F21/57(2013-01-01)

G06F17/16(2006-01-01)

(21) (22)

Application

2021127267, 2021-09-15

(24)

Start date

2021-09-15

(22)

Actual filing date

2021-09-15

(45)

Published

2022-11-10

(72)

Inventor

Butrik Ekaterina EvgenevnaSolovev Sergej VeniaminovichEnyutin Aleksej Yurevich

(73)

Holder

Federalnoe Avtonomnoe Uchrezhdenie Nauchno-Issledovatelskij Ispytatelnyj Institut Problem Tekhnicheskoj Zashchity Informatsii Federalnoj Sluzhby Po Tekhnicheskomu I Eksportnomu Kontrolyu"

METHOD FOR IDENTIFYING SOFTWARE VULNERABILITIES FORMING THE CONDITIONS FOR INFORMATION SECURITY VIOLATION IN AN INFORMATION SYSTEM DUE TO A COMPUTER ATTACK Russian patent published in 2022 - IPC G06F21/57 G06F17/16 

Abstract RU 2783224 C1

FIELD: information protection.

SUBSTANCE: method for identifying software vulnerabilities forming the conditions for information security violation in an information system due to a computer attack consists in forming a set of types of terms of known computer attack techniques (hereinafter referred to as techniques) and vulnerabilities identified by analysing the descriptions of techniques and vulnerabilities; determining the weights of each type of terms by an expert evaluation method; forming an ordered vector of types of terms with account to the weights; forming vector representations of each technique and vulnerability included in the formed set, represented as values of the types of terms; calculating measures of matching of the descriptions of techniques and vulnerabilities in order to determine identity thereof; and forming a list of vulnerabilities required to implement a computer attack based on the calculated measures of matching of the descriptions of techniques and vulnerabilities.

EFFECT: higher effectiveness of forming a list of information system vulnerabilities, the operation whereof may lead to a violation of information security in the information systems.

1 cl, 1 dwg

Similar patents RU2783224C1

Title Year Author Number
METHOD OF CONTROLLING PROTECTION SURFACE OF CORPORATE COMMUNICATION NETWORK 2023
  • Dobryshin Mikhail Mikhailovich
 RU2824314C1
METHOD AND SYSTEM FOR AUTOMATED DOCUMENTATION OF SECURITY THREATS AND VULNERABILITIES RELATED TO AN INFORMATION RESOURCE 2022
  • Lebedev Sergej Vyacheslavovich
  • Savin Mikhail Valerevich
 RU2789990C1
METHOD FOR AUTOMATED TESTING OF SOFTWARE AND HARDWARE SYSTEMS AND COMPLEXES 2018
  • Dukhvalov Andrej Petrovich
  • Rudina Ekaterina Aleksandrovna
  • Kort Semen Stanislavovich
  • Zolotnikov Vyacheslav Nikolaevich
 RU2715025C2
METHOD OF AUTOMATED DESIGN ENGENEERING OF HARDWARE AND SOFTWARE SYSTEMS AND COMPLEXES 2017
  • Dukhvalov Andrej Petrovich
  • Rudina Ekaterina Aleksandrovna
  • Kort Semen Stanislavovich
  • Zolotnikov Vyacheslav Nikolaevich
 RU2659740C1
CONTROL SYSTEM FOR SECURITY POLICY OF ELEMENTS OF CORPORATE COMMUNICATION NETWORK 2023
  • Dobryshin Mikhail Mikhailovich
  • Shugurov Dmitrii Evgenevich
  • Belov Andrei Sergeevich
  • Anisimov Vladimir Georgievich
  • Gromov Iurii Iurevich
  • Klimov Sergei Mikhailovich
  • Mishin Dmitrii Stanislavovich
  • Filin Andrei Viktorovich
 RU2813469C1
METHOD OF DETERMINING POTENTIAL THREATS TO INFORMATION SECURITY BASED ON INFORMATION ON VULNERABILITIES OF SOFTWARE 2019
  • Mamuta Vladimir Vladimirovich
  • Solovev Sergej Veniaminovich
 RU2705460C1
METHOD OF COMPUTER SECURITY DISTRIBUTED EVENTS INVESTIGATION 2015
  • Gajnov Artur Evgenevich
  • Zavodtsev Ilya Valentinovich
 RU2610395C1
SYSTEM AND METHOD FOR DETERMINING THE LEVEL OF DANGER OF INFORMATION SECURITY EVENTS 2022
  • Zaitsev Oleg Vladimirovich
 RU2800739C1
DEVICE FOR COMPLEX DYNAMIC EVALUATION AND PROVISION OF REQUIRED SECURITY OF COMPUTER NETWORK 2022
  • Belov Andrej Sergeevich
  • Dobryshin Mikhail Mikhajlovich
  • Shugurov Dmitrij Evgenevich
  • Reformat Andrej Nikolaevich
  • Bolshebratskij Kirill Mikhajlovich
  • Gromov Yurij Yurevich
  • Chuklyaev Ilya Igorevich
  • Mazur Vasilij Valerevich
 RU2818880C2
SOFTWARE AND HARDWARE COMPLEX OF THE DECISION SUPPORT SYSTEM FOR MANAGING THE RELAY PROTECTION SUBSYSTEM AND AUTOMATION OF A DIGITAL SUBSTATION IN THE CONDITIONS OF COMPUTER ATTACKS AGAINST IT 2022
  • Karantaev Vladimir Gennadevich
  • Karpenko Vladislav Igorevich
 RU2798437C1

RU 2 783 224 C1

Authors

Butrik Ekaterina Evgenevna

Solovev Sergej Veniaminovich

Enyutin Aleksej Yurevich

Dates

2022-11-10Published

2021-09-15Filed

download Download PDF read Similar patents