CN104091116A - Method, device and terminal for monitoring website vulnerability information - Google Patents
Method, device and terminal for monitoring website vulnerability information Download PDFInfo
- Publication number
- CN104091116A CN104091116A CN201410309789.9A CN201410309789A CN104091116A CN 104091116 A CN104091116 A CN 104091116A CN 201410309789 A CN201410309789 A CN 201410309789A CN 104091116 A CN104091116 A CN 104091116A
- Authority
- CN
- China
- Prior art keywords
- information
- website
- obtaining
- webpage
- vulnerability
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
Landscapes
- Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Computing Systems (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Information Transfer Between Computers (AREA)
Abstract
The invention discloses a method, device and terminal for monitoring website vulnerability information. The method for monitoring the website vulnerability comprises the steps that address information of a website is obtained; a webpage of the website is automatically obtained at preset time intervals according to the address information; the obtained webpage is analyzed to obtain an information struct; in addition, whenever obtained, a new information struct is compared with the information struct obtained last time; if newly added vulnerability information exists, whether the newly added vulnerability information meets preset conditions or not is judged, and if yes, early warning information is sent. The whole monitoring and early warning process is automatically completed, so that the defects that the response time for manual monitoring is long, and twenty-four-hour response is not available are overcome, and meanwhile data missing and other problems existing in manual monitoring are avoided; besides, the terminal can be quickly transplanted to other vulnerability platform websites, thereby being high in applicability and low in cost.
Description
Technical field
The present invention relates to network security technology field, relate in particular to a kind of method, device and terminal of monitoring website vulnerability information.
Background technology
Leak refers to the defect that a system exists on the specific implementation of hardware, software, agreement or System Security Policy, thereby can make assailant in undelegated situation, access or destruction system.The mistake producing when defect when leak may be from application software or operating system design or coding, also may be from business unreasonable part in the design defect in interaction process process or logic flow.These defects, mistake or unreasonable part may be had a mind to or by mistake be utilized, thereby assets or operation to a tissue cause adverse effect, to be attacked or controlled as infosystem, capsule information are stolen, user data is tampered, and system is used as springboard of other host computer systems of invasion etc.
Leak monitoring, as a carrier that service is provided, need to be carried out to ensure the safety of website in website, and at present, the method for website being carried out to leak is manual monitoring.Manual monitoring refers to: artificial regular visit leak website, in the time finding that there is vulnerability information, manually carry out early warning analysis.
But, find that prior art at least exists following problem realizing inventor in process of the present invention: manual monitoring exists the response time long, cannot accomplish response in 24 hours, meanwhile, exist data to omit, monitor the problems such as inaccurate.
Summary of the invention
The present invention is intended to solve at least to a certain extent one of technical matters in correlation technique.For this reason, one object of the present invention is to propose a kind of have method, device and the terminal of the monitoring website vulnerability information of monitoring and early warning function fast and automatically.
The embodiment of the present invention has proposed a kind of method of monitoring website vulnerability information, and the method comprises: the address information of obtaining website; According to address information according to the webpage of automatic acquisition website, Preset Time interval; The webpage obtaining is resolved to acquired information structure; And in the time obtaining a new information structure, all contrast with the information structure obtaining last time, if there is newly-increased vulnerability information, judge that whether increase vulnerability information newly meets pre-conditionedly, if meet pre-conditionedly, sends early warning information.
The embodiment of the method for above-mentioned monitoring website vulnerability information, according to the webpage of automatic acquisition website, Preset Time interval, and resolves acquired information structure to the webpage obtaining; Then in the time obtaining a new information structure, all contrast with the information structure obtaining last time, to find newly-increased vulnerability information, and meet when pre-conditioned at newly-increased vulnerability information, send early warning information, whole monitoring and early warning process is completed automatically, overcome the manual monitoring response time long, and cannot accomplish the defect of response in 24 hours, avoid manual monitoring problem, the problem includes: problems such as data omissions simultaneously; In addition, can arrive other leak platform websites by Rapid transplant, applicability is strong and cost is low.
The embodiment of the present invention has proposed a kind of device of monitoring website vulnerability information, and the device of this monitoring website vulnerability information comprises: the first acquisition module, for obtaining the address information of website; The second acquisition module, for according to address information according to the webpage of automatic acquisition website, Preset Time interval; Parsing module, for the webpage obtaining is resolved, acquired information structure; And warning module, in the time obtaining a new information structure, all contrast with the information structure of acquisition last time, if there is newly-increased vulnerability information, whether the newly-increased vulnerability information of judgement meets pre-conditionedly, if meet pre-conditionedly, sends early warning information.
The device embodiment of above-mentioned monitoring website vulnerability information, obtain the address information of above-mentioned website by the first acquisition module, by the second acquisition module according to address above mentioned information the webpage taking Preset Time as the above-mentioned website of automatic acquisition, interval, by parsing module, the above-mentioned webpage obtaining is resolved acquired information structure; By warning module in the time obtaining a new information structure, all contrast with the information structure obtaining last time, if there is newly-increased vulnerability information, judge whether above-mentioned newly-increased vulnerability information meets pre-conditioned, if meet above-mentioned pre-conditionedly, send early warning information, whole monitoring and early warning process is completed automatically, overcome the manual monitoring response time long, and cannot accomplish the defect of response in 24 hours, avoided manual monitoring problem, the problem includes: problems such as data omissions simultaneously; In addition, can arrive other leak platform websites by Rapid transplant, applicability is strong and cost is low.
The embodiment of the present invention has proposed a kind of terminal, and this terminal comprises housing, processor, storer, circuit board and power circuit, and wherein, circuit board is placed in the interior volume that housing surrounds, and processor and storer are arranged on circuit board; Power circuit, is used to each circuit or the device power supply of terminal; Storer is for stores executable programs code; Processor moves the program corresponding with executable program code by the executable program code of storing in read memory, for carrying out following steps:
Obtain the address information of website; According to address information according to the webpage of automatic acquisition website, Preset Time interval; The webpage obtaining is resolved to acquired information structure; And in the time obtaining a new information structure, all contrast with the information structure obtaining last time, if there is newly-increased vulnerability information, judge that whether increase vulnerability information newly meets pre-conditionedly, if meet pre-conditionedly, sends early warning information.
Above-mentioned terminal embodiment, according to the webpage of automatic acquisition website, Preset Time interval, and resolves acquired information structure to the webpage obtaining; Then in the time obtaining a new information structure, all contrast with the information structure obtaining last time, to find newly-increased vulnerability information, and meet when pre-conditioned at newly-increased vulnerability information, send early warning information, whole monitoring and early warning process is completed automatically, overcome the manual monitoring response time long, and cannot accomplish the defect of response in 24 hours, avoid manual monitoring problem, the problem includes: problems such as data omissions simultaneously; In addition, can arrive other leak platform websites by Rapid transplant, applicability is strong and cost is low.
Brief description of the drawings
Fig. 1 is according to the process flow diagram of the method for one embodiment of the invention monitoring website vulnerability information.
Fig. 2 is the process flow diagram of monitoring according to a further embodiment of the invention the method for website vulnerability information.
Fig. 3 is according to the structural representation of the device of one embodiment of the invention monitoring website vulnerability information.
Embodiment
Describe embodiments of the invention below in detail, the example of described embodiment is shown in the drawings, and wherein same or similar label represents same or similar element or has the element of identical or similar functions from start to finish.Be exemplary below by the embodiment being described with reference to the drawings, be intended to for explaining the present invention, and can not be interpreted as limitation of the present invention.
Method, device and the terminal of the monitoring website vulnerability information of the embodiment of the present invention are described below with reference to accompanying drawing.
Fig. 1 is according to the process flow diagram of the method for one embodiment of the invention monitoring website vulnerability information.
As shown in Figure 1, the method for this monitoring website vulnerability information comprises:
S101, obtains the address information of website.
In this embodiment, website refers to leak platform website, the website that a class offers Security Officer and issues other software vulnerability information, and wherein, the address information of website can be URL(uniform resource locator) (URL) information of website.
In addition, in the time obtaining the address information of website, can also obtain the page structure of website.
Particularly, the page structure that obtains website can be: obtain configuration file, and from configuration file, parse this page structure.
S102, according to address information according to the webpage of automatic acquisition website, Preset Time interval.
Wherein, Preset Time interval can arrange as required flexibly, for example, can be 5 minutes, 7 minutes etc.
For example,, taking 5 minutes as the constantly webpage of automatic acquisition website of the time interval.
S103, resolves the webpage obtaining, acquired information structure.
In this embodiment, the webpage obtaining is resolved can be: according to the page structure obtaining, the webpage obtaining is resolved.If but cannot parse the information structure of webpage according to page structure, regain the configuration file after renewal, and parse the page structure after renewal from the configuration file renewal, then use the page structure after upgrading to resolve the webpage obtaining, use the page structure of up-to-date acquisition to resolve the webpage obtaining.
Wherein, information structure can be vulnerability information list or other forms, wherein, can comprise leak numbering, leak submission date and Vulnerability Description etc. in vulnerability information list.
By the way, can automatically obtain web data according to Preset Time interval, the problem that does not exist data to omit.
S104, in the time obtaining a new information structure, all contrasts with the information structure obtaining last time, if there is newly-increased vulnerability information, judges that whether increase vulnerability information newly meets pre-conditionedly, if meet pre-conditionedly, sends early warning information.
In this embodiment, in the time obtaining a new information structure, all the information structure of this acquisition and the information structure of acquisition last time are contrasted, to find out newly-increased vulnerability information.
Wherein, judging whether newly-increased vulnerability information meets pre-conditionedly can be: whether the newly-increased vulnerability information of judgement meets comprises default key word for example " Kingsoft " etc., if comprise, determine that newly-increased leak is significant leak, find the leak of paying close attention to product, then can send early warning information with the form of mail or note, and, this embodiment only needs 5 minutes can complete automatic early-warning, with respect to manual supervisory mode (needing 20 minutes), has greatly saved the monitoring and early warning time.
Early warning analysis personnel are receiving after early warning information, can carry out subsequent treatment for the leak of product, for example, issue patch etc.
The embodiment of the method for above-mentioned monitoring website vulnerability information, according to the webpage of automatic acquisition website, Preset Time interval, and resolves acquired information structure to the webpage obtaining; Then in the time obtaining a new information structure, all contrast with the information structure obtaining last time, to find newly-increased vulnerability information, and meet when pre-conditioned at newly-increased vulnerability information, send early warning information, whole monitoring and early warning process is completed automatically, overcome the manual monitoring response time long, and cannot accomplish the defect of response in 24 hours, avoid manual monitoring problem, the problem includes: problems such as data omissions simultaneously; In addition, can arrive other leak platform websites by Rapid transplant, applicability is strong and cost is low.
Fig. 2 is the process flow diagram of monitoring according to a further embodiment of the invention the method for website vulnerability information.
As shown in Figure 2, the method for this monitoring website vulnerability information comprises:
S201, obtains address information and the page structure of black clouds net.
Wherein, black clouds net is domestic safety problem feedback and a distribution platform being based between computer vendors and security study person, user can submit the black clouds net security breaches of discovery online to, enterprise customer also can be known by this platform the leak of own black clouds net, and the address information of black clouds net can be the URL information of black clouds net.
Particularly, the page structure that obtains black clouds net can be: obtain configuration file, and from configuration file, parse this page structure.
S202, according to address information according to the webpage of Preset Time interval automatic acquisition black clouds net.
Particularly, can be according to the URL information of black clouds net taking 5 minutes webpages as time interval automatic acquisition black clouds net.
S203, resolves the webpage obtaining according to page structure, obtains vulnerability information list.
Wherein, in vulnerability information list, can comprise leak numbering, leak submission date and Vulnerability Description etc.
S204, in the time obtaining a new vulnerability information list, all contrasts with the vulnerability information list obtaining last time, if there is newly-increased vulnerability information, judges that whether increase vulnerability information newly meets pre-conditionedly, if meet pre-conditionedly, sends early warning information.
In this embodiment, in the time obtaining a new vulnerability information list, all the vulnerability information list of this acquisition and the vulnerability information list of acquisition last time are contrasted, to find out newly-increased vulnerability information.
Wherein, judging whether newly-increased vulnerability information meets pre-conditionedly can be: whether the newly-increased vulnerability information of judgement meets comprises default key word for example " Kingsoft " etc., if comprise, determine that newly-increased leak is significant leak, then can send early warning information with the form of mail or note.
The embodiment of the method for above-mentioned monitoring website vulnerability information, according to the webpage of automatic acquisition website, Preset Time interval, and resolves acquired information structure to the webpage obtaining; Then in the time obtaining a new information structure, all contrast with the information structure obtaining last time, to find newly-increased vulnerability information, and meet when pre-conditioned at newly-increased vulnerability information, send early warning information, whole monitoring and early warning process is completed automatically, overcome the manual monitoring response time long, and cannot accomplish the defect of response in 24 hours, avoid manual monitoring problem, the problem includes: problems such as data omissions simultaneously; In addition, can arrive other leak platform websites by Rapid transplant, applicability is strong and cost is low.
In order to realize above-described embodiment, the present invention also proposes a kind of device of monitoring website vulnerability information.
Fig. 3 is according to the structural representation of the device of one embodiment of the invention monitoring website vulnerability information.
As shown in Figure 3, the device of this monitoring website vulnerability information comprises: the first acquisition module 31, the second acquisition module 32, parsing module 33 and warning module 34, wherein:
The first acquisition module 31 is for obtaining the address information of above-mentioned website; The second acquisition module 32 for according to address above mentioned information according to the webpage of the above-mentioned website of automatic acquisition, Preset Time interval; Parsing module 33 is for the above-mentioned webpage obtaining is resolved, acquired information structure; Warning module 34 is in the time obtaining a new information structure, all contrast with the information structure obtaining last time, if there is newly-increased vulnerability information, judge whether above-mentioned newly-increased vulnerability information meets pre-conditioned, if meet above-mentioned pre-conditionedly, send early warning information.
In this embodiment, website refers to leak platform website, the website that a class offers Security Officer and issues other software vulnerability information, and wherein, the address information of website can be URL(uniform resource locator) (URL) information of website.
In addition, above-mentioned the first acquisition module 31 also for: when the above-mentioned address information of obtaining above-mentioned website, obtain the page structure of above-mentioned website.Particularly, the first acquisition module 31 can obtain configuration file, and parses above-mentioned page structure from above-mentioned configuration file.
Wherein, Preset Time can arrange as required flexibly, for example, can be 5 minutes, 7 minutes etc.For example, the second acquisition module 32 can be according to address above mentioned information according to the webpage of the above-mentioned website of time interval automatic acquisition of 5 minutes.
After the first acquisition module 31 parses page structure, above-mentioned parsing module 33 can be resolved the above-mentioned webpage obtaining according to above-mentioned page structure, with acquired information structure.If but cannot parse the information structure of above-mentioned webpage according to above-mentioned page structure, regain the configuration file after renewal, and parse the page structure after renewal from the configuration file renewal, then parsing module 33 uses the page structure after upgrading to resolve the above-mentioned webpage obtaining, and uses the page structure of up-to-date acquisition to resolve the above-mentioned webpage obtaining.
Wherein, above-mentioned information structure can be vulnerability information list or other forms, and above-mentioned vulnerability information list comprises leak numbering, submission date and Vulnerability Description etc.
In this embodiment, warning module 34, in the time obtaining a new information structure, all contrasts the information structure of this acquisition and the information structure of acquisition last time, to find out newly-increased vulnerability information.
Wherein, judging whether above-mentioned newly-increased vulnerability information meets pre-conditionedly can be: judging whether above-mentioned newly-increased vulnerability information meets comprises default key word for example " Kingsoft " etc., if comprise, determine that newly-increased leak is significant leak, then can send early warning information with the form of mail or note, and this embodiment only needs 5 minutes can complete automatic early-warning, with respect to manual supervisory mode (needing 20 minutes), greatly save the monitoring and early warning time.
The monitoring and early warning process of the device of the monitoring website vulnerability information that comprises above-mentioned the first acquisition module 31, the second acquisition module 32, parsing module 33 and warning module 34 can, referring to Fig. 1 or Fig. 2, not repeat herein.
The device embodiment of above-mentioned monitoring website vulnerability information, obtain the address information of above-mentioned website by the first acquisition module, by the second acquisition module according to address above mentioned information the webpage taking Preset Time as the above-mentioned website of automatic acquisition, interval, by parsing module, the above-mentioned webpage obtaining is resolved acquired information structure; By warning module in the time obtaining a new information structure, all contrast with the information structure obtaining last time, if there is newly-increased vulnerability information, judge whether above-mentioned newly-increased vulnerability information meets pre-conditioned, if meet above-mentioned pre-conditionedly, send early warning information, whole monitoring and early warning process is completed automatically, overcome the manual monitoring response time long, and cannot accomplish the defect of response in 24 hours, avoided manual monitoring problem, the problem includes: problems such as data omissions simultaneously; In addition, can arrive other leak platform websites by Rapid transplant, applicability is strong and cost is low.
In order to realize above-described embodiment, the present invention also proposes a kind of terminal, and this terminal comprises housing, processor, storer, circuit board and power circuit, wherein, foregoing circuit plate is placed in the interior volume that above-mentioned housing surrounds, and above-mentioned processor and above-mentioned storer are arranged on foregoing circuit plate; Above-mentioned power circuit, is used to each circuit or the device power supply of above-mentioned terminal; Above-mentioned storer is for stores executable programs code; Above-mentioned processor moves the program corresponding with above-mentioned executable program code by reading the executable program code of storing in above-mentioned storer, for carrying out following steps:
S101 ', obtains the address information of website.
In this embodiment, website refers to leak platform website, the website that a class offers Security Officer and issues other software vulnerability information, and wherein, the address information of website can be URL(uniform resource locator) (URL) information of website.
In addition, in the time obtaining the address information of website, can also obtain the page structure of website.
Particularly, the page structure that obtains website can be: obtain configuration file, and from configuration file, parse this page structure.
S102 ', according to address information according to the webpage of automatic acquisition website, Preset Time interval.
Wherein, Preset Time interval can arrange as required flexibly, for example, can be 5 minutes, 7 minutes etc.
For example,, taking 5 minutes webpages as time interval automatic acquisition website.
S103 ', resolves the webpage obtaining, acquired information structure.
In this embodiment, the webpage obtaining is resolved can be: according to the page structure obtaining, the webpage obtaining is resolved.If but cannot parse the information structure of webpage according to page structure, regain the configuration file after renewal, and parse the page structure after renewal from the configuration file renewal, then use the page structure after upgrading to resolve the webpage obtaining, use the page structure of up-to-date acquisition to resolve the webpage obtaining.
Wherein, information structure can be vulnerability information list or other forms, wherein, can comprise leak numbering, leak submission date and Vulnerability Description etc. in vulnerability information list.
S104 ', in the time obtaining a new information structure, all contrasts with the information structure obtaining last time, if there is newly-increased vulnerability information, judges that whether increase vulnerability information newly meets pre-conditionedly, if meet pre-conditionedly, sends early warning information.
In this embodiment, in the time obtaining a new information structure, all the information structure of this acquisition and the information structure of acquisition last time are contrasted, to find out newly-increased vulnerability information.
Wherein, judging whether newly-increased vulnerability information meets pre-conditionedly can be: whether the newly-increased vulnerability information of judgement meets comprises default key word for example " Kingsoft " etc., if comprise, determine that newly-increased leak is significant leak, then can send early warning information with the form of mail or note, and this embodiment only needs 5 minutes can complete automatic early-warning, with respect to manual supervisory mode (needing 20 minutes), greatly save the monitoring and early warning time.
Above-mentioned terminal embodiment, according to the webpage of automatic acquisition website, Preset Time interval, and resolves acquired information structure to the webpage obtaining; Then in the time obtaining a new information structure, all contrast with the information structure obtaining last time, to find newly-increased vulnerability information, and meet when pre-conditioned at newly-increased vulnerability information, send early warning information, whole monitoring and early warning process is completed automatically, overcome the manual monitoring response time long, and cannot accomplish the defect of response in 24 hours, avoid manual monitoring problem, the problem includes: problems such as data omissions simultaneously; In addition, can arrive other leak platform websites by Rapid transplant, applicability is strong and cost is low.
In the description of this instructions, the description of reference term " embodiment ", " some embodiment ", " example ", " concrete example " or " some examples " etc. means to be contained at least one embodiment of the present invention or example in conjunction with specific features, structure, material or the feature of this embodiment or example description.In this manual, to the schematic statement of above-mentioned term not must for be identical embodiment or example.And, specific features, structure, material or the feature of description can one or more embodiment in office or example in suitable mode combination.In addition,, not conflicting in the situation that, those skilled in the art can carry out combination and combination by the feature of the different embodiment that describe in this instructions or example and different embodiment or example.
In addition, term " first ", " second " be only for describing object, and can not be interpreted as instruction or hint relative importance or the implicit quantity that indicates indicated technical characterictic.Thus, at least one this feature can be expressed or impliedly be comprised to the feature that is limited with " first ", " second ".In description of the invention, the implication of " multiple " is at least two, for example two, and three etc., unless otherwise expressly limited specifically.
Any process of otherwise describing in process flow diagram or at this or method are described and can be understood to, represent to comprise that one or more is for realizing module, fragment or the part of code of executable instruction of step of specific logical function or process, and the scope of the preferred embodiment of the present invention comprises other realization, wherein can be not according to order shown or that discuss, comprise according to related function by the mode of basic while or by contrary order, carry out function, this should be understood by embodiments of the invention person of ordinary skill in the field.
The logic and/or the step that in process flow diagram, represent or otherwise describe at this, for example, can be considered to the sequencing list of the executable instruction for realizing logic function, may be embodied in any computer-readable medium, use for instruction execution system, device or equipment (as computer based system, comprise that the system of processor or other can and carry out the system of instruction from instruction execution system, device or equipment instruction fetch), or use in conjunction with these instruction execution systems, device or equipment.With regard to this instructions, " computer-readable medium " can be anyly can comprise, device that storage, communication, propagation or transmission procedure use for instruction execution system, device or equipment or in conjunction with these instruction execution systems, device or equipment.The example more specifically (non-exhaustive list) of computer-readable medium comprises following: the electrical connection section (electronic installation) with one or more wirings, portable computer diskette box (magnetic device), random access memory (RAM), ROM (read-only memory) (ROM), the erasable ROM (read-only memory) (EPROM or flash memory) of editing, fiber device, and portable optic disk ROM (read-only memory) (CDROM).In addition, computer-readable medium can be even paper or other the suitable medium that can print described program thereon, because can be for example by paper or other media be carried out to optical scanning, then edit, decipher or process in electronics mode and obtain described program with other suitable methods if desired, be then stored in computer memory.
Should be appreciated that each several part of the present invention can realize with hardware, software, firmware or their combination.In the above-described embodiment, multiple steps or method can realize with being stored in software or the firmware carried out in storer and by suitable instruction execution system.For example, if realized with hardware, the same in another embodiment, can realize by any one in following technology well known in the art or their combination: there is the discrete logic for data-signal being realized to the logic gates of logic function, there is the special IC of suitable combinational logic gate circuit, programmable gate array (PGA), field programmable gate array (FPGA) etc.
Those skilled in the art are appreciated that realizing all or part of step that above-described embodiment method carries is can carry out the hardware that instruction is relevant by program to complete, described program can be stored in a kind of computer-readable recording medium, this program, in the time carrying out, comprises step of embodiment of the method one or a combination set of.
In addition, the each functional unit in each embodiment of the present invention can be integrated in a processing module, can be also that the independent physics of unit exists, and also can be integrated in a module two or more unit.Above-mentioned integrated module both can adopt the form of hardware to realize, and also can adopt the form of software function module to realize.If described integrated module realizes and during as production marketing independently or use, also can be stored in a computer read/write memory medium using the form of software function module.
The above-mentioned storage medium of mentioning can be ROM (read-only memory), disk or CD etc.Although illustrated and described embodiments of the invention above, be understandable that, above-described embodiment is exemplary, can not be interpreted as limitation of the present invention, and those of ordinary skill in the art can change above-described embodiment within the scope of the invention, amendment, replacement and modification.
Claims (21)
1. a method of monitoring website vulnerability information, is characterized in that, comprising:
Obtain the address information of described website;
According to described address information according to the webpage of website described in the automatic acquisition of Preset Time interval;
The described webpage obtaining is resolved to acquired information structure; And
In the time obtaining a new information structure, all contrast with the information structure of acquisition last time, if there is newly-increased vulnerability information, judge whether described newly-increased vulnerability information meets pre-conditioned, if meet described pre-conditionedly, send early warning information.
2. method according to claim 1, is characterized in that, described address information comprises URL(uniform resource locator) information.
3. method according to claim 1, is characterized in that, described information structure comprises vulnerability information list, and described vulnerability information list comprises leak numbering, submission date and Vulnerability Description.
4. method according to claim 1, is characterized in that, described to judge whether described newly-increased vulnerability information meets pre-conditioned, comprising:
Judging whether described newly-increased vulnerability information meets comprises default key word.
5. method according to claim 1, is characterized in that, described transmission early warning information, comprising:
Form with mail or note sends early warning information.
6. according to the method described in the arbitrary claim of claim 1-5, it is characterized in that, in the time of the described address information of obtaining described website, also comprise:
Obtain the page structure of described website.
7. method according to claim 6, is characterized in that, described in obtain the page structure of described website, comprising:
Obtain configuration file, from described configuration file, parse described page structure.
8. method according to claim 7, is characterized in that, described the described webpage obtaining is resolved, and comprising:
According to described page structure, the described webpage obtaining is resolved.
9. method according to claim 8, is characterized in that, described according to described page structure, the described webpage obtaining is resolved after, also comprise:
If cannot parse the information structure of described webpage according to described page structure, regain the configuration file after renewal, and parse the page structure after renewal from the configuration file renewal.
10. method according to claim 9, is characterized in that, after parsing the page structure after renewal, described the described webpage obtaining is resolved in described configuration file from upgrading, and comprising:
According to the page structure after described renewal, the described webpage obtaining is resolved.
Monitor the device of website vulnerability information for 11. 1 kinds, it is characterized in that, comprising:
The first acquisition module, for obtaining the address information of described website;
The second acquisition module, for according to described address information according to the webpage of website described in the automatic acquisition of Preset Time interval;
Parsing module, for the described webpage obtaining is resolved, acquired information structure; And
Warning module, in the time obtaining a new information structure, all contrasts with the information structure of acquisition last time, if there is newly-increased vulnerability information, judge whether described newly-increased vulnerability information meets pre-conditioned, if meet described pre-conditionedly, send early warning information.
12. devices according to claim 11, is characterized in that, described address information comprises URL(uniform resource locator) information.
13. devices according to claim 11, is characterized in that, described information structure comprises vulnerability information list, and described vulnerability information list comprises leak numbering, submission date and Vulnerability Description.
14. devices according to claim 11, is characterized in that, described warning module, specifically for:
Judging whether described newly-increased vulnerability information meets comprises default key word.
15. devices according to claim 11, is characterized in that, described warning module, specifically for:
Form with mail or note sends early warning information.
16. according to the device described in the arbitrary claim of claim 11-15, it is characterized in that, described the first acquisition module, also for: when the described address information of obtaining described website, obtain the page structure of described website.
17. devices according to claim 16, is characterized in that, described the first acquisition module, specifically for:
Obtain configuration file, from described configuration file, parse described page structure.
18. devices according to claim 17, is characterized in that, described parsing module, specifically for:
According to described page structure, the described webpage obtaining is resolved.
19. devices according to claim 18, is characterized in that, described the first acquisition module, also for:
After described parsing module is resolved the described webpage obtaining according to described page structure, if cannot parse the information structure of described webpage according to described page structure, regain the configuration file after renewal, and parse the page structure after renewal from the configuration file renewal.
20. devices according to claim 19, is characterized in that, described parsing module, specifically for:
After parsing the page structure after renewal in configuration file at described the first acquisition module from upgrading, according to the page structure after described renewal, the described webpage obtaining is resolved.
21. 1 kinds of terminals, this terminal comprises housing, processor, storer, circuit board and power circuit, and wherein, described circuit board is placed in the interior volume that described housing surrounds, and described processor and described storer are arranged on described circuit board; Described power circuit, is used to each circuit or the device power supply of described terminal; Described storer is for stores executable programs code; Described processor moves the program corresponding with described executable program code by reading the executable program code of storing in described storer, for carrying out following steps:
Obtain the address information of described website;
According to described address information according to the webpage of website described in the automatic acquisition of Preset Time interval;
The described webpage obtaining is resolved to acquired information structure; And
In the time obtaining a new information structure, all contrast with the information structure of acquisition last time, if there is newly-increased vulnerability information, judge whether described newly-increased vulnerability information meets pre-conditioned, if meet described pre-conditionedly, send early warning information.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410309789.9A CN104091116B (en) | 2014-06-30 | 2014-06-30 | Monitor method, device and the terminal of website vulnerability information |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410309789.9A CN104091116B (en) | 2014-06-30 | 2014-06-30 | Monitor method, device and the terminal of website vulnerability information |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN104091116A true CN104091116A (en) | 2014-10-08 |
| CN104091116B CN104091116B (en) | 2017-06-27 |
Family
ID=51638831
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410309789.9A Active CN104091116B (en) | 2014-06-30 | 2014-06-30 | Monitor method, device and the terminal of website vulnerability information |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104091116B (en) |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107426191A (en) * | 2017-06-29 | 2017-12-01 | 上海凯岸信息科技有限公司 | A kind of leak early warning and emergency response automatic warning system |
| CN107579983A (en) * | 2017-09-13 | 2018-01-12 | 杭州安恒信息技术有限公司 | Code security auditing method and device based on web log file |
| CN114996718A (en) * | 2022-06-30 | 2022-09-02 | 浙江网商银行股份有限公司 | Data processing method and device |
| WO2023088008A1 (en) * | 2021-11-16 | 2023-05-25 | 华为技术有限公司 | Information parsing method and apparatus |
Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20050132206A1 (en) * | 2003-12-12 | 2005-06-16 | International Business Machines Corporation | Apparatus, methods and computer programs for identifying or managing vulnerabilities within a data processing network |
| CN1694411A (en) * | 2004-07-16 | 2005-11-09 | 北京航空航天大学 | Network invading detection system with two-level decision structure and its alarm optimization method |
| US20060137014A1 (en) * | 2000-11-28 | 2006-06-22 | Hurst Dennis W | Webcrawl internet security analysis and process |
| CN101039179A (en) * | 2007-04-13 | 2007-09-19 | 北京启明星辰信息技术有限公司 | Method and system for warning accurately intrusion detection |
| CN102855418A (en) * | 2012-08-08 | 2013-01-02 | 周耕辉 | Method for discovering Web intranet agent bugs |
| CN103095681A (en) * | 2012-12-03 | 2013-05-08 | 微梦创科网络科技(中国)有限公司 | Loophole detection method and device |
| CN103297394A (en) * | 2012-02-24 | 2013-09-11 | 阿里巴巴集团控股有限公司 | Website security detection method and device |
| CN103685258A (en) * | 2013-12-06 | 2014-03-26 | 北京奇虎科技有限公司 | Method and device for fast scanning website loopholes |
-
2014
- 2014-06-30 CN CN201410309789.9A patent/CN104091116B/en active Active
Patent Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20060137014A1 (en) * | 2000-11-28 | 2006-06-22 | Hurst Dennis W | Webcrawl internet security analysis and process |
| US20050132206A1 (en) * | 2003-12-12 | 2005-06-16 | International Business Machines Corporation | Apparatus, methods and computer programs for identifying or managing vulnerabilities within a data processing network |
| CN1694411A (en) * | 2004-07-16 | 2005-11-09 | 北京航空航天大学 | Network invading detection system with two-level decision structure and its alarm optimization method |
| CN101039179A (en) * | 2007-04-13 | 2007-09-19 | 北京启明星辰信息技术有限公司 | Method and system for warning accurately intrusion detection |
| CN103297394A (en) * | 2012-02-24 | 2013-09-11 | 阿里巴巴集团控股有限公司 | Website security detection method and device |
| CN102855418A (en) * | 2012-08-08 | 2013-01-02 | 周耕辉 | Method for discovering Web intranet agent bugs |
| CN103095681A (en) * | 2012-12-03 | 2013-05-08 | 微梦创科网络科技(中国)有限公司 | Loophole detection method and device |
| CN103685258A (en) * | 2013-12-06 | 2014-03-26 | 北京奇虎科技有限公司 | Method and device for fast scanning website loopholes |
Non-Patent Citations (1)
| Title |
|---|
| 尹虹: ""Web应用程序漏洞主动扫描器的研究与实现"", 《中国优秀博硕士学位论文全文数据库(硕士) 信息科技辑》 * |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107426191A (en) * | 2017-06-29 | 2017-12-01 | 上海凯岸信息科技有限公司 | A kind of leak early warning and emergency response automatic warning system |
| CN107579983A (en) * | 2017-09-13 | 2018-01-12 | 杭州安恒信息技术有限公司 | Code security auditing method and device based on web log file |
| WO2023088008A1 (en) * | 2021-11-16 | 2023-05-25 | 华为技术有限公司 | Information parsing method and apparatus |
| CN114996718A (en) * | 2022-06-30 | 2022-09-02 | 浙江网商银行股份有限公司 | Data processing method and device |
Also Published As
| Publication number | Publication date |
|---|---|
| CN104091116B (en) | 2017-06-27 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN104123490A (en) | Method and device for processing malicious bundled software and mobile terminal | |
| CN108563445B (en) | Application program code detection method and server | |
| CN110462623B (en) | System and method for role-based computer security configuration | |
| CN105335134A (en) | Method and device for processing CPU occupancy rate abnormity of APP and mobile terminal | |
| CN104091116A (en) | Method, device and terminal for monitoring website vulnerability information | |
| US20180210720A1 (en) | Method and device for generating image file | |
| CN109492406A (en) | Monitor the methods, devices and systems of kernel loophole attack | |
| CN104021342A (en) | Method and device for processing application program | |
| CN103577749A (en) | Method and device for processing notification column message | |
| CN104036194A (en) | Vulnerability detection method and device for revealing private data in application program | |
| CN105451223A (en) | Information monitoring method and device, and mobile terminal | |
| CN107403112B (en) | Data checking method and equipment thereof | |
| CN104182532A (en) | Terminal file cleaning method and device and terminal | |
| US20180300199A1 (en) | System and method for maintaining the health of a machine | |
| CN104050257A (en) | Detection method and device for phishing webpage | |
| EP3671512A1 (en) | Automated software vulnerability determination | |
| CN104363112A (en) | Parameter management method and parameter management device | |
| CN109858257B (en) | Access control method and device | |
| CN103024558B (en) | Television camera privacy security protection method and system | |
| CN104767876A (en) | Safety software processing method and user terminal | |
| CN104036193A (en) | Local cross-domain vulnerability detection method and device for application program | |
| CN104636250A (en) | Cloud automatic test system and method | |
| CN104123489A (en) | Method and device for monitoring executable program | |
| CN105511914A (en) | Application update method, device and system | |
| WO2009112326A1 (en) | Method, system and apparatus for determining the power supply requirements of a data processing system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20181212 Address after: 519030 Room 105-53811, No. 6 Baohua Road, Hengqin New District, Zhuhai City, Guangdong Province Patentee after: Zhuhai Seal Interest Technology Co., Ltd. Address before: 519070, six level 601F, 10 main building, science and technology road, Tangjia Bay Town, Zhuhai, Guangdong. Patentee before: Zhuhai Juntian Electronic Technology Co.,Ltd. |