CN107437029A - Leak restorative procedure, leak prosthetic device and server - Google Patents
Leak restorative procedure, leak prosthetic device and server Download PDFInfo
- Publication number
- CN107437029A CN107437029A CN201710730150.1A CN201710730150A CN107437029A CN 107437029 A CN107437029 A CN 107437029A CN 201710730150 A CN201710730150 A CN 201710730150A CN 107437029 A CN107437029 A CN 107437029A
- Authority
- CN
- China
- Prior art keywords
- leak
- service packs
- server
- reparation
- carry
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
Landscapes
- Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Stored Programmes (AREA)
- Debugging And Monitoring (AREA)
Abstract
The invention provides leak restorative procedure, leak prosthetic device and server.This method includes:Service packs is obtained from server, and by service packs carry in system kernel, and service packs is compiled according to the reparation relevant information of leak to be repaired in terminal device;Leak reparation is carried out according to service packs.Using leak restorative procedure provided in an embodiment of the present invention, service packs corresponding to leak to be repaired in terminal device is obtained from server, and by service packs carry in system kernel, by in the kernel loads service packs, leak present in system kernel can not only be repaired, but also it can be repaired to operating in leak present in the program of user's space, solve limitation of the fail-safe software due to repairing authority in the prior art, and can not be to the problem of each module carries out leak reparation in system kernel, i.e. the present invention realizes comprehensive reparation to system vulnerability.
Description
Technical field
The present invention relates to field of computer technology, and specifically, the present invention relates to leak restorative procedure, leak prosthetic device
And server.
Background technology is current,
With the continuous development of computer technology, many rogue programs (for example, computer virus, backdoor programs, wooden horse,
Spyware and ad ware etc.) it is implanted to using leak in target program, so as to cause target program to be paralysed, grasped to user
Make troubles, or cause user's personal information to leak, the personal safety as well as the property safety to user brings hidden danger, etc.;Therefore, mesh
Preceding major equipment vendors attach great importance to the real-time reparation to system.
At present, major equipment vendors sporadically can detect to system, determine leak present in system, and root
System is repaired or upgraded according to the leak determined.Specifically restorative procedure is:First, tester and server can be right
System carry out in large quantities, comprehensively detect, determine leak present in system as much as possible, secondly, tester according to
The leak determined compiles out corresponding recovery scenario respectively, finally just can complete paired systems repair.It can thus be appreciated that:If
Standby manufacturer, which often carries out primary system reparation, will expend substantial amounts of resource.
For these reasons, most equipment manufacturer will not set shorter repairing efficiency, may be in 1 year only to system
Upgrading 1~3 time, so, certainly will cause many system vulnerabilities not repaired in time.In addition, though existing various peaces
Full software helps equipment vendors to solve the problems, such as that a part of system is repaired, but generally equipment vendors are examined based on the safety of itself
Consider, can on system kernel number of modules set repair authority so that fail-safe software can not to system carry out comprehensively detection and
Repair, made troubles to user.
The content of the invention
The present invention is in view of the shortcomings of the prior art, there is provided leak restorative procedure, leak prosthetic device and server, is used for
Comprehensive leak reparation is carried out to system.
The embodiments of the invention provide a kind of leak restorative procedure, this method includes:
Service packs is obtained from server, and by service packs carry in system kernel, and service packs is according to terminal
The reparation relevant information of leak to be repaired is compiled in equipment;
Leak reparation is carried out according to service packs.
Preferably, this method also includes:
The request of the more new state of carry service packs in inquiry system kernel is sent to server;
The service packs of carry that the reception server returns is in the feedback information of more new state in the server;
According to feedback information, the service packs after renewal is downloaded from server;
Signature check is carried out to the service packs after renewal, if verification passes through, by the service packs carry after renewal in system
In core.
Preferably, this method also includes:
Service packs after renewal is split based on each leak, what the service packs after being updated was included is directed to each
The patch of individual leak;
Wherein, if verification passes through, step of the service packs carry in system kernel after renewal specifically includes:
If verification pass through, by for the patch carry of each leak in system kernel.
Preferably, this method also includes:
When anomalous event occurs when detecting that service packs carries out leak reparation, whether verification anomalous event is by service packs institute
Comprising any patch caused by;
If so, being unloaded to the patch for causing anomalous event, and anomalous event is reported into server, to service
Device is repaired according to anomalous event to the patch for causing anomalous event.
Preferably, after the step of carrying out leak reparation according to service packs, method also includes:
Result will be repaired to send to server, to cause server according to repairing result each patch for including service packs
Debugged.
Preferably, the mode of leak reparation is carried out according to service packs to be included:
Object function is repaired by Hook Function, to complete the reparation to system kernel leak;And/or
When detecting the presence of the abnormal document of leak, whole file corresponding to abnormal document is replaced with into the full text after renewal
Part, to complete the reparation to system vulnerability.
The embodiment of the present invention additionally provides a kind of leak prosthetic device, and the device includes:
Acquiring unit and reparation unit, wherein:
Receiving unit, for obtaining service packs from server, and by service packs carry in system kernel, and patch
Bag is compiled according to the reparation relevant information of leak to be repaired in terminal device;
Unit is repaired, for carrying out leak reparation according to service packs.
Preferably, the device also includes:
First transmitting element, receiving unit, download unit and verification unit, wherein:
First transmitting element, for server send inquiry system kernel in the more new state of carry service packs please
Ask;
Receiving unit, it is in the feedback of more new state in the server for the service packs of carry that the reception server returns
Information;
Download unit, for according to feedback information, the service packs after renewal to be downloaded from server;
Verification unit, for carrying out signature check to the service packs after renewal, if verification passes through, by the service packs after renewal
Carry is in system kernel.
Preferably, the device also includes split cells, and split cells is used for:
Service packs after renewal is split based on each leak, what the service packs after being updated was included is directed to each
The patch of individual leak;
Wherein, verification unit is specifically used for:
If verification pass through, by for the patch carry of each leak in system kernel.
Preferably, the device also includes unloading unit, and unloading unit is used for:
When anomalous event occurs when detecting that service packs carries out leak reparation, whether verification anomalous event is by service packs institute
Comprising any patch caused by;
If so, being unloaded to the patch for causing anomalous event, and anomalous event is reported into server, to service
Device is repaired according to anomalous event to the patch for causing anomalous event.
Preferably, the device also includes the second transmitting element, and the second transmitting element is used for:
After repairing unit and carrying out leak reparation according to service packs, result will be repaired and sent to server, to take
Each patch that business device is included according to reparation result to service packs is debugged.
Preferably, repair unit includes according to the mode of service packs progress leak reparation:
Object function is repaired by Hook Function, to complete the reparation to system kernel leak;And/or
When detecting the presence of the abnormal document of leak, whole file corresponding to abnormal document is replaced with into the full text after renewal
Part, to complete the reparation to system vulnerability.
The embodiment of the present invention also provides a kind of server, including memory and processor, and memory, which is used to store, includes journey
The information of sequence instruction, processor are used for the execution of control program instruction, it is characterised in that are realized when program is executed by processor
The step of either method of the embodiment of the present application offer is provided.
Using leak restorative procedure provided in an embodiment of the present invention, leak pair to be repaired in terminal device is obtained from server
The service packs answered, and by service packs carry in system kernel, not only can be in system by the kernel loads service packs
Leak present in core is repaired, but also can be repaired to operating in leak present in the program of user's space,
Solve limitation of the fail-safe software due to repairing authority in the prior art, and leak can not be carried out to each module in system kernel and repaiied
The problem of multiple, the i.e. present invention, realize comprehensive reparation to system vulnerability.
The additional aspect of the present invention and advantage will be set forth in part in the description, and these will become from the following description
Obtain substantially, or recognized by the practice of the present invention.
Brief description of the drawings
Of the invention above-mentioned and/or additional aspect and advantage will become from the following description of the accompanying drawings of embodiments
Substantially and it is readily appreciated that, wherein:
Fig. 1 is a kind of schematic flow sheet of leak restorative procedure provided in an embodiment of the present invention;
Fig. 2 is a kind of schematic diagram of the carry service packs in system kernel provided in an embodiment of the present invention;
Fig. 3 is a kind of schematic flow sheet for updating service packs provided in an embodiment of the present invention;
Fig. 4 is the schematic flow sheet that a kind of server provided in an embodiment of the present invention compiles service packs;
Fig. 5 is a kind of structural representation of leak prosthetic device provided in an embodiment of the present invention;
Fig. 6 is a kind of structural representation of server provided in an embodiment of the present invention.
Embodiment
Embodiments of the invention are described below in detail, the example of the embodiment is shown in the drawings, wherein from beginning to end
Same or similar label represents same or similar element or the element with same or like function.Below with reference to attached
The embodiment of figure description is exemplary, is only used for explaining the present invention, and is not construed as limiting the claims.
Those skilled in the art of the present technique are appreciated that unless expressly stated, singulative " one " used herein, " one
It is individual ", " described " and "the" may also comprise plural form.It is to be further understood that what is used in the specification of the present invention arranges
Diction " comprising " refer to the feature, integer, step, operation, element and/or component be present, but it is not excluded that in the presence of or addition
One or more other features, integer, step, operation, element, component and/or their groups.It should be understood that when we claim member
Part is " connected " or during " coupled " to another element, and it can be directly connected or coupled to other elements, or there may also be
Intermediary element.In addition, " connection " used herein or " coupling " can include wireless connection or wireless coupling.It is used herein to arrange
Taking leave "and/or" includes whole or any cell and all combinations of one or more associated list items.
Those skilled in the art of the present technique are appreciated that unless otherwise defined, all terms used herein (including technology art
Language and scientific terminology), there is the general understanding identical meaning with the those of ordinary skill in art of the present invention.Should also
Understand, those terms defined in such as general dictionary, it should be understood that have with the context of prior art
The consistent meaning of meaning, and unless by specific definitions as here, idealization or the implication of overly formal otherwise will not be used
To explain.
The embodiments of the invention provide a kind of leak detection method, the schematic flow sheet of this method is as shown in figure 1, specific bag
Include following steps:
S101:Service packs is obtained from server, and by service packs carry in system kernel, and service packs is basis
The reparation relevant information of leak to be repaired is compiled in terminal device;
S102:Leak reparation is carried out according to service packs.
Using leak restorative procedure provided in an embodiment of the present invention, leak pair to be repaired in terminal device is obtained from server
The service packs answered, and by service packs carry in system kernel, not only can be in system by the kernel loads service packs
Leak present in core is repaired, but also can be repaired to operating in leak present in the program of user's space,
Solve limitation of the fail-safe software due to repairing authority in the prior art, and leak can not be carried out to each module in system kernel and repaiied
The problem of multiple, the i.e. present invention, realize comprehensive reparation to system vulnerability.
The application scenarios of the embodiment of the present invention can be:Fail-safe software manufacturer is developed to the terminal device manufacturer of cooperation
Various terminal equipment carries out leak analysis, compiles out patch corresponding to each leak, and these patches are packaged into service packs;Respectively
Terminal device realizes the function of leak reparation respectively by each self-corresponding service packs carry in system kernel in kernel.Eventually
Fail-safe software factory is given by cooperating with fail-safe software manufacturer, by the detecting leak and patching bugs of the task by end equipment manufacturer
Business, alleviate the burden of terminal device manufacturer;Service packs is distinguished into carry in the kernel of counterpart terminal equipment, realizes system
The reparation of kernel leak.
The specific implementation of each step is described further below for more than:
S101:Service packs is obtained from server, and by service packs carry in system kernel, and service packs is basis
The reparation relevant information of leak to be repaired is compiled in terminal device.
For this step, in a kind of application scenarios, terminal device manufacturer, directly will safety before terminal device is released
The service packs carry that software vendor provides is in system kernel, i.e.,:Before user's using terminal equipment, hung in terminal device
Service packs is carried.In another application scenarios, terminal device manufacturer is after terminal device is released, and terminal device is from server
Middle acquisition service packs, and by the service packs carry system kernel.
For second of application scenarios, embodiment can be corresponding to this step:Terminal device is sent out to server
Send and inquire about the request that the terminal device corresponds to service packs, can specifically set and send the cycle, looked into for example, setting and sending 1 time for every 3 days
Request is ask, after server determines service packs corresponding to the existing equipment, corresponding feedback information is sent to the terminal and set
It is standby, after terminal device receives the feedback information, corresponding service packs is downloaded from server immediately, and carry is in the kernel of system
In.In another embodiment, after server determines to have service packs corresponding to the equipment, actively service packs is issued to
Corresponding terminal device, terminal device is after the service packs is received, by the service packs carry in the kernel of system.
The process of the carry service packs in kernel is illustrated below by one embodiment, but is said with being also only exemplary
It is bright, it is impossible to be interpreted as limitation of the invention.
Specifically, as shown in Fig. 2 terminal device includes user's space (User Space) and kernel spacing
(Kernel) it, may include SDK (Software Development Kit, i.e. SDK) in user's space, and
Local finger daemon (Native Daemon).Wherein, Native Daemon are executable program, for example, init processes, are being
System starts when starting, and is responsible for being communicated with kernel, service packs is carried out the work such as to verify;SDK is responsible for being led to server
News.
The process of system kernel carry service packs is described in detail with reference to Fig. 2:
Compiled service packs is sent to server corresponding to terminal device manufacturer and (set by server corresponding to fail-safe software
Standby server), terminal device sends the request inquired about the terminal device and correspond to service packs to server by SDK, specifically looks into
Ask in server and whether there is service packs corresponding to the terminal device, after device server receives the request, returned to the SDK
Feedback information;If the feedback information is determines service packs corresponding to terminal device be present in server, the SDK is according to the feedback letter
Cease, download corresponding service packs in slave unit server, and the service packs is sent to Native Daemon;Native
After Daemon receives the service packs, to the service packs carry out signature check, specifically verify the service packs sender whether be
The server (destination server) made an appointment, when it is determined that sender is destination server, the service packs is sent to kernel,
The carry of service packs is completed i.e. in kernel.
S102:Leak reparation is carried out according to the service packs.In this step, the service packs in kernel leaks to system
Hole is repaired, and the mode specifically repaired includes:Object function is repaired by Hook Function (HOOK), with completion pair
The reparation of system kernel leak.Specifically, by arranging HOOK programs in service packs, the HOOK programs are responsible for pre- in kernel
The call function first configured is monitored, and when HOOK monitors problem function (object function), hooks up problem function and timely
Ground is repaired to the object function, is finally completed the leak reparation of whole system kernel.In a preferred embodiment,
It is atomic operation by HOOK process optimizations, so, system will not be impacted when leak is repaired.
The mode of system vulnerability reparation is also included:When detecting the presence of the abnormal document of leak, by the abnormal document
Corresponding whole file replaces with the whole file after renewal, to complete the reparation to system vulnerability.Specifically, server enters to system
During row detection, file corresponding to system vulnerability (abnormal document) is determined, and the abnormal document is repaired, after being updated
Whole file;Whole file write-in service packs after this is updated, when terminal device is repaired using the service packs to system vulnerability
When, whole file corresponding to abnormal document is directly replaced with into the whole file after renewal.Repaired by way of whole file replacement and be
System leak, ensure that the stability of system.
The whole file that the mode that above-mentioned whole file is replaced can be regarded as in certain memory range is replaced, if abnormal document pair
The internal memory shared by complete file answered is larger, so, if the complete file is replaced, will necessarily consume substantial amounts of
Resource, therefore, in the embodiment of the present invention, the file that can intercept certain memory range is used as " whole file ".
The embodiment of the present invention also includes:After system vulnerability repaired by kernel, result will be repaired and sent to server,
So that each patch that server is included according to reparation result to service packs is debugged.In actual applications, when system is leaked
After hole is repaired, terminal device will repair result and first send to terminal device service device, and terminal device service device can be to repairing
As a result filtered, for example, the information of some terminal devices is filtered out, such as, use or the number for buying the terminal device, so
Afterwards, the reparation result after filtering is sent to the information security that to fail-safe software server, ensure that terminal device manufacturer.
In actual applications, system vulnerability once can not possibly be detected with regard to whole, but in the mistake for using or detecting
Constantly it is detected in journey, therefore, it is necessary to constantly compiles out patch corresponding to each leak for the leak newly detected.Such as
The content that background technology is recorded, in the prior art, terminal device manufacturer periodically can be repaired or be upgraded to system, but
Because the reparation or upgrading of every subsystem can expend substantial amounts of resource, therefore, terminal device will not set shorter repairing efficiency,
So, system vulnerability is caused to be repaired in time.In addition, with the development of science and technology, the renewal of terminal device is very rapid,
Most of terminal device manufacturer only repairs within a period of time to the system of certain equipment, just no longer repairs afterwards, at this moment
To still using this equipment user with inconvenience.
In view of the above-mentioned problems, providing a kind of embodiment, the embodiment is specially the embodiment of the present invention:To server
Send the request of the more new state of carry service packs in inquiry system kernel;The service packs of carry that the reception server returns exists
The feedback information of more new state is in server;According to feedback information, the service packs after renewal is downloaded from server;To more
Service packs after new carries out signature check, if verification passes through, by the service packs carry after renewal in system kernel.
It is illustrated in figure 3 a kind of embodiment for updating service packs, tool similar with the process of the carry service packs of earlier figures 2
Body comprises the following steps:
S301:Terminal device by SDK to server send inquiry Kemel in the more new state of carry service packs please
Ask;
S302:After server receives the request, corresponding feedback information is returned to SDK;
S303:If it is determined that when the service packs of carry is in more new state in Kemel, the benefit after renewal is downloaded by SDK
Fourth bag, and notify Native Daemon service packs is downloaded to complete (S304);
S305:The service packs after renewal is installed by Native Daemon, and the service packs after the renewal is entered
Row signature check (S306), whether the sender for specifically verifying the service packs is destination server;
S307:If verification passes through, Kemel applies the service packs after the renewal, and is carried out using the service packs after the renewal
Leak reparation (S308);
S309:After completing leak reparation, leak reparation result is reported by SDK by Native Daemon, and pass through
SDK reports server (S310).
When the new leak in discovery system, server is analyzed the information of the leak, determines to repair accordingly
Method, and corresponding patch is compiled out according to the restorative procedure, by carry service packs is updated in system kernel, inciting somebody to action
The patch of newly compiled is added into service packs, and by the service packs of the renewal again carry in system kernel.In practical application
In, service packs is updated without terminal device manufacturer, directly system periodically detected by fail-safe software manufacturer,
And corresponding patch is compiled out according to newfound leak, and most at last the patch carry in system kernel.Fail-safe software factory
Business can set shorter repairing efficiency, and system is detected and safeguarded, the service packs of renewal is handed down into terminal in time
Equipment, and then equipment is repaired to the leak in system in time, and the embodiment of the present invention hangs service packs
It is loaded in system kernel, it is possible to achieve leak reparation is carried out to the modules in system kernel.
In actual applications, the renewal for service packs can increase new patch in carry service packs, or
Original patch in carry service packs can be upgraded, can be specifically the new function of increase, or to existing work(
Can be modified, etc..In addition, the mode revised to service packs can be to the service packs of carry is carried out all in system
Replace;, can be only to the patch that is updated in carry service packs in order to economize on resources in a kind of preferred embodiment in
It is replaced, and/or the patch that increase is new.
In addition, in actual applications, it may occur in the process of the reparation of system vulnerability because of some patch of application
Anomalous event, for example, system reboot.For the problem, the embodiment of the present invention provides a kind of embodiment, is specially:Work as detection
To service packs carry out leak reparation when occur anomalous event when, verification anomalous event whether any patch included by service packs
It is caused;If so, being unloaded to the patch for causing anomalous event, and anomalous event is reported into server, to service
Device is repaired according to anomalous event to the patch for causing anomalous event.
Continue to use the example shown in above-mentioned Fig. 3, by Native Daemon except can to service packs carry out signature check it
Outside, the anomalous event occurred in system can also be verified, specifically verifies whether the anomalous event is included by service packs
Any patch caused by, if so, Native Daemon to Kemel send notify, inform Kemel to causing anomalous event
Patch is unloaded, meanwhile, the anomalous event is reported to by server by Native Daemon and SDK.
Fig. 3 is a kind of embodiment of renewal Kemel service packs provided in an embodiment of the present invention, in actual applications,
Also a variety of embodiments, for example, in one embodiment, after the service packs of Native Daemon in obtaining updated,
Service packs after the renewal is split, the patch for each leak that the service packs after being updated is included, and to this
Service packs carry out signature check, if verification pass through, by for the patch carry of each leak in system kernel.
If cooperated for another example application scenarios are fail-safe software manufacturers with terminal device manufacturer, for security consideration, meeting exists
The signing messages of fail-safe software server and terminal device service device is write in service packs.For example, pass through Native in Fig. 3
Daemon carries out signature check (S306) to the service packs after renewal, same by Native Daemon in a kind of verification mode
When the fail-safe software server and the signing messages of terminal device service device that are included in service packs are verified, if the two is logical
To cross, it was demonstrated that the service packs is legal, and by the service packs carry in kernel, if any signature verification is not by abandoning carry.
In another verification mode, only one of signing messages is verified by Native Daemon, and
Kemel verifies to another signing messages.For example, Native Daemon first verify the signing messages included in service packs
Whether be targeted security server signing messages, if so, by the service packs carry in Kemel;When by Kemel to system
When leak is repaired, can first verify the signing messages that is included in the service packs whether be target terminal device server A.L.S.
Breath, if so, the service packs is reapplied, if it is not, the service packs can be unloaded directly.
Foregoing teachings emphasis is documented in carry service packs in system kernel, and carries out system vulnerability reparation using service packs
Etc. embodiment, the embodiment of the present invention also provides the method that server compiles service packs, and the flow of this method is as shown in figure 4, tool
Body comprises the following steps:
S401:Fail-safe software server collects the vulnerability information of target terminal equipment, and these vulnerability informations are put in storage;Should
Vulnerability information can be fail-safe software voluntarily vulnerability information determined by detection terminal equipment, or the leakage that can be provided with third party
Hole information, the vulnerability information include:The information such as the title of leak, type, coverage.
S402:Each leak (for example, parsing code or script) in storehouse is parsed, determines the recovery scenario of each leak.
S403:According to the recovery scenario of determination, patch corresponding to each leak is compiled automatically, specifically, can compiled
The compilation operations are performed on platform (hot patch platform), the scope and leak recovery scenario influenceed with specific reference to leak, automatically
Compile out patch corresponding to each leak.
S404:Automatic detection and manually detection are carried out to the patch of compiling, determine the performance of each patch.
S405:Gather each patch of compiling, be packaged into service packs, and the label of fail-safe software server are added in service packs
Name information.
S406:Service packs is sent to terminal device service device by fail-safe software server.
S407:Terminal device service device is audited to service packs, and the content specifically audited can include:The service packs
Whether information of infringement terminal device, etc. is included in performance, and the service packs.
S408:If examination & verification passes through, the signing messages of terminal device service device is added in service packs;In order to improve safety
Property, service packs can be encrypted using asymmetric cryptosystem mode here.
Fig. 4 is a kind of embodiment that the embodiment of the present invention is enumerated, in actual applications, also many embodiments,
The embodiment of the present invention is not especially limited to this.
In actual applications, fail-safe software server leak according to present in each terminal device correspondence system is believed
Breath, compiles out corresponding service packs, can be specifically compiled according to the information of terminal device, ensures that the service packs of compiling can be with
Success is applied to corresponding terminal device.In addition, in actual applications, in order to ensure the security of information in terminal device, hang
" service packs " being loaded in kernel, and the embodiment of the present invention record " SDK ", " code, right corresponding to Native Daemon "
In terminal device manufacturer can be code of increasing income, i.e.,:Terminal device service device can monitor carry and the leakage of service packs at any time
The process that hole is repaired.
Based on the inventive concept of the present invention, the embodiment of the present invention additionally provides a kind of leak prosthetic device, the knot of the device
Structure schematic diagram is as shown in figure 5, specifically include with lower unit:
Acquiring unit 501 and reparation unit 502, wherein:
Receiving unit 501, for obtaining service packs from server, and by service packs carry in system kernel, and
Service packs is compiled according to the reparation relevant information of leak to be repaired in terminal device;
Unit 502 is repaired, for carrying out leak reparation according to service packs.
The specific workflow of present apparatus embodiment is:Receiving unit 501 obtains service packs from server, and this is mended
Fourth bag carry in system kernel, wherein, the service packs is entered according to the reparation relevant information of leak to be repaired in terminal device
Row compiling, secondly, repair unit 502 and leak reparation is carried out according to the service packs.
Using leak prosthetic device provided in an embodiment of the present invention, leak pair to be repaired in terminal device is obtained from server
The service packs answered, and by service packs carry in system kernel, not only can be in system by the kernel loads service packs
Leak present in core is repaired, but also can be repaired to operating in leak present in the program of user's space,
Solve limitation of the fail-safe software due to repairing authority in the prior art, and leak can not be carried out to each module in system kernel and repaiied
The problem of multiple, the i.e. present invention, realize comprehensive reparation to system vulnerability.
Present apparatus embodiment realizes that the mode of leak reparation has many kinds, for example, in the first embodiment, the device
Also include:
First transmitting element, receiving unit, download unit and verification unit, wherein:
First transmitting element, for server send inquiry system kernel in the more new state of carry service packs please
Ask;
Receiving unit, it is in the feedback of more new state in the server for the service packs of carry that the reception server returns
Information;
Download unit, for according to feedback information, the service packs after renewal to be downloaded from server;
Verification unit, for carrying out signature check to the service packs after renewal, if verification passes through, by the service packs after renewal
Carry is in system kernel.
Had the beneficial effect that using the embodiment:When the new leak in discovery system, server is to the leak
Information is analyzed, and determines corresponding restorative procedure, and compiles out corresponding patch according to the restorative procedure, by system
Carry service packs is updated in kernel, and the patch of newly compiled is added into service packs, and by the service packs weight of the renewal
New carry is in system kernel.In actual applications, service packs is updated without terminal device manufacturer, it is directly soft by safety
Part manufacturer is periodically detected to system, and compiles out corresponding patch according to newfound leak, and the most benefit at last
Fourth carry is in system kernel.Fail-safe software manufacturer can set shorter repairing efficiency, and system is detected and safeguarded, will
The service packs of renewal is handed down to terminal device in time, and then equipment is repaiied to the leak in system in time
It is multiple, and the embodiment of the present invention by service packs carry in system kernel, it is possible to achieve the modules in system kernel are entered
Row leak reparation.
In second of embodiment, the device also includes split cells, and split cells is used for:
Service packs after renewal is split based on each leak, what the service packs after being updated was included is directed to each
The patch of individual leak;
Wherein, verification unit is specifically used for:
If verification pass through, by for the patch carry of each leak in system kernel.
In the third embodiment, the device also includes unloading unit, and unloading unit is used for:
When anomalous event occurs when detecting that service packs carries out leak reparation, whether verification anomalous event is by service packs institute
Comprising any patch caused by;
If so, being unloaded to the patch for causing anomalous event, and anomalous event is reported into server, to service
Device is repaired according to anomalous event to the patch for causing anomalous event.
In the 4th kind of embodiment, the device also includes the second transmitting element, and the second transmitting element is used for:
After repairing unit 502 and carrying out leak reparation according to service packs, result will be repaired and sent to server, to cause
Each patch that server is included according to reparation result to service packs is debugged.
In the 5th kind of embodiment, repair unit 502 includes according to the mode of service packs progress leak reparation:
Object function is repaired by Hook Function, to complete the reparation to system kernel leak;And/or
When detecting the presence of the abnormal document of leak, whole file corresponding to abnormal document is replaced with into the full text after renewal
Part, to complete the reparation to system vulnerability.
Based on the inventive concept of the present invention, a kind of server, the structure of the server are additionally provided in the embodiment of the present invention
Schematic diagram as shown in fig. 6, including:Memory 601 and processor 602.
Memory 601 and processor 602 are electrically connected.
At least one program is stored with memory 601.
At least one program is used to realize following step when being performed by processor 602:
Service packs is obtained from server, and by service packs carry in system kernel, and service packs is according to terminal
The reparation relevant information of leak to be repaired is compiled in equipment;
Leak reparation is carried out according to service packs.
Preferably, at least one program is used to realize:
The request of the more new state of carry service packs in inquiry system kernel is sent to server;
The service packs of carry that the reception server returns is in the feedback information of more new state in the server;
According to feedback information, the service packs after renewal is downloaded from server;
Signature check is carried out to the service packs after renewal, if verification passes through, by the service packs carry after renewal in system
In core.
Preferably, at least one program is used to realize:
Service packs after renewal is split based on each leak, what the service packs after being updated was included is directed to each
The patch of individual leak;
Wherein, if verification passes through, step of the service packs carry in system kernel after renewal specifically includes:
If verification pass through, by for the patch carry of each leak in system kernel.
Preferably, at least one program is used to realize:
When anomalous event occurs when detecting that service packs carries out leak reparation, whether verification anomalous event is by service packs institute
Comprising any patch caused by;
If so, being unloaded to the patch for causing anomalous event, and anomalous event is reported into server, to service
Device is repaired according to anomalous event to the patch for causing anomalous event.
Preferably, after the step of carrying out leak reparation according to service packs, at least one program is used to realize:
Result will be repaired to send to server, to cause server according to repairing result each patch for including service packs
Debugged.
Preferably, the mode of leak reparation is carried out according to service packs to be included:
Object function is repaired by Hook Function, to complete the reparation to system kernel leak;And/or
When detecting the presence of the abnormal document of leak, whole file corresponding to abnormal document is replaced with into the full text after renewal
Part, to complete the reparation to system vulnerability.
The beneficial effect obtained using server provided in an embodiment of the present invention, with foregoing embodiment of the method or device
The beneficial effect that embodiment is obtained is same or like, and this is repeated no more.
Those skilled in the art of the present technique are appreciated that the present invention includes being related to for performing in operation described herein
One or more equipment.These equipment can specially be designed and manufactured for required purpose, or can also be included general
Known device in computer.These equipment have the computer program being stored in it, and these computer programs are optionally
Activation or reconstruct.Such computer program can be stored in equipment (for example, computer) computer-readable recording medium or be stored in
E-command and it is coupled to respectively in any kind of medium of bus suitable for storage, the computer-readable medium is included but not
Be limited to any kind of disk (including floppy disk, hard disk, CD, CD-ROM and magneto-optic disk), ROM (Read-Only Memory, only
Read memory), RAM (Random Access Memory, immediately memory), EPROM (Erasable Programmable
Read-Only Memory, Erarable Programmable Read only Memory), EEPROM (Electrically Erasable
Programmable Read-Only Memory, EEPROM), flash memory, magnetic card or light card
Piece.It is, computer-readable recording medium includes storing or transmitting any Jie of information in the form of it can read by equipment (for example, computer)
Matter.
Those skilled in the art of the present technique be appreciated that can with computer program instructions come realize these structure charts and/or
The combination of each frame and these structure charts and/or the frame in block diagram and/or flow graph in block diagram and/or flow graph.This technology is led
Field technique personnel be appreciated that these computer program instructions can be supplied to all-purpose computer, special purpose computer or other
The processor of programmable data processing method is realized, so as to pass through the processing of computer or other programmable data processing methods
Device performs the scheme specified in the frame of structure chart and/or block diagram and/or flow graph disclosed by the invention or multiple frames.
Those skilled in the art of the present technique are appreciated that in the various operations discussed in the present invention, method, flow
Step, measure, scheme can be replaced, changed, combined or deleted.Further, it is each with having been discussed in the present invention
Kind operation, method, other steps in flow, measure, scheme can also be replaced, changed, reset, decomposed, combined or deleted.
Further, it is of the prior art to have and the step in the various operations disclosed in the present invention, method, flow, measure, scheme
It can also be replaced, changed, reset, decomposed, combined or deleted.
Described above is only some embodiments of the present invention, it is noted that for the ordinary skill people of the art
For member, under the premise without departing from the principles of the invention, some improvements and modifications can also be made, these improvements and modifications also should
It is considered as protection scope of the present invention.
Claims (10)
- A kind of 1. leak restorative procedure, it is characterised in that including:Service packs is obtained from server, and by the service packs carry in system kernel, and the service packs is basis The reparation relevant information of leak to be repaired is compiled in terminal device;Leak reparation is carried out according to the service packs.
- 2. leak restorative procedure according to claim 1, it is characterised in that methods described also includes:Sent to the server and inquire about the request of the more new state of carry service packs in the system kernel;Receive the feedback information that the service packs of carry that the server returns is in more new state in the server;According to the feedback information, the service packs after renewal is downloaded from the server;Signature check is carried out to the service packs after the renewal, if verification passes through, by the service packs carry after the renewal in institute State in system kernel.
- 3. leak restorative procedure according to claim 2, it is characterised in that methods described also includes:Service packs after the renewal is split based on each leak, obtains the pin that the service packs after the renewal is included To the patch of each leak;Wherein, if verification passes through, step of the service packs carry in the system kernel after the renewal specifically includes:If verification passes through, by the patch carry for each leak in the system kernel.
- 4. leak restorative procedure according to claim 1, it is characterised in that methods described also includes:When anomalous event occurs when detecting that the service packs carries out leak reparation, whether the anomalous event is verified by described Caused by any patch that service packs is included;If so, being unloaded to the patch for causing the anomalous event, and the anomalous event is reported into the server, with So that the server is repaired according to the anomalous event to the patch for causing the anomalous event.
- 5. leak restorative procedure according to claim 1, it is characterised in that leak reparation is carried out according to the service packs After step, methods described also includes:Result will be repaired to send to the server, to cause the server according to the reparation result to the service packs institute Comprising each patch debugged.
- 6. according to any described leak restorative procedures of claim 1-5, it is characterised in that described to be carried out according to the service packs The mode of leak reparation includes:Object function is repaired by Hook Function, to complete the reparation to system kernel leak;And/orWhen detecting the presence of the abnormal document of leak, whole file corresponding to the abnormal document is replaced with into the full text after renewal Part, to complete the reparation to system vulnerability.
- A kind of 7. leak prosthetic device, it is characterised in that including:Acquiring unit and reparation unit, wherein:The receiving unit, for obtaining service packs from server, and by the service packs carry in system kernel, and The service packs is compiled according to the reparation relevant information of leak to be repaired in terminal device;The reparation unit, for carrying out leak reparation according to the service packs.
- 8. leak prosthetic device according to claim 7, it is characterised in that described device also includes:First transmitting element, receiving unit, download unit and verification unit, wherein:First transmitting element, the renewal of carry service packs in the system kernel is inquired about for being sent to the server The request of state;The receiving unit, for receiving, carry service packs has been in more in the server described in the server return The feedback information of new state;The download unit, for according to the feedback information, the service packs after renewal to be downloaded from the server;The verification unit, for carrying out signature check to the service packs after the renewal, if verification passes through, after the renewal Service packs carry in the system kernel.
- 9. leak prosthetic device according to claim 8, it is characterised in that described device also includes split cells, described Split cells is used for:Service packs after the renewal is split based on each leak, obtains the pin that the service packs after the renewal is included To the patch of each leak;Wherein, the verification unit is specifically used for:If verification passes through, by the patch carry for each leak in the system kernel.
- 10. a kind of server, including memory and processor, the memory is used to store the information for including programmed instruction, institute State the execution that processor is used for control program instruction, it is characterised in that program is realized that right such as will during the computing device The step of seeking 1-6 any methods describeds.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710730150.1A CN107437029A (en) | 2017-08-23 | 2017-08-23 | Leak restorative procedure, leak prosthetic device and server |
| PCT/CN2018/090865 WO2019037522A1 (en) | 2017-08-23 | 2018-06-12 | Bug fixing method, bug fixing device and server |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710730150.1A CN107437029A (en) | 2017-08-23 | 2017-08-23 | Leak restorative procedure, leak prosthetic device and server |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN107437029A true CN107437029A (en) | 2017-12-05 |
Family
ID=60461048
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201710730150.1A Pending CN107437029A (en) | 2017-08-23 | 2017-08-23 | Leak restorative procedure, leak prosthetic device and server |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN107437029A (en) |
| WO (1) | WO2019037522A1 (en) |
Cited By (21)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107943544A (en) * | 2017-12-11 | 2018-04-20 | 北京奇虎科技有限公司 | The loading method and device of a kind of kernel patch |
| CN107967427A (en) * | 2017-12-11 | 2018-04-27 | 北京奇虎科技有限公司 | Monitor the method, apparatus and terminal device of loophole attack |
| CN108039945A (en) * | 2017-12-11 | 2018-05-15 | 北京奇虎科技有限公司 | A kind of endorsement method of service packs, method of calibration and device |
| CN108446134A (en) * | 2018-03-30 | 2018-08-24 | 努比亚技术有限公司 | Loophole restorative procedure, mobile terminal and the readable storage medium storing program for executing of application program |
| WO2019037522A1 (en) * | 2017-08-23 | 2019-02-28 | 北京奇虎科技有限公司 | Bug fixing method, bug fixing device and server |
| CN109492406A (en) * | 2018-11-15 | 2019-03-19 | 百度在线网络技术(北京)有限公司 | Monitor the methods, devices and systems of kernel loophole attack |
| CN109976788A (en) * | 2019-03-26 | 2019-07-05 | 深圳Tcl数字技术有限公司 | The miniature loophole restorative procedure of intelligent terminal, intelligent terminal, equipment and server |
| CN110300119A (en) * | 2019-07-09 | 2019-10-01 | 国家计算机网络与信息安全管理中心 | A kind of method and electronic equipment of validating vulnerability |
| CN110321710A (en) * | 2019-07-05 | 2019-10-11 | 深信服科技股份有限公司 | A kind of terminal loophole restorative procedure, system and associated component |
| CN110727456A (en) * | 2019-10-12 | 2020-01-24 | 上海莉莉丝科技股份有限公司 | Method, device, equipment and system for downloading application program patch package |
| CN110795128A (en) * | 2019-10-30 | 2020-02-14 | 上海米哈游天命科技有限公司 | Program bug fixing method and device, storage medium and server |
| CN110990833A (en) * | 2019-10-31 | 2020-04-10 | 重庆小雨点小额贷款有限公司 | SDK safety detection method and related equipment |
| CN111125709A (en) * | 2019-11-29 | 2020-05-08 | 苏州浪潮智能科技有限公司 | Server security vulnerability repairing method and device |
| CN111159718A (en) * | 2019-12-31 | 2020-05-15 | 青岛海尔科技有限公司 | Method and device for bug repair and household appliance |
| CN111614628A (en) * | 2020-04-28 | 2020-09-01 | 上海汽车集团股份有限公司 | Kernel reinforcement system and method, cloud server, client, electronic device and storage medium |
| CN111753296A (en) * | 2020-05-28 | 2020-10-09 | 苏州浪潮智能科技有限公司 | Method and device for repairing system component bugs |
| CN111881456A (en) * | 2020-07-29 | 2020-11-03 | 江苏云从曦和人工智能有限公司 | Security risk management and control method, device, equipment and medium |
| CN112395616A (en) * | 2019-08-15 | 2021-02-23 | 奇安信安全技术(珠海)有限公司 | Vulnerability processing method and device and computer equipment |
| CN112653655A (en) * | 2019-10-12 | 2021-04-13 | 深圳市奇虎智能科技有限公司 | Automobile safety communication control method and device, computer equipment and storage medium |
| CN112698846A (en) * | 2020-12-30 | 2021-04-23 | 麒麟软件有限公司 | Method and system for automatically installing patch in Linux system |
| CN112906008A (en) * | 2018-11-15 | 2021-06-04 | 百度在线网络技术(北京)有限公司 | Kernel vulnerability repairing method, device, server and system |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20070044153A1 (en) * | 2005-08-19 | 2007-02-22 | Sun Microsystems, Inc. | Computer security technique employing patch with detection and/or characterization mechanism for exploit of patched vulnerability |
| CN103118036A (en) * | 2013-03-07 | 2013-05-22 | 上海电机学院 | Cloud end based intelligent security protection system and method |
| CN106055979A (en) * | 2016-05-24 | 2016-10-26 | 百度在线网络技术(北京)有限公司 | Kernel fixing method and apparatus |
| CN106598667A (en) * | 2016-12-12 | 2017-04-26 | 百度在线网络技术(北京)有限公司 | Method and device used for restoring kernel vulnerability |
Family Cites Families (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106775732B (en) * | 2016-12-23 | 2019-02-12 | 优刻得科技股份有限公司 | A kind of hot patch loading method and device |
| CN106897095B (en) * | 2017-02-24 | 2020-10-13 | 网易(杭州)网络有限公司 | Method and device for hot repairing application program, readable storage medium and computing equipment |
| CN106951279A (en) * | 2017-02-27 | 2017-07-14 | 努比亚技术有限公司 | The hot repair apparatus for coating and method of application |
| CN107437029A (en) * | 2017-08-23 | 2017-12-05 | 北京奇虎科技有限公司 | Leak restorative procedure, leak prosthetic device and server |
-
2017
- 2017-08-23 CN CN201710730150.1A patent/CN107437029A/en active Pending
-
2018
- 2018-06-12 WO PCT/CN2018/090865 patent/WO2019037522A1/en active Application Filing
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20070044153A1 (en) * | 2005-08-19 | 2007-02-22 | Sun Microsystems, Inc. | Computer security technique employing patch with detection and/or characterization mechanism for exploit of patched vulnerability |
| CN103118036A (en) * | 2013-03-07 | 2013-05-22 | 上海电机学院 | Cloud end based intelligent security protection system and method |
| CN106055979A (en) * | 2016-05-24 | 2016-10-26 | 百度在线网络技术(北京)有限公司 | Kernel fixing method and apparatus |
| CN106598667A (en) * | 2016-12-12 | 2017-04-26 | 百度在线网络技术(北京)有限公司 | Method and device used for restoring kernel vulnerability |
Cited By (31)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2019037522A1 (en) * | 2017-08-23 | 2019-02-28 | 北京奇虎科技有限公司 | Bug fixing method, bug fixing device and server |
| CN107967427A (en) * | 2017-12-11 | 2018-04-27 | 北京奇虎科技有限公司 | Monitor the method, apparatus and terminal device of loophole attack |
| CN108039945A (en) * | 2017-12-11 | 2018-05-15 | 北京奇虎科技有限公司 | A kind of endorsement method of service packs, method of calibration and device |
| CN107943544B (en) * | 2017-12-11 | 2021-10-08 | 北京奇虎科技有限公司 | Kernel patch loading method and device |
| CN107943544A (en) * | 2017-12-11 | 2018-04-20 | 北京奇虎科技有限公司 | The loading method and device of a kind of kernel patch |
| CN108446134A (en) * | 2018-03-30 | 2018-08-24 | 努比亚技术有限公司 | Loophole restorative procedure, mobile terminal and the readable storage medium storing program for executing of application program |
| CN112906008A (en) * | 2018-11-15 | 2021-06-04 | 百度在线网络技术(北京)有限公司 | Kernel vulnerability repairing method, device, server and system |
| CN109492406A (en) * | 2018-11-15 | 2019-03-19 | 百度在线网络技术(北京)有限公司 | Monitor the methods, devices and systems of kernel loophole attack |
| CN109976788A (en) * | 2019-03-26 | 2019-07-05 | 深圳Tcl数字技术有限公司 | The miniature loophole restorative procedure of intelligent terminal, intelligent terminal, equipment and server |
| CN109976788B (en) * | 2019-03-26 | 2024-03-15 | 深圳Tcl数字技术有限公司 | Intelligent terminal miniature vulnerability restoration method, intelligent terminal, equipment and server |
| CN110321710A (en) * | 2019-07-05 | 2019-10-11 | 深信服科技股份有限公司 | A kind of terminal loophole restorative procedure, system and associated component |
| CN110300119B (en) * | 2019-07-09 | 2021-09-14 | 国家计算机网络与信息安全管理中心 | Vulnerability verification method and electronic equipment |
| CN110300119A (en) * | 2019-07-09 | 2019-10-01 | 国家计算机网络与信息安全管理中心 | A kind of method and electronic equipment of validating vulnerability |
| CN112395616A (en) * | 2019-08-15 | 2021-02-23 | 奇安信安全技术(珠海)有限公司 | Vulnerability processing method and device and computer equipment |
| CN112395616B (en) * | 2019-08-15 | 2024-01-30 | 奇安信安全技术(珠海)有限公司 | Vulnerability processing method and device and computer equipment |
| CN112653655A (en) * | 2019-10-12 | 2021-04-13 | 深圳市奇虎智能科技有限公司 | Automobile safety communication control method and device, computer equipment and storage medium |
| CN110727456A (en) * | 2019-10-12 | 2020-01-24 | 上海莉莉丝科技股份有限公司 | Method, device, equipment and system for downloading application program patch package |
| CN110795128B (en) * | 2019-10-30 | 2023-10-27 | 上海米哈游天命科技有限公司 | Program bug repairing method and device, storage medium and server |
| CN110795128A (en) * | 2019-10-30 | 2020-02-14 | 上海米哈游天命科技有限公司 | Program bug fixing method and device, storage medium and server |
| CN110990833A (en) * | 2019-10-31 | 2020-04-10 | 重庆小雨点小额贷款有限公司 | SDK safety detection method and related equipment |
| CN110990833B (en) * | 2019-10-31 | 2022-08-05 | 重庆小雨点小额贷款有限公司 | SDK safety detection method and related equipment |
| CN111125709B (en) * | 2019-11-29 | 2022-05-24 | 苏州浪潮智能科技有限公司 | Server security vulnerability repair method and device |
| CN111125709A (en) * | 2019-11-29 | 2020-05-08 | 苏州浪潮智能科技有限公司 | Server security vulnerability repairing method and device |
| CN111159718A (en) * | 2019-12-31 | 2020-05-15 | 青岛海尔科技有限公司 | Method and device for bug repair and household appliance |
| CN111159718B (en) * | 2019-12-31 | 2022-10-28 | 青岛海尔科技有限公司 | Method and device for bug repair and household appliance |
| CN111614628A (en) * | 2020-04-28 | 2020-09-01 | 上海汽车集团股份有限公司 | Kernel reinforcement system and method, cloud server, client, electronic device and storage medium |
| CN111753296B (en) * | 2020-05-28 | 2022-06-17 | 苏州浪潮智能科技有限公司 | Method and device for repairing system component bugs |
| CN111753296A (en) * | 2020-05-28 | 2020-10-09 | 苏州浪潮智能科技有限公司 | Method and device for repairing system component bugs |
| CN111881456A (en) * | 2020-07-29 | 2020-11-03 | 江苏云从曦和人工智能有限公司 | Security risk management and control method, device, equipment and medium |
| CN112698846A (en) * | 2020-12-30 | 2021-04-23 | 麒麟软件有限公司 | Method and system for automatically installing patch in Linux system |
| CN112698846B (en) * | 2020-12-30 | 2024-04-09 | 麒麟软件有限公司 | Method and system for automatically installing patches in Linux system |
Also Published As
| Publication number | Publication date |
|---|---|
| WO2019037522A1 (en) | 2019-02-28 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN107437029A (en) | Leak restorative procedure, leak prosthetic device and server | |
| US10824521B2 (en) | Generating predictive diagnostics via package update manager | |
| US8209564B2 (en) | Systems and methods for initiating software repairs in conjunction with software package updates | |
| CN102799515B (en) | Applied program testing method and device | |
| CN109726099B (en) | Application gray level publishing method, device and equipment | |
| CN112906008B (en) | Kernel vulnerability restoration method, device, server and system | |
| US20160306737A1 (en) | Automated error checking system for a software application and method therefor | |
| CN103368987B (en) | Cloud server, application program verification, certification and management system and application program verification, certification and management method | |
| CN105302716A (en) | Method and apparatus for test in joint development mode | |
| CN102468985A (en) | Method and system for carrying out penetration test on network safety equipment | |
| US20110214018A1 (en) | Systems and methods for diagnostic notification via package update manager | |
| CN105955749A (en) | Continuous software project integration method and device | |
| CN109471768B (en) | Service problem monitoring method and device and electronic equipment | |
| CN106462429A (en) | Dynamic patching of multiple, functionally equivalent variations of various software modules for security reasons | |
| CN101268620A (en) | Device management system and method for managing device management object | |
| CN102479092A (en) | Method and device for updating patch of software system | |
| Dodson et al. | Mitigating the risk of software vulnerabilities by adopting a secure software development framework (ssdf) | |
| CN110119348B (en) | Software upgrading test method and terminal | |
| Kumar et al. | Software security testing: A pertinent framework | |
| CN101963911A (en) | Patch generating method and device | |
| CN104036193B (en) | Local cross-domain vulnerability detection method and device for application program | |
| CN109542474A (en) | A kind of batch upgrading method of patient monitor firmware | |
| CN110334523B (en) | Vulnerability detection method and device, intelligent terminal and storage medium | |
| US8423831B2 (en) | System and method for performing auditing and correction | |
| CN111796857B (en) | Hot patch release method, device, equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20171205 |