CN109033844A - Automation vulnerability detection system and method based on port identification - Google Patents

Automation vulnerability detection system and method based on port identification Download PDF

Info

Publication number
CN109033844A
CN109033844A CN201811051288.XA CN201811051288A CN109033844A CN 109033844 A CN109033844 A CN 109033844A CN 201811051288 A CN201811051288 A CN 201811051288A CN 109033844 A CN109033844 A CN 109033844A
Authority
CN
China
Prior art keywords
port
module
vulnerability
identification
assets
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201811051288.XA
Other languages
Chinese (zh)
Inventor
张攀
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Sichuan Changhong Electric Co Ltd
Original Assignee
Sichuan Changhong Electric Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Sichuan Changhong Electric Co Ltd filed Critical Sichuan Changhong Electric Co Ltd
Priority to CN201811051288.XA priority Critical patent/CN109033844A/en
Publication of CN109033844A publication Critical patent/CN109033844A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/577Assessing vulnerabilities and evaluating computer system security
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q10/00Administration; Management
    • G06Q10/20Administration of product repair or maintenance

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Human Resources & Organizations (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Software Systems (AREA)
  • Marketing (AREA)
  • Economics (AREA)
  • Entrepreneurship & Innovation (AREA)
  • Computing Systems (AREA)
  • Operations Research (AREA)
  • Quality & Reliability (AREA)
  • Strategic Management (AREA)
  • Tourism & Hospitality (AREA)
  • General Business, Economics & Management (AREA)
  • Debugging And Monitoring (AREA)

Abstract

The automation vulnerability detection system based on port identification that the invention discloses a kind of, including the quick scan module in port, Port Profile identification module, assets classes memory module, validating vulnerability module, Asset Visualization display module, it is quickly scanned by the quick scan module Asset IP section in port, and result is output to the service release fingerprint recognition that Port Profile identification module refines, result is pressed into IP after the completion of identification, port, the classification storage in assets classes memory module such as service release, and the optional network specific digit assets filtered out are added to validating vulnerability module and start validating vulnerability, last output test result again simultaneously delivers operation maintenance personnel reparation, the automation vulnerability detection system and method based on port identification through the invention can complete the safety detection of enterprise assets in one hour that loophole is broken out, greatly Time and the human cost of emergency response are reduced, guarantees that enterprise completes loophole discovery and repaired before being attacked to greatest extent.

Description

Automation vulnerability detection system and method based on port identification
Technical field
The present invention relates to technical field of network security, in particular to the automation vulnerability detection system based on port identification and Method.
Background technique
Along with internet economy high speed development, the quick of e-commerce is popularized, and it is each that computer takes part in payment, logistics etc. A link needs new method and quickly finds to realize and repair a large amount of loophole with the outburst of a large amount of safety problems.
During long-term bug excavation, it is to set out that we, which are often with system, business or application, IP address, Point is traversed by each parameter for submitting a large amount of attack load to apply one, judges that loophole whether there is, this peace Full detection mode is feasible for routine testing, but once to when a new high-risk loophole outburst, this mode will Safety detection efficiency is greatly reduced, a large amount of repetitions and inefficient work are done.It can not find that there are the systems of new loophole in time, simultaneously Also it is unable to satisfy demand of the big companies for possessing a large amount of digital asset equipment to short time high efficiency safety detection.
Overwhelming majority active scanning system is all based on url crawler to grab parameter and list, addition attack load at present Verifying returns the result afterwards, this mode is able to satisfy routine safety detection demand in precision, but when a new loophole comes out, no peace The enterprise of all-round power both can not add correlation attack Validation Code the short time, can not accurately understand the assets security feelings of oneself Condition.
Our vulnerability scanning modes used in everyday at present, usually there is following limitation:
A, it is crawled by URL link, grabs all URL of an application, crawl URL in this scanning mode and to each Url addition attack load will consume the plenty of time, seriously affect the verification efficiency of new loophole;
B, in software and the platform evaluation and test of multiple vulnerability scannings, all lack the function of assets discovery, it is time-consuming and laborious in this way, It needs that enterprise assets are added in list to be scanned manually;
C, most of is that cannot complete the Detection task of magnanimity assets within a short period of time by the way of man-computer cooperation, May cause loophole, also no discovery has not just been utilized.
Therefore the system that assets are collected can be completed in the short time and call loophole to know according to current loophole by needing one Other module fast implements loophole perception, orients that there are the system of loophole or servers in time before loophole large-scale outbreak.
Summary of the invention
It is insufficient in above-mentioned background technique the purpose of the present invention is overcoming, the automation vulnerability detection based on port identification is provided System and method makes full use of full port scan and port fingerprint characteristic identification technology to establish digital asset, is opened by newest The loophole attack load of hair realizes quick comprehensive scanning in loophole outburst to enterprise assets, thus the first of loophole outburst Time finds that enterprise threatens, and quickly, efficiently realizes loophole discovery and repairs.
In order to reach above-mentioned technical effect, the present invention takes following technical scheme:
Automation vulnerability detection system based on port identification, including based on TCP half-connection the quick scan module in port, Port Profile identification module, assets classes memory module, validating vulnerability module, Asset Visualization display module;The port is fast Fast scan module is for being scanned digital Asset IP section, by the open service of the digital asset of port identification enterprise, and Result is exported to Port Profile identification module;The Port Profile identification module agreement that present port uses for identification, The type of service;The assets classes memory module be used to carry out the data of the quick scan module in port scanning classification storage with And classification storage is carried out to the data that port protocol identification module recognizes;The validating vulnerability module is for calling attack verifying Load carries out validating vulnerability to the asset data stored in assets classes memory module, and verification result is saved to back-end data Library;The Asset Visualization display module is used to extract the assets feature through scanning from assets classes memory module and be shown Or the data saved in background data base are shown;
Automation vulnerability detection system based on port identification of the invention is realized high-velocity scanning based on TCP half-connection, is filled Divide and establish digital asset using full port scan and port fingerprint characteristic identification technology, the quick of enterprise assets can be swept comprehensively It retouches, so that the first time discovery enterprise in loophole outburst threatens, while attached authentication module can cover newly in a short time The loophole of outburst is realized quickly discovery, is quickly repaired.
Further, classify according to port diagnostic to data in the assets classes memory module, the port is special Sign is at least divided into: the port diagnostic based on http agreement, the port diagnostic based on mysql service, the port based on redis service Feature, the port diagnostic based on smb agreement.
Further, the loophole of the validating vulnerability module verification includes at least: 2 Remote Code Execution Vulnerability of Struts, Bash broken shell loophole, redis unauthorized loophole, java unserializing loophole, SMB remote command execute loophole.
Further, be also stored with following data in the assets classes memory module: the address URL, ip, the address ip are corresponding Port fingerprint, service features version.
Meanwhile the invention also discloses a kind of automation vulnerability detection method based on port identification, including above-mentioned base In the automation vulnerability detection system of port identification, comprising the following steps:
A. the quick scan module in port treat typing in scan list IP sections of digital asset are scanned, and confirm enterprise The open service type of digital asset, meanwhile, the port information detected is transferred to Port Profile identification module;
B. Port Profile identification module judges agreement, the type of service that present port uses, and the data that will be detected Classification storage is in assets classes memory module;
C. validating vulnerability module calls attack proof load to carry out the asset data stored in assets classes memory module Validating vulnerability;
D. the verification result of step C is saved to background data base and verification result is sent to operation maintenance personnel.
Further, further include step E:
E. the assets feature that Asset Visualization display module extracts all scannings from assets classes memory module is opened up Show or extract the data saved in background data base and is shown.
Further, the Asset Visualization display module, which extracts when data are shown, is mentioned with a dimension It takes.
It further, is with port diagnostic when assets classes memory module is by data progress classification storage in the step B For classification foundation, the port diagnostic is divided into: the port diagnostic based on http agreement, the port diagnostic based on mysql service, base Port diagnostic in redis service, the port diagnostic based on smb agreement.
Further, the step C is specially that validating vulnerability module is extracted the seed type loophole that needs are verified and combined The parameter that attack load needs carries out specific validating vulnerability to the data stored in assets classes memory module, wherein described Specific validating vulnerability movement is application or the relevant vulnerability of server.
Further, the specific loophole includes SQL injection attack, Bash Remote Code Execution Vulnerability, Struts 2 Remote Code Execution Vulnerability.
Compared with prior art, the present invention have it is below the utility model has the advantages that
Automation vulnerability detection system and method based on port identification of the invention, will by the quick scan module in port Ip sections of assets of operation maintenance personnel filling are quickly scanned, and result is output to what Port Profile identification module refined Service release fingerprint recognition classifies result by IP, port, service release etc. after the completion of identification in assets classes memory module Storage, and the optional network specific digit assets filtered out are added to validating vulnerability module and start validating vulnerability, detection knot is finally exported again Fruit simultaneously delivers operation maintenance personnel reparation, and the automation vulnerability detection system and method based on port identification through the invention can leak Hole outburst one hour in complete enterprise assets safety detection, significantly reduce emergency response time and manpower at This, guarantees that enterprise completes loophole discovery and repaired before being attacked to greatest extent.
Specific embodiment
Below with reference to the embodiment of the present invention, the invention will be further elaborated.
Embodiment:
Embodiment one:
Automation vulnerability detection system based on port identification, including based on TCP half-connection the quick scan module in port, Port Profile identification module, assets classes memory module, validating vulnerability module, Asset Visualization display module.
The quick scan module in port passes through the number of port identification enterprise for being scanned to digital Asset IP section The open service of assets, and result is exported to Port Profile identification module.
The Port Profile identification module agreement that present port uses for identification, the type of service.
The assets classes memory module be used to carry out the data of the quick scan module in port scanning classification storage and Classification storage is carried out to the data that port protocol identification module recognizes.
Specifically, classify according to port diagnostic to data in the assets classes memory module, in the present embodiment, end Mouthful feature is at least divided into: the port diagnostic based on http agreement, the port diagnostic based on mysql service, based on redis service Port diagnostic, the port diagnostic based on smb agreement.
The validating vulnerability module is for calling attack proof load to the assets number stored in assets classes memory module According to progress validating vulnerability, and verification result is saved to background data base.Specifically, in the present embodiment, the validating vulnerability mould Block verifying loophole include at least: 2 Remote Code Execution Vulnerability of Struts, Bash broken shell loophole, redis unauthorized loophole, Java unserializing loophole, SMB remote command execute loophole.
The Asset Visualization display module be used for from assets classes memory module extract the assets feature through scanning into Row shows or is shown to the data saved in background data base;
Preferably, being also stored with following data in the assets classes memory module: the address URL, ip, the address ip are corresponding Port fingerprint, service features version.
Automation vulnerability detection system based on port identification of the invention, by the quick scan module in port by O&M people Ip sections of assets of member's filling are quickly scanned, and result is output to the service version that Port Profile identification module refines Result is pressed the classification storage in assets classes memory module such as IP, port, service release after the completion of identification by this fingerprint recognition, And the optional network specific digit assets filtered out are added to validating vulnerability module and start validating vulnerability, finally output test result and hand over again Pay operation maintenance personnel reparation.Full port scan and port fingerprint characteristic identification technology is made full use of to establish digital asset, it can be to enterprise Quick comprehensive scanning of industry assets, so that the first time discovery enterprise in loophole outburst threatens, while attached authentication module The loophole newly broken out can be covered in a short time, realized quickly discovery, quickly repaired.
Embodiment two:
The automation vulnerability detection method based on port identification that present embodiment discloses a kind of, based on the base in embodiment one In the automation vulnerability detection system of port identification, specifically includes the following steps:
The quantity of step 1, scanning engine according to mathematic for business assets, using distributed deployment;
Step 2, operation maintenance personnel are per one or more online server, with i.e. by the list to be scanned of assets ip filling;Wherein, Part intranet host need to configure springboard just achievable accurate scanning;
Specifically, the automation vulnerability detection method based on port identification through the invention is not necessarily in installing terminal equipment Any client, will greatly reduce operation maintenance personnel work, and scanning work and validating vulnerability work can start by set date, in practice The outspoken fast scan module of service operation trough period start end and validating vulnerability module may be selected.
Step 3, the quick scan module in port treat typing in scan list IP sections of digital asset are scanned, confirmation enterprise The open service type of the digital asset of industry, meanwhile, the port information detected is transferred to Port Profile identification module;
Step 4, Port Profile identification module judge agreement, the type of service that present port uses, and will detect Data classification is stored in assets classes memory module;It will call the quick scan module in port quickly to send out after scanning engine starting Now current IP open service type, and classify in assets classes memory module by fields such as port numbers and service types and deposit Storage;Specifically, incremental sweep, perfect enterprise digital asset can be carried out in service operation low-valley interval;
It is the institute using port diagnostic as classification foundation when specifically, assets classes memory module is by data progress classification storage It states port diagnostic to be divided into: port diagnostic based on http agreement, the port diagnostic based on mysql service, based on redis service Port diagnostic, the port diagnostic based on smb agreement.
Step 5, validating vulnerability module call attack proof load to the asset data stored in assets classes memory module Carry out validating vulnerability;
The verification result of step 5 is saved to background data base and verification result is sent to operation maintenance personnel by step 6;
Specifically, the parameter that validating vulnerability module extracts the seed type loophole for needing to verify and attack load is combined to need Specific validating vulnerability is carried out to the data stored in assets classes memory module, result is finally will test and is stored in backstage and leads to Crossing mail will test result notice to relevant person in charge;Wherein, the specific validating vulnerability movement is application or server Relevant vulnerability.In the present embodiment, the specific loophole include SQL injection attack, Bash Remote Code Execution Vulnerability, 2 Remote Code Execution Vulnerability of Struts.
Step 7, Asset Visualization display module extracted from assets classes memory module the assets features of all scannings into Row shows or extracts the data saved in background data base and is shown.
Specifically, the assets that Asset Visualization display module can extract all scannings from assets classes memory module are special Sign, but data extraction is all to be extracted with a dimension, such as it is to be understood that the server ip that all open REDIS are serviced, mentions The IP by open REDIS service is just only needed to extract when taking.
It is understood that the principle that embodiment of above is intended to be merely illustrative of the present and the exemplary implementation that uses Mode, however the present invention is not limited thereto.For those skilled in the art, essence of the invention is not being departed from In the case where mind and essence, various changes and modifications can be made therein, these variations and modifications are also considered as protection scope of the present invention.

Claims (10)

1. the automation vulnerability detection system based on port identification, which is characterized in that quick including the port based on TCP half-connection Scan module, Port Profile identification module, assets classes memory module, validating vulnerability module, Asset Visualization display module;
The quick scan module in port passes through the digital asset of port identification enterprise for being scanned to digital Asset IP section Open service, and result is exported to Port Profile identification module;
The Port Profile identification module agreement that present port uses for identification, the type of service;
The assets classes memory module is used to the data of the quick scan module scanning in port carrying out classification storage and opposite end The data that mouth protocol identification module recognizes carry out classification storage;
The validating vulnerability module for calls attack proof load to the asset data stored in assets classes memory module into Row validating vulnerability, and verification result is saved to background data base;
The Asset Visualization display module is used to extract the assets feature through scanning from assets classes memory module and be opened up Show or the data saved in background data base are shown.
2. the automation vulnerability detection system according to claim 1 based on port identification, which is characterized in that the assets Classify according to port diagnostic to data in classification storage module, the port diagnostic is at least divided into: based on http agreement Port diagnostic, the port diagnostic based on mysql service, the port diagnostic based on redis service, the port based on smb agreement are special Sign.
3. the automation vulnerability detection system according to claim 1 based on port identification, which is characterized in that the loophole The loophole of authentication module verifying includes at least: 2 Remote Code Execution Vulnerability of Struts, Bash broken shell loophole, redis unauthorized Loophole, java unserializing loophole, SMB remote command execute loophole.
4. the automation vulnerability detection system according to claim 1 based on port identification, which is characterized in that the assets Following data is also stored in classification storage module: the address URL, ip, the corresponding port fingerprint in the address ip, service features version.
5. the automation vulnerability detection method based on port identification, which is characterized in that including as described in claim 1 based on end The automation vulnerability detection system of mouth identification, comprising the following steps:
A. the quick scan module in port treat typing in scan list IP sections of digital asset are scanned, and confirm the number of enterprise The open service type of assets, meanwhile, the port information detected is transferred to Port Profile identification module;
B. Port Profile identification module judges agreement, the type of service that present port uses, and the data classification that will be detected It is stored in assets classes memory module;
C. validating vulnerability module calls attack proof load to carry out loophole to the asset data stored in assets classes memory module Verifying;
D. the verification result of step C is saved to background data base and verification result is sent to operation maintenance personnel.
6. the automation vulnerability detection method according to claim 5 based on port identification, which is characterized in that further include step Rapid E:
E. the assets feature that Asset Visualization display module extracts all scannings from assets classes memory module be shown or The data saved in background data base are extracted to be shown.
7. the automation vulnerability detection method according to claim 5 based on port identification, which is characterized in that the assets Visualizing module and extracting when data are shown is extracted with a dimension.
8. the automation vulnerability detection method according to claim 5 based on port identification, which is characterized in that the step It is the port diagnostic point using port diagnostic as classification foundation when data are carried out classification storage by assets classes memory module in B Are as follows: the port diagnostic based on http agreement, the port diagnostic based on mysql service, the port diagnostic based on redis service, base In the port diagnostic of smb agreement.
9. the automation vulnerability detection method according to claim 5 based on port identification, which is characterized in that the step C is specially that validating vulnerability module extracts the seed type loophole for needing to verify and combines the parameter of attack load needs to assets point The data stored in class memory module carry out specific validating vulnerability, wherein the specific validating vulnerability movement for application or The relevant vulnerability of person's server.
10. the automation vulnerability detection method according to claim 9 based on port identification, which is characterized in that the spy Fixed loophole includes SQL injection attack, Bash Remote Code Execution Vulnerability, Struts2 Remote Code Execution Vulnerability.
CN201811051288.XA 2018-09-10 2018-09-10 Automation vulnerability detection system and method based on port identification Pending CN109033844A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201811051288.XA CN109033844A (en) 2018-09-10 2018-09-10 Automation vulnerability detection system and method based on port identification

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201811051288.XA CN109033844A (en) 2018-09-10 2018-09-10 Automation vulnerability detection system and method based on port identification

Publications (1)

Publication Number Publication Date
CN109033844A true CN109033844A (en) 2018-12-18

Family

ID=64620799

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201811051288.XA Pending CN109033844A (en) 2018-09-10 2018-09-10 Automation vulnerability detection system and method based on port identification

Country Status (1)

Country Link
CN (1) CN109033844A (en)

Cited By (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109525613A (en) * 2019-01-16 2019-03-26 湖南快乐阳光互动娱乐传媒有限公司 A kind of demand processing system and method
CN109951350A (en) * 2019-01-08 2019-06-28 国网浙江省电力有限公司杭州供电公司 Information assets port dynamic monitoring method
CN110516449A (en) * 2019-09-03 2019-11-29 国网重庆市电力公司电力科学研究院 A kind of lightweight vulnerability detection method and readable storage medium storing program for executing
CN110837646A (en) * 2019-10-31 2020-02-25 国网河北省电力有限公司电力科学研究院 Risk investigation device of unstructured database
CN110855642A (en) * 2019-10-30 2020-02-28 腾讯科技(深圳)有限公司 Application vulnerability detection method and device, electronic equipment and storage medium
CN111079144A (en) * 2019-11-25 2020-04-28 杭州迪普科技股份有限公司 Virus propagation behavior detection method and device
CN111240994A (en) * 2020-01-20 2020-06-05 北京国舜科技股份有限公司 Vulnerability processing method and device, electronic equipment and readable storage medium
CN111385260A (en) * 2018-12-28 2020-07-07 广州市百果园信息技术有限公司 Port detection method, system, server and storage medium
CN111786898A (en) * 2020-08-07 2020-10-16 杭州安恒信息技术股份有限公司 Monitoring equipment information acquisition method, device, equipment and medium
CN112637159A (en) * 2020-12-14 2021-04-09 杭州安恒信息技术股份有限公司 Network asset scanning method, device and equipment based on active detection technology
CN115208634A (en) * 2022-06-17 2022-10-18 江苏信息职业技术学院 Supervision engine of network assets

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101695033A (en) * 2009-09-25 2010-04-14 上海交通大学 Network fragility analyzing system based on privilege lift
CN104363236A (en) * 2014-11-21 2015-02-18 西安邮电大学 Automatic vulnerability validation method
US20160292459A1 (en) * 2006-04-25 2016-10-06 Vetrix, Llc Converged logical and physical security
CN106973071A (en) * 2017-05-24 2017-07-21 北京匡恩网络科技有限责任公司 A kind of vulnerability scanning method and apparatus
CN107094158A (en) * 2017-06-27 2017-08-25 四维创智(北京)科技发展有限公司 The fragile analysis system of one kind automation intranet security
CN107294975A (en) * 2017-06-27 2017-10-24 四维创智(北京)科技发展有限公司 A kind of Web security breaches detecting system and detection method based on information

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20160292459A1 (en) * 2006-04-25 2016-10-06 Vetrix, Llc Converged logical and physical security
CN101695033A (en) * 2009-09-25 2010-04-14 上海交通大学 Network fragility analyzing system based on privilege lift
CN104363236A (en) * 2014-11-21 2015-02-18 西安邮电大学 Automatic vulnerability validation method
CN106973071A (en) * 2017-05-24 2017-07-21 北京匡恩网络科技有限责任公司 A kind of vulnerability scanning method and apparatus
CN107094158A (en) * 2017-06-27 2017-08-25 四维创智(北京)科技发展有限公司 The fragile analysis system of one kind automation intranet security
CN107294975A (en) * 2017-06-27 2017-10-24 四维创智(北京)科技发展有限公司 A kind of Web security breaches detecting system and detection method based on information

Cited By (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111385260A (en) * 2018-12-28 2020-07-07 广州市百果园信息技术有限公司 Port detection method, system, server and storage medium
CN111385260B (en) * 2018-12-28 2022-01-25 广州市百果园信息技术有限公司 Port detection method, system, server and storage medium
CN109951350A (en) * 2019-01-08 2019-06-28 国网浙江省电力有限公司杭州供电公司 Information assets port dynamic monitoring method
CN109525613B (en) * 2019-01-16 2021-11-09 湖南快乐阳光互动娱乐传媒有限公司 Request processing system and method
CN109525613A (en) * 2019-01-16 2019-03-26 湖南快乐阳光互动娱乐传媒有限公司 A kind of demand processing system and method
CN110516449A (en) * 2019-09-03 2019-11-29 国网重庆市电力公司电力科学研究院 A kind of lightweight vulnerability detection method and readable storage medium storing program for executing
CN110855642A (en) * 2019-10-30 2020-02-28 腾讯科技(深圳)有限公司 Application vulnerability detection method and device, electronic equipment and storage medium
CN110837646A (en) * 2019-10-31 2020-02-25 国网河北省电力有限公司电力科学研究院 Risk investigation device of unstructured database
CN111079144A (en) * 2019-11-25 2020-04-28 杭州迪普科技股份有限公司 Virus propagation behavior detection method and device
CN111240994A (en) * 2020-01-20 2020-06-05 北京国舜科技股份有限公司 Vulnerability processing method and device, electronic equipment and readable storage medium
CN111786898A (en) * 2020-08-07 2020-10-16 杭州安恒信息技术股份有限公司 Monitoring equipment information acquisition method, device, equipment and medium
CN111786898B (en) * 2020-08-07 2022-11-22 杭州安恒信息技术股份有限公司 Monitoring equipment information acquisition method, device, equipment and medium
CN112637159A (en) * 2020-12-14 2021-04-09 杭州安恒信息技术股份有限公司 Network asset scanning method, device and equipment based on active detection technology
CN115208634A (en) * 2022-06-17 2022-10-18 江苏信息职业技术学院 Supervision engine of network assets

Similar Documents

Publication Publication Date Title
CN109033844A (en) Automation vulnerability detection system and method based on port identification
CN107659543B (en) Protection method for APT (android packet) attack of cloud platform
KR101883400B1 (en) detecting methods and systems of security vulnerability using agentless
US20180137288A1 (en) System and method for modeling security threats to prioritize threat remediation scheduling
CN113254978B (en) Data security management system based on machine learning
KR20090037538A (en) Method for risk analysis using information asset modelling
CN104246785A (en) System and method for crowdsourcing of mobile application reputations
CN106357689A (en) Method and system for processing threat data
CN111612443A (en) Accumulation fund service handling method, system, equipment and readable storage medium
CN105975863A (en) Method for evaluating and calculating information security risk of power distribution automation terminal equipment
Singh et al. A network based vulnerability scanner for detecting SQLI attacks in web applications
Korchenko et al. Development of a method for constructing linguistic standards for multi-criteria assessment of honeypot efficiency
CN116319099A (en) Multi-terminal financial data management method and system
CN107122987A (en) A kind of early warning system and method for order for arrest swindle
CN109191021A (en) The correlation rule matching process and device of power grid anomalous event
CN110866265A (en) Data storage method, device and storage medium based on block chain
CN114036059A (en) Automatic penetration testing system and method for power grid system and computer equipment
CN108965251B (en) A kind of safe mobile phone guard system that cloud combines
CN110825776B (en) Air quality detection report processing method and device, computing equipment and storage medium
CN109446053A (en) Test method, computer readable storage medium and the terminal of application program
CN107623693A (en) Domain name mapping means of defence and device, system, computing device, storage medium
CN110598461A (en) Wild animal information management method, device, terminal, system and storage medium
Yermalovich et al. Formalization of attack prediction problem
CN102546628B (en) Sample authenticating method and system
CN107342986B (en) A kind of fraudulent call early warning system and method for early warning

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20181218