CN109033844A - Automation vulnerability detection system and method based on port identification - Google Patents
Automation vulnerability detection system and method based on port identification Download PDFInfo
- Publication number
- CN109033844A CN109033844A CN201811051288.XA CN201811051288A CN109033844A CN 109033844 A CN109033844 A CN 109033844A CN 201811051288 A CN201811051288 A CN 201811051288A CN 109033844 A CN109033844 A CN 109033844A
- Authority
- CN
- China
- Prior art keywords
- port
- module
- vulnerability
- identification
- assets
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q10/00—Administration; Management
- G06Q10/20—Administration of product repair or maintenance
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- General Engineering & Computer Science (AREA)
- Business, Economics & Management (AREA)
- Human Resources & Organizations (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- Software Systems (AREA)
- Marketing (AREA)
- Economics (AREA)
- Entrepreneurship & Innovation (AREA)
- Computing Systems (AREA)
- Operations Research (AREA)
- Quality & Reliability (AREA)
- Strategic Management (AREA)
- Tourism & Hospitality (AREA)
- General Business, Economics & Management (AREA)
- Debugging And Monitoring (AREA)
Abstract
The automation vulnerability detection system based on port identification that the invention discloses a kind of, including the quick scan module in port, Port Profile identification module, assets classes memory module, validating vulnerability module, Asset Visualization display module, it is quickly scanned by the quick scan module Asset IP section in port, and result is output to the service release fingerprint recognition that Port Profile identification module refines, result is pressed into IP after the completion of identification, port, the classification storage in assets classes memory module such as service release, and the optional network specific digit assets filtered out are added to validating vulnerability module and start validating vulnerability, last output test result again simultaneously delivers operation maintenance personnel reparation, the automation vulnerability detection system and method based on port identification through the invention can complete the safety detection of enterprise assets in one hour that loophole is broken out, greatly Time and the human cost of emergency response are reduced, guarantees that enterprise completes loophole discovery and repaired before being attacked to greatest extent.
Description
Technical field
The present invention relates to technical field of network security, in particular to the automation vulnerability detection system based on port identification and
Method.
Background technique
Along with internet economy high speed development, the quick of e-commerce is popularized, and it is each that computer takes part in payment, logistics etc.
A link needs new method and quickly finds to realize and repair a large amount of loophole with the outburst of a large amount of safety problems.
During long-term bug excavation, it is to set out that we, which are often with system, business or application, IP address,
Point is traversed by each parameter for submitting a large amount of attack load to apply one, judges that loophole whether there is, this peace
Full detection mode is feasible for routine testing, but once to when a new high-risk loophole outburst, this mode will
Safety detection efficiency is greatly reduced, a large amount of repetitions and inefficient work are done.It can not find that there are the systems of new loophole in time, simultaneously
Also it is unable to satisfy demand of the big companies for possessing a large amount of digital asset equipment to short time high efficiency safety detection.
Overwhelming majority active scanning system is all based on url crawler to grab parameter and list, addition attack load at present
Verifying returns the result afterwards, this mode is able to satisfy routine safety detection demand in precision, but when a new loophole comes out, no peace
The enterprise of all-round power both can not add correlation attack Validation Code the short time, can not accurately understand the assets security feelings of oneself
Condition.
Our vulnerability scanning modes used in everyday at present, usually there is following limitation:
A, it is crawled by URL link, grabs all URL of an application, crawl URL in this scanning mode and to each
Url addition attack load will consume the plenty of time, seriously affect the verification efficiency of new loophole;
B, in software and the platform evaluation and test of multiple vulnerability scannings, all lack the function of assets discovery, it is time-consuming and laborious in this way,
It needs that enterprise assets are added in list to be scanned manually;
C, most of is that cannot complete the Detection task of magnanimity assets within a short period of time by the way of man-computer cooperation,
May cause loophole, also no discovery has not just been utilized.
Therefore the system that assets are collected can be completed in the short time and call loophole to know according to current loophole by needing one
Other module fast implements loophole perception, orients that there are the system of loophole or servers in time before loophole large-scale outbreak.
Summary of the invention
It is insufficient in above-mentioned background technique the purpose of the present invention is overcoming, the automation vulnerability detection based on port identification is provided
System and method makes full use of full port scan and port fingerprint characteristic identification technology to establish digital asset, is opened by newest
The loophole attack load of hair realizes quick comprehensive scanning in loophole outburst to enterprise assets, thus the first of loophole outburst
Time finds that enterprise threatens, and quickly, efficiently realizes loophole discovery and repairs.
In order to reach above-mentioned technical effect, the present invention takes following technical scheme:
Automation vulnerability detection system based on port identification, including based on TCP half-connection the quick scan module in port,
Port Profile identification module, assets classes memory module, validating vulnerability module, Asset Visualization display module;The port is fast
Fast scan module is for being scanned digital Asset IP section, by the open service of the digital asset of port identification enterprise, and
Result is exported to Port Profile identification module;The Port Profile identification module agreement that present port uses for identification,
The type of service;The assets classes memory module be used to carry out the data of the quick scan module in port scanning classification storage with
And classification storage is carried out to the data that port protocol identification module recognizes;The validating vulnerability module is for calling attack verifying
Load carries out validating vulnerability to the asset data stored in assets classes memory module, and verification result is saved to back-end data
Library;The Asset Visualization display module is used to extract the assets feature through scanning from assets classes memory module and be shown
Or the data saved in background data base are shown;
Automation vulnerability detection system based on port identification of the invention is realized high-velocity scanning based on TCP half-connection, is filled
Divide and establish digital asset using full port scan and port fingerprint characteristic identification technology, the quick of enterprise assets can be swept comprehensively
It retouches, so that the first time discovery enterprise in loophole outburst threatens, while attached authentication module can cover newly in a short time
The loophole of outburst is realized quickly discovery, is quickly repaired.
Further, classify according to port diagnostic to data in the assets classes memory module, the port is special
Sign is at least divided into: the port diagnostic based on http agreement, the port diagnostic based on mysql service, the port based on redis service
Feature, the port diagnostic based on smb agreement.
Further, the loophole of the validating vulnerability module verification includes at least: 2 Remote Code Execution Vulnerability of Struts,
Bash broken shell loophole, redis unauthorized loophole, java unserializing loophole, SMB remote command execute loophole.
Further, be also stored with following data in the assets classes memory module: the address URL, ip, the address ip are corresponding
Port fingerprint, service features version.
Meanwhile the invention also discloses a kind of automation vulnerability detection method based on port identification, including above-mentioned base
In the automation vulnerability detection system of port identification, comprising the following steps:
A. the quick scan module in port treat typing in scan list IP sections of digital asset are scanned, and confirm enterprise
The open service type of digital asset, meanwhile, the port information detected is transferred to Port Profile identification module;
B. Port Profile identification module judges agreement, the type of service that present port uses, and the data that will be detected
Classification storage is in assets classes memory module;
C. validating vulnerability module calls attack proof load to carry out the asset data stored in assets classes memory module
Validating vulnerability;
D. the verification result of step C is saved to background data base and verification result is sent to operation maintenance personnel.
Further, further include step E:
E. the assets feature that Asset Visualization display module extracts all scannings from assets classes memory module is opened up
Show or extract the data saved in background data base and is shown.
Further, the Asset Visualization display module, which extracts when data are shown, is mentioned with a dimension
It takes.
It further, is with port diagnostic when assets classes memory module is by data progress classification storage in the step B
For classification foundation, the port diagnostic is divided into: the port diagnostic based on http agreement, the port diagnostic based on mysql service, base
Port diagnostic in redis service, the port diagnostic based on smb agreement.
Further, the step C is specially that validating vulnerability module is extracted the seed type loophole that needs are verified and combined
The parameter that attack load needs carries out specific validating vulnerability to the data stored in assets classes memory module, wherein described
Specific validating vulnerability movement is application or the relevant vulnerability of server.
Further, the specific loophole includes SQL injection attack, Bash Remote Code Execution Vulnerability, Struts 2
Remote Code Execution Vulnerability.
Compared with prior art, the present invention have it is below the utility model has the advantages that
Automation vulnerability detection system and method based on port identification of the invention, will by the quick scan module in port
Ip sections of assets of operation maintenance personnel filling are quickly scanned, and result is output to what Port Profile identification module refined
Service release fingerprint recognition classifies result by IP, port, service release etc. after the completion of identification in assets classes memory module
Storage, and the optional network specific digit assets filtered out are added to validating vulnerability module and start validating vulnerability, detection knot is finally exported again
Fruit simultaneously delivers operation maintenance personnel reparation, and the automation vulnerability detection system and method based on port identification through the invention can leak
Hole outburst one hour in complete enterprise assets safety detection, significantly reduce emergency response time and manpower at
This, guarantees that enterprise completes loophole discovery and repaired before being attacked to greatest extent.
Specific embodiment
Below with reference to the embodiment of the present invention, the invention will be further elaborated.
Embodiment:
Embodiment one:
Automation vulnerability detection system based on port identification, including based on TCP half-connection the quick scan module in port,
Port Profile identification module, assets classes memory module, validating vulnerability module, Asset Visualization display module.
The quick scan module in port passes through the number of port identification enterprise for being scanned to digital Asset IP section
The open service of assets, and result is exported to Port Profile identification module.
The Port Profile identification module agreement that present port uses for identification, the type of service.
The assets classes memory module be used to carry out the data of the quick scan module in port scanning classification storage and
Classification storage is carried out to the data that port protocol identification module recognizes.
Specifically, classify according to port diagnostic to data in the assets classes memory module, in the present embodiment, end
Mouthful feature is at least divided into: the port diagnostic based on http agreement, the port diagnostic based on mysql service, based on redis service
Port diagnostic, the port diagnostic based on smb agreement.
The validating vulnerability module is for calling attack proof load to the assets number stored in assets classes memory module
According to progress validating vulnerability, and verification result is saved to background data base.Specifically, in the present embodiment, the validating vulnerability mould
Block verifying loophole include at least: 2 Remote Code Execution Vulnerability of Struts, Bash broken shell loophole, redis unauthorized loophole,
Java unserializing loophole, SMB remote command execute loophole.
The Asset Visualization display module be used for from assets classes memory module extract the assets feature through scanning into
Row shows or is shown to the data saved in background data base;
Preferably, being also stored with following data in the assets classes memory module: the address URL, ip, the address ip are corresponding
Port fingerprint, service features version.
Automation vulnerability detection system based on port identification of the invention, by the quick scan module in port by O&M people
Ip sections of assets of member's filling are quickly scanned, and result is output to the service version that Port Profile identification module refines
Result is pressed the classification storage in assets classes memory module such as IP, port, service release after the completion of identification by this fingerprint recognition,
And the optional network specific digit assets filtered out are added to validating vulnerability module and start validating vulnerability, finally output test result and hand over again
Pay operation maintenance personnel reparation.Full port scan and port fingerprint characteristic identification technology is made full use of to establish digital asset, it can be to enterprise
Quick comprehensive scanning of industry assets, so that the first time discovery enterprise in loophole outburst threatens, while attached authentication module
The loophole newly broken out can be covered in a short time, realized quickly discovery, quickly repaired.
Embodiment two:
The automation vulnerability detection method based on port identification that present embodiment discloses a kind of, based on the base in embodiment one
In the automation vulnerability detection system of port identification, specifically includes the following steps:
The quantity of step 1, scanning engine according to mathematic for business assets, using distributed deployment;
Step 2, operation maintenance personnel are per one or more online server, with i.e. by the list to be scanned of assets ip filling;Wherein,
Part intranet host need to configure springboard just achievable accurate scanning;
Specifically, the automation vulnerability detection method based on port identification through the invention is not necessarily in installing terminal equipment
Any client, will greatly reduce operation maintenance personnel work, and scanning work and validating vulnerability work can start by set date, in practice
The outspoken fast scan module of service operation trough period start end and validating vulnerability module may be selected.
Step 3, the quick scan module in port treat typing in scan list IP sections of digital asset are scanned, confirmation enterprise
The open service type of the digital asset of industry, meanwhile, the port information detected is transferred to Port Profile identification module;
Step 4, Port Profile identification module judge agreement, the type of service that present port uses, and will detect
Data classification is stored in assets classes memory module;It will call the quick scan module in port quickly to send out after scanning engine starting
Now current IP open service type, and classify in assets classes memory module by fields such as port numbers and service types and deposit
Storage;Specifically, incremental sweep, perfect enterprise digital asset can be carried out in service operation low-valley interval;
It is the institute using port diagnostic as classification foundation when specifically, assets classes memory module is by data progress classification storage
It states port diagnostic to be divided into: port diagnostic based on http agreement, the port diagnostic based on mysql service, based on redis service
Port diagnostic, the port diagnostic based on smb agreement.
Step 5, validating vulnerability module call attack proof load to the asset data stored in assets classes memory module
Carry out validating vulnerability;
The verification result of step 5 is saved to background data base and verification result is sent to operation maintenance personnel by step 6;
Specifically, the parameter that validating vulnerability module extracts the seed type loophole for needing to verify and attack load is combined to need
Specific validating vulnerability is carried out to the data stored in assets classes memory module, result is finally will test and is stored in backstage and leads to
Crossing mail will test result notice to relevant person in charge;Wherein, the specific validating vulnerability movement is application or server
Relevant vulnerability.In the present embodiment, the specific loophole include SQL injection attack, Bash Remote Code Execution Vulnerability,
2 Remote Code Execution Vulnerability of Struts.
Step 7, Asset Visualization display module extracted from assets classes memory module the assets features of all scannings into
Row shows or extracts the data saved in background data base and is shown.
Specifically, the assets that Asset Visualization display module can extract all scannings from assets classes memory module are special
Sign, but data extraction is all to be extracted with a dimension, such as it is to be understood that the server ip that all open REDIS are serviced, mentions
The IP by open REDIS service is just only needed to extract when taking.
It is understood that the principle that embodiment of above is intended to be merely illustrative of the present and the exemplary implementation that uses
Mode, however the present invention is not limited thereto.For those skilled in the art, essence of the invention is not being departed from
In the case where mind and essence, various changes and modifications can be made therein, these variations and modifications are also considered as protection scope of the present invention.
Claims (10)
1. the automation vulnerability detection system based on port identification, which is characterized in that quick including the port based on TCP half-connection
Scan module, Port Profile identification module, assets classes memory module, validating vulnerability module, Asset Visualization display module;
The quick scan module in port passes through the digital asset of port identification enterprise for being scanned to digital Asset IP section
Open service, and result is exported to Port Profile identification module;
The Port Profile identification module agreement that present port uses for identification, the type of service;
The assets classes memory module is used to the data of the quick scan module scanning in port carrying out classification storage and opposite end
The data that mouth protocol identification module recognizes carry out classification storage;
The validating vulnerability module for calls attack proof load to the asset data stored in assets classes memory module into
Row validating vulnerability, and verification result is saved to background data base;
The Asset Visualization display module is used to extract the assets feature through scanning from assets classes memory module and be opened up
Show or the data saved in background data base are shown.
2. the automation vulnerability detection system according to claim 1 based on port identification, which is characterized in that the assets
Classify according to port diagnostic to data in classification storage module, the port diagnostic is at least divided into: based on http agreement
Port diagnostic, the port diagnostic based on mysql service, the port diagnostic based on redis service, the port based on smb agreement are special
Sign.
3. the automation vulnerability detection system according to claim 1 based on port identification, which is characterized in that the loophole
The loophole of authentication module verifying includes at least: 2 Remote Code Execution Vulnerability of Struts, Bash broken shell loophole, redis unauthorized
Loophole, java unserializing loophole, SMB remote command execute loophole.
4. the automation vulnerability detection system according to claim 1 based on port identification, which is characterized in that the assets
Following data is also stored in classification storage module: the address URL, ip, the corresponding port fingerprint in the address ip, service features version.
5. the automation vulnerability detection method based on port identification, which is characterized in that including as described in claim 1 based on end
The automation vulnerability detection system of mouth identification, comprising the following steps:
A. the quick scan module in port treat typing in scan list IP sections of digital asset are scanned, and confirm the number of enterprise
The open service type of assets, meanwhile, the port information detected is transferred to Port Profile identification module;
B. Port Profile identification module judges agreement, the type of service that present port uses, and the data classification that will be detected
It is stored in assets classes memory module;
C. validating vulnerability module calls attack proof load to carry out loophole to the asset data stored in assets classes memory module
Verifying;
D. the verification result of step C is saved to background data base and verification result is sent to operation maintenance personnel.
6. the automation vulnerability detection method according to claim 5 based on port identification, which is characterized in that further include step
Rapid E:
E. the assets feature that Asset Visualization display module extracts all scannings from assets classes memory module be shown or
The data saved in background data base are extracted to be shown.
7. the automation vulnerability detection method according to claim 5 based on port identification, which is characterized in that the assets
Visualizing module and extracting when data are shown is extracted with a dimension.
8. the automation vulnerability detection method according to claim 5 based on port identification, which is characterized in that the step
It is the port diagnostic point using port diagnostic as classification foundation when data are carried out classification storage by assets classes memory module in B
Are as follows: the port diagnostic based on http agreement, the port diagnostic based on mysql service, the port diagnostic based on redis service, base
In the port diagnostic of smb agreement.
9. the automation vulnerability detection method according to claim 5 based on port identification, which is characterized in that the step
C is specially that validating vulnerability module extracts the seed type loophole for needing to verify and combines the parameter of attack load needs to assets point
The data stored in class memory module carry out specific validating vulnerability, wherein the specific validating vulnerability movement for application or
The relevant vulnerability of person's server.
10. the automation vulnerability detection method according to claim 9 based on port identification, which is characterized in that the spy
Fixed loophole includes SQL injection attack, Bash Remote Code Execution Vulnerability, Struts2 Remote Code Execution Vulnerability.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201811051288.XA CN109033844A (en) | 2018-09-10 | 2018-09-10 | Automation vulnerability detection system and method based on port identification |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201811051288.XA CN109033844A (en) | 2018-09-10 | 2018-09-10 | Automation vulnerability detection system and method based on port identification |
Publications (1)
Publication Number | Publication Date |
---|---|
CN109033844A true CN109033844A (en) | 2018-12-18 |
Family
ID=64620799
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201811051288.XA Pending CN109033844A (en) | 2018-09-10 | 2018-09-10 | Automation vulnerability detection system and method based on port identification |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN109033844A (en) |
Cited By (11)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109525613A (en) * | 2019-01-16 | 2019-03-26 | 湖南快乐阳光互动娱乐传媒有限公司 | A kind of demand processing system and method |
CN109951350A (en) * | 2019-01-08 | 2019-06-28 | 国网浙江省电力有限公司杭州供电公司 | Information assets port dynamic monitoring method |
CN110516449A (en) * | 2019-09-03 | 2019-11-29 | 国网重庆市电力公司电力科学研究院 | A kind of lightweight vulnerability detection method and readable storage medium storing program for executing |
CN110837646A (en) * | 2019-10-31 | 2020-02-25 | 国网河北省电力有限公司电力科学研究院 | Risk investigation device of unstructured database |
CN110855642A (en) * | 2019-10-30 | 2020-02-28 | 腾讯科技(深圳)有限公司 | Application vulnerability detection method and device, electronic equipment and storage medium |
CN111079144A (en) * | 2019-11-25 | 2020-04-28 | 杭州迪普科技股份有限公司 | Virus propagation behavior detection method and device |
CN111240994A (en) * | 2020-01-20 | 2020-06-05 | 北京国舜科技股份有限公司 | Vulnerability processing method and device, electronic equipment and readable storage medium |
CN111385260A (en) * | 2018-12-28 | 2020-07-07 | 广州市百果园信息技术有限公司 | Port detection method, system, server and storage medium |
CN111786898A (en) * | 2020-08-07 | 2020-10-16 | 杭州安恒信息技术股份有限公司 | Monitoring equipment information acquisition method, device, equipment and medium |
CN112637159A (en) * | 2020-12-14 | 2021-04-09 | 杭州安恒信息技术股份有限公司 | Network asset scanning method, device and equipment based on active detection technology |
CN115208634A (en) * | 2022-06-17 | 2022-10-18 | 江苏信息职业技术学院 | Supervision engine of network assets |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101695033A (en) * | 2009-09-25 | 2010-04-14 | 上海交通大学 | Network fragility analyzing system based on privilege lift |
CN104363236A (en) * | 2014-11-21 | 2015-02-18 | 西安邮电大学 | Automatic vulnerability validation method |
US20160292459A1 (en) * | 2006-04-25 | 2016-10-06 | Vetrix, Llc | Converged logical and physical security |
CN106973071A (en) * | 2017-05-24 | 2017-07-21 | 北京匡恩网络科技有限责任公司 | A kind of vulnerability scanning method and apparatus |
CN107094158A (en) * | 2017-06-27 | 2017-08-25 | 四维创智(北京)科技发展有限公司 | The fragile analysis system of one kind automation intranet security |
CN107294975A (en) * | 2017-06-27 | 2017-10-24 | 四维创智(北京)科技发展有限公司 | A kind of Web security breaches detecting system and detection method based on information |
-
2018
- 2018-09-10 CN CN201811051288.XA patent/CN109033844A/en active Pending
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20160292459A1 (en) * | 2006-04-25 | 2016-10-06 | Vetrix, Llc | Converged logical and physical security |
CN101695033A (en) * | 2009-09-25 | 2010-04-14 | 上海交通大学 | Network fragility analyzing system based on privilege lift |
CN104363236A (en) * | 2014-11-21 | 2015-02-18 | 西安邮电大学 | Automatic vulnerability validation method |
CN106973071A (en) * | 2017-05-24 | 2017-07-21 | 北京匡恩网络科技有限责任公司 | A kind of vulnerability scanning method and apparatus |
CN107094158A (en) * | 2017-06-27 | 2017-08-25 | 四维创智(北京)科技发展有限公司 | The fragile analysis system of one kind automation intranet security |
CN107294975A (en) * | 2017-06-27 | 2017-10-24 | 四维创智(北京)科技发展有限公司 | A kind of Web security breaches detecting system and detection method based on information |
Cited By (14)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111385260A (en) * | 2018-12-28 | 2020-07-07 | 广州市百果园信息技术有限公司 | Port detection method, system, server and storage medium |
CN111385260B (en) * | 2018-12-28 | 2022-01-25 | 广州市百果园信息技术有限公司 | Port detection method, system, server and storage medium |
CN109951350A (en) * | 2019-01-08 | 2019-06-28 | 国网浙江省电力有限公司杭州供电公司 | Information assets port dynamic monitoring method |
CN109525613B (en) * | 2019-01-16 | 2021-11-09 | 湖南快乐阳光互动娱乐传媒有限公司 | Request processing system and method |
CN109525613A (en) * | 2019-01-16 | 2019-03-26 | 湖南快乐阳光互动娱乐传媒有限公司 | A kind of demand processing system and method |
CN110516449A (en) * | 2019-09-03 | 2019-11-29 | 国网重庆市电力公司电力科学研究院 | A kind of lightweight vulnerability detection method and readable storage medium storing program for executing |
CN110855642A (en) * | 2019-10-30 | 2020-02-28 | 腾讯科技(深圳)有限公司 | Application vulnerability detection method and device, electronic equipment and storage medium |
CN110837646A (en) * | 2019-10-31 | 2020-02-25 | 国网河北省电力有限公司电力科学研究院 | Risk investigation device of unstructured database |
CN111079144A (en) * | 2019-11-25 | 2020-04-28 | 杭州迪普科技股份有限公司 | Virus propagation behavior detection method and device |
CN111240994A (en) * | 2020-01-20 | 2020-06-05 | 北京国舜科技股份有限公司 | Vulnerability processing method and device, electronic equipment and readable storage medium |
CN111786898A (en) * | 2020-08-07 | 2020-10-16 | 杭州安恒信息技术股份有限公司 | Monitoring equipment information acquisition method, device, equipment and medium |
CN111786898B (en) * | 2020-08-07 | 2022-11-22 | 杭州安恒信息技术股份有限公司 | Monitoring equipment information acquisition method, device, equipment and medium |
CN112637159A (en) * | 2020-12-14 | 2021-04-09 | 杭州安恒信息技术股份有限公司 | Network asset scanning method, device and equipment based on active detection technology |
CN115208634A (en) * | 2022-06-17 | 2022-10-18 | 江苏信息职业技术学院 | Supervision engine of network assets |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN109033844A (en) | Automation vulnerability detection system and method based on port identification | |
CN107659543B (en) | Protection method for APT (android packet) attack of cloud platform | |
KR101883400B1 (en) | detecting methods and systems of security vulnerability using agentless | |
US20180137288A1 (en) | System and method for modeling security threats to prioritize threat remediation scheduling | |
CN113254978B (en) | Data security management system based on machine learning | |
KR20090037538A (en) | Method for risk analysis using information asset modelling | |
CN104246785A (en) | System and method for crowdsourcing of mobile application reputations | |
CN106357689A (en) | Method and system for processing threat data | |
CN111612443A (en) | Accumulation fund service handling method, system, equipment and readable storage medium | |
CN105975863A (en) | Method for evaluating and calculating information security risk of power distribution automation terminal equipment | |
Singh et al. | A network based vulnerability scanner for detecting SQLI attacks in web applications | |
Korchenko et al. | Development of a method for constructing linguistic standards for multi-criteria assessment of honeypot efficiency | |
CN116319099A (en) | Multi-terminal financial data management method and system | |
CN107122987A (en) | A kind of early warning system and method for order for arrest swindle | |
CN109191021A (en) | The correlation rule matching process and device of power grid anomalous event | |
CN110866265A (en) | Data storage method, device and storage medium based on block chain | |
CN114036059A (en) | Automatic penetration testing system and method for power grid system and computer equipment | |
CN108965251B (en) | A kind of safe mobile phone guard system that cloud combines | |
CN110825776B (en) | Air quality detection report processing method and device, computing equipment and storage medium | |
CN109446053A (en) | Test method, computer readable storage medium and the terminal of application program | |
CN107623693A (en) | Domain name mapping means of defence and device, system, computing device, storage medium | |
CN110598461A (en) | Wild animal information management method, device, terminal, system and storage medium | |
Yermalovich et al. | Formalization of attack prediction problem | |
CN102546628B (en) | Sample authenticating method and system | |
CN107342986B (en) | A kind of fraudulent call early warning system and method for early warning |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20181218 |