CN109861994A - The vulnerability scanning method and its scanning means that cloud is invaded - Google Patents
The vulnerability scanning method and its scanning means that cloud is invaded Download PDFInfo
- Publication number
- CN109861994A CN109861994A CN201910044697.5A CN201910044697A CN109861994A CN 109861994 A CN109861994 A CN 109861994A CN 201910044697 A CN201910044697 A CN 201910044697A CN 109861994 A CN109861994 A CN 109861994A
- Authority
- CN
- China
- Prior art keywords
- scanning
- module
- information
- scan
- vulnerability
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Landscapes
- Computer And Data Communications (AREA)
Abstract
The vulnerability scanning method and its scanning means invaded the invention discloses cloud, are related to cloud and invade scanning technique field.Scanning means of the invention be carry can complete independently detection function software server, scanning engine is provided in scanning means, scanning executes plug-in unit, basic information collector, server setup module, task management module, document management module, registration and state display module, base layer support and safety communication module;Scanning executes plug-in unit and is used to carry out active scan to the target network or host of connection Cloud Server according to the instruction of scanning engine;The scanning add-on file that storage scanning plugin information is stored in scanning engine, the loophole library file for storing vulnerability database information, the regular library file for storing scanning rule information, the scanning result file for storing scanning result.The compatible various protocols of scanning means of the invention, carry out that vulnerability scanning is high-efficient, speed is fast, sweep time is short, can carry out multi-point scanning to target network to Cloud Server.
Description
Technical field
The invention belongs to clouds to invade scanning technique field, the vulnerability scanning method and its scanning means invaded more particularly to cloud.
Background technique
Loophole also becomes fragility, is computer system in the specific implementation of hardware, software and agreement or the safe plan of system
Defect present on slightly.Loophole is once found, so that it may be utilized by attacker, system is accessed or destroyed in the case where unauthorized
System, either there are loopholes for hardware or software for each platform;Loophole is most of with the logic error in system program and to be
Provisioning Policy mistake of uniting is related, and closely related with specific system environments, loophole problem is closely related with the time, old loophole meeting
It is continuously available repairing or correction, new loophole can continuously emerge, and loophole problem can long-term existence.
Cloud service is the increase, use and interactive mode of related service Internet-based, is usually directed to and passes through internet
To provide the resource of dynamic easily extension and often virtualization;It is distributed on a large amount of distributed computer by making to calculate, and
In non-local computer or remote server, the operation of enterprise data center will be more like with internet.This enables enterprise
By resource switch to needs using upper, computer and storage system, certain cloud service and Cloud Server are accessed according to demand
There can be loophole, the unusual weight then the network and port progress vulnerability scanning to Cloud Server and connection Cloud Server just seem
It wants;The scan method of existing security breaches includes certificate formula and non-certificate formula, certificate formula analyzer and operating system platform it
Between close coupling means that these analyzers cannot be adjusted easily and is allowed to crossover heterogeneous networks, and they may build
If, spend in terms of maintenance and management it is higher;Sensitive property meeting of the test macro that non-certificate formula has to refusal formula service attack
It draws fire against oneself, therefore the test for refusing formula service is easy to damage goal systems;Therefore a comprehensive peace is designed
Inspection product the best way seeks in summary two methods;A kind of vulnerability scanning method that cloud is invaded is provided in view of the above problems
And its scanning means has great importance.
Summary of the invention
The vulnerability scanning method and its scanning means invaded the purpose of the present invention is to provide cloud, can be independent by providing one kind
The server for completing detection function software is used as scanning means, and being provided in scanning means can call scanning execution plug-in unit to be swept
The scanning engine retouched, to the user port of connection Cloud Server is scanned, OS Type and application service detect,
Scanning means is compatible with various protocols, solves the disadvantage that the scanning of certificate formula is scanned with non-certificate formula, carries out loophole to Cloud Server
Scan efficiency is low, speed is slow, sweep time is long, cannot to target network carry out multi-point scanning the problem of.
In order to solve the above technical problems, the present invention is achieved by the following technical solutions:
The vulnerability scanner that cloud of the invention is invaded, the scanning means pass through custom protocol and Cloud Server network phase
Even, it is provided with Web server, application server, master controller in the Cloud Server, the Cloud Server passes through HTTP
Agreement and user browser are connected to the network, and are connected to the network by ICP/IP protocol and system manager's control terminal, are assisted by JDBC
View is connected to the network with central database;
The scanning means be carry can complete independently detection function software server, for dispatching and controlling each scanning
Function and scanning execute plug-in unit, and the information returned to them judges;
Scanning engine is provided in the scanning means, scanning executes plug-in unit, basic information collector, server setting mould
Block, task management module, document management module, registration and state display module, base layer support and safety communication module;It is described to sweep
Imaging apparatus and master controller communication connection, the scanning means pass through basic information collector and the target that connect Cloud Server
Network or host communication connection;
The server setup module, task management module, document management module, registration and state display module be used for
The master controller interacts, and completes server setting, task management and the file management back work of scanning means;
Information on services detecting module, probing remote operating system module, port scan are provided in the basic information collector
Module;The information on services detecting module, probing remote operating system module, port scan module are used for the mesh to connection Cloud Server
Mark network or host, which are scanned, collects necessary basic information to scanning engine;
The scanning executes plug-in unit and is used for the instruction according to scanning engine to the target network or host for connecting Cloud Server
Carry out active scan;
It is stored with the scanning add-on file of storage scanning plugin information in the scanning engine, stores vulnerability database information
Loophole library file, the regular library file for storing scanning rule information, the scanning result file for storing scanning result;
The base layer support and safety communication module are responsible for the running environment and external world's safety of scanning means server software
Communication.
Further, the scanning engine include interpreter, subscriber interface module, working storage, rule memory,
Rule acquisition module, inference machine;
The interpreter and subscriber interface module are provided commonly for interacting with external module, and provide inside and outside scanning number
It is converted according to information, the external module includes task management module, port scan module, probing remote operating system module, service
Information detection module, scanning execute plug-in unit;
The working storage for storing Current Scan status information, including existing scanning result, executed or to
The scanning motion of execution;
The rule memory for storing scanning field special knowledge, including feasible scan operation, scanning Analysis of conclusion,
Judgement and turntable driving rule;
The various forms of knowledge organizations that the rule acquisition module is used to concentrate static data can connect at inference machine
The scanning judgement received and driving rule syntax;
The inference machine is used for according to the current scanning mode information and scanning judgement that store in working storage and rule
Then, it obtains the turntable driving Rule Information obtained in module to be compared, is inferred to scan conclusion information.
Further, the scanning means is received by master controller and is transmitted to cloud server end from user browser
Vulnerability scanning order, and scanning result fed back into user browser show after the completion of vulnerability scanning movement.
Further, the base layer support and safety communication module use the key that is generated by master controller and managed into
Row certification and encryption communication;The mode of the certification and encryption is encrypted using OpenSSL.
The vulnerability scanning method that cloud is invaded, comprising the following steps:
S01: the external module receives the scan task from client browser end by master controller, and will scanning
Mission bit stream sends interpreter and subscriber interface module to;
S02: the interpreter receives scan task information, and converts scan task to after scan task initialization process
Working storage and inference machine are sequentially delivered to for scan command;
S03: the inference machine is of use port scan module and probing remote operating system module is scanned port and to net
The operating system of network connectivity port is detected, and obtains scanning result;
S04: the inference machine obtains various rules by rule acquisition module from rule memory, while calling service
Information detection module is scanned and detects to the information on services of network connection port, and the scanning result that will acquire and acquisition
Various rules are compared, and execute reasoning, obtain vulnerability scanning testing result;
S05: the inference machine obtains various rules by rule acquisition module from rule memory, while calling scanning
It executes the scanning result that plug-in unit is scanned the execution of plug-in unit, and will acquire to be compared with the various rules of acquisition, execution pushes away
Reason obtains vulnerability scanning testing result;
S06: think after the scan command of the inference machine interpreter and subscriber interface module return to Hole Detection as a result,
And execute next command;
S07: the Hole Detection result of return is returned to external module, external mould by the interpreter and subscriber interface module
Vulnerability scanning testing result is transmitted to user browser by master controller and is shown to user by block.
Further, port is scanned including carrying out TCP scanning, UDP Scan, ICMP scanning in the step S03;
The TCP scanning includes TCP connect () scanning, TCP SYN scanning, TCP ACK is scanned, TCP NULL is swept
It retouches, FIN+URG+PUSH scanning, TCP FIN scanning;
The UDP Scan includes common UDP Scan;
The ICMP scanning includes ICMP echo scanning, advanced ICMP scanning.
Further, it includes FIN detection, BOGUS marker detection, TCP that operating system, which carries out detection, in the step S03
ISN sampling, TCP originate window, ACK value, icmp error message, ICMP information, TCP option.
The invention has the following advantages:
The present invention by provide it is a kind of can complete independently detection function software server as scanning means, scanning means
Inside being provided with can call scanning to execute the scanning engine that plug-in unit is scanned, and sweep to the user port of connection Cloud Server
It retouches, OS Type and application service are detected, the compatible various protocols of scanning means;Scanning means of the invention can not only
Enough effective work, invades loophole to cloud and is efficiently scanned, and with scanning speed is fast, sweep time is short, can be to target network
Network carries out the advantages of multi-point scanning.
Certainly, it implements any of the products of the present invention and does not necessarily require achieving all the advantages described above at the same time.
Detailed description of the invention
In order to illustrate the technical solution of the embodiments of the present invention more clearly, will be described below to embodiment required
Attached drawing is briefly described, it should be apparent that, drawings in the following description are only some embodiments of the invention, for ability
For the those of ordinary skill of domain, without creative efforts, it can also be obtained according to these attached drawings other attached
Figure.
Fig. 1 is the vulnerability scanner structural schematic diagram that cloud of the invention is invaded;
Fig. 2 is the structural schematic diagram of scanning engine of the invention;
Fig. 3 is the structural framing figure for the vulnerability scanning system that cloud of the invention is invaded;
Fig. 4 is the operation logic schematic diagram of scanning engine of the invention;
Fig. 5 is the vulnerability scanning method and step schematic diagram that cloud of the invention is invaded.
Specific embodiment
Following will be combined with the drawings in the embodiments of the present invention, and technical solution in the embodiment of the present invention carries out clear, complete
Site preparation description, it is clear that described embodiments are only a part of the embodiments of the present invention, instead of all the embodiments.It is based on
Embodiment in the present invention, it is obtained by those of ordinary skill in the art without making creative efforts all other
Embodiment shall fall within the protection scope of the present invention.
It please refers to shown in Fig. 1 and Fig. 3, the vulnerability scanner that cloud of the invention is invaded, this scanning means is set to loophole and sweeps
It retouches in system, vulnerability scanning system includes the client layer being made of user browser and control terminal, the function that is made of Cloud Server
Ergosphere, the data Layer being made of central database and scanning means, scanning means pass through custom protocol and Cloud Server network
It is connected, Web server, application server, master controller is provided in Cloud Server, Cloud Server is by http protocol and uses
The network connection of family browser, is connected to the network by ICP/IP protocol and system manager's control terminal, passes through JDBC agreement and center
Data bank network connects, and is provided with Servlet and JSP in Web server, BL component is provided in application server, using clothes
Business device is connected by XML and Web server, and load-balancing algorithm program is provided in master controller for mitigating scan service
The burden of device, reduced scanning time keep period of reservation of number shorter;
Scanning means be carry can complete independently detection function software server, for dispatching and controlling each scanning function
Plug-in unit is executed with scanning, and the information returned to them judges;
Be provided in scanning means scanning engine, scanning execute plug-in unit, basic information collector, server setup module,
Task management module, document management module, registration and state display module, base layer support and safety communication module;Scanning means
With master controller communication connection, scanning means passes through basic information collector and the target network or host that connect Cloud Server
Communication connection;
Server setup module, task management module, document management module, registration and state display module be used for it is described
Master controller interacts, and completes server setting, task management and the file management back work of scanning means;
Information on services detecting module, probing remote operating system module, port scan module are provided in basic information collector;
Information on services detecting module, probing remote operating system module, port scan module be used for connection Cloud Server target network or
Host, which is scanned, collects necessary basic information to scanning engine;
Scanning executes plug-in unit and is used to carry out the target network or host of connection Cloud Server according to the instruction of scanning engine
Active scan;
It is stored with the scanning add-on file of storage scanning plugin information in scanning engine, stores the loophole of vulnerability database information
Library file, the regular library file for storing scanning rule information, the scanning result file for storing scanning result;
Base layer support and safety communication module are responsible for the running environment and extraneous secure communication of scanning means server software.
As shown in Figure 2, wherein scanning engine includes interpreter, subscriber interface module, working storage, rule storage
Device, rule acquisition module, inference machine;
Interpreter and subscriber interface module are provided commonly for interacting with external module, and provide inside and outside scan data and
Information conversion, the external module includes task management module, port scan module, probing remote operating system module, information on services
Detecting module, scanning execute plug-in unit;
Working storage has executed or pending for storing Current Scan status information, including existing scanning result
Scanning motion;
Rule memory is for storing scanning field special knowledge, including feasible scan operation, scanning Analysis of conclusion, judgement
With turntable driving rule;
The various forms of knowledge organizations that rule acquisition module is used to concentrate static data are acceptable at inference machine
Scanning judgement and driving rule syntax;
Inference machine is used to be obtained according to the current scanning mode information and scanning judgement and rule that store in working storage
The turntable driving Rule Information obtained in modulus block is compared, and is inferred to scan conclusion information;Inference machine includes simple
Scan control strategy, including scan task initialization, calling port scan, OS Type detection.
Wherein, scanning means is received by master controller and is swept from the loophole that user browser is transmitted to cloud server end
Order is retouched, and scanning result is fed back into user browser after the completion of vulnerability scanning movement and is shown.
Wherein, the ability that scanning means has scanning arbitrary port and arbitrarily services, scanning means can call vulnerability scanning
Plug-in unit simulation attack, completes active scan, and check obtained information.
Wherein, scanning means generates detailed output report after the completion of scanning motion in such a way that user browser end is formulated
It accuses, including target tender spots, how to repair loophole and prevented hacker attacks and danger level.
Wherein, base layer support and safety communication module use the key for being generated by master controller and being managed carry out certification and
Encryption communication;The mode of certification and encryption is encrypted using OpenSSL.
As illustrated in figures 4-5, the vulnerability scanning method that cloud is invaded, comprising the following steps:
S01: external module receives the scan task from client browser end by master controller, and by scan task
Information sends interpreter and subscriber interface module to;
S02: interpreter receives scan task information, and sweeps to scan task is converted to after scan task initialization process
It retouches order and is sequentially delivered to working storage and inference machine;
S03: inference machine is of use port scan module and probing remote operating system module is scanned port and connects to network
The operating system for connecing port is detected, and obtains scanning result;
S04: inference machine obtains various rules by rule acquisition module from rule memory, while calling information on services
Detecting module is scanned and detects to the information on services of network connection port, and the scanning result that will acquire and acquisition is various
Rule is compared, and executes reasoning, obtains vulnerability scanning testing result;
S05: inference machine obtains various rules by rule acquisition module from rule memory, while scanning being called to execute
The scanning result that plug-in unit is scanned the execution of plug-in unit, and will acquire is compared with the various rules of acquisition, is executed reasoning, is obtained
Take vulnerability scanning testing result;
S06: think that interpreter and subscriber interface module return to Hole Detection as a result, and holding after the scan command of inference machine
Row next command;
S07: the Hole Detection result of return is returned to external module by interpreter and subscriber interface module, and external module is logical
It crosses master controller vulnerability scanning testing result is transmitted to user browser and be shown to user.
Wherein, port is scanned including carrying out TCP scanning, UDP Scan, ICMP scanning in step S03;
TCP scanning include TCP connect () scanning, TCP SYN scanning, TCP ACK scanning, TCP NULL scanning,
FIN+URG+PUSH scanning, TCP FIN scanning;
UDP Scan includes common UDP Scan;
ICMP scanning includes ICMP echo scanning, advanced ICMP scanning.
Wherein, in step S03 operating system carry out detection include FIN detection, BOGUS marker detection, TCP ISN sample,
TCP originates window, ACK value, icmp error message, ICMP information, TCP option.
Wherein, information on services detection is returned using the special UDP of user network connecting pin SQL SERVER in step S04
Feedback sends ' x02 ' or ' x03 ' by 1434 ports to SQL SERVER and detects its connectivity port, and scans to connectivity port
Required program information.
The invention has the following advantages that scanning means of the invention can not only effectively work, loophole is invaded to cloud and is carried out
Efficient scanning, and have the advantages that scanning speed is fast, sweep time is short, multi-point scanning can be carried out to target network.
In the description of this specification, the description of reference term " one embodiment ", " example ", " specific example " etc. means
Particular features, structures, materials, or characteristics described in conjunction with this embodiment or example are contained at least one implementation of the invention
In example or example.In the present specification, schematic expression of the above terms may not refer to the same embodiment or example.
Moreover, particular features, structures, materials, or characteristics described can be in any one or more of the embodiments or examples to close
Suitable mode combines.
Present invention disclosed above preferred embodiment is only intended to help to illustrate the present invention.There is no detailed for preferred embodiment
All details are described, are not limited the invention to the specific embodiments described.Obviously, according to the content of this specification,
It can make many modifications and variations.These embodiments are chosen and specifically described to this specification, is in order to better explain the present invention
Principle and practical application, so that skilled artisan be enable to better understand and utilize the present invention.The present invention is only
It is limited by claims and its full scope and equivalent.
Claims (7)
1. the vulnerability scanner that cloud is invaded, the scanning means is connected by custom protocol with Cloud Server network, the cloud
Web server, application server, master controller are provided in server, the Cloud Server passes through http protocol and user
Browser network connection, is connected to the network by ICP/IP protocol and system manager's control terminal, passes through JDBC agreement and middle calculation
It is connected to the network according to library, it is characterised in that:
The scanning means be carry can complete independently detection function software server, for dispatching and controlling each scanning function
Plug-in unit is executed with scanning, and the information returned to them judges;
Be provided in the scanning means scanning engine, scanning execute plug-in unit, basic information collector, server setup module,
Task management module, document management module, registration and state display module, base layer support and safety communication module;The scanning
Device and master controller communication connection, the scanning means pass through basic information collector and the target network that connect Cloud Server
Network or host communication connection;
The server setup module, task management module, document management module, registration and state display module be used for it is described
Master controller interacts, and completes server setting, task management and the file management back work of scanning means;
Information on services detecting module, probing remote operating system module, port scan module are provided in the basic information collector;
The information on services detecting module, probing remote operating system module, port scan module are used for the target network to connection Cloud Server
Network or host, which are scanned, collects necessary basic information to scanning engine;
The scanning executes plug-in unit and is used to carry out the target network or host of connection Cloud Server according to the instruction of scanning engine
Active scan;
It is stored with the scanning add-on file of storage scanning plugin information in the scanning engine, stores the loophole of vulnerability database information
Library file, the regular library file for storing scanning rule information, the scanning result file for storing scanning result;
The base layer support and safety communication module are responsible for the running environment and extraneous secure communication of scanning means server software.
2. the vulnerability scanner that cloud according to claim 1 is invaded, which is characterized in that the scanning engine includes to explain
Device, subscriber interface module, working storage, rule memory, rule acquisition module, inference machine;
The interpreter and subscriber interface module are provided commonly for interacting with external module, and provide inside and outside scan data and
Information conversion, the external module includes task management module, port scan module, probing remote operating system module, information on services
Detecting module, scanning execute plug-in unit;
The working storage has executed or pending for storing Current Scan status information, including existing scanning result
Scanning motion;
The rule memory is for storing scanning field special knowledge, including feasible scan operation, scanning Analysis of conclusion, judgement
With turntable driving rule;
The various forms of knowledge organizations that the rule acquisition module is used to concentrate static data are acceptable at inference machine
Scanning judgement and driving rule syntax;
The inference machine is used to be obtained according to the current scanning mode information and scanning judgement and rule that store in working storage
The turntable driving Rule Information obtained in modulus block is compared, and is inferred to scan conclusion information.
3. the vulnerability scanner that cloud according to claim 1 is invaded, which is characterized in that the scanning means is controlled by center
Device processed receives the vulnerability scanning order that cloud server end is transmitted to from user browser, and will after the completion of vulnerability scanning movement
Scanning result feeds back to user browser and is shown.
4. the vulnerability scanner that cloud according to claim 1 is invaded, which is characterized in that the base layer support and safety communication
Module uses the key for being generated by master controller and being managed to carry out certification and encryption communication;The mode of the certification and encryption is adopted
It is encrypted with OpenSSL.
5. the vulnerability scanning method that cloud according to any one of claims 1-4 is invaded, which comprises the following steps:
S01: the external module receives the scan task from client browser end by master controller, and by scan task
Information sends interpreter and subscriber interface module to;
S02: the interpreter receives scan task information, and sweeps to scan task is converted to after scan task initialization process
It retouches order and is sequentially delivered to working storage and inference machine;
S03: the inference machine is of use port scan module and probing remote operating system module is scanned port and connects to network
The operating system for connecing port is detected, and obtains scanning result;
S04: the inference machine obtains various rules by rule acquisition module from rule memory, while calling information on services
Detecting module is scanned and detects to the information on services of network connection port, and the scanning result that will acquire and acquisition is various
Rule is compared, and executes reasoning, obtains vulnerability scanning testing result;
S05: the inference machine obtains various rules by rule acquisition module from rule memory, while scanning being called to execute
The scanning result that plug-in unit is scanned the execution of plug-in unit, and will acquire is compared with the various rules of acquisition, is executed reasoning, is obtained
Take vulnerability scanning testing result;
S06: think that interpreter and subscriber interface module return to Hole Detection as a result, and holding after the scan command of the inference machine
Row next command;
S07: the Hole Detection result of return is returned to external module by the interpreter and subscriber interface module, and external module is logical
It crosses master controller vulnerability scanning testing result is transmitted to user browser and be shown to user.
6. the vulnerability scanning method that cloud according to claim 5 is invaded, which is characterized in that in the step S03 to port into
Row scanning includes carrying out TCP scanning, UDP Scan, ICMP scanning;
The TCP scanning includes TCP connect () scanning, TCP SYN scanning, TCP ACK scanning, TCP NULL scanning, FIN
+ URG+PUSH scanning, TCP FIN scanning;
The UDP Scan includes common UDP Scan;
The ICMP scanning includes ICMP echo scanning, advanced ICMP scanning.
7. the vulnerability scanning method that cloud according to claim 5 is invaded, which is characterized in that operating system in the step S03
Carry out detection include FIN detection, BOGUS marker detection, TCP ISN sampling, the original window of TCP, ACK value, icmp error message,
ICMP information, TCP option.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910044697.5A CN109861994A (en) | 2019-01-17 | 2019-01-17 | The vulnerability scanning method and its scanning means that cloud is invaded |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910044697.5A CN109861994A (en) | 2019-01-17 | 2019-01-17 | The vulnerability scanning method and its scanning means that cloud is invaded |
Publications (1)
Publication Number | Publication Date |
---|---|
CN109861994A true CN109861994A (en) | 2019-06-07 |
Family
ID=66895107
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201910044697.5A Pending CN109861994A (en) | 2019-01-17 | 2019-01-17 | The vulnerability scanning method and its scanning means that cloud is invaded |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN109861994A (en) |
Cited By (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110674153A (en) * | 2019-09-25 | 2020-01-10 | 北京金山云网络技术有限公司 | Data consistency detection method and device and electronic equipment |
CN110968503A (en) * | 2019-11-06 | 2020-04-07 | 支付宝(杭州)信息技术有限公司 | Code scanning system and method and plug-in |
CN113037758A (en) * | 2021-03-12 | 2021-06-25 | 中国建设银行股份有限公司 | Security vulnerability scanning method and device and computer readable medium |
CN113420302A (en) * | 2021-06-27 | 2021-09-21 | 杭州迪普科技股份有限公司 | Host vulnerability detection method and device |
CN113672934A (en) * | 2021-08-09 | 2021-11-19 | 中汽创智科技有限公司 | Security vulnerability scanning system and method, terminal and storage medium |
CN114430894A (en) * | 2020-07-20 | 2022-05-03 | 谷歌有限责任公司 | Minimizing production interruptions by scanning rule engines |
Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20040153666A1 (en) * | 2003-02-05 | 2004-08-05 | Sobel William E. | Structured rollout of updates to malicious computer code detection definitions |
CN1694411A (en) * | 2004-07-16 | 2005-11-09 | 北京航空航天大学 | Network invading detection system with two-level decision structure and its alarm optimization method |
CN102082659A (en) * | 2009-12-01 | 2011-06-01 | 厦门市美亚柏科信息股份有限公司 | Vulnerability scanning system oriented to safety assessment and processing method thereof |
CN102156827A (en) * | 2011-01-14 | 2011-08-17 | 无锡市同威科技有限公司 | Remote bug high-speed scanning host computer and method based on field programmable gate array (FPGA) |
CN104426850A (en) * | 2013-08-23 | 2015-03-18 | 南京理工大学常熟研究院有限公司 | Vulnerability detection method based on plug-in |
CN105610776A (en) * | 2015-09-24 | 2016-05-25 | 中科信息安全共性技术国家工程研究中心有限公司 | Cloud calculating IaaS layer high risk safety loophole detection method and system thereof |
CN107944276A (en) * | 2017-10-09 | 2018-04-20 | 西安交大捷普网络科技有限公司 | Vulnerability scanners and its plug-in unit dispatching method |
CN108595963A (en) * | 2018-04-26 | 2018-09-28 | 杭州迪普科技股份有限公司 | A kind of vulnerability scanning method and apparatus |
-
2019
- 2019-01-17 CN CN201910044697.5A patent/CN109861994A/en active Pending
Patent Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20040153666A1 (en) * | 2003-02-05 | 2004-08-05 | Sobel William E. | Structured rollout of updates to malicious computer code detection definitions |
CN1694411A (en) * | 2004-07-16 | 2005-11-09 | 北京航空航天大学 | Network invading detection system with two-level decision structure and its alarm optimization method |
CN102082659A (en) * | 2009-12-01 | 2011-06-01 | 厦门市美亚柏科信息股份有限公司 | Vulnerability scanning system oriented to safety assessment and processing method thereof |
CN102156827A (en) * | 2011-01-14 | 2011-08-17 | 无锡市同威科技有限公司 | Remote bug high-speed scanning host computer and method based on field programmable gate array (FPGA) |
CN104426850A (en) * | 2013-08-23 | 2015-03-18 | 南京理工大学常熟研究院有限公司 | Vulnerability detection method based on plug-in |
CN105610776A (en) * | 2015-09-24 | 2016-05-25 | 中科信息安全共性技术国家工程研究中心有限公司 | Cloud calculating IaaS layer high risk safety loophole detection method and system thereof |
CN107944276A (en) * | 2017-10-09 | 2018-04-20 | 西安交大捷普网络科技有限公司 | Vulnerability scanners and its plug-in unit dispatching method |
CN108595963A (en) * | 2018-04-26 | 2018-09-28 | 杭州迪普科技股份有限公司 | A kind of vulnerability scanning method and apparatus |
Cited By (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110674153A (en) * | 2019-09-25 | 2020-01-10 | 北京金山云网络技术有限公司 | Data consistency detection method and device and electronic equipment |
CN110674153B (en) * | 2019-09-25 | 2023-02-07 | 北京金山云网络技术有限公司 | Data consistency detection method and device and electronic equipment |
CN110968503A (en) * | 2019-11-06 | 2020-04-07 | 支付宝(杭州)信息技术有限公司 | Code scanning system and method and plug-in |
CN114430894A (en) * | 2020-07-20 | 2022-05-03 | 谷歌有限责任公司 | Minimizing production interruptions by scanning rule engines |
CN113037758A (en) * | 2021-03-12 | 2021-06-25 | 中国建设银行股份有限公司 | Security vulnerability scanning method and device and computer readable medium |
CN113037758B (en) * | 2021-03-12 | 2023-04-07 | 中国建设银行股份有限公司 | Security vulnerability scanning method and device and computer readable medium |
CN113420302A (en) * | 2021-06-27 | 2021-09-21 | 杭州迪普科技股份有限公司 | Host vulnerability detection method and device |
CN113672934A (en) * | 2021-08-09 | 2021-11-19 | 中汽创智科技有限公司 | Security vulnerability scanning system and method, terminal and storage medium |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN109861994A (en) | The vulnerability scanning method and its scanning means that cloud is invaded | |
US11736499B2 (en) | Systems and methods for detecting injection exploits | |
US11159558B2 (en) | Mobile risk assessment | |
US20210029156A1 (en) | Security monitoring system for internet of things (iot) device environments | |
CN103929429A (en) | Network vulnerability scanning system and method based on RESTful Web service | |
US8463885B2 (en) | Systems and methods for generating management agent installations | |
CN105991595B (en) | Network security protection method and device | |
CN104169937B (en) | Chance system scans | |
Izhikevich et al. | {LZR}: Identifying unexpected internet services | |
RU2755675C2 (en) | Identification of security vulnerabilities in application program interfaces | |
CN109981653B (en) | Web vulnerability scanning method | |
US20130247204A1 (en) | System and method for application security assessment | |
CN104285219A (en) | Unified scan management | |
US20080247320A1 (en) | Network service operational status monitoring | |
US20050154733A1 (en) | Real-time change detection for network systems | |
CN109964196A (en) | Dual factor anthentication is as network service | |
CN109271776A (en) | Micro services system single-point logging method, server and computer readable storage medium | |
JP2003529254A (en) | Internet / network security method and system for checking customer security from a remote device | |
WO2014094151A1 (en) | System and method for monitoring data in a client environment | |
CN102035904A (en) | Method for converting TCP network communication server into client | |
CN111262839A (en) | Vulnerability scanning method, management equipment, node and storage medium | |
CN106534172A (en) | Intranet remote scanning system and method thereof for scanning intranet | |
CN112039868A (en) | Firewall policy verification method, device, equipment and storage medium | |
CN206181087U (en) | Active leak detecting system towards industrial control system | |
Sanz et al. | A cooperation-aware virtual network function for proactive detection of distributed port scanning |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20190607 |