CN110855678A - Vulnerability detection method and system of industrial control system and related device - Google Patents
Vulnerability detection method and system of industrial control system and related device Download PDFInfo
- Publication number
- CN110855678A CN110855678A CN201911122518.1A CN201911122518A CN110855678A CN 110855678 A CN110855678 A CN 110855678A CN 201911122518 A CN201911122518 A CN 201911122518A CN 110855678 A CN110855678 A CN 110855678A
- Authority
- CN
- China
- Prior art keywords
- vulnerability
- library
- information
- website
- file
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0643—Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Power Engineering (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Stored Programmes (AREA)
Abstract
The application provides a vulnerability detection method of an industrial control system, which comprises the following steps: acquiring manufacturer information, version information and product information of target equipment by utilizing vulnerability scanning equipment; inquiring an equipment library according to the manufacturer information, the version information and the product information to obtain a vulnerability MD5 value list; judging whether the vulnerability MD5 value list is empty or not; if yes, the target equipment has no loophole; if not, inquiring a vulnerability library according to the vulnerability MD5 value list to obtain corresponding vulnerability information. By utilizing the vulnerability MD5 value list, the problem of slow query speed of directly querying the vulnerability from the cnvd website, the cnnvd website and the nvd website is solved, and the vulnerability detection efficiency is improved. The application also provides a vulnerability detection system of the industrial control system, a computer readable storage medium and a terminal, and the beneficial effects are achieved.
Description
Technical Field
The present disclosure relates to the field of industrial control, and in particular, to a method, a system, and a related device for detecting vulnerabilities of an industrial control system.
Background
Along with the arrival of industry 4.0, the industrial production efficiency is greatly accelerated, more and more industrial control devices are applied to production, and meanwhile, the industrial control system has no problem and can cause the maximum loss once attacked
In the prior invention, no leak library construction scheme and no leak matching scheme relative to an industrial control system exist. At present, aiming at other protocols or according to a simple certain leaky library, the content of the database is very single, and information of a manufacturer, a version and a product is directly inquired, so that the inquiry speed is slow, and the expansibility is not good.
Disclosure of Invention
The application aims to provide a vulnerability detection method, a vulnerability detection system, a computer readable storage medium and a terminal of an industrial control system, which can improve vulnerability detection efficiency of industrial control equipment.
In order to solve the technical problem, the application provides a vulnerability detection method for an industrial control system, which has the following specific technical scheme:
acquiring manufacturer information, version information and product information of target equipment by utilizing vulnerability scanning equipment;
inquiring an equipment library according to the manufacturer information, the version information and the product information to obtain a vulnerability MD5 value list;
judging whether the vulnerability MD5 value list is empty or not;
if yes, the target equipment has no loophole;
if not, inquiring a vulnerability library according to the vulnerability MD5 value list to obtain corresponding vulnerability information.
Wherein, still include:
constructing a leak library according to the leak library file;
the vulnerability library files comprise cnvd website vulnerability library files, cnnv website vulnerability library files and nvd website vulnerability library files.
The method for constructing the vulnerability library according to the cnvd website vulnerability library file, the cnnv website vulnerability library file and the nvd website vulnerability library file comprises the following steps:
acquiring a cnvd website vulnerability library file, a corresponding public vulnerability number and a cnvd number, a cnnv website vulnerability library file, a corresponding public vulnerability number and a cnvd number, and an nvd website vulnerability library file, a corresponding public vulnerability number and a cwe number;
merging the cnvd website vulnerability library file, the cnnv website vulnerability library file and the nvd website vulnerability library file by using the public vulnerability number to obtain an original file, and using a cve number as a key value of each vulnerability in the original file;
and calculating an MD5 value according to the cnvd number, the cnnv number, the cwe number and the cve number, using the MD5 value as an identifier of each vulnerability, and marking the MD5 value into the original file to obtain the vulnerability database.
Wherein, still include:
constructing an equipment information dictionary according to the influence equipment list of each vulnerability in the vulnerability library file;
traversing the equipment information dictionary by taking the equipment type as a key value to determine a vulnerability information list corresponding to each kind of equipment;
and establishing the equipment library according to the vulnerability information list.
Wherein, still include:
storing the original file in a configuration file according to a generation date;
and when a new original file with a later generation date is detected, performing incremental updating on the original file.
The present application further provides a vulnerability detection system of an industrial control system, including:
the scanning module is used for acquiring manufacturer information, version information and product information of the target equipment by utilizing the vulnerability scanning equipment;
the equipment query module is used for querying an equipment library according to the manufacturer information, the version information and the product information to obtain a vulnerability MD5 value list;
the judging module is used for judging whether the vulnerability MD5 value list is empty or not; if yes, the target equipment has no loophole;
and the vulnerability query module is used for querying a vulnerability database according to the vulnerability MD5 value list to obtain corresponding vulnerability information if the judgment module judges that the vulnerability database does not contain the vulnerability information.
Wherein, still include:
the system comprises a leakage library establishing module, a leakage library creating module and a leakage library creating module, wherein the leakage library establishing module is used for establishing a leakage library according to a leakage library file; the vulnerability library files comprise cnvd website vulnerability library files, cnnv website vulnerability library files and nvd website vulnerability library files.
Wherein, still include:
the leak library updating module is used for saving the original file in the configuration file by the generation date; and when a new original file with a later generation date is detected, performing incremental updating on the original file.
The present application also provides a computer-readable storage medium having stored thereon a computer program which, when being executed by a processor, carries out the steps of the vulnerability detection method as described above.
The application also provides a terminal, which comprises a memory and a processor, wherein the memory stores a computer program, and the processor realizes the steps of the vulnerability detection method when calling the computer program in the memory.
The application provides a vulnerability detection method of an industrial control system, which comprises the following steps: acquiring manufacturer information, version information and product information of target equipment by utilizing vulnerability scanning equipment; inquiring an equipment library according to the manufacturer information, the version information and the product information to obtain a vulnerability MD5 value list; judging whether the vulnerability MD5 value list is empty or not; if yes, the target equipment has no loophole; if not, inquiring a vulnerability library according to the vulnerability MD5 value list to obtain corresponding vulnerability information.
According to the method and the device, a pre-constructed device library is inquired according to manufacturer information, version information and product information of the target device to obtain a corresponding vulnerability MD5 value list, and whether corresponding vulnerabilities exist is judged according to the vulnerability MD5 value list and the vulnerability library. By utilizing the vulnerability MD5 value list, the problem of slow query speed of directly querying vulnerabilities from the cnvd website, the cnnvd website and the nvd website is solved, and vulnerability detection efficiency is improved. The application also provides a vulnerability detection system of the industrial control system, a computer readable storage medium and a terminal, which have the beneficial effects and are not repeated herein.
Drawings
In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings needed to be used in the description of the embodiments or the prior art will be briefly introduced below, it is obvious that the drawings in the following description are only embodiments of the present application, and for those skilled in the art, other drawings can be obtained according to the provided drawings without creative efforts.
Fig. 1 is a flowchart of a vulnerability detection method of an industrial control system according to an embodiment of the present disclosure;
fig. 2 is a schematic structural diagram of a vulnerability detection system of an industrial control system according to an embodiment of the present application.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present application clearer, the technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are some embodiments of the present application, but not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
The current vulnerability query for industrial control equipment has the following three disadvantages:
1. the leak library has a single structure, and the Information queried by the leak library is only from one of cnvd (National Vulnerability Database, National Information Security leak sharing platform) and cnnv (National Vulnerability Database of Information Security, China National Information Security leak library) and nvd (National Vulnerability Database, U.S. National Database), and the existence of a leak may not be completely detected by querying with any Database, or there may be an incomplete Information or a language problem, for example, cve does not support Chinese description.
2. The query process is to directly query one of the three databases according to the scanned information, and when the data volume is very large, the query speed is slow, that is, the vulnerability detection efficiency is low.
3. The updating mode of the database is that the updating speed is slow due to the full-scale updating, and the vulnerability detection is influenced.
Therefore, the application provides a vulnerability detection method of an industrial control system, and the generation process of the vulnerability library and the equipment library provided by the application is introduced firstly.
Before the vulnerability detection is executed, a vulnerability library can be constructed according to the vulnerability library file. The vulnerability library files comprise cnvd website vulnerability library files, cnnv website vulnerability library files and nvd website vulnerability library files.
The method comprises the following specific steps:
step 1, acquiring a cnvd website vulnerability library file, a corresponding public vulnerability number and a cnvd number, a cnnv website vulnerability library file, a corresponding public vulnerability number and a cnvd number, and an nvd website vulnerability library file, a corresponding public vulnerability number and a cwe number;
in this step, the vulnerability files in each vulnerability database need to be obtained, and the vulnerability number of each vulnerability in the database and the public vulnerability number of the vulnerability need to be obtained specifically. The common vulnerability number is common Vulnerabilities & Exposuers, also known as cve number.
Step 2, merging the cnvd website vulnerability library file, the cnnv website vulnerability library file and the nvd website vulnerability library file by using the public vulnerability number to obtain an original file, and using cve number as a key value of each vulnerability in the original file;
the common vulnerability numbers are numbers which are identical in numbering rule and are shared by all vulnerabilities, so that the vulnerability library files of the three websites can be merged by using the common vulnerability numbers to obtain an original file. And when the cnvd website vulnerability library file, the cnnv website vulnerability library file and the nvd website vulnerability library file are combined by using the public vulnerability number, the public vulnerability number comprises the public vulnerability number corresponding to each vulnerability library file. The most important number of each vulnerability in the original file is the public vulnerability number, so the cve number is used as the key value of each vulnerability.
And 3, calculating to obtain an MD5 value according to the cnvd number, the cnnvd number, the cwe number and the cve number, using the MD5 value as an identifier of each vulnerability, and marking the MD5 value into an original file to obtain a vulnerability library.
This step calculates four numbers, namely cnvd number, cnnvd number, cwe number and cve number, to obtain corresponding MD5 values. Therefore, each vulnerability has a unique corresponding MD5 value, and the MD5 value is marked on the corresponding vulnerability in the original file, so that the vulnerability library can be obtained.
Similarly, an equipment library can be established, and the specific steps can be as follows:
step 1, constructing an equipment information dictionary according to an influence equipment list of each vulnerability in a vulnerability library file;
the vulnerability library file not only contains the serial number of the vulnerability, but also comprises an influencing device list of the influenceable devices of each vulnerability, namely, the influencing devices indicate the devices targeted by the vulnerability and the generated adverse influence. This step is intended to build a device information dictionary from the list of influencing devices.
Step 2, traversing the equipment information dictionary by taking the equipment type as a key value to determine a vulnerability information list corresponding to each kind of equipment;
the device type is used as a key value, which means that vulnerabilities that may be affected by each device type are determined, and thus the vulnerability information list is essentially a mapping table between the device type and corresponding vulnerabilities that may exist. In particular, as can be seen from the above process of creating a vulnerability library, each vulnerability may be represented by a unique corresponding MD5 value. And a device type usually corresponds to the existence of a plurality of vulnerabilities, so the vulnerability information list may be a mapping table between the device type and the corresponding MD5 value list.
And 3, establishing an equipment library according to the vulnerability information list.
After the vulnerability information list is obtained, each device type is converted into a vendor form, a version form and a product form to be stored, and the three forms are used as original files of the device library. Preferably, each device type can be converted into cpe information, and the cpe is a data format mainly including information of a sensor, a version and a product. Then the vulnerability information list is actually the correspondence table between the cpe information and the MD5 value list at this time.
The device type is required to be stored in a vendor form, a version form and a product form, and the device type is determined to be comprehensively determined according to the vendor, the version and product information of the device when the vulnerability is detected, so that the device type is converted into the above form in order to facilitate the connection with the actual detection process.
In particular, part of or all of the data in the leak library and the device library may be in a containment relationship, for example, the leak library may also contain a list of vulnerability information, etc.
According to the establishment process of the vulnerability database and the equipment library, the information fusion of the cnnvd, the cnvd and the nvd is adopted, so that the vulnerability detection process is complete, the problem that only one database can be selected from the existing detection process to be used as the vulnerability detection database is avoided, and the vulnerability detection accuracy can be effectively improved.
Referring to fig. 1, fig. 1 is a flowchart of a vulnerability detection method of an industrial control system according to an embodiment of the present application, where the vulnerability detection method includes:
s101: acquiring manufacturer information, version information and product information of target equipment by utilizing vulnerability scanning equipment;
in this step, manufacturer information, version information, and product information of the target device need to be obtained, and it is easy to understand that only manufacturer information, version information, and product information are the same, they can be regarded as the same device, and any one of the three types of information is different, and actually two devices are used. What vulnerability scanning equipment is used is not limited, and the equipment can obtain manufacturer information, version information and product information.
S102: inquiring an equipment library according to the manufacturer information, the version information and the product information to obtain a vulnerability MD5 value list;
in the step, the device type is determined according to the manufacturer information, the version information and the product information, and a corresponding vulnerability MD5 value list is obtained by inquiring a device library.
S103: judging whether the vulnerability MD5 value list is empty or not; if yes, entering S104; if not, entering S105;
s104: determining that the target device does not have a vulnerability;
if the value list of the vulnerability MD5 is empty, the vulnerability of the type of equipment is represented.
S105: and querying a vulnerability database according to the vulnerability MD5 value list to obtain corresponding vulnerability information.
And if the vulnerability MD5 value list is not empty, the corresponding vulnerability and vulnerability information can be determined according to each MD5 value in the MD5 value list.
According to the method and the device, a pre-constructed device library is inquired according to manufacturer information, version information and product information of the target device to obtain a corresponding vulnerability MD5 value list, and whether corresponding vulnerabilities exist is judged according to the vulnerability MD5 value list and the vulnerability library. By utilizing the vulnerability MD5 value list, one of the cnvd website, the cnnv website and the nvd website does not need to be selected as a vulnerability detection database, and processes such as database calling and the like do not need to be realized, so that the problem of low query speed when directly querying vulnerabilities from the cnvd website, the cnnv website and the nvd website is directly solved, and the vulnerability detection efficiency is improved.
Based on the above embodiment, as a preferred embodiment, the detection method further includes:
storing the original file in a configuration file according to the generation date; and when a new original file with a later generation date is detected, performing incremental updating on the original file.
The method aims to update the vulnerability library, the original file obtained in the process of establishing the vulnerability library can be saved in the configuration file according to the generation date, once a new vulnerability library file or the original file is detected, the new original file with the later generation date is subjected to incremental update on the original file according to the generation logs of the new vulnerability library file and the original file, the whole original file is not required to be updated, the updating efficiency of the vulnerability library is improved, the vulnerability detection process is prevented from being influenced by the full update of the vulnerability library, and the detection efficiency of the vulnerability library is indirectly improved.
In the following, a vulnerability detection system of an industrial control system provided in an embodiment of the present application is introduced, and the vulnerability detection system described below and the vulnerability detection method described above may be referred to in a corresponding manner.
Referring to fig. 2, fig. 2 is a schematic structural diagram of a vulnerability detection system of an industrial control system provided in an embodiment of the present application, and the present application further provides a vulnerability detection system of an industrial control system, which includes:
the scanning module 100 is configured to acquire manufacturer information, version information, and product information of a target device by using a vulnerability scanning device;
the equipment query module 200 is configured to query an equipment library according to the manufacturer information, the version information, and the product information to obtain a vulnerability MD5 value list;
the judging module 300 is configured to judge whether the vulnerability MD5 value list is empty; if yes, the target equipment has no loophole;
and the vulnerability query module 400 is configured to query a vulnerability database according to the vulnerability MD5 value list to obtain corresponding vulnerability information if the judgment module judges that the vulnerability database is not a vulnerability database.
Based on the foregoing embodiment, as a preferred embodiment, the vulnerability detection system may further include:
the system comprises a leakage library establishing module, a leakage library creating module and a leakage library creating module, wherein the leakage library establishing module is used for establishing a leakage library according to a leakage library file; the vulnerability library files comprise cnvd website vulnerability library files, cnnv website vulnerability library files and nvd website vulnerability library files.
Based on the foregoing embodiment, as a preferred embodiment, the vulnerability detection system may further include:
the leak library updating module is used for saving the original file in the configuration file by the generation date; and when a new original file with a later generation date is detected, performing incremental updating on the original file.
The present application also provides a computer readable storage medium having stored thereon a computer program which, when executed, may implement the steps provided by the above-described embodiments. The storage medium may include: various media capable of storing program codes, such as a usb disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk, or an optical disk.
The application further provides a terminal, which may include a memory and a processor, where the memory stores a computer program, and the processor may implement the steps provided by the foregoing embodiments when calling the computer program in the memory. Of course, the terminal may also include various network interfaces, power supplies, and the like.
The embodiments are described in a progressive manner in the specification, each embodiment focuses on differences from other embodiments, and the same and similar parts among the embodiments are referred to each other. For the system provided by the embodiment, the description is relatively simple because the system corresponds to the method provided by the embodiment, and the relevant points can be referred to the method part for description.
The principles and embodiments of the present application are explained herein using specific examples, which are provided only to help understand the method and the core idea of the present application. It should be noted that, for those skilled in the art, it is possible to make several improvements and modifications to the present application without departing from the principle of the present application, and such improvements and modifications also fall within the scope of the claims of the present application.
It is further noted that, in the present specification, relational terms such as first and second, and the like are used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.
Claims (10)
1. A vulnerability detection method of an industrial control system is characterized by comprising the following steps:
acquiring manufacturer information, version information and product information of target equipment by utilizing vulnerability scanning equipment;
inquiring an equipment library according to the manufacturer information, the version information and the product information to obtain a vulnerability MD5 value list;
judging whether the vulnerability MD5 value list is empty or not;
if yes, the target equipment has no loophole;
if not, inquiring a vulnerability library according to the vulnerability MD5 value list to obtain corresponding vulnerability information.
2. The vulnerability detection method of claim 1, further comprising:
constructing a leak library according to the leak library file;
the vulnerability library files comprise cnvd website vulnerability library files, cnnv website vulnerability library files and nvd website vulnerability library files.
3. The vulnerability detection method of claim 2, wherein constructing the vulnerability library according to the cnvd website vulnerability library file, the cnnv website vulnerability library file and the nvd website vulnerability library file comprises:
acquiring a cnvd website vulnerability library file, a corresponding public vulnerability number and a cnvd number, a cnnv website vulnerability library file, a corresponding public vulnerability number and a cnvd number, and an nvd website vulnerability library file, a corresponding public vulnerability number and a cwe number;
merging the cnvd website vulnerability library file, the cnnv website vulnerability library file and the nvd website vulnerability library file by using the public vulnerability number to obtain an original file, and using a cve number as a key value of each vulnerability in the original file;
and calculating an MD5 value according to the cnvd number, the cnnv number, the cwe number and the cve number, using the MD5 value as an identifier of each vulnerability, and marking the MD5 value into the original file to obtain the vulnerability database.
4. The vulnerability detection method of claim 3, further comprising:
constructing an equipment information dictionary according to the influence equipment list of each vulnerability in the vulnerability library file;
traversing the equipment information dictionary by taking the equipment type as a key value to determine a vulnerability information list corresponding to each kind of equipment;
and establishing the equipment library according to the vulnerability information list.
5. The vulnerability detection method of claim 2 or 3, further comprising:
storing the original file in a configuration file according to a generation date;
and when a new original file with a later generation date is detected, performing incremental updating on the original file.
6. The utility model provides a vulnerability detection system of industrial control system which characterized in that includes:
the scanning module is used for acquiring manufacturer information, version information and product information of the target equipment by utilizing the vulnerability scanning equipment;
the equipment query module is used for querying an equipment library according to the manufacturer information, the version information and the product information to obtain a vulnerability MD5 value list;
the judging module is used for judging whether the vulnerability MD5 value list is empty or not; if yes, the target equipment has no loophole;
and the vulnerability query module is used for querying a vulnerability database according to the vulnerability MD5 value list to obtain corresponding vulnerability information if the judgment module judges that the vulnerability database does not contain the vulnerability information.
7. The vulnerability detection system of claim 6, further comprising:
the system comprises a leakage library establishing module, a leakage library creating module and a leakage library creating module, wherein the leakage library establishing module is used for establishing a leakage library according to a leakage library file; the vulnerability library files comprise cnvd website vulnerability library files, cnnv website vulnerability library files and nvd website vulnerability library files.
8. The vulnerability detection system of claim 6, further comprising:
the leak library updating module is used for saving the original file in the configuration file by the generation date; and when a new original file with a later generation date is detected, performing incremental updating on the original file.
9. A computer-readable storage medium, on which a computer program is stored, which, when being executed by a processor, carries out the steps of the method according to any one of claims 1 to 5.
10. A terminal, characterized in that it comprises a memory in which a computer program is stored and a processor which, when it is called up in said memory, implements the steps of the method according to any one of claims 1 to 5.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201911122518.1A CN110855678A (en) | 2019-11-15 | 2019-11-15 | Vulnerability detection method and system of industrial control system and related device |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201911122518.1A CN110855678A (en) | 2019-11-15 | 2019-11-15 | Vulnerability detection method and system of industrial control system and related device |
Publications (1)
Publication Number | Publication Date |
---|---|
CN110855678A true CN110855678A (en) | 2020-02-28 |
Family
ID=69601024
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201911122518.1A Pending CN110855678A (en) | 2019-11-15 | 2019-11-15 | Vulnerability detection method and system of industrial control system and related device |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN110855678A (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112868008A (en) * | 2020-04-28 | 2021-05-28 | 深圳开源互联网安全技术有限公司 | Vulnerability detection method and device of JAVA open source component and storage medium |
CN114900378A (en) * | 2022-07-15 | 2022-08-12 | 苏州知微安全科技有限公司 | Cooperative recommendation method and device for vulnerability data of Internet of things equipment |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104144148A (en) * | 2013-05-10 | 2014-11-12 | 中国电信股份有限公司 | Vulnerability scanning method and server and risk assessment system |
CN106982194A (en) * | 2016-01-19 | 2017-07-25 | 中国移动通信集团河北有限公司 | Vulnerability scanning method and device |
CN107370763A (en) * | 2017-09-04 | 2017-11-21 | 中国移动通信集团广东有限公司 | Assets security method for early warning and device based on outside threat intelligence analysis |
CN108696544A (en) * | 2018-09-05 | 2018-10-23 | 杭州安恒信息技术股份有限公司 | Security breaches detection method based on industrial control system and device |
CN110321708A (en) * | 2019-03-21 | 2019-10-11 | 北京天防安全科技有限公司 | A kind of quick vulnerability scanning method and system based on class of assets |
US10454963B1 (en) * | 2015-07-31 | 2019-10-22 | Tripwire, Inc. | Historical exploit and vulnerability detection |
-
2019
- 2019-11-15 CN CN201911122518.1A patent/CN110855678A/en active Pending
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104144148A (en) * | 2013-05-10 | 2014-11-12 | 中国电信股份有限公司 | Vulnerability scanning method and server and risk assessment system |
US10454963B1 (en) * | 2015-07-31 | 2019-10-22 | Tripwire, Inc. | Historical exploit and vulnerability detection |
CN106982194A (en) * | 2016-01-19 | 2017-07-25 | 中国移动通信集团河北有限公司 | Vulnerability scanning method and device |
CN107370763A (en) * | 2017-09-04 | 2017-11-21 | 中国移动通信集团广东有限公司 | Assets security method for early warning and device based on outside threat intelligence analysis |
CN108696544A (en) * | 2018-09-05 | 2018-10-23 | 杭州安恒信息技术股份有限公司 | Security breaches detection method based on industrial control system and device |
CN110321708A (en) * | 2019-03-21 | 2019-10-11 | 北京天防安全科技有限公司 | A kind of quick vulnerability scanning method and system based on class of assets |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112868008A (en) * | 2020-04-28 | 2021-05-28 | 深圳开源互联网安全技术有限公司 | Vulnerability detection method and device of JAVA open source component and storage medium |
CN114900378A (en) * | 2022-07-15 | 2022-08-12 | 苏州知微安全科技有限公司 | Cooperative recommendation method and device for vulnerability data of Internet of things equipment |
CN114900378B (en) * | 2022-07-15 | 2022-09-27 | 苏州知微安全科技有限公司 | Cooperative recommendation method and device for vulnerability data of Internet of things equipment |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN108228814B (en) | Data synchronization method and device | |
CN113242236B (en) | Method for constructing network entity threat map | |
CN110659494A (en) | Extensible intelligent contract vulnerability detection method | |
CN111104392A (en) | Database migration method and device, electronic equipment and storage medium | |
CN110855678A (en) | Vulnerability detection method and system of industrial control system and related device | |
WO2022267457A1 (en) | Method, apparatus, and device for processing spreadsheet data, and storage medium | |
CN111767315B (en) | Black product identification method and device, electronic equipment and storage medium | |
EP2390794A1 (en) | Interactive processing method and apparatus between content-id management servers | |
CN106250476B (en) | Method, device and system for updating and synchronizing white list | |
CN103902912A (en) | Method and device for detecting web page vulnerability | |
CN112541823A (en) | Transaction risk control method, device and equipment based on block chain and storage medium | |
CN110955562A (en) | Data recovery method, system, equipment and readable storage medium | |
CN110941831A (en) | Vulnerability matching method based on fragmentation technology | |
CN112199396B (en) | Industrial Internet identification query method and system facing MES | |
CN115567316A (en) | Method and device for detecting abnormality of access data | |
CN109033831A (en) | A kind of method for detecting virus, device, electronic equipment and storage medium | |
CN108228834B (en) | Internet protocol address query and storage method and device and electronic equipment | |
CN108984713B (en) | XML file processing method and device | |
CN111078711A (en) | Block chain data storage and acquisition method and device based on data index | |
CN111414178A (en) | Equipment information updating method, device, equipment and medium | |
CN111125110A (en) | Method and device for checking non-primary key field, computer equipment and storage medium | |
CN108520185A (en) | Detect method, apparatus, equipment and the computer readable storage medium of webpage tamper | |
CN115801736B (en) | IP address library construction loading method and device and IP address query method and device | |
CN113127865B (en) | Malicious file repairing method and device, electronic equipment and storage medium | |
CN114861216B (en) | SQL injection detection method, device and storage medium based on AC automaton |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20200228 |