CN113329027A - Spatial asset mapping system fusing multidimensional asset image and vulnerability association analysis - Google Patents
Spatial asset mapping system fusing multidimensional asset image and vulnerability association analysis Download PDFInfo
- Publication number
- CN113329027A CN113329027A CN202110664013.9A CN202110664013A CN113329027A CN 113329027 A CN113329027 A CN 113329027A CN 202110664013 A CN202110664013 A CN 202110664013A CN 113329027 A CN113329027 A CN 113329027A
- Authority
- CN
- China
- Prior art keywords
- asset
- spatial
- engine module
- vulnerability
- assets
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Computing Systems (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The embodiment of the application provides a spatial asset mapping system fusing multidimensional asset image and vulnerability correlation analysis, and the system comprises: a user layer; a presentation layer; the service layer comprises a dispatching center and an engine center, wherein the dispatching center comprises: the engine center comprises: the system comprises a spatial asset detection engine module, a system fingerprint identification engine module, a POC vulnerability scanning engine module, a system penetration evidence obtaining engine module, an industrial control nondestructive scanning engine module, a network flow analysis engine module, a spatial asset portrait engine module and a spatial asset search engine module; the data layer comprises a fingerprint library, a leak library, a tool library and a rule library; an operating system layer; the method and the device can improve visibility of the information assets, and count and generate detailed full-network asset reports, so that the security situation of the assets in the whole network space is clear at a glance, and the increasing security requirements of various service systems are met.
Description
Technical Field
The application relates to the field of data processing, in particular to a spatial asset mapping system fusing multidimensional asset portrait and vulnerability association analysis.
Background
With the development of enterprises and public institutions and the rapid development of IT information construction, more and more assets for bearing user service systems are provided. In addition to personal PCs and servers, switches, routers, printers, video surveillance, mobile devices, internet of things devices, security devices, industrial control devices, and the like are also included. Some of the devices are deployed in an internal network, some of the devices are deployed in an external network, and networking devices of the internal network and the external network jointly form a network space where a user is located. How to manage such a wide variety of information assets with different purposes is a challenge for information managers.
What assets are all in the unknown cyberspace? Where are important assets of interest distributed? Which assets have the most recent high risk vulnerabilities? What effects were caused by the latest outbreak of worm virus? How are the assets security status of the entire network space? How should we deal with this series of questions?
A new generation of network space asset mapping product can help a user to detect a target asset quickly, detect a living asset, identify a fingerprint of the asset, detect a vulnerability of the asset, and generate a detailed asset report to meet deployment requirements in various scenes.
Disclosure of Invention
Aiming at the problems in the prior art, the space asset mapping system fusing the multidimensional asset image and the vulnerability correlation analysis is provided, the visibility of information assets can be improved, and a detailed whole network asset report is generated in a statistical manner, so that the safety situation of the whole network space asset is clear at a glance, and the increasing safety requirements of various service systems are met.
In order to solve at least one of the above problems, the present application provides the following technical solutions:
in a first aspect, the present application provides a spatial asset mapping system fusing multidimensional asset images and vulnerability association analysis, including:
the user layer is used for carrying out user authority management;
the presentation layer is used for executing an asset management module, a task management module, a space search module, a configuration management module, a report management module, a system management module, an upgrade management module and a log management module;
the service layer comprises a dispatching center and an engine center, wherein the dispatching center comprises: the engine center comprises: the system comprises a spatial asset detection engine module, a system fingerprint identification engine module, a POC vulnerability scanning engine module, a system penetration evidence obtaining engine module, an industrial control nondestructive scanning engine module, a network flow analysis engine module, a spatial asset portrait engine module and a spatial asset search engine module;
the data layer comprises a fingerprint library, a leak library, a tool library and a rule library;
and the operating system layer is a Linux operating system.
Furthermore, the spatial asset detection engine module and the fingerprint identification engine module are used for detecting spatial assets comprehensively by users, detecting surviving assets quickly, identifying fingerprints of the assets accurately and obtaining distribution conditions of the whole network spatial assets.
Further, the POC vulnerability scanning engine module is used for performing rapid and accurate special scanning on the target assets.
Further, the system penetration evidence obtaining engine module is used for performing one-key verification on the bugs scanned by the POC specific items, and comprises executing commands, reading files and executing any command, wherein the one-key verification comprises the steps of obtaining the rebound shell of the target asset and executing the command.
Furthermore, the industrial control lossless scanning engine module is used for adopting a low packet sending rate and non-vulnerability triggered remote fingerprint detection technology, so that the equipment model and related vulnerability information of the mainstream industrial control system can be detected in a lossless manner.
Further, the network traffic analysis engine module is configured to perform online traffic analysis and offline traffic analysis, where the online traffic analysis may configure a traffic mirror port, and the offline traffic analysis may upload a pcap packet, so as to obtain related information of assets in traffic.
Further, the space asset search engine module is used for a search engine for performing high-speed matching on the assets in the whole network according to IP, ports, protocols, contents and the like, so as to determine the asset information needing to be concerned.
Furthermore, the spatial asset representation engine module is used for extracting tags for describing relevant attributes of the target assets from the massive asset data to obtain the full-face characteristics of the target assets. And carrying out statistical analysis on the detected assets in the forms of reports and graphs, wherein the output reports support an HTML format.
And the system further comprises a product upgrading module with a built-in program, and the product upgrading module is used for upgrading the fingerprint library, the leak library, the tool library and the software through an offline upgrading package.
And further, the system also comprises a distributed management module, so that a superior platform can issue an asset detection task to a subordinate engine, receive an asset detection result uploaded by the subordinate engine, perform unified analysis and generate an overall network space asset report.
According to the technical scheme, the space asset mapping system fusing the multidimensional asset image and the vulnerability correlation analysis is provided, and the detailed whole network asset report is generated through statistics by improving the visibility of the information asset, so that the safety situation of the whole network space asset is clear at a glance, and the increasing safety requirements of various service systems are met.
Drawings
In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings needed to be used in the description of the embodiments or the prior art will be briefly introduced below, and it is obvious that the drawings in the following description are some embodiments of the present application, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without creative efforts.
FIG. 1 is a system architecture diagram of a spatial asset mapping system that integrates multidimensional asset representation and vulnerability correlation analysis in an embodiment of the present application;
FIG. 2 is a diagram of a single-click deployment of a spatial asset mapping system that integrates multidimensional asset representation and vulnerability correlation analysis in an embodiment of the application;
fig. 3 is a distributed deployment diagram of a spatial asset mapping system that merges multidimensional asset representation and vulnerability correlation analysis in an embodiment of the application.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present application clearer, the technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are some embodiments of the present application, but not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
In view of the problems in the prior art, the application provides a spatial asset mapping system fusing multi-dimensional asset images and vulnerability association analysis, and a detailed full-network asset report is generated by statistics by improving the visibility of information assets, so that the security situation of the whole network spatial asset is clear at a glance, and the increasing security requirements of various service systems are met.
In order to improve visibility of information assets and statistically generate detailed full-network asset reports, so that security situations of the whole network space assets are clear at a glance and the increasing security requirements of various service systems are met, the application provides an embodiment of a space asset mapping system fusing multi-dimensional asset images and vulnerability association analysis, and referring to fig. 1, the space asset mapping system fusing multi-dimensional asset images and vulnerability association analysis specifically comprises the following contents:
the user layer is used for carrying out user authority management;
the presentation layer is used for executing an asset management module, a task management module, a space search module, a configuration management module, a report management module, a system management module, an upgrade management module and a log management module;
the service layer comprises a dispatching center and an engine center, wherein the dispatching center comprises: the engine center comprises: the system comprises a spatial asset detection engine module, a system fingerprint identification engine module, a POC vulnerability scanning engine module, a system penetration evidence obtaining engine module, an industrial control nondestructive scanning engine module, a network flow analysis engine module, a spatial asset portrait engine module and a spatial asset search engine module;
the data layer comprises a fingerprint library, a leak library, a tool library and a rule library;
and the operating system layer is a Linux operating system.
From the above description, it can be seen that the spatial asset mapping system fusing the multidimensional asset image and the vulnerability correlation analysis provided in the embodiment of the present application can statistically generate a detailed full-network asset report by improving visibility of information assets, so that the security situation of the entire network spatial asset is clear at a glance, and the increasing security requirements of various service systems are met.
In an embodiment of the spatial asset mapping system fusing the multidimensional asset image and vulnerability correlation analysis, the spatial asset detection engine module and the fingerprint identification engine module are used for comprehensively detecting spatial assets by users, quickly detecting surviving assets, accurately identifying fingerprints of the assets and obtaining the distribution condition of the whole network spatial assets.
In an embodiment of the spatial asset mapping system fusing the multidimensional asset image and the vulnerability correlation analysis, the POC vulnerability scanning engine module is configured to perform fast and accurate specialized scanning on a target asset.
In an embodiment of the spatial asset mapping system fusing the multidimensional asset image and the vulnerability correlation analysis, the system penetration evidence obtaining engine module is used for performing one-key verification on the vulnerability scanned by the POC special item, and comprises executing a command, reading a file, and executing any command by obtaining a rebound shell of the target asset through one-key getshell.
In an embodiment of the spatial asset mapping system fusing the multidimensional asset image and the vulnerability correlation analysis, the industrial control lossless scanning engine module is used for adopting a remote fingerprint detection technology with low packet sending rate and non-vulnerability triggering, so as to losslessly detect the equipment model and the related vulnerability information of the mainstream industrial control system.
In an embodiment of the spatial asset mapping system fusing the multidimensional asset image and the vulnerability correlation analysis, the network traffic analysis engine module is used for performing online traffic analysis and offline traffic analysis, wherein the online traffic analysis can configure a traffic mirror port, and the offline traffic analysis can upload a pcap packet, so as to obtain related information of assets in traffic.
In an embodiment of the spatial asset mapping system fusing the multidimensional asset image and the vulnerability correlation analysis, the spatial asset search engine module is a search engine for performing high-speed matching on the whole network assets according to IP, ports, protocols, contents and the like, so as to determine asset information needing attention.
In an embodiment of the spatial asset mapping system fusing the multidimensional asset image and vulnerability association analysis, the spatial asset image engine module is configured to extract tags for describing relevant attributes of a target asset from massive asset data to obtain a full-face feature of the target asset. And carrying out statistical analysis on the detected assets in the forms of reports and graphs, wherein the output reports support an HTML format.
In an embodiment of the spatial asset mapping system fusing the multidimensional asset image and the vulnerability correlation analysis, the system further comprises a product upgrading module with a built-in program, and the product upgrading module is used for upgrading the fingerprint library, the vulnerability library, the tool library and the software through an offline upgrading package.
In an embodiment of the spatial asset mapping system fusing the multidimensional asset image and the vulnerability correlation analysis, the system further comprises a distributed management module, so that a superior platform can issue an asset detection task to a subordinate engine, receive an asset detection result uploaded by the subordinate engine, perform unified analysis, and generate an overall network spatial asset report.
In summary, the present application has the following technical effects:
1. the comprehensive asset mapping technology integrates functional modules of space asset detection, system fingerprint identification, POC vulnerability scanning, system penetration evidence obtaining, industrial control nondestructive scanning, network flow analysis, space asset imaging, space asset searching, dynamic large-screen display and the like. The target assets are portrayed through multiple dimensions, visibility of the information assets is improved, and safe operation of the IT assets is achieved.
2. The system comprises a strong security knowledge base, wherein 26 thousands of fingerprint bases, 13 thousands of leak bases, 700 POC detection bases and 600 penetration tool bases are arranged in the security knowledge base, and the security knowledge base supports vulnerability one-key verification and one-key gethell. The method can accurately acquire information of manufacturers, models, versions, port details, vulnerability names, vulnerability descriptions, repair suggestions and the like of the target assets.
3. Abundant fingerprint collection technique, this application not only supports the mode of initiative, obtains the target asset fingerprint through remote scanning. And a passive mode can be supported, and information such as fingerprints is obtained through online flow analysis and offline flow analysis. But also supports user-defined rules for adding asset fingerprints. Therefore, most assets in the network space are accurately identified by fingerprints, and various service scenes and user requirements are met.
4. The advanced vulnerability detection technology is characterized in that 700 POC vulnerability detection scripts and 600 vulnerability utilization tools are built in the vulnerability detection method. And the method can also directly carry out one-key verification on the vulnerabilities scanned by the POC special item, even one-key gethell, and execute any command. But also can carry out remote nondestructive scanning on mainstream industrial control equipment. Therefore, related vulnerabilities of target assets are accurately identified, various vulnerability hazards are presented, users are supervised and urged to carry out vulnerability repair in time, and network security events are avoided as far as possible.
In a possible embodiment of the present application, for product deployment of the system, since the present application is configured according to the IP address distribution of the network, it can be deployed anywhere in the network, and can work normally as long as the target system to be mapped on the assets can be accessed.
Specifically, referring to fig. 2 and 3, the present application manages through the B/S mode without adding an additional server installation management control end. In the aspect of safety requirements, a system TC-CAMS is generally proposed to be deployed at a core switch in a bypass mode, so that a user can find out a home base quickly, find a vulnerability accurately, present vulnerability hazards, statistically generate a detailed whole-network asset report, improve visibility of information assets and realize safe operation of IT assets. The method helps users to improve the utilization rate of the existing assets to the maximum extent, optimizes the asset utilization and controls the purchasing expenditure of IT assets.
As can be seen from the above, the present application can achieve at least the following technical effects:
(1) high risk leak safety investigation
The method and the system have the modules of POC vulnerability scanning, industrial control nondestructive scanning, system penetration evidence obtaining and the like, so that the distribution condition of ports and vulnerabilities of all assets is clear at a glance. Once high-risk bugs or security events occur, a user can conveniently locate assets in time and quickly carry out emergency response.
(2) Zombie asset viability detection
The method and the system have the advantages that the target assets are comprehensively found through various asset acquisition modes such as active asset detection, fingerprint identification and flow analysis. Thereby discovering zombie assets existing in the network, recovering useless IP addresses and reallocating.
(3) Help control IT costs
The abundant asset data provided by the application is beneficial to asset utilization rate analysis and budget planning, so that a user is helped to improve the utilization rate of the existing assets to the maximum extent, the asset use is optimized, and the purchasing expenditure of IT assets is controlled.
The principle and the implementation mode of the invention are explained by applying specific embodiments in the invention, and the description of the embodiments is only used for helping to understand the method and the core idea of the invention; meanwhile, for a person skilled in the art, according to the idea of the present invention, there may be variations in the specific embodiments and the application scope, and in summary, the content of the present specification should not be construed as a limitation to the present invention.
Claims (10)
1. A spatial asset mapping system fusing multi-dimensional asset imagery with vulnerability correlation analysis, the system comprising:
the user layer is used for carrying out user authority management;
the presentation layer is used for executing an asset management module, a task management module, a space search module, a configuration management module, a report management module, a system management module, an upgrade management module and a log management module;
the service layer comprises a dispatching center and an engine center, wherein the dispatching center comprises: the engine center comprises: the system comprises a spatial asset detection engine module, a system fingerprint identification engine module, a POC vulnerability scanning engine module, a system penetration evidence obtaining engine module, an industrial control nondestructive scanning engine module, a network flow analysis engine module, a spatial asset portrait engine module and a spatial asset search engine module;
the data layer comprises a fingerprint library, a leak library, a tool library and a rule library;
and the operating system layer is a Linux operating system.
2. The spatial asset mapping system fusing the multidimensional asset image and vulnerability correlation analysis according to claim 1, wherein the spatial asset detection engine module and the fingerprint identification engine module are used for a user to comprehensively detect spatial assets, quickly detect surviving assets, accurately identify fingerprints of assets, and obtain distribution conditions of the entire network spatial assets.
3. The spatial asset mapping system fusing multi-dimensional asset imagery and vulnerability correlation analysis according to claim 1, wherein the POC vulnerability scanning engine module is configured to perform fast and accurate specialized scanning of target assets.
4. The spatial asset mapping system combining multidimensional asset imagery and vulnerability correlation analysis according to claim 1, wherein the system penetration forensics engine module is configured to perform one-key validation of vulnerabilities scanned by POC specific items, including executing commands, reading files, and executing arbitrary commands by obtaining a bounce shell of a target asset.
5. The spatial asset mapping system combining multidimensional asset imagery and vulnerability correlation analysis of claim 1, wherein the industrial control lossless scan engine module is configured to employ low packet rate, non-vulnerability triggered remote fingerprint detection techniques to losslessly detect equipment model and related vulnerability information of a mainstream industrial control system.
6. The spatial asset mapping system fusing the multidimensional asset image and the vulnerability correlation analysis according to claim 1, wherein the network traffic analysis engine module is used for performing online traffic analysis and offline traffic analysis, wherein the online traffic analysis can configure a traffic mirror port, and the offline traffic analysis can upload a pcap packet, so as to obtain the related information of the assets in the traffic.
7. The spatial asset mapping system fusing multi-dimensional asset imagery and vulnerability correlation analysis according to claim 1, wherein the spatial asset search engine module is used for a search engine that performs full-network asset high-speed matching according to IP, port, protocol, content to determine asset information that needs attention.
8. The spatial asset mapping system combining multi-dimensional asset representation and vulnerability correlation analysis according to claim 1, wherein the spatial asset representation engine module is configured to extract tags for describing relevant attributes of target assets from the massive asset data to obtain the global features of the target assets, perform statistical analysis on the detected assets in the form of reports and graphs, and output reports supporting an HTML format.
9. The spatial asset mapping system combining the multi-dimensional asset image and vulnerability correlation analysis according to claim 1, further comprising a product upgrade module with built-in programs for upgrading a fingerprint library, a vulnerability library, a tool library, and software through an offline upgrade package.
10. The spatial asset mapping system fusing the multidimensional asset image and vulnerability correlation analysis according to claim 1, further comprising a distributed management module to enable a superior platform to issue asset detection tasks to subordinate engines, receive asset detection results uploaded by the subordinate engines, perform unified analysis, and generate an overall network spatial asset report.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110664013.9A CN113329027A (en) | 2021-06-16 | 2021-06-16 | Spatial asset mapping system fusing multidimensional asset image and vulnerability association analysis |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110664013.9A CN113329027A (en) | 2021-06-16 | 2021-06-16 | Spatial asset mapping system fusing multidimensional asset image and vulnerability association analysis |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN113329027A true CN113329027A (en) | 2021-08-31 |
Family
ID=77421217
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110664013.9A Pending CN113329027A (en) | 2021-06-16 | 2021-06-16 | Spatial asset mapping system fusing multidimensional asset image and vulnerability association analysis |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113329027A (en) |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113489749A (en) * | 2021-09-03 | 2021-10-08 | 北京华云安信息技术有限公司 | Method, device and equipment for generating network asset security portrait and storage medium |
| CN113946826A (en) * | 2021-09-10 | 2022-01-18 | 国网山东省电力公司信息通信公司 | Method, system, equipment and medium for analyzing and monitoring vulnerability fingerprint silence |
| CN115834352A (en) * | 2023-02-23 | 2023-03-21 | 远江盛邦(北京)网络安全科技股份有限公司 | Association analysis method, device and system for network space assets |
| CN116366316A (en) * | 2023-03-16 | 2023-06-30 | 中国华能集团有限公司北京招标分公司 | Network space mapping method |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106888106A (en) * | 2015-12-16 | 2017-06-23 | 国家电网公司 | The extensive detecting system of IT assets in intelligent grid |
| CN109613899A (en) * | 2018-12-21 | 2019-04-12 | 国家计算机网络与信息安全管理中心 | A method of the industrial control system security risk assessment based on allocation list |
| CN111784209A (en) * | 2020-07-30 | 2020-10-16 | 中国电子科技集团公司第十四研究所 | Asset visualization and safe operation management system |
| CN112511512A (en) * | 2020-11-19 | 2021-03-16 | 北京凌云信安科技有限公司 | Vulnerability scanning engine and risk management system of threat detection engine |
-
2021
- 2021-06-16 CN CN202110664013.9A patent/CN113329027A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106888106A (en) * | 2015-12-16 | 2017-06-23 | 国家电网公司 | The extensive detecting system of IT assets in intelligent grid |
| CN109613899A (en) * | 2018-12-21 | 2019-04-12 | 国家计算机网络与信息安全管理中心 | A method of the industrial control system security risk assessment based on allocation list |
| CN111784209A (en) * | 2020-07-30 | 2020-10-16 | 中国电子科技集团公司第十四研究所 | Asset visualization and safe operation management system |
| CN112511512A (en) * | 2020-11-19 | 2021-03-16 | 北京凌云信安科技有限公司 | Vulnerability scanning engine and risk management system of threat detection engine |
Non-Patent Citations (2)
| Title |
|---|
| 南京中新赛克科技有限责任公司: "中新赛克――基于工业资产全息画像的工业互联网安全监测平台", 《自动化博览》, 31 December 2020 (2020-12-31), pages 80 - 83 * |
| 秦丞 等: "IT资产高速探查及漏洞发现系统的研究", 《软件》, vol. 40, no. 12, 31 December 2019 (2019-12-31), pages 167 - 170 * |
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113489749A (en) * | 2021-09-03 | 2021-10-08 | 北京华云安信息技术有限公司 | Method, device and equipment for generating network asset security portrait and storage medium |
| CN113489749B (en) * | 2021-09-03 | 2021-12-10 | 北京华云安信息技术有限公司 | Method, device and equipment for generating network asset security portrait and storage medium |
| CN113946826A (en) * | 2021-09-10 | 2022-01-18 | 国网山东省电力公司信息通信公司 | Method, system, equipment and medium for analyzing and monitoring vulnerability fingerprint silence |
| CN115834352A (en) * | 2023-02-23 | 2023-03-21 | 远江盛邦(北京)网络安全科技股份有限公司 | Association analysis method, device and system for network space assets |
| CN115834352B (en) * | 2023-02-23 | 2023-05-02 | 远江盛邦(北京)网络安全科技股份有限公司 | Correlation analysis method, device and system for network space assets |
| CN116366316A (en) * | 2023-03-16 | 2023-06-30 | 中国华能集团有限公司北京招标分公司 | Network space mapping method |
| CN116366316B (en) * | 2023-03-16 | 2024-02-27 | 中国华能集团有限公司北京招标分公司 | Network space mapping method |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN113329027A (en) | Spatial asset mapping system fusing multidimensional asset image and vulnerability association analysis | |
| CN111522922B (en) | Log information query method and device, storage medium and computer equipment | |
| KR101880686B1 (en) | A malware code detecting system based on AI(Artificial Intelligence) deep learning | |
| CN104285219B (en) | Unified scan management | |
| KR101883400B1 (en) | detecting methods and systems of security vulnerability using agentless | |
| CN104205774B (en) | network address repository management | |
| Noguchi et al. | Device identification based on communication analysis for the internet of things | |
| US7519504B2 (en) | Method and apparatus for representing, managing and problem reporting in surveillance networks | |
| CN102143220A (en) | Method and system for discovering physical server location by correlating external and internal server information | |
| US20240007487A1 (en) | Asset Remediation Trend Map Generation and Utilization for Threat Mitigation | |
| CN111221625A (en) | File detection method, device and equipment | |
| US20160337385A1 (en) | Network monitoring method and network monitoring device | |
| CN113507461B (en) | Network monitoring system and network monitoring method based on big data | |
| CN114694226B (en) | Face recognition method, system and storage medium | |
| CN111885007A (en) | Information tracing method, device, system and storage medium | |
| CN112738018A (en) | ARP spoofing attack detection method, device, computer equipment and storage medium | |
| CN114816894A (en) | Chip testing system, method, equipment and medium | |
| CN111190950A (en) | Asset retrieval method and device | |
| CN117332095A (en) | Network space knowledge graph construction method based on asset detection | |
| CN111314326B (en) | Method, device, equipment and medium for confirming HTTP vulnerability scanning host | |
| US20210255943A1 (en) | Device identification device and device identification method | |
| KR20090132812A (en) | Methods and devices for interlocking process of sensors and events | |
| CN115827379A (en) | Abnormal process detection method, device, equipment and medium | |
| CN114374530A (en) | IDS system and detection method for monitoring and analyzing based on real-time network flow | |
| CN116170104A (en) | System and method for detecting and calibrating time abnormality of video and image acquisition equipment in real time |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20210831 |