CN115987613A - Asset vulnerability detection method, device and equipment based on NDN (named data networking) - Google Patents

Asset vulnerability detection method, device and equipment based on NDN (named data networking) Download PDF

Info

Publication number
CN115987613A
CN115987613A CN202211643719.8A CN202211643719A CN115987613A CN 115987613 A CN115987613 A CN 115987613A CN 202211643719 A CN202211643719 A CN 202211643719A CN 115987613 A CN115987613 A CN 115987613A
Authority
CN
China
Prior art keywords
scanning
ndn
data
missed
missing
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202211643719.8A
Other languages
Chinese (zh)
Inventor
彭博威
刘玉权
高霞
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Zhongtong Uniform Chuangfa Science And Technology Co ltd
Original Assignee
Zhongtong Uniform Chuangfa Science And Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Zhongtong Uniform Chuangfa Science And Technology Co ltd filed Critical Zhongtong Uniform Chuangfa Science And Technology Co ltd
Priority to CN202211643719.8A priority Critical patent/CN115987613A/en
Publication of CN115987613A publication Critical patent/CN115987613A/en
Pending legal-status Critical Current

Links

Images

Landscapes

  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The embodiment of the disclosure provides an asset vulnerability detection method, device and equipment based on an NDN (named data networking); the method comprises the following steps: the method comprises the steps that a missed-scanning platform sends a missed-scanning resource interest packet to an NDN network and requests missed-scanning resource data; the NDN node checks a data table of the NDN node and confirms whether the resource data which is not scanned exists or not; if yes, returning the resource data to the missed scanning platform; the missed scanning platform sends the missed scanning resource data and a configuration list to the missed scanning probe, wherein the configuration list comprises configuration block chain information, a scanning strategy and a key list; the missed scanning probe scans the scanned machine for vulnerabilities according to the missed scanning resource data and the configuration list, and determines whether information obtained by vulnerability scanning is in a key list or not; if the information is in the key list, the information obtained by scanning the vulnerability is stored in the block chain and is recorded in the information of the block chain which is not scanned. In this way, the NDN can realize automatic reporting, and reported data is based on an encryption algorithm, so that the troubleshooting of shadow assets and non-internal assets is effectively prevented.

Description

Asset vulnerability detection method, device and equipment based on NDN (named data networking)
Technical Field
The present disclosure relates to the field of network security technologies, and in particular, to the field of asset vulnerability detection.
Background
With the rapid development of computer networks, more and more enterprises have entered a digital transition express way, and most enterprises cannot perform digital asset vulnerability detection rapidly and accurately. The vulnerability scanning is to detect vulnerabilities of specified devices such as a host and a server, generate reports and deliver the reports to a user, wherein the reports contain vulnerability risk levels, vulnerability causes, repair schemes and other contents. Often, enterprises need to periodically perform vulnerability scans on digital assets to confirm that the digital assets meet a security baseline.
Disclosure of Invention
The disclosure provides an asset vulnerability detection method, device and equipment based on an NDN (named data networking).
According to a first aspect of the present disclosure, there is provided an asset vulnerability detection method based on an NDN network, including:
the method comprises the steps that a missed-scanning platform sends a missed-scanning resource interest packet to an NDN network and requests missed-scanning resource data;
the NDN node checks a data table of the NDN node and confirms whether the missing scanning resource data exist or not; if the resource data of the missed scan exists, returning the resource data of the missed scan to the missed scan platform;
the missed-scanning platform sends the missed-scanning resource data and a configuration list to a missed-scanning probe, wherein the configuration list comprises configuration block chain information, a scanning strategy and a key list;
the scanning missing probe scans the scanned machine for bugs according to the scanning missing resource data and the configuration list and confirms whether the information obtained by bug scanning is in the key list; if the information obtained by the vulnerability scanning is in a key list, storing the information obtained by the vulnerability scanning into a block chain and recording the information into the missing scanning block chain information; converting the missing scanning block chain information, the configuration block chain information and the information obtained by bug scanning into corresponding NDN data, and transferring the NDN data to an NDN network for transmission;
and the missing scanning platform sends an interest packet to the NDN network to acquire the corresponding NDN data.
In some implementations of the first aspect, the method further comprises:
if the NDN node does not have the missing scanning resource data, checking whether an NDN routing table has the missing scanning resource data;
if the NDN routing table has the missing scanning resource data, requesting the missing scanning resource data from a corresponding NDN node according to the NDN routing table;
and if the NDN routing table does not have the missing scanning resource data, sending a data interest packet to an adjacent node to acquire the missing scanning resource data.
In some implementations of the first aspect, the method further comprises:
and if the information obtained by the vulnerability scanning is not in a key list, directly converting the information obtained by the vulnerability scanning into corresponding NDN data.
In some implementations of the first aspect, the sending, by the missed-scan platform, the missed-scan resource data and the configuration manifest to a missed-scan probe includes:
the missed-scanning platform converts the missed-scanning resource data and the configuration list into corresponding NDN data and sends the NDN data to the NDN node;
the NDN node stores the missing scanning resource data and the configuration list into a data table and informs the adjacent nodes;
and the missing scanning probe acquires the missing scanning resource data and the configuration list by sending an interest packet to the NDN node.
In some implementations of the first aspect, the method further comprises:
the scanning strategy and the key list are updated by the missing scanning probe according to a configuration list; and meanwhile, writing the configuration list into a block chain and recording the configuration list into configuration block chain information.
In some implementations of the first aspect, the scanning strategy includes: scanning range, scanning frequency, and scanning other strategies;
the key list includes: a list of key devices, a list of key vulnerabilities, and key other information.
In some implementations of the first aspect, the method further comprises:
after each NDN node acquires the data, the data are stored in a data table of the NDN node, an NDN routing table is updated, and the data are forwarded to a requester;
all data are signed by the data producer and the validity period of the data is confirmed according to the configuration.
According to a second aspect of the present disclosure, there is provided an asset vulnerability detection apparatus based on an NDN network, the apparatus including:
the data request module is used for sending a missing scanning resource interest packet to the NDN by the missing scanning platform to request the missing scanning resource data;
the data confirmation module is used for checking a data table of the NDN node and confirming whether the missing scanning resource data exists or not; if the resource data of the missed scan exists, returning the resource data of the missed scan to the missed scan platform;
the configuration list sending module is used for sending the missing scanning resource data and the configuration list to the missing scanning probe by the missing scanning platform, wherein the configuration list comprises configuration block chain information, a scanning strategy and a key list;
the vulnerability scanning module is used for the leak scanning probe to carry out vulnerability scanning on the scanned machine according to the leak scanning resource data and the configuration list and confirming whether the information obtained by the vulnerability scanning is in the key list; if the information obtained by the vulnerability scanning is in a key list, storing the information obtained by the vulnerability scanning into a block chain and recording the information into the missing scanning block chain information; converting the missing scanning block chain information, the configuration block chain information and the information obtained by the bug scanning into corresponding NDN data, and transferring the NDN data to an NDN network for transmission;
and the data acquisition module is used for sending the interest packet to the NDN by the missed-scanning platform to acquire the corresponding NDN data.
According to a third aspect of the present disclosure, an electronic device is provided. The electronic device includes: a memory having a computer program stored thereon and a processor implementing the method as described above when executing the program.
According to a fourth aspect of the present disclosure, there is provided a computer readable storage medium having stored thereon a computer program which, when executed by a processor, implements a method as in accordance with the first aspect of the present disclosure.
The method comprises the steps that a missed-scanning platform requests a missed-scanning resource data packet from an NDN network, the missed-scanning resource data and a configuration list are sent to a missed-scanning probe, the missed-scanning probe conducts vulnerability scanning on a scanned machine according to the missed-scanning resource data and the configuration list, and whether information obtained through vulnerability scanning is in a key list or not is confirmed; if the information obtained by vulnerability scanning is in the key list, storing the information obtained by vulnerability scanning into the block chain and recording the information into the missing scanning block chain information; meanwhile, the information of the block chain which is missed to be scanned, the information of the configuration block chain and the information obtained by the bug scanning are converted into corresponding NDN data, and the NDN data are handed over to an NDN network to be transmitted to a missed scanning platform. In this way, the pressure on the IP network can be reduced, the NDN naming network can realize automatic reporting, the acquisition action of leak data cannot cause instantaneous high impact flow on the network, the reported data of each edge device is based on an encryption algorithm, the troubleshooting of shadow assets and non-internal assets is effectively prevented, the data information is based on multi-level authority, the information action domain is reasonably planned, and the safety accidents such as longitudinal override and the like are effectively prevented.
It should be understood that what is described in this summary section is not intended to define key or essential features of the embodiments of the disclosure, nor is it intended to be used to limit the scope of the disclosure. Other features of the present disclosure will become apparent from the following description.
Drawings
The above and other features, advantages and aspects of various embodiments of the present disclosure will become more apparent by referring to the following detailed description when taken in conjunction with the accompanying drawings. The accompanying drawings are included to provide a further understanding of the present disclosure, and are not intended to limit the disclosure thereto, and the same or similar reference numerals will be used to indicate the same or similar elements, where:
fig. 1 illustrates a flow diagram of an NDN network-based asset vulnerability detection method in accordance with an embodiment of the present disclosure;
FIG. 2 illustrates a flow diagram of a method for NDN network-based asset vulnerability detection, in accordance with an embodiment of the present disclosure;
FIG. 3 illustrates a block diagram of an NDN network-based asset vulnerability detection apparatus, in accordance with an embodiment of the present disclosure;
FIG. 4 illustrates a block diagram of an exemplary electronic device capable of implementing embodiments of the present disclosure.
Detailed Description
To make the objects, technical solutions and advantages of the embodiments of the present disclosure more apparent, the technical solutions in the embodiments of the present disclosure will be described clearly and completely with reference to the drawings in the embodiments of the present disclosure, and it is obvious that the described embodiments are some, but not all embodiments of the present disclosure. All other embodiments, which can be derived by a person skilled in the art from the embodiments disclosed herein without inventive step, are intended to be within the scope of the present disclosure.
In addition, the term "and/or" herein is only one kind of association relationship describing an associated object, and means that there may be three kinds of relationships, for example, a and/or B, which may mean: a exists alone, A and B exist simultaneously, and B exists alone. In addition, the character "/" herein generally indicates that the former and latter associated objects are in an "or" relationship.
According to the method, a missed-scanning platform requests a missed-scanning resource data packet from an NDN network, the missed-scanning resource data and a configuration list are sent to a missed-scanning probe, the missed-scanning probe conducts vulnerability scanning on a scanned machine according to the missed-scanning resource data and the configuration list, and whether information obtained through vulnerability scanning is in a key list or not is confirmed; if the information obtained by vulnerability scanning is in the key list, storing the information obtained by vulnerability scanning into the block chain and recording the information into the missing scanning block chain information; meanwhile, the information of the block chain which is missed to be scanned, the information of the configuration block chain and the information obtained by the bug scanning are converted into corresponding NDN data, and the NDN data are handed over to an NDN network to be transmitted to a missed scanning platform. In this way, the pressure on the IP network can be reduced, the NDN naming network can realize automatic reporting, the acquisition action of leak data cannot cause instantaneous high impact flow on the network, the reported data of each edge device is based on an encryption algorithm, the troubleshooting of shadow assets and non-internal assets is effectively prevented, the data information is based on multi-level authority, the information action domain is reasonably planned, and the safety accidents such as longitudinal override and the like are effectively prevented.
Fig. 1 shows a flowchart of an asset vulnerability detection method based on an NDN network according to an embodiment of the present disclosure, and as shown in fig. 1, the method 100 includes:
s101: the method comprises the steps that a missed-scanning platform sends a missed-scanning resource interest packet to an NDN network and requests missed-scanning resource data;
s102: the NDN node checks a data table of the NDN node and confirms whether the resource data which is not scanned exists or not; if the resource data of the missed scan exists, returning the resource data of the missed scan to the missed scan platform;
s103: the missed scanning platform sends the missed scanning resource data and a configuration list to a missed scanning probe, wherein the configuration list comprises configuration block chain information, a scanning strategy and a key list;
s104: the missed scanning probe scans the scanned machine for bugs according to the missed scanning resource data and the configuration list and confirms whether the information obtained by bug scanning is in a key list or not; if the information obtained by the vulnerability scanning is in a key list, storing the information obtained by the vulnerability scanning into a block chain and recording the information into the missing scanning block chain information; converting the missing scanning block chain information, the configuration block chain information and the information obtained by bug scanning into corresponding NDN data, and transferring the NDN data to an NDN network for transmission;
s105: and the missing scanning platform sends an interest packet to the NDN network to acquire the corresponding NDN data.
In S101, the missing-scan platform sends a missing-scan resource interest packet to the NDN network, and requests missing-scan resource data.
In some embodiments, the missed-scan platform requests the missed-scan resource data from the NDN network node, and needs to broadcast a missed-scan resource interest packet in the NDN network, where the NDN node performs data matching according to the name of the interest packet and forwards the data matching to the missed-scan platform.
In S102, the NDN node checks a data table of the NDN node and determines whether the resource data to be missed are present; and if the resource data which are not scanned exist, returning the resource data which are not scanned to the platform which is not scanned.
In some embodiments, after the missing-scan resource interest packet reaches the router, that is, the NDN node queries a Content cache library (CS) according to a packet name of the missing-scan resource interest packet, where the Content cache library includes cache contents of the NDN node; if the requested data packet is contained in the CS, a copy of the data packet is directly returned to the source of the interest packet, namely the missing scanning platform, and the interest packet which is already satisfied is discarded.
In some embodiments, if the NDN node does not have the missed-scan resource data, checking the NDN routing table for the presence of the data; if the NDN routing table has the resource data which is missed to be scanned, the data is requested to the corresponding NDN node according to the NDN routing table; and if the NDN routing table does not have the data, sending a data interest packet to an adjacent NDN node to acquire the resource data to be missed.
According to the embodiment of the disclosure, cache contents are stored in the multi-source multi-path, multicast transmission and NDN nodes of the NDN, so that the leakage scanning platform can efficiently acquire the leakage scanning resource data.
In S103, the missing-scan platform sends the missing-scan resource data and a configuration list to a missing-scan probe, where the configuration list includes configuration block chain information, a scanning policy, and a key list.
In some embodiments, the missed-scan platform converts the missed-scan resource data and the configuration list into corresponding NDN data, and sends the NDN data to the NDN node; the NDN node stores the missing-scanning resource data and the configuration list into a data table and informs the neighbor nodes; and the missed-scanning probe acquires the missed-scanning resource data and the configuration list by sending the interest packet to the NDN node.
In some embodiments, the missing-scan probe updates the scan strategy and the key list according to the configuration list; meanwhile, the configuration list is written into the block chain and is recorded into the configuration block chain information.
According to the embodiment of the disclosure, the accuracy of vulnerability scanning is improved to a certain extent, and the safety and reliability of data are ensured. Meanwhile, the data are converted into data in an NDN format, and the NDN is used for communication transmission, so that the pressure on an IP network is reduced, and the high efficiency of data transmission is realized.
In S104, the missed scanning probe scans the scanned machine for vulnerabilities according to the missed scanning resource data and the configuration list, and confirms whether information obtained by vulnerability scanning is in a key list or not; if the information obtained by the vulnerability scanning is in a key list, storing the information obtained by the vulnerability scanning into a block chain and recording the information into the missing scanning block chain information; and converting the missing scanning block chain information, the configuration block chain information and the information obtained by bug scanning into corresponding NDN data, and handing over to an NDN network for transmission.
In some embodiments, the method further includes, if the information obtained by the vulnerability scanning is not in the key list, directly converting the information obtained by the vulnerability scanning into corresponding NDN data.
In some embodiments, the scanning strategies include scanning range, scanning frequency, and scanning other strategies; the key list comprises a key equipment list, a key vulnerability list and key other information. The missed scanning probe scans the scanned machine for vulnerabilities according to the missed scanning resource data and the configuration list; the scanning range, the scanning frequency and other scanning strategies can enable vulnerability scanning to be more accurate and efficient, and the phenomenon that errors exist between two scanning time periods is effectively prevented. Meanwhile, whether the information obtained by scanning is contained in the key list is confirmed, so that the type, the information and the key degree of the vulnerability can be confirmed more accurately.
According to the embodiment of the disclosure, the efficiency and the accuracy of vulnerability scanning are improved to a certain extent. Meanwhile, information obtained by scanning the loopholes is stored in the block chain and is recorded in the missing scanning block chain information, and the safety and reliability of data can be guaranteed to a certain extent. The obtained information of the missed scanning block chain, the information of the configured block chain and the information obtained by bug scanning are converted into NDN format data and are transferred to an NDN network for transmission, the NDN network can realize automatic reporting, and the acquisition action of the data cannot cause instantaneous high impact flow on the network.
In S105, the missing scan platform sends an interest packet to the NDN network, and acquires the corresponding NDN data.
In some embodiments, the missing scanning platform sends an interest packet to acquire the missing scanning block chain information, the configuration block chain information and the information obtained by bug scanning, so that in the subsequent bug scanning process, the whole policy of bug scanning can be optimized and updated in real time according to the acquired data.
In some embodiments, further comprising: after each NDN node acquires the data, storing the data into a data table of the NDN node, updating an NDN routing table and forwarding the data to a requester; all data are signed by the data producer and the validity period of the data is confirmed according to the configuration.
According to the embodiment of the disclosure, the reported data of each node is based on an encryption algorithm, so that the shadow assets and the non-internal assets are effectively prevented from being checked.
Fig. 2 is a schematic flowchart illustrating an asset vulnerability detection method based on an NDN network according to an embodiment of the present disclosure, where as shown in fig. 2, a leakage-scanning platform requests the NDN network to acquire leakage-scanning resource data; and the missed-scanning platform transmits the missed-scanning resource data and the configuration list to the missed-scanning probe through the NDN. The missed scanning probe scans the scanned machine according to the missed scanning resource data and the configuration list; the configuration list comprises configuration block chain information, a scanning strategy and a key list; the scanning strategy comprises a scanning range, a scanning frequency and other scanning strategies; the key list comprises a key equipment list, a key vulnerability list and key other information. After the missed scanning probe scans the scanned machine, whether information obtained by scanning the vulnerability is contained in a key list is confirmed, if the information obtained by scanning the vulnerability is contained in the key list, the information obtained by scanning the vulnerability is stored in a block chain and is recorded in the missed scanning block chain information; then, converting the information of the missed scanning block chain, the information of the configuration block chain and the information obtained by bug scanning into corresponding NDN data, and transferring the NDN data to an NDN network for transmission; and if the information obtained by vulnerability scanning is not in the key list, directly converting the information obtained by vulnerability scanning into corresponding NDN data. And finally, the missing scanning platform sends an interest packet to the NDN network to acquire corresponding NDN data.
The above is a description of embodiments of the method, and the embodiments of the apparatus are described below to further illustrate the aspects of the disclosure.
Fig. 3 shows a block diagram of an NDN network-based asset vulnerability detection apparatus according to an embodiment of the present disclosure, and as shown in fig. 3, the apparatus 300 includes:
a data request module 301, configured to send a missing-scan resource interest packet to the NDN network by the missing-scan platform to request the missing-scan resource data;
a data confirmation module 302, configured to check a data table of the NDN node itself, and confirm whether the resource data to be missed is present; if the missed-scanning resource data exists, returning the missed-scanning resource data to the missed-scanning platform;
a configuration list sending module 303, configured to send the missing-scan resource data and a configuration list to a missing-scan probe by the missing-scan platform, where the configuration list includes configuration block chain information, a scanning policy, and a key list;
a vulnerability scanning module 304, configured to perform vulnerability scanning on the scanned machine by the miss-scanning probe according to the miss-scanning resource data and the configuration list, and determine whether information obtained by vulnerability scanning is in a key list; if the information obtained by the vulnerability scanning is in a key list, storing the information obtained by the vulnerability scanning into a block chain and recording the information into the missing scanning block chain information; converting the missing scanning block chain information, the configuration block chain information and the information obtained by bug scanning into corresponding NDN data, and transferring the NDN data to an NDN network for transmission;
a data obtaining module 305, configured to send an interest packet to the NDN network by the missed scanning platform, and obtain the corresponding NDN data.
It is noted that while for simplicity of explanation, the foregoing method embodiments have been described as a series of acts or combination of acts, it will be appreciated by those skilled in the art that the present disclosure is not limited by the order of acts, as some steps may, in accordance with the present disclosure, occur in other orders and concurrently. Further, those skilled in the art should also appreciate that the embodiments described in the specification are exemplary embodiments and that acts and modules referred to are not necessarily required by the disclosure.
It can be clearly understood by those skilled in the art that, for convenience and brevity of description, the specific working process of the described module may refer to the corresponding process in the foregoing method embodiment, and is not described herein again.
The present disclosure also provides an electronic device, a readable storage medium, and a computer program product according to embodiments of the present disclosure.
FIG. 4 illustrates a block diagram of an exemplary electronic device capable of implementing embodiments of the present disclosure. Electronic devices are intended to represent various forms of digital computers, such as laptops, desktops, workstations, personal digital assistants, servers, blade servers, mainframes, and other appropriate computers. The electronic device may also represent various forms of mobile devices, such as personal digital processing, cellular phones, smart phones, wearable devices, and other similar computing devices. The components shown herein, their connections and relationships, and their functions, are meant to be examples only, and are not meant to limit implementations of the disclosure described and/or claimed herein.
The electronic device 400 includes a computing unit 401 that can perform various appropriate actions and processes according to a computer program stored in a ROM402 or a computer program loaded from a storage unit 408 into a RAM 403. In the RAM403, various programs and data necessary for the operation of the electronic apparatus 400 can also be stored. The computing unit 401, ROM402, and RAM403 are connected to each other via a bus 404. An I/O interface 405 is also connected to bus 404.
A number of components in the electronic device 400 are connected to the I/O interface 405, including: an input unit 406 such as a keyboard, a mouse, or the like; an output unit 407 such as various types of displays, speakers, and the like; a storage unit 408, such as a magnetic disk, optical disk, or the like; and a communication unit 409 such as a network card, modem, wireless communication transceiver, etc. The communication unit 409 allows the electronic device 400 to exchange information/data with other devices via a computer network, such as the internet, and/or various telecommunication networks.
Computing unit 401 may be a variety of general and/or special purpose processing components with processing and computing capabilities. Some examples of the computing unit 401 include, but are not limited to, a Central Processing Unit (CPU), a Graphics Processing Unit (GPU), various dedicated Artificial Intelligence (AI) computing chips, various computing units running machine learning model algorithms, a Digital Signal Processor (DSP), and any suitable processor, controller, microcontroller, and so forth. The computing unit 401 performs the various methods and processes described above, such as the method 100. For example, in some embodiments, the method 100 may be implemented as a computer software program tangibly embodied in a machine-readable medium, such as the storage unit 408. In some embodiments, part or all of the computer program may be loaded and/or installed onto the electronic device 400 via the ROM402 and/or the communication unit 409. When loaded into RAM403 and executed by computing unit 401, may perform one or more of the steps of method 100 described above. Alternatively, in other embodiments, the computing unit 401 may be configured to perform the method 100 by any other suitable means (e.g., by means of firmware).
Various implementations of the systems and techniques described here above may be implemented in digital electronic circuitry, integrated circuitry, field Programmable Gate Arrays (FPGAs), application Specific Integrated Circuits (ASICs), application Specific Standard Products (ASSPs), system on a chip (SOCs), load programmable logic devices (CPLDs), computer hardware, firmware, software, and/or combinations thereof. These various embodiments may include: implemented in one or more computer programs that are executable and/or interpretable on a programmable system including at least one programmable processor, which may be special or general purpose, receiving data and instructions from, and transmitting data and instructions to, a storage system, at least one input device, and at least one output device.
Program code for implementing the methods of the present disclosure may be written in any combination of one or more programming languages. These program code may be provided to a processor or controller of a general purpose computer, special purpose computer, or other programmable data processing apparatus, such that the program code, when executed by the processor or controller, causes the functions/acts specified in the flowchart and/or block diagram to be performed. The program code may execute entirely on the machine, partly on the machine, as a stand-alone software package partly on the machine and partly on a remote machine or entirely on the remote machine or server.
In the context of this disclosure, a machine-readable medium may be a tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. The machine-readable medium may be a machine-readable signal medium or a machine-readable storage medium. A machine-readable medium may include, but is not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any suitable combination of the foregoing. More specific examples of a machine-readable storage medium would include an electrical connection based on one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing.
To provide for interaction with a user, the systems and techniques described here can be implemented on a computer having: a display device (e.g., a CRT (cathode ray tube) or LCD (liquid crystal display) monitor) for displaying information to a user; and a keyboard and a pointing device (e.g., a mouse or a trackball) by which a user can provide input to the computer. Other kinds of devices may also be used to provide for interaction with a user; for example, feedback provided to the user can be any form of sensory feedback (e.g., visual feedback, auditory feedback, or tactile feedback); and input from the user may be received in any form, including acoustic, speech, or tactile input.
The systems and techniques described here can be implemented in a computing system that includes a back-end component (e.g., as a data server), or that includes a middleware component (e.g., an application server), or that includes a front-end component (e.g., a user computer having a graphical user interface or a web browser through which a user can interact with an implementation of the systems and techniques described here), or any combination of such back-end, middleware, or front-end components. The components of the system can be interconnected by any form or medium of digital data communication (e.g., a communication network). Examples of communication networks include: local Area Networks (LANs), wide Area Networks (WANs), and the Internet.
The computer system may include clients and servers. A client and server are generally remote from each other and typically interact through a communication network. The relationship of client and server arises by virtue of computer programs running on the respective computers and having a client-server relationship to each other. The server may be a cloud server, a server of a distributed system, or a server with a combined blockchain.
It should be understood that various forms of the flows shown above may be used, with steps reordered, added, or deleted. For example, the steps described in the present disclosure may be executed in parallel or sequentially or in different orders, and are not limited herein as long as the desired results of the technical solutions of the present disclosure can be achieved.
The above detailed description should not be construed as limiting the scope of the disclosure. It should be understood by those skilled in the art that various modifications, combinations, sub-combinations and substitutions may be made in accordance with design requirements and other factors. Any modification, equivalent replacement, and improvement made within the spirit and principle of the present disclosure should be included in the protection scope of the present disclosure.

Claims (10)

1. An asset vulnerability detection method based on an NDN (named data networking), which is characterized by comprising the following steps:
the method comprises the steps that a missed-scanning platform sends a missed-scanning resource interest packet to an NDN network and requests missed-scanning resource data;
the NDN node checks a data table of the NDN node and confirms whether the missing scanning resource data exist or not; if the resource data of the missed scan exists, returning the resource data of the missed scan to the missed scan platform;
the missed scanning platform sends the missed scanning resource data and a configuration list to a missed scanning probe, wherein the configuration list comprises configuration block chain information, a scanning strategy and a key list;
the missed scanning probe scans the scanned machine for bugs according to the missed scanning resource data and the configuration list and confirms whether the information obtained by bug scanning is in a key list or not; if the information obtained by the vulnerability scanning is in a key list, storing the information obtained by the vulnerability scanning into a block chain and recording the information into the missing scanning block chain information; converting the missing scanning block chain information, the configuration block chain information and the information obtained by bug scanning into corresponding NDN data, and transferring the NDN data to an NDN network for transmission;
and the missing scanning platform sends an interest packet to the NDN network to acquire the corresponding NDN data.
2. The method of claim 1, further comprising:
if the NDN node does not have the missing scanning resource data, checking whether an NDN routing table has the missing scanning resource data;
if the NDN routing table has the missing scanning resource data, requesting the missing scanning resource data from a corresponding NDN node according to the NDN routing table;
and if the NDN routing table does not have the missing scanning resource data, sending a data interest packet to an adjacent node to acquire the missing scanning resource data.
3. The method of claim 1, further comprising:
and if the information obtained by the vulnerability scanning is not in a key list, directly converting the information obtained by the vulnerability scanning into corresponding NDN data.
4. The method of claim 1, wherein the sending of the missing-scan resource data and configuration list to a missing-scan probe by the missing-scan platform comprises:
the missed-scanning platform converts the missed-scanning resource data and the configuration list into corresponding NDN data and sends the NDN data to the NDN node;
the NDN node stores the missing scanning resource data and the configuration list into a data table and informs the adjacent nodes;
and the missing scanning probe acquires the missing scanning resource data and the configuration list by sending an interest packet to the NDN node.
5. The method of claim 4, further comprising:
the scanning strategy and the key list are updated by the missing scanning probe according to a configuration list; and simultaneously writing the configuration list into a block chain and recording the configuration list into configuration block chain information.
6. The method of claim 5, wherein the scanning strategy comprises: scanning range, scanning frequency, and scanning other strategies;
the key list includes: a list of critical devices, a list of critical vulnerabilities, and critical other information.
7. The method of claim 2, further comprising:
after each NDN node acquires the data, the data are stored in a data table of the NDN node, an NDN routing table is updated, and the data are forwarded to a requester;
all data are signed by the data producer and the validity period of the data is confirmed according to the configuration.
8. An asset vulnerability detection apparatus based on NDN network, the apparatus comprising:
the data request module is used for sending a missing scanning resource interest packet to the NDN by the missing scanning platform to request the missing scanning resource data;
the data confirmation module is used for checking a data table of the NDN node and confirming whether the missing scanning resource data exists or not; if the resource data of the missed scan exists, returning the resource data of the missed scan to the missed scan platform;
the configuration list sending module is used for sending the missing scanning resource data and the configuration list to the missing scanning probe by the missing scanning platform, wherein the configuration list comprises configuration block chain information, a scanning strategy and a key list;
the vulnerability scanning module is used for the leak scanning probe to carry out vulnerability scanning on the scanned machine according to the leak scanning resource data and the configuration list and confirming whether the information obtained by the vulnerability scanning is in the key list; if the information obtained by the vulnerability scanning is in a key list, storing the information obtained by the vulnerability scanning into a block chain and recording the information into the missing scanning block chain information; converting the missing scanning block chain information, the configuration block chain information and the information obtained by bug scanning into corresponding NDN data, and transferring the NDN data to an NDN network for transmission;
and the data acquisition module is used for sending the interest packet to the NDN by the missed-scanning platform to acquire the corresponding NDN data.
9. An electronic device, comprising:
at least one processor;
and a memory communicatively coupled to the at least one processor;
wherein the memory stores instructions executable by the at least one processor to enable the at least one processor to perform the method of any one of claims 1-7.
10. A non-transitory computer readable storage medium storing computer instructions, wherein,
the computer instructions are for causing the computer to perform the method of any one of claims 1-7.
CN202211643719.8A 2022-12-20 2022-12-20 Asset vulnerability detection method, device and equipment based on NDN (named data networking) Pending CN115987613A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202211643719.8A CN115987613A (en) 2022-12-20 2022-12-20 Asset vulnerability detection method, device and equipment based on NDN (named data networking)

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202211643719.8A CN115987613A (en) 2022-12-20 2022-12-20 Asset vulnerability detection method, device and equipment based on NDN (named data networking)

Publications (1)

Publication Number Publication Date
CN115987613A true CN115987613A (en) 2023-04-18

Family

ID=85960455

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202211643719.8A Pending CN115987613A (en) 2022-12-20 2022-12-20 Asset vulnerability detection method, device and equipment based on NDN (named data networking)

Country Status (1)

Country Link
CN (1) CN115987613A (en)

Similar Documents

Publication Publication Date Title
US20160036848A1 (en) Intercloud security as a service
CN104219316A (en) Method and device for processing call request in distributed system
US9535949B2 (en) Dynamic rules to optimize common information model queries
US10630589B2 (en) Resource management system
CN113259479B (en) Data processing method and equipment
CN112905537B (en) File processing method and device, electronic equipment and storage medium
US20100293257A1 (en) Actively updating clients with selected data
Alfano et al. A meta-argumentation approach for the efficient computation of stable and preferred extensions in dynamic bipolar argumentation frameworks
CN113965508B (en) Dual path data transmission method, electronic device, and computer-readable storage medium
CN105607606B (en) A kind of data acquisition device and method based on double mainboard frameworks
TW201606530A (en) Methods for accessing big data and systems using the same
CN115987613A (en) Asset vulnerability detection method, device and equipment based on NDN (named data networking)
US9548925B2 (en) Evaluating the reliability of deterioration-effect multi-state flow network system and method thereof
US10904746B2 (en) Implementation method, apparatus and system for remote access
US10135916B1 (en) Integration of service scaling and external health checking systems
CN115514718B (en) Data interaction method, control layer and equipment based on data transmission system
CN111373377A (en) Error handling
CN112559233B (en) Method, device, equipment and computer readable medium for identifying fault type
CN114793244A (en) Resource processing method, device, equipment and medium for block chain
CN114706774A (en) Interface test method, device, equipment and storage medium
US20140297636A1 (en) Information processing technique for configuration management database
CN113595870B (en) Push message processing method and device, electronic equipment and storage medium
KR102609300B1 (en) Management system and method for sbom using blockchain
CN116996481B (en) Live broadcast data acquisition method and device, electronic equipment and storage medium
CN114416414B (en) Fault information positioning method, device, equipment and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination