CN107273751A - Security breaches based on multi-mode matching find method online - Google Patents
Security breaches based on multi-mode matching find method online Download PDFInfo
- Publication number
- CN107273751A CN107273751A CN201710474061.5A CN201710474061A CN107273751A CN 107273751 A CN107273751 A CN 107273751A CN 201710474061 A CN201710474061 A CN 201710474061A CN 107273751 A CN107273751 A CN 107273751A
- Authority
- CN
- China
- Prior art keywords
- leak
- vulnerability
- software
- information
- under testing
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/566—Dynamic detection, i.e. detection performed at run-time, e.g. emulation, suspicious activities
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
Abstract
Method is found online the present invention relates to a kind of security breaches based on multi-mode matching, belongs to technical field of network security.The invention has the advantages that:It is comprehensive:The present invention has the ability found online to the synthesis of known bugs and unknown leak, it is known that found in terms of leak by software version characteristic matching and leak matching way, is found online by leak pattern match in terms of unknown leak.Accuracy:The present invention improves the online ability of discovery of known bugs and unknown leak by multi-mode matching mode.In terms of known bugs, carry out carrying out leak positioning with leak pattern-matching rule in terms of integrating leak discovery, unknown leak with reference to version feature matching and plug-in unit scan mode, accurately find leak with reference to the generation of fuzzy use-case, improve the discovery degree of accuracy.
Description
Technical field
The present invention relates to technical field of network security, and in particular to a kind of security breaches based on multi-mode matching are sent out online
Existing method.
Background technology
In recent years, with the extensive use developed rapidly with internet of computer technology, information technology is more and more deep
To the various aspects of people's daily life, as most important part in people's daily life.Network brings huge change to society
While leather and development, very severe security threat is also suffered from, network, the security breaches of application turn into restriction network hair
Exhibition, the key factor of influence social development.
The threat of information system is all using the security breaches of target as break-through point.Information system security leak producing cause has
It is a variety of, awareness of safety weakness, Safety skill deficiency that may be due to developer itself, or system security framework existing defects,
Safety problem may also be caused due to the intentional or unintentional operation of internal staff.The important method of security improvement is carried out just to system
It is research safety leak discovery technique.
Security breaches find to include the excavation and the identification of known bugs to unknown leak.Unknown bug excavation technology refers to logical
Cross artificial or aid and analysis test is carried out to target, object run flow, parameter transmission, execution logic etc. are dug
Pick, understands the characteristics of internal system is likely to result in security breaches.For known bugs, typically pass through Hole Detection scripts match
Mode recognizes security breaches present in goal systems.
Traditional security breaches digging technology mainly includes Static Analysis Technology and dynamic analysis technology.Static Analysis Technology
By analysis software program code morphology, grammer and static semantic, potential leak, Static Analysis Method present in detection program
Mainly there are following several detection methods:
1) model inspection.Model inspection is a kind of method for the concurrent system for verifying finite state, and basic thought is to having
System structural regime machine or digraph of limit state etc. take out model, then model is traveled through to verify a certain of system
Property.
2) semiology analysis.Semiology analysis is that a kind of symbolism defines data, and provides symbolic formulation per paths for program
Mode, to particular path incoming symbol, through handling output symbol, thus determining program behavior whether mistake, reach analysis mistake
Purpose.
3) type inference.Type inference can be selected suitable operation, according to circumstances determined necessary with inspect-type mistake
Type is changed.
4) data-flow analysis.Data-flow analysis is the semantic information of collection procedure and the side for passing through algebraically from program code
Method determines the definition of variable in compiling and used.
5) about beam analysis.About program analysis process is divided into constraint and produced and two stages of constraint solving by beam analysis, the former
Using the constrained system that generation rule is set up between types of variables or analysis state is constrained, the latter is asked using constrained system
Solution.
Dynamic analysis technology using test case as input, by running executable file, and by program run it is defeated
Go out to find the process of bugs.
However, existing software vulnerability discovery technique independently can not accurately search leak positioning with certain monotechnics,
Fail to report or report by mistake in the presence of higher.Therefore, a kind of high security breaches of efficient, degree of accuracy are designed and find method, becomes and urgently solves
Technical problem certainly.
The content of the invention
(1) technical problem to be solved
The technical problem to be solved in the present invention is:How to design a kind of high security breaches of efficient, degree of accuracy and find method.
(2) technical scheme
In order to solve the above-mentioned technical problem, found online the invention provides a kind of security breaches based on multi-mode matching
Method, comprises the following steps:
Step 1:Judge whether software under testing target is existing, be to go to step 2, it is no to go to step 3;
Step 2:On the one hand, the version feature value of software under testing target is detected, software version pattern match, matching leakage is carried out
Known bugs in cave depot;On the other hand, vulnerability scanning detection is carried out using vulnerability scanning plug-in unit match triggers rule, updates leakage
Cave depot;
Step 3:The non-existent software under testing target of typing, analyzes the source code or binary file of software under testing target,
Leak is positioned by leak pattern-matching rule, bug excavation point is carried out for type input data with reference to fuzz testing technical construction
Analysis.
Preferably, step 1 is specifically included:
Step 1.1:The finger print information of software under testing target is checked, software version information is obtained.
Step 1.2:Software library is searched, whether analysis software under testing target is existing.
Preferably, step 2 is specifically included:
Step 2.1:Corresponding vulnerability database is inquired about by the version feature value of software under testing target, the version software pair is matched
The known bugs answered are found online;
Step 2.2:The finger print information obtained according to step 1.1, is scanned analysis:According to the fingerprint of software under testing target
Information loads vulnerability scanning plugin library, calculates the digital signature of vulnerability scanning plug-in unit in vulnerability scanning plugin library, matching certificates row
Whether table, checking vulnerability scanning plug-in unit is legal, and performs legal vulnerability scanning plug-in unit, according to returning that vulnerability scanning plug-in unit is performed
Breath of writing in reply is judged, exports vulnerability information when the triggering that vulnerability scanning plug-in unit hits leak is regular, the leakage that scanning is obtained
Duplicate removal is compared in information vulnerability database corresponding with existing software version in hole, and newly-increased vulnerability information is recorded into content according to vulnerability database
Field is saved in vulnerability database after extracting;The vulnerability information includes leak pattern, leak positional information and triggering path;
Step 2.1 can be performed simultaneously with step 2.2, can also sequentially be performed, and can sequentially be exchanged;
Step 2.3:The unknown leak of existing Software match is such as found, then is associated vulnerability information with existing software.
Preferably, step 3 is specifically included:
Step 3.1:To the software under testing target being not present in after inquiry in software library, by its Data Enter software library,
And it is corresponding with the vulnerability information progress in vulnerability database, dbase, version and company-information are have recorded in software library;
Step 3.2:The leak pattern in leak pattern base is analyzed, leak is positioned according to leak pattern-matching rule;
Step 3.3:Behind step 3.2 positioning vulnerability information position, according to leak positional information and leak type, pin is constructed
Lopsided use-case to property simultaneously injects software under testing target, to trigger security breaches and verify leak, will trigger successfully and verifies logical
The security breaches crossed according to the vulnerability database record content field recorded, deposit vulnerability database and with software under testing target and its
Version is corresponding.
Preferably, step 3.2 is specifically included:
3.2.1, the source code or binary file of scanning software under testing target, finder entrance;
3.2.2 analysis, is scanned to the function body call relation of software object to be measured, entered according to the difference of statement type
Row specific aim is analyzed, i.e., use to function, redirect logic, branch statement, program execution order and analyze;The sentence class
Type includes function call sentence, branch statement, order and performs sentence;
3.2.3, matched one by one with the leak pattern in leak pattern base according to program execution order, and to matching into
The program part of work(enters row constraint detection, that is, checks the path for determining triggering leak;
3.2.4, under the premise of pattern match and schema constraint are all successful, vulnerability information is exported.(3) beneficial effect
The invention has the advantages that:
It is comprehensive:The present invention has the ability found online to the synthesis of known bugs and unknown leak, it is known that leak side
Face is found by software version characteristic matching and leak matching way, is carried out in terms of unknown leak by leak pattern match
It is online to find.
Accuracy:The present invention improves the online ability of discovery of known bugs and unknown leak by multi-mode matching mode.
In terms of known bugs, carry out using in terms of integrating leak discovery, unknown leak with reference to version feature matching and plug-in unit scan mode
Leak pattern-matching rule carries out leak positioning, with reference to the accurate discovery leak of fuzzy use-case generation, improves the discovery degree of accuracy.
Brief description of the drawings
Fig. 1 has found the block diagram of system for the multi-mode matching leak of the present invention;
Fig. 2 has found method flow diagram online for the security breaches based on multi-mode matching of the present invention;
Fig. 3 for the present invention system in vulnerability scanning engine scanning process figure;
Fig. 4 for the present invention method in unknown leak find carry out pattern match flow chart.
Embodiment
To make the purpose of the present invention, content and advantage clearer, with reference to the accompanying drawings and examples, to the present invention's
Embodiment is described in further detail.
Present invention research finds method based on leak, on the basis of static analysis, dynamic analysis technology is fully used for reference, adopts
Unknown security breaches discovery is carried out with pattern matching mode, on the basis of static analysis, with reference to dynamic fuzzy test, leak is improved
It was found that efficiency.Meanwhile, security breaches proposed by the present invention find that method adds the discovery towards known bugs, enhance safety
Leak finds efficiency.
Discovery method of the present invention uses software version towards known bugs and unknown leak for known bugs
Leak discovery is carried out with module combination scan matching module, is combined and used using the file analysis of leak pattern match for unknown leak
Example injection carries out leak discovery.
The corresponding multi-mode matching leak of method that Fig. 1 is the present invention finds systemic-function composition frame chart, and the system includes
Software comparing module, vulnerability scanning engine, file analysis engine, use-case injection module, software version storehouse, vulnerability database, scanning are inserted
Part storehouse, leak pattern base etc..
A kind of security breaches based on multi-mode matching that the present invention is provided find flow chart such as Fig. 2 institutes of method online
Show, specifically include following steps:
Step 1:Judge whether software under testing target is existing, be to go to step 2, it is no to go to step 3.
Step 1.1:The finger print information of software under testing target is checked, software version information is obtained.
Step 1.2:Software library is searched, whether analysis software under testing target is existing.
Step 2:On the one hand, the version feature value of software under testing target is detected, software version pattern match, matching leakage is carried out
Known bugs in cave depot;On the other hand, vulnerability scanning detection is carried out using vulnerability scanning plug-in unit match triggers rule, updates leakage
Cave depot.
Step 2.1:Vulnerability database is inquired about by the version feature value of software under testing target, the version software is matched corresponding
Know that leak is found online.
Step 2.2:The finger print information obtained according to step 1.1, calls vulnerability scanning engine to be scanned analysis.
It is the leak engine workflow figure being related in invention as shown in Figure 3, i.e. step 2.2 is specially:Vulnerability scanning draws
Hold up and vulnerability scanning plugin library is loaded according to the finger print information of software under testing target, calculate vulnerability scanning in vulnerability scanning plugin library and insert
Whether the digital signature of part, matching certificates list, checking vulnerability scanning plug-in unit is legal, and performs legal vulnerability scanning plug-in unit,
Judged according to the return information that vulnerability scanning plug-in unit is performed, exported when the triggering that vulnerability scanning plug-in unit hits leak is regular
Vulnerability information.Obtained vulnerability information vulnerability database corresponding with existing software version will be scanned by software comparing module to be compared
To duplicate removal, vulnerability database is saved in after newly-increased vulnerability information is extracted according to vulnerability database record content field.
Vulnerability database record content field is as shown in table 1.
The vulnerability database of table 1 records content field
Title | Content |
Leak is identified | The unique number of leak, it is consistent with CVE vulnerability databases |
Leak type | Identify leak type |
Carrier information | Record the software information belonging to leak |
Running environment | There is the system platform and corresponding operating system version of leak |
Port information | The port used during long-range invasion |
Fragility function | There is the function of leak |
Vulnerability parameter | Trigger the specific function parameter of leak |
Step 2.1 can be performed simultaneously with step 2.2, can also sequentially be performed, and can sequentially be exchanged.
Step 2.3:The unknown leak of existing Software match is such as found, then is associated vulnerability information with existing software.
Step 3:The non-existent software under testing target of typing, analyzes the source code or binary file of software under testing target,
Leak is positioned by leak pattern-matching rule, bug excavation point is carried out for type input data with reference to fuzz testing technical construction
Analysis.
Step 3.1:To the software under testing target being not present in after inquiry in software library, by its Data Enter software library.
The information such as dbase, version, producer are have recorded in software library, and it is corresponding with the vulnerability information progress in vulnerability database.
Step 3.2:File analysis engine is called, leak pattern base Study document is operated, according to leak pattern-matching rule
Position leak.
The characteristics of leak pattern stored in leak pattern base is referred to by analyzing all kinds of leaks, the generation for summarizing leak is former
Cause and formation mechenism, based on Static Detection, the vulnerability model formed by formalized description.Leak pattern can be reasonably
Dependence between the different attribute and each attribute of each leak is described.By taking Window as an example, leak pattern is detected
It is generally not the complete execution flow of whole operation system, but the execution flow in software under testing target.
Such as the leak pattern match flow that Fig. 4 is step 3.2.
3.2.1 the source code or binary file of software under testing target, finder entrance are scanned;
3.2.2 analysis is scanned to the function body call relation of software object to be measured, according to statement type (function call
Sentence, branch statement, order perform sentence) it is different carry out specific aim analyses, use to function, redirect logic, branch's language
Sentence, program execution order etc. are analyzed;
3.2.3 matched one by one with the leak pattern in leak pattern base according to program execution order, and to matching into
The program part of work(enters row constraint detection, that is, checks the path for determining triggering leak;The program that the match is successful is not processed;
3.2.4 under the premise of pattern match and schema constraint are all successful, vulnerability information, vulnerability information bag are exported to user
Include leak pattern, leak positional information, triggering path etc.;The unsuccessful program of schema constraint is not processed;
3.2.5 follow-up source code is continued to scan on, untill without new sentence or entrance.
Step 3.3:Behind step 3.2 positioning vulnerability information position, according to leak positional information and leak type, by using
Example injection module constructs targetedly lopsided use-case and injects software under testing target, to trigger security breaches and verify leak, from
And improve the accuracy rate of leak pattern match.The leakage that the security breaches that successfully and are verified illustrate according to step 2.2 will be triggered
Cave depot record content field is recorded, and is stored in vulnerability database and corresponding with software under testing target and its version.
Described above is only the preferred embodiment of the present invention, it is noted that for the ordinary skill people of the art
For member, without departing from the technical principles of the invention, some improvement and deformation can also be made, these improve and deformed
Also it should be regarded as protection scope of the present invention.
Claims (6)
1. a kind of security breaches based on multi-mode matching find method online, it is characterised in that comprise the following steps:
Step 1:Judge whether software under testing target is existing, be to go to step 2, it is no to go to step 3;
Step 2:On the one hand, the version feature value of software under testing target is detected, software version pattern match is carried out, vulnerability database is matched
In known bugs;On the other hand, vulnerability scanning detection is carried out using vulnerability scanning plug-in unit match triggers rule, updates leak
Storehouse;
Step 3:The non-existent software under testing target of typing, analyzes the source code or binary file of software under testing target, passes through
Leak pattern-matching rule positions leak, and bug excavation analysis is carried out for type input data with reference to fuzz testing technical construction.
2. the method as described in claim 1, it is characterised in that step 1 is specifically included:
Step 1.1:The finger print information of software under testing target is checked, software version information is obtained.
Step 1.2:Software library is searched, whether analysis software under testing target is existing.
3. method as claimed in claim 2, it is characterised in that step 2 is specifically included:
Step 2.1:Corresponding vulnerability database is inquired about by the version feature value of software under testing target, the version software is matched corresponding
Known bugs are found online;
Step 2.2:The finger print information obtained according to step 1.1, is scanned analysis:According to the finger print information of software under testing target
Vulnerability scanning plugin library is loaded, the digital signature of vulnerability scanning plug-in unit in vulnerability scanning plugin library is calculated, matching certificates list is tested
Whether legal demonstrate,prove vulnerability scanning plug-in unit, and perform legal vulnerability scanning plug-in unit, the return performed according to vulnerability scanning plug-in unit is believed
Breath is judged, exports vulnerability information when the triggering that vulnerability scanning plug-in unit hits leak is regular, the leak that scanning is obtained is believed
Duplicate removal is compared in breath vulnerability database corresponding with existing software version, and newly-increased vulnerability information is recorded into content field according to vulnerability database
Vulnerability database is saved in after extraction;The vulnerability information includes leak pattern, leak positional information and triggering path;
Step 2.1 can be performed simultaneously with step 2.2, can also sequentially be performed, and can sequentially be exchanged;
Step 2.3:The unknown leak of existing Software match is such as found, then is associated vulnerability information with existing software.
4. method as claimed in claim 3, it is characterised in that step 3 is specifically included:
Step 3.1:To the software under testing target being not present in after inquiry in software library, by its Data Enter software library, and with
Vulnerability information in vulnerability database is corresponded to, and dbase, version and company-information are have recorded in software library;
Step 3.2:The leak pattern in leak pattern base is analyzed, leak is positioned according to leak pattern-matching rule;
Step 3.3:Behind step 3.2 positioning vulnerability information position, according to leak positional information and leak type, specific aim is constructed
Lopsided use-case and inject software under testing target, to trigger security breaches and verify leak, will trigger successfully and be verified
Security breaches according to the vulnerability database record content field recorded, deposit vulnerability database and with software under testing target and its version
It is corresponding.
5. method as claimed in claim 4, it is characterised in that step 3.2 is specifically included:
3.2.1, the source code or binary file of scanning software under testing target, finder entrance;
3.2.2 analysis, is scanned to the function body call relation of software object to be measured, the hand-manipulating of needle is entered according to the difference of statement type
Property is analyzed, i.e., use to function, redirects logic, branch statement, program execution order and analyzes;The statement type bag
Include function call sentence, branch statement, order and perform sentence;
3.2.3, matched one by one with the leak pattern in leak pattern base according to program execution order, and to the match is successful
Program part enters row constraint detection, that is, checks the path for determining triggering leak;
3.2.4, under the premise of pattern match and schema constraint are all successful, vulnerability information is exported.
6. method as claimed in claim 3, it is characterised in that the vulnerability database record content field is table 1:
The vulnerability database of table 1 records content field
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710474061.5A CN107273751B (en) | 2017-06-21 | 2017-06-21 | Multi-mode matching-based security vulnerability online discovery method |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710474061.5A CN107273751B (en) | 2017-06-21 | 2017-06-21 | Multi-mode matching-based security vulnerability online discovery method |
Publications (2)
Publication Number | Publication Date |
---|---|
CN107273751A true CN107273751A (en) | 2017-10-20 |
CN107273751B CN107273751B (en) | 2020-06-02 |
Family
ID=60067866
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201710474061.5A Active CN107273751B (en) | 2017-06-21 | 2017-06-21 | Multi-mode matching-based security vulnerability online discovery method |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN107273751B (en) |
Cited By (19)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108830087A (en) * | 2018-07-06 | 2018-11-16 | 北京知道创宇信息技术有限公司 | security patch management method and device |
CN109375945A (en) * | 2018-08-28 | 2019-02-22 | 中国人民解放军国防科技大学 | Firmware version detection method and vulnerability repair rate evaluation method for Internet of things equipment |
CN109714371A (en) * | 2019-03-12 | 2019-05-03 | 国网新疆电力有限公司电力科学研究院 | A kind of industry control network safety detecting system |
CN109766697A (en) * | 2018-12-29 | 2019-05-17 | 武汉烽火技术服务有限公司 | Vulnerability scanning method, storage medium, equipment and system applied to linux system |
CN109818972A (en) * | 2019-03-12 | 2019-05-28 | 国网新疆电力有限公司电力科学研究院 | A kind of industrial control system information security management method, device and electronic equipment |
WO2019104918A1 (en) * | 2017-11-29 | 2019-06-06 | 平安科技(深圳)有限公司 | Automatic test report management method and apparatus, device and storage medium |
CN109918913A (en) * | 2019-03-12 | 2019-06-21 | 国网新疆电力有限公司电力科学研究院 | A kind of leak detection method and device |
CN109933990A (en) * | 2019-03-12 | 2019-06-25 | 国网新疆电力有限公司电力科学研究院 | Security breaches discovery method, apparatus and electronic equipment based on multi-mode matching |
CN109936576A (en) * | 2019-03-12 | 2019-06-25 | 国网新疆电力有限公司电力科学研究院 | A kind of vulnerability mining device |
CN110489973A (en) * | 2019-08-06 | 2019-11-22 | 广州大学 | A kind of intelligent contract leak detection method, device and storage medium based on Fuzz |
CN111008376A (en) * | 2019-12-09 | 2020-04-14 | 国网山东省电力公司电力科学研究院 | Mobile application source code safety audit system based on code dynamic analysis |
CN111290935A (en) * | 2018-12-06 | 2020-06-16 | 中国移动通信集团辽宁有限公司 | Application program APP detection method, device, equipment and medium |
CN111488580A (en) * | 2020-03-25 | 2020-08-04 | 杭州迪普科技股份有限公司 | Potential safety hazard detection method and device, electronic equipment and computer readable medium |
CN111935121A (en) * | 2020-07-31 | 2020-11-13 | 北京天融信网络安全技术有限公司 | Vulnerability reporting method and device |
CN112632559A (en) * | 2020-12-24 | 2021-04-09 | 北京天融信网络安全技术有限公司 | Vulnerability automatic verification method, device, equipment and storage medium |
CN112651028A (en) * | 2021-01-05 | 2021-04-13 | 西安工业大学 | Vulnerability code clone detection method based on context semantics and patch verification |
CN112800423A (en) * | 2021-01-26 | 2021-05-14 | 北京航空航天大学 | Binary code authorization vulnerability detection method |
CN113312631A (en) * | 2021-06-11 | 2021-08-27 | 杭州安恒信息安全技术有限公司 | Vulnerability detection method and related device |
CN116502240A (en) * | 2023-06-29 | 2023-07-28 | 北华航天工业学院 | Traceability analysis method for security hole of application software |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103065095A (en) * | 2013-01-29 | 2013-04-24 | 四川大学 | WEB vulnerability scanning method and vulnerability scanner based on fingerprint recognition technology |
CN103632100A (en) * | 2013-11-08 | 2014-03-12 | 北京奇虎科技有限公司 | Method and device for detecting website bugs |
CN105095769A (en) * | 2015-08-28 | 2015-11-25 | 中国航天科工集团第二研究院七〇六所 | Information service software vulnerability detection method |
US20160014148A1 (en) * | 2014-07-10 | 2016-01-14 | Soteria Systems Llc | Web anomaly detection apparatus and method |
-
2017
- 2017-06-21 CN CN201710474061.5A patent/CN107273751B/en active Active
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103065095A (en) * | 2013-01-29 | 2013-04-24 | 四川大学 | WEB vulnerability scanning method and vulnerability scanner based on fingerprint recognition technology |
CN103632100A (en) * | 2013-11-08 | 2014-03-12 | 北京奇虎科技有限公司 | Method and device for detecting website bugs |
US20160014148A1 (en) * | 2014-07-10 | 2016-01-14 | Soteria Systems Llc | Web anomaly detection apparatus and method |
CN105095769A (en) * | 2015-08-28 | 2015-11-25 | 中国航天科工集团第二研究院七〇六所 | Information service software vulnerability detection method |
Non-Patent Citations (2)
Title |
---|
李学仁: "《军用软件质量管理学》", 31 December 2012 * |
缪旭东: "基于模式匹配的安全漏洞检测方法", 《计算机科学》 * |
Cited By (26)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2019104918A1 (en) * | 2017-11-29 | 2019-06-06 | 平安科技(深圳)有限公司 | Automatic test report management method and apparatus, device and storage medium |
CN108830087A (en) * | 2018-07-06 | 2018-11-16 | 北京知道创宇信息技术有限公司 | security patch management method and device |
CN109375945A (en) * | 2018-08-28 | 2019-02-22 | 中国人民解放军国防科技大学 | Firmware version detection method and vulnerability repair rate evaluation method for Internet of things equipment |
CN109375945B (en) * | 2018-08-28 | 2022-04-12 | 中国人民解放军国防科技大学 | Firmware version detection method and vulnerability repair rate evaluation method for Internet of things equipment |
CN111290935A (en) * | 2018-12-06 | 2020-06-16 | 中国移动通信集团辽宁有限公司 | Application program APP detection method, device, equipment and medium |
CN109766697A (en) * | 2018-12-29 | 2019-05-17 | 武汉烽火技术服务有限公司 | Vulnerability scanning method, storage medium, equipment and system applied to linux system |
CN109818972B (en) * | 2019-03-12 | 2021-07-09 | 国网新疆电力有限公司电力科学研究院 | Information security management method and device for industrial control system and electronic equipment |
CN109936576A (en) * | 2019-03-12 | 2019-06-25 | 国网新疆电力有限公司电力科学研究院 | A kind of vulnerability mining device |
CN109918913A (en) * | 2019-03-12 | 2019-06-21 | 国网新疆电力有限公司电力科学研究院 | A kind of leak detection method and device |
CN109933990B (en) * | 2019-03-12 | 2020-12-29 | 国网新疆电力有限公司电力科学研究院 | Multi-mode matching-based security vulnerability discovery method and device and electronic equipment |
CN109933990A (en) * | 2019-03-12 | 2019-06-25 | 国网新疆电力有限公司电力科学研究院 | Security breaches discovery method, apparatus and electronic equipment based on multi-mode matching |
CN109714371A (en) * | 2019-03-12 | 2019-05-03 | 国网新疆电力有限公司电力科学研究院 | A kind of industry control network safety detecting system |
CN109818972A (en) * | 2019-03-12 | 2019-05-28 | 国网新疆电力有限公司电力科学研究院 | A kind of industrial control system information security management method, device and electronic equipment |
CN110489973A (en) * | 2019-08-06 | 2019-11-22 | 广州大学 | A kind of intelligent contract leak detection method, device and storage medium based on Fuzz |
CN111008376B (en) * | 2019-12-09 | 2021-11-05 | 国网山东省电力公司电力科学研究院 | Mobile application source code safety audit system based on code dynamic analysis |
CN111008376A (en) * | 2019-12-09 | 2020-04-14 | 国网山东省电力公司电力科学研究院 | Mobile application source code safety audit system based on code dynamic analysis |
CN111488580A (en) * | 2020-03-25 | 2020-08-04 | 杭州迪普科技股份有限公司 | Potential safety hazard detection method and device, electronic equipment and computer readable medium |
CN111935121A (en) * | 2020-07-31 | 2020-11-13 | 北京天融信网络安全技术有限公司 | Vulnerability reporting method and device |
CN111935121B (en) * | 2020-07-31 | 2022-04-26 | 北京天融信网络安全技术有限公司 | Vulnerability reporting method and device |
CN112632559A (en) * | 2020-12-24 | 2021-04-09 | 北京天融信网络安全技术有限公司 | Vulnerability automatic verification method, device, equipment and storage medium |
CN112651028A (en) * | 2021-01-05 | 2021-04-13 | 西安工业大学 | Vulnerability code clone detection method based on context semantics and patch verification |
CN112800423A (en) * | 2021-01-26 | 2021-05-14 | 北京航空航天大学 | Binary code authorization vulnerability detection method |
CN112800423B (en) * | 2021-01-26 | 2022-10-11 | 北京航空航天大学 | Binary code authorization vulnerability detection method |
CN113312631A (en) * | 2021-06-11 | 2021-08-27 | 杭州安恒信息安全技术有限公司 | Vulnerability detection method and related device |
CN116502240A (en) * | 2023-06-29 | 2023-07-28 | 北华航天工业学院 | Traceability analysis method for security hole of application software |
CN116502240B (en) * | 2023-06-29 | 2023-09-05 | 北华航天工业学院 | Traceability analysis method for security hole of application software |
Also Published As
Publication number | Publication date |
---|---|
CN107273751B (en) | 2020-06-02 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN107273751A (en) | Security breaches based on multi-mode matching find method online | |
CN109697162B (en) | Software defect automatic detection method based on open source code library | |
US10198580B2 (en) | Behavior specification, finding main, and call graph visualizations | |
Junjin | An approach for SQL injection vulnerability detection | |
CN102339252B (en) | Static state detecting system based on XML (Extensive Makeup Language) middle model and defect mode matching | |
CN110266669A (en) | A kind of Java Web frame loophole attacks the method and system of general detection and positioning | |
CN111460450B (en) | Source code vulnerability detection method based on graph convolution network | |
Juergens et al. | Code similarities beyond copy & paste | |
CN105787367B (en) | A kind of the patch safety detecting method and system of software upgrading | |
Siddiq et al. | An empirical study of code smells in transformer-based code generation techniques | |
CN104021084A (en) | Method and device for detecting defects of Java source codes | |
CN108521392B (en) | Bidirectional flow SQL injection attack detection method | |
CN106295338A (en) | A kind of SQL leak detection method based on artificial neural network | |
KR101640479B1 (en) | Software vulnerability attack behavior analysis system based on the source code | |
CN112733156A (en) | Intelligent software vulnerability detection method, system and medium based on code attribute graph | |
CN116405246A (en) | Vulnerability exploitation chain construction technology based on attack and defense combination | |
CN113326187A (en) | Data-driven intelligent detection method and system for memory leakage | |
CN105045715A (en) | Programming mode and mode matching based bug clustering method | |
CN116383833A (en) | Method and device for testing software program code, electronic equipment and storage medium | |
CN116578980A (en) | Code analysis method and device based on neural network and electronic equipment | |
CN105487983A (en) | Sensitive point approximation method based on intelligent route guidance | |
Suneja et al. | Towards reliable ai for source code understanding | |
CN116975881A (en) | LLVM (LLVM) -based vulnerability fine-granularity positioning method | |
CN113722721B (en) | Value dependency graph-based source library mode Java security vulnerability detection method | |
CN115438341A (en) | Method and device for extracting code loop counter, storage medium and electronic equipment |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |