CN107277063A - Method of testing is judged based on vulnerability scanning precision - Google Patents
Method of testing is judged based on vulnerability scanning precision Download PDFInfo
- Publication number
- CN107277063A CN107277063A CN201710676976.4A CN201710676976A CN107277063A CN 107277063 A CN107277063 A CN 107277063A CN 201710676976 A CN201710676976 A CN 201710676976A CN 107277063 A CN107277063 A CN 107277063A
- Authority
- CN
- China
- Prior art keywords
- leak
- vulnerability scanning
- title
- module
- vulnerability
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/554—Detecting local intrusion or implementing counter-measures involving event detection and direct action
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- General Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Signal Processing (AREA)
- Computer Networks & Wireless Communication (AREA)
- Computing Systems (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
- Stored Programmes (AREA)
Abstract
Method of testing is judged based on vulnerability scanning precision the invention discloses one kind, the parallel scan of a variety of open source softwares, and independent research drain sweep is carried out, passes through unified vulnerability title, carry out rescan.Due to the scanning of multibeam scanner, repeated detection is done to same leak, drain sweep is effectively avoided;Judged by using same Vulnerability Name as mark, rescan is carried out from the different characteristic of leak, to the probability that springs a leak, solve wrong report well, the friendly title there is provided the third party's instrument that can be detected, reduces the workload of penetration testing personnel simultaneously, and specific aim is stronger.
Description
Technical field
The present invention relates to technical field of network security, and in particular to one kind judges method of testing based on vulnerability scanning precision.
Background technology
Website vulnerability scanning product, all there is a possibility that drain sweep and wrong report.Because carry out network sweep when
Wait, may due to the obstructed of network or other etc. reason, cause to give out a contract for a project fall short server or returned data exceed
Time delay is abandoned, and result in the drain sweep of leak, while also because some vulnerability scanning modes are discriminated by the feature to leak
Do not judge, the leak feature of different scanner selections is different, if single scan mode, it is more likely that safety
Website quotes security breaches.
The content of the invention
Method of testing is judged based on vulnerability scanning precision there is provided one kind instant invention overcomes the deficiencies in the prior art, is used for
Solve the leak drain sweep occurred in traditional drain sweep tool scans, the technical problem such as wrong report.
In view of the above mentioned problem of prior art, according to one side disclosed by the invention, the present invention uses following technology
Scheme:
One kind judges method of testing based on vulnerability scanning precision, including:
The module or plug-in unit of integrated a variety of scannings of increasing income, concurrent scan is carried out to leak;And it is concurrent from being carried out to leak
Leak title is obtained in the disparate modules of scanning;
The leak title of acquisition is stored in database;
Call and possess the corresponding vulnerability scanning ability of the leak title and do not scan the module of the leak or insert
Part carries out rescan;
Rescan result is collected, the probability that leak is present is calculated.
In order to which the present invention is better achieved, further technical scheme is:
According to one embodiment of the invention, the module or plug-in unit include independent research plug-in unit, metasploit,
W3af, openvas, small-sized Open Framework or script.
According to one embodiment of the invention, in addition to:
The probability existed in front end feedback user leak.
According to one embodiment of the invention, in addition to:
The module of increasing income that can be detected to user feedback.
Compared with prior art, one of beneficial effects of the present invention are:
One kind of the present invention judges method of testing based on vulnerability scanning precision, has:
1st, a variety of Open-Source Tools concurrent scans, effectively prevent drain sweep;
2nd, other are carried out to the leak title scanned and does not scan the module that the leak is provided simultaneously with the scan capability
For scanning, accuracy rate can be improved, is provided in the presence of the leak probability, be prevented effectively from leak wrong report;
3rd, illustrate and permeate successfully module name, personnel point out to penetration testing, improve either scans' efficiency.
Brief description of the drawings
, below will be to embodiment for clearer explanation present specification embodiment or technical scheme of the prior art
Or the accompanying drawing used required in the description of prior art is briefly described, it should be apparent that, drawings in the following description are only
It is the reference to the embodiment of some in present specification, for those skilled in the art, is not paying creative work
In the case of, other accompanying drawings can also be obtained according to these accompanying drawings.
Fig. 1 is database Vulnerability Name and the corresponding table for correspondingly possessing detection functional module.
Fig. 2 is the corresponding table that scanning result is stored in database.
Fig. 3 be selection table 2 in exist TRUE leak title corresponding table.
Embodiment
The present invention is described in further detail with reference to embodiment, but the implementation of the present invention is not limited to this.
One kind judges method of testing based on vulnerability scanning precision, including:
Step 1, scanner start scanning;
Step 2, call independent research plug-in unit, metasploit, w3af, openvas and some small-sized Open Frameworks or
Script;
Step 3, the first round end of scan, obtain leak title from disparate modules;
Step 4, leak title deposit database;
There are the module or plug-in unit of the leak that different leak title correspondences possess in step 5, database;
Step 6, call the module or plug-in unit for possessing the vulnerability scanning ability and not scanning the leak;
Step 7, collection rescan result, the probability that leak is present is calculated (such as:Vuln1 has three module tools
There is the scan function, there are two scannings to spring a leak, then provide accuracy rate for 66%);
Step 8, in front end feedback user's leak there is probability, and the module of increasing income of detection can be used.
The present invention carries out the parallel scan of a variety of open source softwares, and independent research drain sweep, by unified vulnerability title, enters
Row rescan.Due to the scanning of multibeam scanner, repeated detection is done to same leak, drain sweep is effectively avoided;By using same
One Vulnerability Name judges as mark, carries out rescan from the different characteristic of leak, to the probability that springs a leak, mistake is solved well
Report, while the friendly title there is provided the third party's instrument that can be detected, reduces the workload of penetration testing personnel, specific aim
It is stronger.
During the scanning accuracy determination methods of the present invention, there are three tables, table/Fig. 1-3 is example (concept display):
Table 1 (Fig. 1) is database Vulnerability Name and correspondingly possesses the corresponding table of detection functional module, deposits Boolean type number
According to leak title (VulnName) respective modules have detection function, then are TRUE, if it does not exist, then being FALSE.
Table 2 (Fig. 2) is scanning result deposit database, and the scanning success of respective modules, then be TRUE, and scanning failure is then
FALSE。
Table 3 (Fig. 3) is the leak title that there is TRUE in selection table 2, calls and there is corresponding detectability, call for
The plug-in unit of FALSE respective modules is detected.If correspondence plug-in unit detection springs a leak, FALSE is become in correspondence position
TRUE, then in probabliliy, there is the probability (number of modules that the leak probability=TRUE quantity/leak has in leak
Amount).
In summary, due to existing vulnerability scanning software or service, all there is a certain amount of drain sweep and wrong report is present.
Drain sweep and wrong report that the present invention easily occurs for existing secure scanner, pass through a variety of Open Frameworks and high-quality plug-in unit
It is integrated, drain sweep and wrong report can be effectively avoided, and provide the probability of leak presence, and providing and can make to white cap close friend
Third party's instrument.
The embodiment of each in this specification is described by the way of progressive, what each embodiment was stressed be with it is other
Identical similar portion cross-reference between the difference of embodiment, each embodiment.
" one embodiment ", " another embodiment ", " embodiment " for being spoken of in this manual, etc., refer to knot
Specific features, structure or the feature for closing embodiment description are included at least one embodiment of the application generality description
In.It is not necessarily to refer to same embodiment that statement of the same race, which occur, in multiple places in the description.Appoint furthermore, it is understood that combining
When one embodiment describes a specific features, structure or feature, what is advocated is this to realize with reference to other embodiment
Feature, structure or feature are also fallen within the scope of the present invention.
Although reference be made herein to invention has been described for multiple explanatory embodiments of the invention, however, it is to be understood that
Those skilled in the art can be designed that a lot of other modification and embodiment, and these modifications and embodiment will fall in this Shen
Please be within disclosed spirit and spirit.More specifically, can be to master in the range of disclosure and claim
The building block and/or layout for inscribing composite configuration carry out a variety of variations and modifications.Except what is carried out to building block and/or layout
Outside variations and modifications, to those skilled in the art, other purposes also will be apparent.
Claims (4)
1. one kind judges method of testing based on vulnerability scanning precision, it is characterised in that including:
The module or plug-in unit of integrated a variety of scannings of increasing income, concurrent scan is carried out to leak;And carry out concurrent scan to leak
Disparate modules in obtain leak title;
The leak title of acquisition is stored in database;
Call and possess the corresponding vulnerability scanning ability of the leak title and do not scan the module or plug-in unit of the leak
Row rescan;
Rescan result is collected, the probability that leak is present is calculated.
2. according to claim 1 judge method of testing based on vulnerability scanning precision, it is characterised in that the module is inserted
Part includes independent research plug-in unit, metasploit, w3af, openvas, small-sized Open Framework or script.
3. according to claim 1 judge method of testing based on vulnerability scanning precision, it is characterised in that also includes:
The probability existed in front end feedback user leak.
4. according to claim 1 judge method of testing based on vulnerability scanning precision, it is characterised in that also includes:
The module of increasing income that can be detected to user feedback.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710676976.4A CN107277063B (en) | 2017-08-09 | 2017-08-09 | Vulnerability scanning precision-based judgment and test method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710676976.4A CN107277063B (en) | 2017-08-09 | 2017-08-09 | Vulnerability scanning precision-based judgment and test method |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN107277063A true CN107277063A (en) | 2017-10-20 |
| CN107277063B CN107277063B (en) | 2020-09-25 |
Family
ID=60077246
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201710676976.4A Active CN107277063B (en) | 2017-08-09 | 2017-08-09 | Vulnerability scanning precision-based judgment and test method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN107277063B (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109391636A (en) * | 2018-12-20 | 2019-02-26 | 广东电网有限责任公司 | A kind of loophole administering method and device based on hierarchical protection asset tree |
| CN114760145A (en) * | 2022-04-28 | 2022-07-15 | 金祺创(北京)技术有限公司 | Cloud architecture-based method and device for rapid scanning analysis and cross validation of host vulnerability |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103200230A (en) * | 2013-03-01 | 2013-07-10 | 南京理工大学常熟研究院有限公司 | Vulnerability scanning method based on movable agent |
| CN103581193A (en) * | 2013-11-08 | 2014-02-12 | 星云融创(北京)信息技术有限公司 | Website vulnerability scanning method, device and system |
| CN103685258A (en) * | 2013-12-06 | 2014-03-26 | 北京奇虎科技有限公司 | Method and device for fast scanning website loopholes |
| CN103870334A (en) * | 2012-12-18 | 2014-06-18 | 中国移动通信集团公司 | Method and device for assigning large-scale vulnerability scanning task |
| CN103942497A (en) * | 2013-09-11 | 2014-07-23 | 杭州安恒信息技术有限公司 | Forensics type website vulnerability scanning method and system |
| CN104320400A (en) * | 2014-10-31 | 2015-01-28 | 北京神州绿盟信息安全科技股份有限公司 | Method and device for scanning web vulnerability |
| CN106878341A (en) * | 2017-04-14 | 2017-06-20 | 北京匡恩网络科技有限责任公司 | The vulnerability scanning method and device of the network equipment |
-
2017
- 2017-08-09 CN CN201710676976.4A patent/CN107277063B/en active Active
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103870334A (en) * | 2012-12-18 | 2014-06-18 | 中国移动通信集团公司 | Method and device for assigning large-scale vulnerability scanning task |
| CN103200230A (en) * | 2013-03-01 | 2013-07-10 | 南京理工大学常熟研究院有限公司 | Vulnerability scanning method based on movable agent |
| CN103942497A (en) * | 2013-09-11 | 2014-07-23 | 杭州安恒信息技术有限公司 | Forensics type website vulnerability scanning method and system |
| CN103581193A (en) * | 2013-11-08 | 2014-02-12 | 星云融创(北京)信息技术有限公司 | Website vulnerability scanning method, device and system |
| CN103685258A (en) * | 2013-12-06 | 2014-03-26 | 北京奇虎科技有限公司 | Method and device for fast scanning website loopholes |
| CN104320400A (en) * | 2014-10-31 | 2015-01-28 | 北京神州绿盟信息安全科技股份有限公司 | Method and device for scanning web vulnerability |
| CN106878341A (en) * | 2017-04-14 | 2017-06-20 | 北京匡恩网络科技有限责任公司 | The vulnerability scanning method and device of the network equipment |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109391636A (en) * | 2018-12-20 | 2019-02-26 | 广东电网有限责任公司 | A kind of loophole administering method and device based on hierarchical protection asset tree |
| CN114760145A (en) * | 2022-04-28 | 2022-07-15 | 金祺创(北京)技术有限公司 | Cloud architecture-based method and device for rapid scanning analysis and cross validation of host vulnerability |
Also Published As
| Publication number | Publication date |
|---|---|
| CN107277063B (en) | 2020-09-25 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN106453415B (en) | Block chain-based equipment authentication method, authentication server and user equipment | |
| CN101242279B (en) | Automatic penetration testing system and method for WEB system | |
| TWI549087B (en) | Method for joining a group through format pattern and apparatus thereof | |
| CN103383789B (en) | A kind of method and system for detecting true from false of bills | |
| CN105046150B (en) | Prevent the method and system of SQL injection | |
| CN106533696A (en) | Block chain-based identity authentication methods, authentication server and user terminal | |
| CN103095475B (en) | The method for inspecting and system of multimode communication device | |
| US9864855B2 (en) | Verification data processing method and device and storage medium | |
| CN105357076A (en) | Method and device used for detecting network connectivity between nodes | |
| CN107277063A (en) | Method of testing is judged based on vulnerability scanning precision | |
| CN112199412B (en) | Payment bill processing method based on block chain and block chain bill processing system | |
| CN106257480A (en) | A kind of method and device preventing the robot tool malicious access page | |
| CN101976333A (en) | Method for automatically distinguishing first-generation identity card from second-generation identity card | |
| CN105049426A (en) | Client identity authentication method and client identity authentication system | |
| CN112417516A (en) | File processing method, device, equipment and medium | |
| CN107360192A (en) | Improve the fingerprint identification method of vulnerability scanning efficiency and precision | |
| CN102185788A (en) | Method and system for searching vice accounts on basis of temporary mailbox | |
| CN106650454A (en) | SQL injection attack detection method and apparatus | |
| CN102656577A (en) | Electronic mail server and method for automatically generating address lists | |
| CN104935436B (en) | A kind of user authentication method and system | |
| CN107454081A (en) | The method for automatically generating POC scripts | |
| CN108024090B (en) | Abnormity positioning method and device for video monitoring platform | |
| CN106856599B (en) | Terminal, detection service device, short message receiving-transmitting fault detection method and system | |
| CN102542114A (en) | PCB module mirroring method and device based on origin symmetry | |
| CN110457018A (en) | A kind of data management system and its management method based on Hadoop |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |