CN108881284A - A kind of cyberspace loophole merger platform long-range attack control system - Google Patents

A kind of cyberspace loophole merger platform long-range attack control system Download PDF

Info

Publication number
CN108881284A
CN108881284A CN201810782070.5A CN201810782070A CN108881284A CN 108881284 A CN108881284 A CN 108881284A CN 201810782070 A CN201810782070 A CN 201810782070A CN 108881284 A CN108881284 A CN 108881284A
Authority
CN
China
Prior art keywords
loophole
data
database
connecting pin
unit
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201810782070.5A
Other languages
Chinese (zh)
Inventor
赖洪昌
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
SHENZHEN LIMIT NETWORK TECHNOLOGY CO LTD
Original Assignee
SHENZHEN LIMIT NETWORK TECHNOLOGY CO LTD
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by SHENZHEN LIMIT NETWORK TECHNOLOGY CO LTD filed Critical SHENZHEN LIMIT NETWORK TECHNOLOGY CO LTD
Priority to CN201810782070.5A priority Critical patent/CN108881284A/en
Publication of CN108881284A publication Critical patent/CN108881284A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1433Vulnerability analysis
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1416Event detection, e.g. attack signature detection
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic

Abstract

The invention discloses a kind of cyberspace loophole merger platform long-range attack control systems, including terminal, the connecting pin of the terminal is equipped with human-computer interaction interface and database, the connecting pin of the database is equipped with vulnerability scanner, the connecting pin of the terminal is additionally provided with Whois administrative unit, the connecting pin of the Whois administrative unit is equipped with Vulnerability Management, and the connecting pin of the Vulnerability Management is equipped with data management.The present invention by using vulnerability scanner in the world or specified range memory scans all service IP; judge whether there is loophole; any operation that can open the IP address there are loophole all can be reminded and be prevented by human-computer interaction interface by terminal; so as to independently fight various newest loopholes; reach good protecting effect; the case where avoiding terminal failure due to newest loophole, middle virus or data caused to be lost, while operator can also effectively be reminded.

Description

A kind of cyberspace loophole merger platform long-range attack control system
Technical field
The present invention relates to network platform technical field, in particular to a kind of cyberspace loophole merger platform long-range attack control System processed.
Background technique
Malware of today is just avoiding the arrest of traditional signatures class anti-malware using the technology of various unique innovations.
Simultaneously when there is a new loophole, intrusion prevention system, Web filtering and antivirus product are generally required artificially more Newly, new loophole could be solved, can not independently makes reply, therefore intrusion prevention system, Web filtering and antivirus product exist The novel attack that confrontation combines accurate Malware with persistence remote access is unable to do what one wishes, can not play good Protecting effect.
Therefore, inventing a kind of cyberspace loophole merger platform long-range attack control system, have very much must to solve the above problems It wants.
Summary of the invention
The purpose of the present invention is to provide a kind of cyberspace loophole merger platform long-range attack control systems, pass through utilization Vulnerability scanner in the world or specified range memory scans all service IP, is judged whether there is by network Loophole, while the IP address that loophole will be present is deposited in the database, in the use process of terminal, terminal is automatically referring to database The IP address of middle storage, any operation that can open the IP address there are loophole can all be carried out by terminal by human-computer interaction interface It reminds and prevents, so as to independently fight various newest loopholes, reach good protecting effect, avoid terminal because of newest leakage Hole and failure, the case where causing middle virus or data to be lost, while operator can also effectively be reminded, to solve Certainly the problems mentioned above in the background art.
To achieve the above object, the present invention provides the following technical solutions:A kind of cyberspace loophole merger platform is remotely attacked Control system, including terminal are hit, the connecting pin of the terminal is equipped with human-computer interaction interface and database, the connection of the database End is equipped with vulnerability scanner, and the connecting pin of the terminal is additionally provided with Whois administrative unit, the company of the Whois administrative unit It connects end and is equipped with Vulnerability Management, the connecting pin of the Vulnerability Management is equipped with data management;
The human-computer interaction interface assigns instruction for operator and has access to the content of data store internal storage;
The database is for storing a variety of data, other data such as loophole data and in addition to loophole;
The vulnerability scanner is for scanning discovery and exports in global range or exist in specified range currently newest Loophole;
The Whois administrative unit is used in data store internal query information;
The Vulnerability Management in the database increase loophole unit scan program scanning to loophole, delete database in deposit The loophole stored in the loophole and modification database of storage;
The data management is used to modifying, retrieve and deleting other data in database in addition to loophole.
Preferably, the Whois administrative unit, Vulnerability Management and the connecting pin of data management are equipped with data export module.
Preferably, the Whois administrative unit, Vulnerability Management and the connecting pin of data management are equipped with homepage display module.
Preferably, the Whois administrative unit includes the inquiry of Whois information, IP reverse query unit and according to list Conditional search unit.
Preferably, the Vulnerability Management includes increasing loophole unit, deleting loophole unit and modification loophole unit.
Preferably, the data management includes data modification unit, data modification unit and data modification unit.
Preferably, the connecting pin of the vulnerability scanner is equipped with newest loophole.
Preferably, the terminal is set as computer, and the computer passes through RS485 communication interface and network connection.
Technical effect and advantage of the invention:
1, by utilizing, vulnerability scanner passes through network in the world to the present invention or specified range memory scans and owns Service IP, the IP address for judging whether there is loophole, while loophole will be present is deposited in the database, in the use process of terminal In, terminal is automatic referring to the IP address stored in database, and any operation that can open the IP address there are loophole all can be by end End is reminded and is prevented by human-computer interaction interface, so as to independently fight various newest loopholes, reaches good guarantor The case where protecting effect, avoid terminal failure due to newest loophole, middle virus or data is caused to be lost, while can also be to behaviour Make personnel effectively to be reminded;
2, operator can be inquired by Whois administrative unit in database in storage area network existing loophole data with And other data other than loophole data, so that security officer be enable preferably to manage and network security in assessment area Situation, and safe preparation for internet is carried out before failure arriving, foundation is conducive to Local Area Network and safely performs And running environment, protection country and private network and virtual assets are not encroached on.
Detailed description of the invention
Fig. 1 is overall structure diagram of the invention.
Fig. 2 is Whois administrative unit structural schematic diagram of the invention.
Fig. 3 is Vulnerability Management structural schematic diagram of the invention.
Fig. 4 is data management structure schematic diagram of the invention.
In figure:1 terminal, 2 human-computer interaction interfaces, 3 databases, 4 vulnerability scanners, 5 Whois administrative units, 6 loopholes Management, 7 data managements, 8 data export modules, 9 homepage display modules, the inquiry of 10 Whois information, 11 IP reverse inquiry Unit, 12 increase loophole unit, 14 deletion loophole units, 15 modification loophole units, 16 data according to single part search unit, 13 It modifies unit, 17 data modification units, eighteen data and modifies unit, 19 newest loopholes.
Specific embodiment
Following will be combined with the drawings in the embodiments of the present invention, and technical solution in the embodiment of the present invention carries out clear, complete Site preparation description, it is clear that described embodiments are only a part of the embodiments of the present invention, instead of all the embodiments.It is based on Embodiment in the present invention, it is obtained by those of ordinary skill in the art without making creative efforts every other Embodiment shall fall within the protection scope of the present invention.
Embodiment 1
The present invention provides a kind of cyberspace loophole merger platform long-range attack control systems as shown in Figure 1, including terminal 1, the connecting pin of the terminal 1 is equipped with human-computer interaction interface 2 and database 3, and the connecting pin of the database 3 is equipped with vulnerability scanning Program 4, the connecting pin of the terminal 1 are additionally provided with Whois administrative unit 5, and the connecting pin of the Whois administrative unit 5 is equipped with leakage The connecting pin of hole management 6, the Vulnerability Management 6 is equipped with data management 7;
The human-computer interaction interface 2 assigns instruction for operator and has access to the content of 3 storage inside of database;
The database 3 is for storing a variety of data, other data such as loophole data and in addition to loophole;
The vulnerability scanner 4 is for scanning discovery and exports in global range or exist in specified range currently newest Loophole 19;
The Whois administrative unit 5 is used in 3 internal queries information of database;
The Vulnerability Management 6 in database 3 for increasing the loophole that loophole unit scan program 4 scans, deletion database 3 The loophole stored in the loophole and modification database 3 of middle storage;
The data management 7 is used to modifying, retrieve and deleting other data in database 3 in addition to loophole.
As can be seen from the above embodiments:The present invention by using vulnerability scanner 4 by network in the world or Specified range memory scans all service IP, judges whether there is loophole, while the IP address of loophole will be present there are data In library 3, in the use process of terminal 1, terminal 1 is automatic referring to the IP address stored in database 3, any to open in the presence of leakage The operation of the IP address in hole all can be reminded and be prevented by human-computer interaction interface 2 by terminal 1, so as to independently fight Various newest loopholes, reach good protecting effect, avoid failure due to newest loophole of terminal 1, and middle virus or data is caused to be lost The case where mistake, occurs, while can also effectively be reminded operator.
Embodiment 2
Further, in above-described embodiment 1, the connecting pin of the Whois administrative unit 5, Vulnerability Management 6 and data management 7 Equipped with data export module 8;
The Whois administrative unit 5, Vulnerability Management 6 and the connecting pin of data management 7 are equipped with homepage display module 9;
The Whois administrative unit 5 includes Whois information inquiry 10, IP reverse query unit 11 and is searched according to single part Cable elements 12;
The Vulnerability Management 6 includes increasing loophole unit 13, deleting loophole unit 14 and modification loophole unit 15;
The data management 7 includes data modification unit 16, data modification unit 17 and data modification unit 18;
The connecting pin of the vulnerability scanner 4 is equipped with newest loophole 19;
The terminal 1 is set as computer, and the computer passes through RS485 communication interface and network connection.
This practical working principle:
Referring to Figure of description 1, since terminal 1 is in connected state, the vulnerability scanner 4 inside terminal 1 is existed by network In global range or specified range memory scans all service IP, judges whether there is loophole, the IP of loophole will be present Location is there are in database 3, while the database 3 for the Global IP addresses being collected locally by inquiry is got there are the IP of loophole The corresponding whois information in location, then stores in database 3 together, for retrieval and access at any time, simultaneously because there is leakage The IP address in hole is stored in database 3, therefore during user's using terminal 1, any IP that can be opened there are loophole The operation of address all can be reminded and be prevented by human-computer interaction interface 2 by terminal 1, so as to independently fight it is various most New loophole reaches good protecting effect, avoids failure due to newest loophole of terminal 1, the feelings for causing middle virus or data to be lost Condition occurs, while can also effectively be reminded operator;
Referring to Figure of description 1 and attached drawing 2, operator can inquire storage office in database 3 by Whois administrative unit 5 Domain network internal storage loophole data and loophole data other than other data, to keep security officer better Security status in management and assessment area, and safe preparation for internet is carried out before failure arriving, it establishes Be conducive to Local Area Network to safely perform and running environment, protection country and private network and virtual assets are not encroached on.
Finally it should be noted that:The foregoing is only a preferred embodiment of the present invention, is not intended to restrict the invention, Although the present invention is described in detail referring to the foregoing embodiments, for those skilled in the art, still may be used To modify the technical solutions described in the foregoing embodiments or equivalent replacement of some of the technical features, All within the spirits and principles of the present invention, any modification, equivalent replacement, improvement and so on should be included in of the invention Within protection scope.

Claims (8)

1. a kind of cyberspace loophole merger platform long-range attack control system, including terminal(1), it is characterised in that:The end End(1)Connecting pin be equipped with human-computer interaction interface(2)With database(3), the database(3)Connecting pin be equipped with vulnerability scanning Program(4), the terminal(1)Connecting pin be additionally provided with Whois administrative unit(5), the Whois administrative unit(5)Connection End is equipped with Vulnerability Management(6), the Vulnerability Management(6)Connecting pin be equipped with data management(7);
The human-computer interaction interface(2)Instruction is assigned for operator and has access to database(3)The content of storage inside;
The database(3)Other data for storing a variety of data, such as loophole data and in addition to loophole;
The vulnerability scanner(4)For scanning discovery and exports in global range or exist currently most in specified range New loophole(19);
The Whois administrative unit(5)For in database(3)Internal queries information;
The Vulnerability Management(6)For in database(3)Middle increase loophole unit scan program(4)The loophole that scans is deleted Database(3)The loophole and modification database of middle storage(3)The loophole of middle storage;
The data management(7)For modifying, retrieving and deleting database(3)In other data in addition to loophole.
2. a kind of cyberspace loophole merger platform long-range attack control system according to claim 1, it is characterised in that: The Whois administrative unit(5), Vulnerability Management(6)And data management(7)Connecting pin be equipped with data export module(8).
3. a kind of cyberspace loophole merger platform long-range attack control system according to claim 1, it is characterised in that: The Whois administrative unit(5), Vulnerability Management(6)And data management(7)Connecting pin be equipped with homepage display module(9).
4. a kind of cyberspace loophole merger platform long-range attack control system according to claim 1, it is characterised in that: The Whois administrative unit(5)It is inquired including Whois information(10), IP reverse query unit(11)With according to single part Search unit(12).
5. a kind of cyberspace loophole merger platform long-range attack control system according to claim 1, it is characterised in that: The Vulnerability Management(6)Including increasing loophole unit(13), delete loophole unit(14)With modification loophole unit(15).
6. a kind of cyberspace loophole merger platform long-range attack control system according to claim 1, it is characterised in that: The data management(7)Including data modification unit(16), data modification unit(17)With data modification unit(18).
7. a kind of cyberspace loophole merger platform long-range attack control system according to claim 1, it is characterised in that: The vulnerability scanner(4)Connecting pin be equipped with newest loophole(19).
8. a kind of cyberspace loophole merger platform long-range attack control system according to claim 1, it is characterised in that: The terminal(1)It is set as computer, the computer passes through RS485 communication interface and network connection.
CN201810782070.5A 2018-07-17 2018-07-17 A kind of cyberspace loophole merger platform long-range attack control system Pending CN108881284A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810782070.5A CN108881284A (en) 2018-07-17 2018-07-17 A kind of cyberspace loophole merger platform long-range attack control system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810782070.5A CN108881284A (en) 2018-07-17 2018-07-17 A kind of cyberspace loophole merger platform long-range attack control system

Publications (1)

Publication Number Publication Date
CN108881284A true CN108881284A (en) 2018-11-23

Family

ID=64302474

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810782070.5A Pending CN108881284A (en) 2018-07-17 2018-07-17 A kind of cyberspace loophole merger platform long-range attack control system

Country Status (1)

Country Link
CN (1) CN108881284A (en)

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102594607A (en) * 2012-03-13 2012-07-18 北京邮电大学 Telecommunication application service security test and evaluation universal platform system and method thereof
CN103685279A (en) * 2013-12-18 2014-03-26 东南大学 Self-adapting-based network port fast scanning method
US20140286538A1 (en) * 2013-03-25 2014-09-25 Schlumberger Technology Corporation LWD Real-Time Borehole Image Transmission
CN104778414A (en) * 2015-05-06 2015-07-15 广州万方计算机科技有限公司 Vulnerability management system and method
CN105610776A (en) * 2015-09-24 2016-05-25 中科信息安全共性技术国家工程研究中心有限公司 Cloud calculating IaaS layer high risk safety loophole detection method and system thereof
CN106888194A (en) * 2015-12-16 2017-06-23 国家电网公司 Intelligent grid IT assets security monitoring systems based on distributed scheduling
CN107508830A (en) * 2017-09-20 2017-12-22 杭州安恒信息技术有限公司 A kind of method for reducing website vulnerability scanning and failing to report
CN108011893A (en) * 2017-12-26 2018-05-08 广东电网有限责任公司信息中心 A kind of asset management system based on networked asset information gathering

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102594607A (en) * 2012-03-13 2012-07-18 北京邮电大学 Telecommunication application service security test and evaluation universal platform system and method thereof
US20140286538A1 (en) * 2013-03-25 2014-09-25 Schlumberger Technology Corporation LWD Real-Time Borehole Image Transmission
CN103685279A (en) * 2013-12-18 2014-03-26 东南大学 Self-adapting-based network port fast scanning method
CN104778414A (en) * 2015-05-06 2015-07-15 广州万方计算机科技有限公司 Vulnerability management system and method
CN105610776A (en) * 2015-09-24 2016-05-25 中科信息安全共性技术国家工程研究中心有限公司 Cloud calculating IaaS layer high risk safety loophole detection method and system thereof
CN106888194A (en) * 2015-12-16 2017-06-23 国家电网公司 Intelligent grid IT assets security monitoring systems based on distributed scheduling
CN107508830A (en) * 2017-09-20 2017-12-22 杭州安恒信息技术有限公司 A kind of method for reducing website vulnerability scanning and failing to report
CN108011893A (en) * 2017-12-26 2018-05-08 广东电网有限责任公司信息中心 A kind of asset management system based on networked asset information gathering

Similar Documents

Publication Publication Date Title
CN103634315B (en) The front-end control method and system of name server
CN101087196B (en) Multi-layer honey network data transmission method and system
CN103957195B (en) DNS systems and the defence method and defence installation of DNS attacks
KR101512253B1 (en) Method and system for protecting against unknown malicious activities by determining a reputation of a link
CN109495443B (en) Method and system for resisting Lexong software attack based on host honeypot
US7472421B2 (en) Computer model of security risks
AU2007273085B2 (en) System and method of analyzing web content
CN104917851B (en) Information processing method and dns caching server
US8990696B2 (en) Geographical vulnerability mitgation response mapping system
JP6408395B2 (en) Blacklist management method
CN104509034A (en) Pattern consolidation to identify malicious activity
CN101252585A (en) Method and system for content filtering of data using remote file system access protocol
CN102769679A (en) Method and device for tracing source of internet protocol (IP) address after network address translation (NAT)
JP2003527793A (en) Method for automatic intrusion detection and deflection in a network
US20160255105A1 (en) System and methods for computer network security involving user confirmation of network connections
CN104426850A (en) Vulnerability detection method based on plug-in
WO2020171410A1 (en) Method, apparatus and computer program for collecting data from multiple domains
CN1859398A (en) System and method for reverse network fishing
CN105550593A (en) Cloud disk file monitoring method and device based on local area network
CN112600868A (en) Domain name resolution method, domain name resolution device and electronic equipment
CN113612783B (en) Honeypot protection system
CN109981603A (en) ARP Attack monitoring system and method
CN2775947Y (en) Network safety system based on server data exchange
CN108881284A (en) A kind of cyberspace loophole merger platform long-range attack control system
CN109803030A (en) A kind of anonymity intermediate proxy server and its communication means

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
WD01 Invention patent application deemed withdrawn after publication

Application publication date: 20181123

WD01 Invention patent application deemed withdrawn after publication