CN108989299A - A kind of monitoring method and system of internet of things equipment loophole - Google Patents
A kind of monitoring method and system of internet of things equipment loophole Download PDFInfo
- Publication number
- CN108989299A CN108989299A CN201810711928.9A CN201810711928A CN108989299A CN 108989299 A CN108989299 A CN 108989299A CN 201810711928 A CN201810711928 A CN 201810711928A CN 108989299 A CN108989299 A CN 108989299A
- Authority
- CN
- China
- Prior art keywords
- version
- loophole
- information
- internet
- version number
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/12—Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
Abstract
The monitoring method and system of a kind of internet of things equipment loophole provided by the invention, belong to internet of things field.The monitoring method of the internet of things equipment loophole includes: the version information for obtaining at least one functional module on the terminal device that the terminal device being connected in Internet of Things is reported, and the version information includes version number;It searches in default vulnerability scan with the presence or absence of the target version section with the version numbers match;If it does not exist, for characterizing version corresponding to the version number, there are the analysis results that loophole or loophole are not repaired for generation.So that directly taking accessed version number more accurate by internet of things equipment itself and not will cause network equipment pressure not only, the internet of things equipment of scanned object will not be caused stress, and by being compared in detail to version number corresponding to each version information by default vulnerability scan, so that testing result is more accurate.
Description
Technical field
The present invention relates to internet of things field, in particular to the monitoring method and system of a kind of internet of things equipment loophole.
Background technique
With the high speed development of Internet of Things science and technology, more and more internet of things equipment are appeared in our life, to take the photograph
As for head, the development of smart city be unable to do without the quantity of camera.And these internet of things equipment are almost seldom after factory
The firmware and software version that can remove each functional unit of more new system, after causing an Internet of Things relevant vulnerability to break out in the short time
A large amount of online equipments are impacted.But drain sweep equipment traditional at present largely scan by network and give out a contract for a project to search leakage
Hole, however a large amount of scan request can cause stress the network equipment (such as interchanger, router), cause internet of things equipment disconnected
Net, or even directly delay machine or the problems such as cause network delay.
Summary of the invention
The monitoring method and system of a kind of internet of things equipment loophole provided in an embodiment of the present invention, can solve the prior art
In existing the technical issues of even resulting in internet of things equipment suspension or direct delay machine greatly to network pressure.
In a first aspect, a kind of monitoring method of internet of things equipment loophole provided in an embodiment of the present invention, comprising: obtain connection
The version information at least one functional module on the terminal device that terminal device in Internet of Things is reported, the version
This information includes version number;It searches in default vulnerability scan with the presence or absence of the target version area with the version numbers match
Between;If it does not exist, for characterizing version corresponding to the version number, there are the analysis results that loophole or loophole are not repaired for generation.
With reference to first aspect, the first embodiment of first aspect, the version information further include loophole identification information,
Before whether there is the target version section with the version numbers match in searching default vulnerability scan, the method is also
Comprising determining that the loophole identification information characterizes the corresponding version of the version number is loophole version;It generates described for characterizing
The analysis result that the loophole of version corresponding to version number is not repaired, comprising: generate for characterizing corresponding to the version number
The first mark information that the loophole of version is not repaired;The analysis is generated based on the version information and first mark information
As a result.
With reference to first aspect, in second of embodiment of first aspect, the method also includes: if it exists, generates and use
In the second mark information that the loophole for characterizing version corresponding to the version number is repaired;Based on the version information and described
Second mark information generates the analysis result being repaired for characterizing the loophole of version corresponding to the version number.
With reference to first aspect, in the third embodiment of first aspect, the version information further includes loophole mark letter
Breath, before whether there is the target version section with the version numbers match in searching default vulnerability scan, the side
Method further include: determine that the loophole identification information characterizes the corresponding version of the version number and is not labeled as loophole version;It generates
For characterizing analysis result of the version corresponding to the version number there are loophole, comprising: generate for characterizing the version number
There are the third mark informations of loophole for corresponding version;Based on described in the version information and third mark information generation
Analyze result.
With reference to first aspect, in the 4th kind of embodiment of first aspect, the method also includes: if it exists, generates and use
In characterizing version corresponding to the version number, there is no the 4th mark informations of loophole;Based on the version information and described
Four mark informations generate the analysis result that loophole is not present for characterizing version corresponding to the version number.
With reference to first aspect, in the 5th kind of embodiment of first aspect, the method also includes: by the analysis result
Preservation is uploaded to cloud into database, and by the analysis result.
Second aspect, a kind of monitoring method of internet of things equipment loophole provided in an embodiment of the present invention, comprising: acquisition connection
The version information of at least one functional module on terminal device in Internet of Things, the version information include version number;It will
The version information is uploaded to server.
The third aspect, a kind of monitoring system of internet of things equipment loophole provided in an embodiment of the present invention, comprising: data acquisition
Unit, for obtaining at least one functional module on the terminal device that the terminal device being connected in Internet of Things is reported
Version information, the version information includes version number;Processing unit, for search in default vulnerability scan with the presence or absence of with
The target version section of the version numbers match;Data generating unit, for if it does not exist, generating for characterizing the version
There are the analysis results that loophole or loophole are not repaired for version corresponding to number.
Fourth aspect, a kind of electronic equipment provided in an embodiment of the present invention, comprising: memory, processor and be stored in
In the memory and the computer program that can run on the processor, which is characterized in that described in the processor executes
It is realized when computer program as described in any one of first aspect the step of the monitoring method of internet of things equipment loophole;Or described in executing
It is realized when computer program as described in second aspect the step of the monitoring method of internet of things equipment loophole.
5th aspect, a kind of storage medium provided in an embodiment of the present invention are stored with instruction on the storage medium, work as institute
Instruction is stated when running on computers, so that the computer executes such as the described in any item internet of things equipment loopholes of first aspect
Monitoring method;Or execute the monitoring method of the internet of things equipment loophole as described in second aspect.
Compared with prior art, the monitoring method of provided in an embodiment of the present invention kind of internet of things equipment loophole, device, equipment
And medium beneficial effect is: by obtaining on the terminal device that the terminal device being connected in Internet of Things is reported at least
The version information of one functional module, the version information include version number, so that directly passing through internet of things equipment itself
It takes accessed version number more accurate and not only not will cause network equipment pressure, it will not be to scanned object
Internet of things equipment cause stress, and again by searching in default vulnerability scan whether there is and the version numbers match
Target version section, to be compared in detail to version number corresponding to each version information by default vulnerability scan,
So that testing result is more accurate, finally when there is no the target version section with the version numbers match, generation is used for
Analysis that version corresponding to the version number is not repaired there are loophole or loophole is characterized as a result, allowing the user to through this point
It analyses result and carries out corresponding operating, to improve the safety of equipment.
To enable the above objects, features and advantages of the present invention to be clearer and more comprehensible, preferred embodiment is cited below particularly, and cooperate
Appended attached drawing, is described in detail below.
Detailed description of the invention
In order to illustrate the technical solution of the embodiments of the present invention more clearly, below will be to needed in the embodiment attached
Figure is briefly described, it should be understood that the following drawings illustrates only certain embodiments of the present invention, therefore is not construed as pair
The restriction of range for those of ordinary skill in the art without creative efforts, can also be according to this
A little attached drawings obtain other relevant attached drawings.
Fig. 1 is the flow chart of the monitoring method for the internet of things equipment loophole that first embodiment of the invention provides;
Fig. 2 is the functional block diagram of the monitoring system for the internet of things equipment loophole that second embodiment of the invention provides;
Fig. 3 is the flow chart of the monitoring method for the internet of things equipment loophole that third embodiment of the invention provides;
Fig. 4 is the functional block diagram of the monitoring system for the internet of things equipment loophole that fourth embodiment of the invention provides;
Fig. 5 is the schematic diagram for a kind of electronic equipment that fifth embodiment of the invention provides.
Specific embodiment
In order to make the object, technical scheme and advantages of the embodiment of the invention clearer, below in conjunction with the embodiment of the present invention
In attached drawing, technical scheme in the embodiment of the invention is clearly and completely described, it is clear that described embodiment is
A part of the embodiment of the present invention, instead of all the embodiments.Based on the embodiments of the present invention, those of ordinary skill in the art
Every other embodiment obtained without creative efforts, shall fall within the protection scope of the present invention.Therefore,
The model of claimed invention is not intended to limit to the detailed description of the embodiment of the present invention provided in the accompanying drawings below
It encloses, but is merely representative of selected embodiment of the invention.Based on the embodiments of the present invention, those of ordinary skill in the art are not having
Every other embodiment obtained under the premise of creative work is made, shall fall within the protection scope of the present invention.
With reference to the accompanying drawing, it elaborates to some embodiments of the present invention.In the absence of conflict, following
Feature in embodiment and embodiment can be combined with each other.
First embodiment
Referring to Fig. 1, being the flow chart of the monitoring method of internet of things equipment loophole provided in an embodiment of the present invention.Below will
Detailed process shown in FIG. 1 is described in detail.
Step S101 obtains at least one on the terminal device that the terminal device being connected in Internet of Things is reported
The version information of functional module, the version information include version number.
Wherein, the terminal device can be but not limited to the camera being connected in Internet of Things, air-conditioning, TV, refrigerator
Deng.
Wherein, the version information of the functional module can be the version information of firmware, be also possible to the version letter of software
Breath, here, being not especially limited.
The version information includes but is not limited to version number, terminal device model, operating system version, HTTP service version
Etc. information.
Optionally, the terminal device is reported the version information with json format, and server is getting
Pass through the version information for parsing the json format after stating the json data that terminal device is reported, to get the version
Version number included by this information, for example, obtaining terminal device model, name by fields such as DeviceType, DeviceName
Claim and corresponding each functional module firmware, software version information.
Optionally, server directly acquires on the terminal device that the terminal device being connected in Internet of Things is reported
The version information of at least one functional module.I.e. terminal device has acquired after version information directly active transmission to the service
Device.
Optionally, the server obtains the end that the terminal device being connected in Internet of Things is reported by cloud center
The version information is first uploaded in the cloud by the version information of at least one functional module in end equipment, i.e. terminal device
The heart is stored, and the server takes the version information by cloud center.
Optionally, the terminal that the terminal device being connected in Internet of Things is reported is obtained based on preset interval time to set
The version information of standby at least one upper functional module.Wherein, the preset interval time can be 1 minute, be also possible to 2 points
Clock either 5 minutes.Here, being not especially limited.
In the present embodiment, by periodically monitoring, to cover the life cycle of entire loophole, while can be effective
Improving user, there are the efficiency that the component of loophole carries out upgrading rectification to the terminal device being connected in Internet of Things.
Step S102 is searched in default vulnerability scan with the presence or absence of the target version area with the version numbers match
Between.
Wherein, the version number to start a leak is previously stored in the default vulnerability scan and do not have leaky version
Either there are the version sections of loophole in section.
As an implementation, the version information further includes the corresponding attribute information of functional module, described default
The target version section for having with the version numbers match corresponding to the attribute information is searched whether in vulnerability scan.
Wherein, the attribute information can be the corresponding firmware identifiers of functional module or software identification, such as ID.
Wherein, the matching refers to when the version number is located at the target version section, then matches.
For example, when the version number is 1.1, when the target version section is 1.0 to 1.3, then described in judgement
There is the target version with the version numbers match in the target version section, i.e., in the described default vulnerability scan in version number
This number section.
If it does not exist, for characterizing version corresponding to the version number, there are loopholes or loophole not to repair for generation by step S103
Multiple analysis result.
It is raw when by the way that the target version section with the version numbers match being not present in the default vulnerability scan
At for characterizing version corresponding to the version number, there are the analysis results that loophole or loophole are not repaired.
As the first embodiment, the version information further includes that loophole identification information also wraps before step S102
Include: determining that the loophole identification information characterizes the corresponding version of the version number is loophole version.It is corresponding, step S103 packet
It includes: generating the first mark information that do not repair for characterizing the loophole of version corresponding to the version number;Based on the version
Information and first mark information generate the analysis result.
It whether is marked as loophole version by the corresponding version of version number described in the loophole identification information judgment, if institute
It states the corresponding version of version number and is marked as loophole version, then searched in default vulnerability scan and whether deposited by step S102
In the target version section with the version numbers match, when it be not present, generate for characterizing corresponding to the version number
The first mark information that the loophole of version is not repaired;The analysis is generated based on the version information and first mark information
As a result.
Wherein, first mark information can be is indicated using Boolean, is also possible to carry out by character string
It indicates, such as when the first mark information is 0, indicates that loophole is repaired, when the first mark information is 1, indicate that loophole is not repaired
It is multiple.
It is alternatively possible to increase field in the version information, then first mark information write-in is increased
Field in.
In the present embodiment, the method also includes: if it exists, generate for characterizing version corresponding to the version number
The second mark information for being repaired of loophole;It is generated based on the version information and second mark information described for characterizing
The analysis result that the loophole of version corresponding to version number is repaired.
I.e. when there is the target version section with the version numbers match in default vulnerability scan, generating and being used for table
Levy the second mark information that the loophole of version corresponding to the version number is repaired;Based on the version information and described second
Mark information generates the analysis result being repaired for characterizing the loophole of version corresponding to the version number.
Optionally, second mark information is also possible to be indicated using Boolean, can also be and passes through character string
It is indicated, such as when the second mark information is 0, indicates that loophole is repaired, when the second mark information is 1, indicate loophole
It does not repair.
It is alternatively possible to the loophole identification information be modified by second mark information, to generate the analysis
As a result.
Optionally, increase a field again in the version information, institute then is written into second mark information
In increased field, to generate the analysis result.
As another embodiment, the version information further includes that loophole identification information also wraps before step S102
It includes: determining that the loophole identification information characterizes the corresponding version of the version number and is not labeled as loophole version.It is corresponding, step
S103 includes: the third mark information generated for characterizing version corresponding to the version number there are loophole;Based on the version
This information and the third mark information generate the analysis result.
It whether is marked as loophole version by the corresponding version of described loophole identification information judgment version number, if not having
It is marked as loophole version, judges that the version number with the presence or absence of loophole, that is, looks by searching for the default vulnerability scan
It looks in default vulnerability scan with the presence or absence of the target version section with the version numbers match, the target version section
For section where characterizing loophole version number.When it be not present, it generates and exists for characterizing version corresponding to the version number
The third mark information of loophole;The analysis result is generated based on the version information and the third mark information.
Optionally, the loophole identification information is modified by the third mark information, thus generate the analysis as a result,
So as to can judge version corresponding to the version information by the third mark information, there are loopholes.
Optionally, increase a field again in the version information, thus with first mark information or described
Second mark information distinguishes, then will be in the increased field of third mark information write-in institute.
In the present embodiment, the method also includes: if it exists, generate for characterizing version corresponding to the version number
There is no the 4th mark informations of loophole;It is generated based on the version information and the 4th mark information for characterizing the version
The analysis result of loophole is not present in version corresponding to this number.Exist and the version numbers match when in default vulnerability scan
Target version section when, generate for characterize version corresponding to the version number be not present loophole the 4th mark information
It is alternatively possible to the loophole identification information be modified by the 4th mark information, to generate the analysis
As a result, so as to can judge version corresponding to the version information by the 4th mark information, there is no loopholes.
Optionally, increase a field again in the version information, thus with first mark information or described
Second mark information distinguishes, then will be in the increased field of the 4th mark information write-in institute.
In the present embodiment, the method also includes: the analysis result is saved into database, and by the analysis
As a result it is uploaded to cloud.
Wherein, by the way that the analysis result is uploaded to cloud, to show user to be disposed, such as according to the analysis knot
Fruit carries out loophole reparation.
In the present embodiment, by obtaining on the terminal device that the terminal device being connected in Internet of Things is reported
The version information of at least one functional module, the version information includes version number, so that directly passing through internet of things equipment
It itself takes accessed version number more accurate and not only not will cause network equipment pressure, it will not be to scanned
The internet of things equipment of object causes stress, and whether there is and the version number by searching in default vulnerability scan again
The target version section matched, to be compared in detail by default vulnerability scan version number corresponding to each version information
It is right, so that testing result is more accurate, finally when there is no the target version section with the version numbers match, generates and use
In the analysis for characterizing version corresponding to the version number and not repairing there are loophole or loophole as a result, allowing the user to through this
It analyzes result and carries out corresponding operating, to improve the safety of equipment.
Second embodiment
Corresponding to the monitoring method of the internet of things equipment loophole in first embodiment, Fig. 2 shows use second embodiment
Shown in internet of things equipment loophole the one-to-one internet of things equipment loophole of monitoring method monitoring system.As shown in Fig. 2, institute
The monitoring system 400 for stating internet of things equipment loophole includes data capture unit 410, processing unit 420 and data generating unit
430.Wherein, in the realization function and first embodiment of data capture unit 410, processing unit 420 and data generating unit 430
Corresponding step is poly- to be corresponded, and to avoid repeating, the present embodiment is not described in detail one by one.
Data capture unit 410, the terminal device reported for obtaining the terminal device being connected in Internet of Things
On at least one functional module version information, the version information includes version number.
Processing unit 420, for searching in default vulnerability scan with the presence or absence of the target version with the version numbers match
This number section.
As an implementation, the version information further includes loophole identification information, before the processing unit 420,
Further include: the first data processing unit, first data processing unit, for determining described in the loophole identification information characterization
The corresponding version of version number is loophole version;The data generating unit 430 is specifically used for generating for characterizing the version number
The first mark information that the loophole of corresponding version is not repaired;It is generated based on the version information and first mark information
The analysis result.
As another embodiment, the version information further includes loophole identification information, the processing unit 420 it
Before, further includes: the second data processing unit, second data processing unit, for determining the loophole identification information characterization
The corresponding version of the version number is not labeled as loophole version;The data generating unit 430, which is specifically used for generating, is used for table
Levy third mark information of the version corresponding to the version number there are loophole;It is marked based on the version information and the third
Information generates the analysis result.
There is leakage for characterizing version corresponding to the version number for if it does not exist, generating in data generating unit 430
The analysis result that hole or loophole are not repaired.
As an implementation, the monitoring system 400 of the internet of things equipment loophole further includes that the second data generate list
Member, second data generating unit is for if it exists, generating the loophole quilt for characterizing version corresponding to the version number
The second mark information repaired;It is generated based on the version information and second mark information for characterizing the institute of version number
The analysis result that the loophole of corresponding version is repaired.
As an implementation, the monitoring system 400 of the internet of things equipment loophole further includes data uploading unit, institute
Data uploading unit is stated for saving the analysis result into database, and the analysis result is uploaded to cloud.
3rd embodiment
Referring to Fig. 3, being the flow chart of the monitoring method of internet of things equipment loophole provided in an embodiment of the present invention.Below will
Detailed process shown in Fig. 3 is described in detail.
Step S201 acquires the version information of at least one functional module on the terminal device being connected in Internet of Things,
The version information includes version number.
Wherein, preset acquisition module is installed, the acquisition module can be software, can also be in the terminal device
It is firmware, version information of the acquisition module at least one functional module in active acquisition terminal equipment.For example, institute
Stating acquisition module can be the program module with data acquisition function run in terminal device.Here, not limiting specifically
It is fixed.
Optionally, at least one the function mould on terminal device being connected in Internet of Things based on prefixed time interval acquisition
The version information of block.Wherein, the preset interval time can be 1 minute, be also possible to 2 minutes either 5 minutes.Here,
It is not especially limited.
In the present embodiment, by periodically monitoring, to cover the life cycle of entire loophole, while can be effective
Improving user, there are the efficiency that the component of loophole carries out upgrading rectification to the terminal device being connected in Internet of Things.
The version information is uploaded to server by step S202.
Optionally, the version information is uploaded to by server with json format.
In the present embodiment, by acquiring the version of at least one functional module on the terminal device that is connected in Internet of Things
This information, the version information include version number, and the version information is then uploaded to server.So that directly passing through
Internet of things equipment itself is more accurate to take accessed version number, and the pressure of the network equipment is effectively reduced, and drop
The pressure of the low internet of things equipment to scanned object.
Fourth embodiment
Corresponding to the monitoring method of the internet of things equipment loophole in 3rd embodiment, Fig. 4 is shown using second embodiment
Shown in internet of things equipment loophole the one-to-one internet of things equipment loophole of monitoring method monitoring system.As shown in figure 4, institute
The monitoring system 500 for stating internet of things equipment loophole includes data acquisition unit 510 and data uploading unit 520, wherein data are adopted
The realization function of collecting unit 510 and data uploading unit 520 gathers one-to-one correspondence with step corresponding in 3rd embodiment, to avoid going to live in the household of one's in-laws on getting married
It states, the present embodiment is not described in detail one by one.
Data acquisition unit 510, for acquiring at least one functional module on the terminal device being connected in Internet of Things
Version information, the version information includes version number.
Data uploading unit 520, for the version information to be uploaded to server.
5th embodiment
As shown in figure 5, being the schematic diagram of electronic equipment 300.The electronic equipment 300 includes memory 302, processor
304 and it is stored in the computer program 303 that can be run in the memory 302 and on the processor 304, the calculating
The monitoring method of the internet of things equipment loophole in first embodiment is realized when machine program 303 is executed by processor 304, to keep away
Exempt to repeat, details are not described herein again.Alternatively, being realized described in 3rd embodiment when the computer program 303 is executed by processor 304
The function of each step in the monitoring method of internet of things equipment loophole, to avoid repeating, details are not described herein again.Alternatively, the calculating
Machine program 303 by processor 304 execute when realize second embodiment described in internet of things equipment loophole monitoring system in each model/
The function of unit, to avoid repeating, details are not described herein again.Alternatively, real when the computer program 303 is executed by processor 304
The function of each model/unit in the monitoring system of internet of things equipment loophole described in existing fourth embodiment, to avoid repeating, herein not
It repeats again.
Illustratively, computer program 303 can be divided into one or more module/units, one or more mould
Block/unit is stored in memory 302, and is executed by processor 304, to complete the present invention.One or more module/units
It can be the series of computation machine program instruction section that can complete specific function, the instruction segment is for describing computer program 303
Implementation procedure in electronic equipment 300.For example, the data that computer program 303 can be divided into second embodiment obtain
Unit 410, processing unit 420 and data generating unit 430 are taken, the concrete function of each unit such as first embodiment or second is in fact
It applies described in example, will not repeat them here.
Wherein, the electronic equipment 300 can be desktop PC, notebook, palm PC etc. calculate equipment or
It is server, such as network server, database server or Cloud Server.
Wherein, memory 302 may be, but not limited to, random access memory (Random Access Memory,
RAM), read-only memory (Read Only Memory, ROM), programmable read only memory (Programmable Read-
Only Memory, PROM), erasable read-only memory (Erasable Programmable Read-Only Memory,
EPROM), electricallyerasable ROM (EEROM) (Electric Erasable Programmable Read-Only Memory,
EEPROM) etc..Wherein, memory 302 is for storing program, and the processor 304 is after receiving and executing instruction, described in execution
The method of program, the flow definition that aforementioned any embodiment of the embodiment of the present invention discloses can be applied in processor 304, or
It is realized by processor 304.
Processor 304 may be a kind of IC chip, the processing capacity with signal.Above-mentioned processor 304 can
To be general processor, including central processing unit (Central Processing Unit, CPU), network processing unit (Network
Processor, NP) etc.;It can also be digital signal processor (Digital Signal Processor, DSP), dedicated integrated
Circuit (Application Specific Integrated Circuit, ASIC), ready-made programmable gate array (Field-
Programmable Gate Array, FPGA) either other programmable logic device, discrete gate or transistor logic,
Discrete hardware components.It may be implemented or execute disclosed each method, step and the logic diagram in the embodiment of the present invention.It is general
Processor can be microprocessor or the processor is also possible to any conventional processor etc..
It is understood that structure shown in fig. 5 is only a kind of structural schematic diagram of electronic equipment 300, electronic equipment 300
It can also include than more or fewer components shown in Fig. 5.Each component shown in Fig. 5 can use hardware, software or its group
It closes and realizes.
Sixth embodiment
The embodiment of the present invention also provides a kind of storage medium, and instruction is stored on the storage medium, when described instruction exists
The internet of things equipment leakage in first embodiment is realized when running on computer, when the computer program is executed by processor
The monitoring method in hole, to avoid repeating, details are not described herein again.Alternatively, the computer program realizes when being executed by processor
The function of each step in the monitoring method of internet of things equipment loophole described in three embodiments, to avoid repeating, details are not described herein again.Or
Person realizes each in the monitoring system of internet of things equipment loophole described in second embodiment when the computer program is executed by processor
Model/unit function, to avoid repeating, details are not described herein again.Alternatively, realization when the computer program is executed by processor
The function of each model/unit in the monitoring system of internet of things equipment loophole described in fourth embodiment, to avoid repeating, herein no longer
It repeats.
Through the above description of the embodiments, those skilled in the art can be understood that the present invention can lead to
Hardware realization is crossed, the mode of necessary general hardware platform can also be added to realize by software, based on this understanding, this hair
Bright technical solution can be embodied in the form of software products, which can store in a non-volatile memories
In medium (can be CD-ROM, USB flash disk, mobile hard disk etc.), including some instructions are used so that computer equipment (can be with
It is personal computer, server or the network equipment etc.) method that executes each implement scene of the present invention.
The foregoing is only a preferred embodiment of the present invention, is not intended to restrict the invention, for the skill of this field
For art personnel, the invention may be variously modified and varied.All within the spirits and principles of the present invention, made any to repair
Change, equivalent replacement, improvement etc., should all be included in the protection scope of the present invention.It should also be noted that similar label and letter exist
Similar terms are indicated in following attached drawing, therefore, once being defined in a certain Xiang Yi attached drawing, are then not required in subsequent attached drawing
It is further defined and explained.
Claims (10)
1. a kind of monitoring method of internet of things equipment loophole characterized by comprising
Obtain the version of at least one functional module on the terminal device that the terminal device being connected in Internet of Things is reported
This information, the version information include version number;
It searches in default vulnerability scan with the presence or absence of the target version section with the version numbers match;
If it does not exist, for characterizing version corresponding to the version number, there are the analysis knots that loophole or loophole are not repaired for generation
Fruit.
2. being looked into the method according to claim 1, wherein the version information further includes loophole identification information
It looks for the presence or absence of with before the target version section of the version numbers match in default vulnerability scan, the method is also wrapped
It includes:
Determining that the loophole identification information characterizes the corresponding version of the version number is loophole version;
Generate the analysis result that do not repair for characterizing the loophole of version corresponding to the version number, comprising:
Generate the first mark information that do not repair for characterizing the loophole of version corresponding to the version number;
The analysis result is generated based on the version information and first mark information.
3. according to the method described in claim 2, it is characterized in that, the method also includes:
If it exists, the second mark information being repaired for characterizing the loophole of version corresponding to the version number is generated;
The leakage for characterizing version corresponding to the version number is generated based on the version information and second mark information
The analysis result that hole is repaired.
4. being looked into the method according to claim 1, wherein the version information further includes loophole identification information
It looks for the presence or absence of with before the target version section of the version numbers match in default vulnerability scan, the method is also wrapped
It includes:
Determine that the loophole identification information characterizes the corresponding version of the version number and is not labeled as loophole version;
It generates for characterizing analysis result of the version corresponding to the version number there are loophole, comprising:
It generates for characterizing third mark information of the version corresponding to the version number there are loophole;
The analysis result is generated based on the version information and the third mark information.
5. according to the method described in claim 4, it is characterized in that, the method also includes:
If it exists, the 4th mark information that loophole is not present for characterizing version corresponding to the version number is generated;
It is generated based on the version information and the 4th mark information and is not deposited for characterizing version corresponding to the version number
In the analysis result of loophole.
6. method described in -5 according to claim 1, which is characterized in that the method also includes:
The analysis result is saved into database, and the analysis result is uploaded to cloud.
7. a kind of monitoring method of internet of things equipment loophole characterized by comprising
Acquire the version information of at least one functional module on the terminal device being connected in Internet of Things, the version information packet
Include version number;
The version information is uploaded to server.
8. a kind of monitoring system of internet of things equipment loophole characterized by comprising
Data capture unit, for obtaining on the terminal device that the terminal device being connected in Internet of Things is reported at least
The version information of one functional module, the version information include version number;
Processing unit, for searching in default vulnerability scan with the presence or absence of the target version area with the version numbers match
Between;
Data generating unit, for if it does not exist, generating, for characterizing version corresponding to the version number, there are loophole or leakages
The analysis result that hole is not repaired.
9. a kind of electronic equipment characterized by comprising memory, processor and storage are in the memory and can be
The computer program run on the processor, which is characterized in that the processor is realized such as when executing the computer program
The step of monitoring method of any one of claim 1 to the 6 internet of things equipment loophole;Or it executes real when the computer program
Now the step of monitoring method of internet of things equipment loophole as claimed in claim 7.
10. a kind of storage medium, which is characterized in that instruction is stored on the storage medium, when described instruction on computers
When operation, so that the computer executes the monitoring method of internet of things equipment loophole as claimed in any one of claims 1 to 6;
Or execute the monitoring method of internet of things equipment loophole as claimed in claim 7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810711928.9A CN108989299A (en) | 2018-07-03 | 2018-07-03 | A kind of monitoring method and system of internet of things equipment loophole |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810711928.9A CN108989299A (en) | 2018-07-03 | 2018-07-03 | A kind of monitoring method and system of internet of things equipment loophole |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN108989299A true CN108989299A (en) | 2018-12-11 |
Family
ID=64539832
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201810711928.9A Pending CN108989299A (en) | 2018-07-03 | 2018-07-03 | A kind of monitoring method and system of internet of things equipment loophole |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN108989299A (en) |
Cited By (15)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110109699A (en) * | 2019-05-06 | 2019-08-09 | 重庆天蓬网络有限公司 | A kind of loophole component lookup method, system, medium and electronic equipment |
| CN110210228A (en) * | 2019-04-26 | 2019-09-06 | 国家电网有限公司 | A kind of host equipment vulnerability scanning method and system |
| CN110572399A (en) * | 2019-09-10 | 2019-12-13 | 百度在线网络技术(北京)有限公司 | vulnerability detection processing method, device, equipment and storage medium |
| CN110659502A (en) * | 2019-09-05 | 2020-01-07 | 中国科学院软件研究所 | Project version detection method and system based on text information incidence relation analysis |
| CN111447115A (en) * | 2020-03-25 | 2020-07-24 | 北京瑞航核心科技有限公司 | State monitoring method for entity of Internet of things |
| CN111797402A (en) * | 2020-06-17 | 2020-10-20 | 北京世纪互联宽带数据中心有限公司 | Method, device and storage medium for detecting software vulnerability |
| CN111427336B (en) * | 2020-05-08 | 2021-02-09 | 杭州安恒信息技术股份有限公司 | Vulnerability scanning method, device and equipment for industrial control system |
| CN112491799A (en) * | 2020-10-28 | 2021-03-12 | 深圳市广和通无线股份有限公司 | Remote repair method and device for communication module, computer equipment and storage medium |
| CN112637019A (en) * | 2020-12-30 | 2021-04-09 | 绿盟科技集团股份有限公司 | Network monitoring method |
| CN112685746A (en) * | 2021-01-08 | 2021-04-20 | 中国科学技术大学 | Vulnerability detection method and system for Internet of things equipment firmware |
| CN112818355A (en) * | 2021-03-02 | 2021-05-18 | 福州汇思博信息技术有限公司 | Vulnerability management method and terminal |
| CN113312631A (en) * | 2021-06-11 | 2021-08-27 | 杭州安恒信息安全技术有限公司 | Vulnerability detection method and related device |
| CN113569256A (en) * | 2021-08-12 | 2021-10-29 | 京东科技信息技术有限公司 | Vulnerability scanning method and device, vulnerability scanning system, electronic equipment and computer readable medium |
| CN113987515A (en) * | 2021-11-02 | 2022-01-28 | 长春嘉诚信息技术股份有限公司 | Vulnerability threat discovery method and system based on intelligent matching |
| CN115021952A (en) * | 2022-04-15 | 2022-09-06 | 国网智能电网研究院有限公司 | Vulnerability verification method and device, storage medium and electronic equipment |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8145537B2 (en) * | 2008-02-21 | 2012-03-27 | Digital River, Inc. | Integrated software network agent |
| CN104573525A (en) * | 2014-12-19 | 2015-04-29 | 中国航天科工集团第二研究院七〇六所 | Special information service software vulnerability fixing system based on white lists |
| CN106951279A (en) * | 2017-02-27 | 2017-07-14 | 努比亚技术有限公司 | The hot repair apparatus for coating and method of application |
| CN107154940A (en) * | 2017-05-11 | 2017-09-12 | 济南大学 | A kind of Internet of Things vulnerability scanning system and scan method |
| CN107277021A (en) * | 2017-06-26 | 2017-10-20 | 云南电网有限责任公司信息中心 | A kind of new open leak coverage identification and remediation management system and method |
| CN107451491A (en) * | 2017-07-28 | 2017-12-08 | 杭州安恒信息技术有限公司 | A kind of method for improving protocol analysis accuracy when database linkage information is lost |
| CN107506647A (en) * | 2017-07-28 | 2017-12-22 | 努比亚技术有限公司 | Leak self-repairing method and mobile terminal |
-
2018
- 2018-07-03 CN CN201810711928.9A patent/CN108989299A/en active Pending
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8145537B2 (en) * | 2008-02-21 | 2012-03-27 | Digital River, Inc. | Integrated software network agent |
| CN104573525A (en) * | 2014-12-19 | 2015-04-29 | 中国航天科工集团第二研究院七〇六所 | Special information service software vulnerability fixing system based on white lists |
| CN106951279A (en) * | 2017-02-27 | 2017-07-14 | 努比亚技术有限公司 | The hot repair apparatus for coating and method of application |
| CN107154940A (en) * | 2017-05-11 | 2017-09-12 | 济南大学 | A kind of Internet of Things vulnerability scanning system and scan method |
| CN107277021A (en) * | 2017-06-26 | 2017-10-20 | 云南电网有限责任公司信息中心 | A kind of new open leak coverage identification and remediation management system and method |
| CN107451491A (en) * | 2017-07-28 | 2017-12-08 | 杭州安恒信息技术有限公司 | A kind of method for improving protocol analysis accuracy when database linkage information is lost |
| CN107506647A (en) * | 2017-07-28 | 2017-12-22 | 努比亚技术有限公司 | Leak self-repairing method and mobile terminal |
Cited By (19)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110210228A (en) * | 2019-04-26 | 2019-09-06 | 国家电网有限公司 | A kind of host equipment vulnerability scanning method and system |
| CN110109699A (en) * | 2019-05-06 | 2019-08-09 | 重庆天蓬网络有限公司 | A kind of loophole component lookup method, system, medium and electronic equipment |
| CN110659502A (en) * | 2019-09-05 | 2020-01-07 | 中国科学院软件研究所 | Project version detection method and system based on text information incidence relation analysis |
| CN110572399A (en) * | 2019-09-10 | 2019-12-13 | 百度在线网络技术(北京)有限公司 | vulnerability detection processing method, device, equipment and storage medium |
| CN111447115B (en) * | 2020-03-25 | 2021-08-27 | 北京奥陌科技有限公司 | State monitoring method for entity of Internet of things |
| CN111447115A (en) * | 2020-03-25 | 2020-07-24 | 北京瑞航核心科技有限公司 | State monitoring method for entity of Internet of things |
| CN111427336B (en) * | 2020-05-08 | 2021-02-09 | 杭州安恒信息技术股份有限公司 | Vulnerability scanning method, device and equipment for industrial control system |
| CN111797402A (en) * | 2020-06-17 | 2020-10-20 | 北京世纪互联宽带数据中心有限公司 | Method, device and storage medium for detecting software vulnerability |
| CN112491799A (en) * | 2020-10-28 | 2021-03-12 | 深圳市广和通无线股份有限公司 | Remote repair method and device for communication module, computer equipment and storage medium |
| CN112637019A (en) * | 2020-12-30 | 2021-04-09 | 绿盟科技集团股份有限公司 | Network monitoring method |
| CN112637019B (en) * | 2020-12-30 | 2022-04-19 | 绿盟科技集团股份有限公司 | Network monitoring method |
| CN112685746A (en) * | 2021-01-08 | 2021-04-20 | 中国科学技术大学 | Vulnerability detection method and system for Internet of things equipment firmware |
| CN112818355A (en) * | 2021-03-02 | 2021-05-18 | 福州汇思博信息技术有限公司 | Vulnerability management method and terminal |
| CN113312631A (en) * | 2021-06-11 | 2021-08-27 | 杭州安恒信息安全技术有限公司 | Vulnerability detection method and related device |
| CN113569256A (en) * | 2021-08-12 | 2021-10-29 | 京东科技信息技术有限公司 | Vulnerability scanning method and device, vulnerability scanning system, electronic equipment and computer readable medium |
| CN113987515A (en) * | 2021-11-02 | 2022-01-28 | 长春嘉诚信息技术股份有限公司 | Vulnerability threat discovery method and system based on intelligent matching |
| CN113987515B (en) * | 2021-11-02 | 2022-04-01 | 长春嘉诚信息技术股份有限公司 | Vulnerability threat discovery method and system based on intelligent matching |
| CN115021952A (en) * | 2022-04-15 | 2022-09-06 | 国网智能电网研究院有限公司 | Vulnerability verification method and device, storage medium and electronic equipment |
| CN115021952B (en) * | 2022-04-15 | 2024-03-12 | 国网智能电网研究院有限公司 | Vulnerability verification method and device, storage medium and electronic equipment |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN108989299A (en) | A kind of monitoring method and system of internet of things equipment loophole | |
| CN105283851B (en) | For selecting the cost analysis of tracking target | |
| BR112015019167B1 (en) | Method performed by a computer processor and system | |
| RU2015125025A (en) | METHOD, DEVICE AND NETWORK EQUIPMENT FOR OBTAINING SIGN INFORMATION | |
| US8392168B2 (en) | Simulating an application during a sampling period and a non-sampling period | |
| CN109933504B (en) | Hard disk delay test method, device, terminal and storage medium | |
| CN106156055A (en) | The identification of search engine reptile, processing method and processing device | |
| CN114095567B (en) | Data access request processing method and device, computer equipment and medium | |
| Mohi-Aldeen et al. | Systematic mapping study in automatic test case generation | |
| CN114706740A (en) | Chaos experiment method, device, storage medium and equipment | |
| CN114297041A (en) | Network heterogeneous computing platform testing method and device and computer equipment | |
| CN109364489A (en) | The dance movement processing method and processing device of based role game for play | |
| US10719482B2 (en) | Data comparison | |
| Ahmed et al. | Automated diagnostic of virtualized service performance degradation | |
| CN106612213B (en) | Equipment testing method and device | |
| CN108021478B (en) | Robustness testing method for graphics processor | |
| CN110221933A (en) | Aacode defect assists restorative procedure and system | |
| CN115794473A (en) | Root cause alarm positioning method, device, equipment and medium | |
| CN116346395A (en) | Industrial control network asset identification method, system, equipment and storage medium | |
| CN104391782A (en) | Network-equipment managing-software client-end simulating method on basis of XML (X Extensive Markup Language) script | |
| CN111737136A (en) | Object testing method and device based on Internet of things platform | |
| Skretting et al. | Baseline for performance prediction of android applications | |
| CN111008140A (en) | Cross-platform UI (user interface) automatic testing method and device | |
| CN111340237B (en) | Data processing and model running method, device and computer equipment | |
| CN109547276A (en) | A kind of positioning problems method, terminal and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20181211 |
|
| RJ01 | Rejection of invention patent application after publication |