CN108989336B - Emergency disposal system and emergency disposal method for network security event - Google Patents
Emergency disposal system and emergency disposal method for network security event Download PDFInfo
- Publication number
- CN108989336B CN108989336B CN201810944468.4A CN201810944468A CN108989336B CN 108989336 B CN108989336 B CN 108989336B CN 201810944468 A CN201810944468 A CN 201810944468A CN 108989336 B CN108989336 B CN 108989336B
- Authority
- CN
- China
- Prior art keywords
- module
- event
- tool
- network security
- information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/145—Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention relates to an emergency disposal system and an emergency disposal method for network security events, wherein the system comprises a data acquisition module, an event management module, an event disposal module, an auxiliary tool module and an expert knowledge base module; the method comprises the steps of inputting basic information of a network security event, carrying out security detection by using an auxiliary tool module, collecting information by using a data acquisition module, searching an implanted file by using the auxiliary tool module, inputting the implanted file into a system, analyzing by using an event handling module to obtain a clue tree and attacker information, confirming an analysis result based on the information of an expert knowledge base module, carrying out qualitative analysis on the event, obtaining an adjustment suggestion, issuing an event handling report, and carrying out adjustment. The invention establishes a standard network security event emergency disposal processing flow, standardizes the disposal means and mode of the event, improves the disposal efficiency, avoids the expansion of harm, reduces the economic loss, integrates information collection, analysis and rectification into a whole, automatically analyzes, generates rectification suggestions and reports, reserves the disposal result and is convenient to look up.
Description
Technical Field
The invention relates to the technical field of data switching networks, in particular to an emergency disposal system and an emergency disposal method for network security events, which are used for carrying out flow and systematization on the network security events.
Background
Nowadays, the internet has already formed a scale, and the study, work and life style of people are more and more deeply changed, even the whole social process is influenced, the application of the internet is diversified, and the scale of netizens continues to show the trend of continuous and rapid development.
At present, the network security situation in China is increasingly severe and complex, the network security events are more complex, and the attack means are more diverse. Enterprises or organizations are often reluctant to deal with the situation, and only some firewalls and antivirus trojan systems can be added passively, but the problems cannot be handled effectively and timely.
In the prior art, the main discussion of the network security event is an analysis link of the network security event, and there is not much description on an emergency disposal link, and in actual operation, the emergency disposal link of the network security event is usually disposed in an artificial manner, and is greatly influenced by personal factors, which is specifically shown in the following steps:
1. the manual treatment efficiency is unstable, and the efficiency is high and low;
2. manual disposal processes are not uniform;
3. the time consumption is long, and a treatment report and a treatment suggestion cannot be automatically generated;
4. the treatment result is inaccurate and is not easy to manage;
the above various types will cause unstable emergency disposal efficiency, non-uniform disposal flow and inaccurate disposal result of the network security event.
Disclosure of Invention
The invention solves the technical problems that in the prior art, the emergency disposal link of the network security event is not normalized and unified, so that the emergency disposal efficiency of the network security event is unstable, the disposal flow is not unified, and the disposal result is not accurate.
The invention adopts the technical scheme that the emergency disposal system for the network security event comprises:
a data acquisition module for acquiring data,
An event management module for comprehensively managing the event information,
An event handling module for analysis and presentation of events,
A disposition conclusion module for qualitative disposition of the event and providing an improvement proposal and a disposition report,
An auxiliary tool module and an expert knowledge base module for providing support for event analysis and vulnerability verification.
Preferably, the data collected by the data collection module includes website source code, operating system log, website web access log and middleware log information.
Preferably, the analysis of events in the event handling module comprises automatic analysis and manual analysis.
Preferably, the presentation of events in the event handling module comprises presentation of analysis results and presentation of cues.
Preferably, the auxiliary tool module comprises a vulnerability verification tool for verifying the existence of the target object vulnerability and a virus horse-hanging detection tool for detecting whether the target object exists in the backdoor, and the auxiliary tool module further comprises a log analysis tool, a log segmentation tool and a file recovery tool.
Preferably, the vulnerability verification tools include a system vulnerability verification tool, a website vulnerability verification tool, a database vulnerability verification tool and an SQL injection verification tool.
Preferably, the virus horse-hanging detection tool comprises a virus detection tool, a trojan horse detection tool and a malicious code detection tool.
A method of emergency disposal employing the emergency disposal system for network security events, the method comprising the steps of:
step 1: inputting basic information of the network security event and utilizing an auxiliary tool module to carry out security detection;
step 2: the data acquisition module acquires information including website source codes, operating system logs, website web access logs and middleware logs, and utilizes the auxiliary tool module to check viruses, trojans and malicious codes and search implanted virus files, trojan files and WebShell files;
and step 3: the found virus file, Trojan file and WebShell file are taken as initial clues and are input into an emergency disposal system, and an event disposal module analyzes the initial clues to obtain a clue tree and attacker information;
and 4, step 4: confirming the analysis result of the step 3 manually based on the information of the expert knowledge base module; if the result is correct, the next step is carried out, otherwise, the step 3 is returned;
and 5: according to the obtained clue tree and relevant information of the attacker, the handling conclusion module qualitatively determines the event, obtains an improvement suggestion and provides an event handling report;
step 6: and (5) rectification.
Preferably, in step 1, the security detection includes system vulnerability, website vulnerability and database vulnerability verification.
Preferably, in the step 6, the modification is based on the modification suggestion and the event report, and the website cleaning, the system recovery and the vulnerability reinforcing are completed by using an auxiliary tool.
The invention provides an optimized emergency disposal system and an optimized emergency disposal method for network security events, wherein the system is set to be in a form of a data acquisition module for acquiring data, an event management module for event information management, an event disposal module for event analysis and display, an auxiliary tool module and an expert knowledge base module for providing support for event analysis and vulnerability verification, the data acquisition module, the event management module, the event disposal module, the auxiliary tool module and the expert knowledge base module are linked in a ring-to-ring manner, the input time is subjected to security detection, the event information is acquired, scanned and checked, and after correlation analysis, a clue tree and relevant information of an attacker are obtained, and finally the system is rectified and revised.
The system can establish a standard network security event emergency disposal processing flow, standardizes event disposal means and disposal modes, effectively improves the disposal efficiency of event disposal personnel, avoids the expansion of event hazards, and reduces the economic loss to companies or organizations.
The invention has the beneficial effects that:
(1) the invention integrates information collection, analysis and modification into a whole and standardizes the emergency disposal flow of network security events;
(2) the invention can automatically analyze, automatically generate the correction suggestion and automatically generate the report, and reduce the influence of manual participation on objectivity;
(3) the processing result of the invention can be kept in the current system in the form of a database file, and is convenient to be consulted later.
Detailed Description
The present invention is described in further detail with reference to the following examples, but the scope of the present invention is not limited thereto.
The invention relates to an emergency handling system for network security events, the system comprising:
a data acquisition module for acquiring data,
An event management module for comprehensively managing the event information,
An event handling module for analysis and presentation of events,
A disposition conclusion module for qualitative disposition of the event and providing an improvement proposal and a disposition report,
An auxiliary tool module and an expert knowledge base module for providing support for event analysis and vulnerability verification.
The data collected by the data collection module comprises website source codes, operating system logs, website web access logs and middleware log information.
The analysis of events in the event handling module includes automatic analysis and manual analysis.
In the present invention, the internal implementation logic of the automatic analysis includes several forms:
(1) the collected event information is sorted, identification matching is carried out according to input initial clues, such as virus files, trojan files and related information of WebShell files, and matched information is sorted and fed back to an emergency disposal system;
(2) the collected event information is sorted, various attack characteristics such as sql injection attack characteristics, xss attack characteristics, webshell characteristics and the like are identified and matched with other characteristics such as struts2 vulnerability characteristics, website sensitive type files, sensitive keywords and the like, and the matched information is sorted and fed back to the emergency disposal system;
(3) and further performing correlation analysis on other clues fed back by the emergency disposal system, and feeding back the clues to the emergency disposal system.
In the invention, for example, if the acquired information is web log, the automatic analysis is xss attack feature matching [ attackRule = (\ S)%3C (\ S +)%3E | (\ S)%3C (\\ S +)%2F%3E | (\ S +) < (\ S +) > l (\ S +) >) < (\\ S +) >)/> | onrror | onmousee | expression | \\\ | alert | document \ · | prompt \ (]), so that whether the web log has a trace of xss attack can be known, if so, the web log is labeled as xss attack behavior, all information is labeled and then classified and counted and fed back to the emergency disposal system.
In the invention, the implementation logic of the manual analysis comprises several forms:
(1) the automatic analysis feeds back the data which is already arranged but not analyzed by the disposal system, and disposal personnel can perform manual analysis based on the data and perform operations such as searching, labeling and defining certain information as clues;
(2) re-analyzing on the basis of the result of the automatic analysis feedback, for example, automatically analyzing 5000 pieces of relevant data which feedback 100 vulnerabilities, and the treating staff can re-analyze the 5000 pieces of data;
(3) the clues defined by the disposal personnel can be fed back to the data which is arranged by the disposal system but not analyzed after automatic analysis for screening, and the relevance of the data can be searched, and the data can also be finished in an automatic analysis mode.
In the invention, for example, the manual analysis is performed, for example, 150w pieces of data which are processed by the processing system are automatically analyzed and fed back, the processing personnel can screen 150w pieces of data, can set query conditions for query by themselves, can label the data, or select the data to add in clues (custom clues and key clues), can search the data which are associated with the data in 150w pieces of data which are added in the clues, and can also submit the data to the automatic analysis engine for further analysis.
The presentation of events in the event handling module includes presentation of analysis results and presentation of cues.
The auxiliary tool module comprises a vulnerability verification tool for verifying the vulnerability existence condition of the target object and a virus horse hanging detection tool for detecting whether the target object exists in the backdoor, and further comprises a log analysis tool, a log segmentation tool and a file recovery tool.
The vulnerability verification tool comprises a system vulnerability verification tool, a website vulnerability verification tool, a database vulnerability verification tool and an SQL injection verification tool.
The virus horse hanging detection tool comprises a virus detection tool, a Trojan horse detection tool and a malicious code detection tool.
In the invention, the event information comprehensively managed by the event management module comprises basic information and personnel information, wherein the basic information comprises a unit name, a system name, a record number, a record level, a website domain name, an IP address, an operating system name and version, a middleware name and version, a database name and version, technology related to a system framework, website service content and the like, and the personnel information comprises unit names, contact ways, duties and the like of related unit personnel, research and development unit personnel, operation and maintenance unit personnel and disposal personnel. The event management module provides the functions of displaying, inputting, modifying and deleting for the basic information and the personnel information, and plays a role in comprehensive management.
In the content acquired by the data acquisition module, the middleware is independent system software or service program and provides support for the access of the web website.
In the invention, the clue displayed by the clue in the event handling module refers to the IP of the attacker, and all valuable information for realizing the purpose, such as the IP, the access URL, the picture name, the picture time, the webpage name and the like, is found.
In the invention, the clues can be manually input or can be obtained by automatic analysis, and the types of the clues comprise automatic analysis clues pushed by an automatic analysis engine, custom clues defined by the treating personnel, key clues automatically analyzed and labeled by the treating personnel, single clues only containing one clue in the clues, and composite clues containing a plurality of clues with a certain relationship.
In the invention, a system vulnerability verification tool, a website vulnerability verification tool, a database vulnerability verification tool, an SQL injection verification tool, a virus detection tool, a Trojan horse detection tool, a malicious code detection tool, a log analysis tool, a log segmentation tool, a file recovery tool and the like are auxiliary tools which are conventionally used in the field, and a person skilled in the art can set the tools according to requirements.
An emergency disposal method employing the emergency disposal system for network security events includes the following steps.
Step 1: and inputting basic information of the network security event and carrying out security detection by using the auxiliary tool module.
In the step 1, the security detection comprises system vulnerability, website vulnerability and database vulnerability verification.
Step 2: the data acquisition module acquires information including website source codes, operating system logs, website web access logs and middleware logs, and utilizes the auxiliary tool module to check viruses, trojans and malicious codes and search implanted virus files, trojan files and WebShell files.
In the invention, the step 2 avoids the situations of less mining, missed mining and wrong mining caused by manual operation.
And step 3: and taking the searched virus file, Trojan file and WebShell file as initial clues to be input into the emergency disposal system, and analyzing by the event disposal module to obtain a clue tree and attacker information.
And 4, step 4: confirming the analysis result of the step 3 manually based on the information of the expert knowledge base module; and if the result is confirmed to be correct, the next step is carried out, otherwise, the step 3 is returned.
In the invention, the steps 3 and 4 adopt the form of automatic analysis and manual analysis, so that the analysis efficiency of the event is accelerated.
And 5: and according to the obtained clue tree and relevant information of the attacker, the handling conclusion module qualitatively determines the event, obtains the rectification suggestion and provides an event handling report.
Step 6: and (5) rectification.
In the step 6, the modification is based on the modification suggestion and the event report, and the website cleaning, the system recovery and the vulnerability reinforcement are completed by using an auxiliary tool.
In the invention, based on the treatment suggestion and the treatment report obtained in the step 6, the time for manually combing the treatment suggestion and the treatment report is reduced, and the treatment efficiency is accelerated.
The system is arranged to comprise a data acquisition module for acquiring data, an event management module for managing event information, an event processing module for analyzing and displaying events, an auxiliary tool module and an expert knowledge base module for providing support for event analysis and vulnerability verification, the system is buckled in a ring mode, the safety of the input time is detected, the event information is acquired, scanned and checked, the clue tree and relevant information of an attacker are obtained after correlation analysis, and finally the system is rectified.
The system can establish a standard network security event emergency disposal processing flow, standardizes event disposal means and disposal modes, effectively improves the disposal efficiency of event disposal personnel, avoids the expansion of event hazards, and reduces the economic loss to companies or organizations. The invention integrates information collection, analysis and rectification, standardizes the emergency disposal flow of the network security event, can automatically analyze, automatically generate rectification suggestions and automatically generate reports, reduces the influence of manual participation on objectivity, and can keep disposal results in the current system in the form of database files for convenient later reference.
Claims (9)
1. An emergency handling system for network security events, characterized by: the system comprises:
a data acquisition module for acquiring data,
An event management module for comprehensively managing the event information,
An event handling module for analysis and presentation of events,
A disposition conclusion module for qualitative disposition of the event and providing an improvement proposal and a disposition report,
The system comprises an auxiliary tool module and an expert knowledge base module for providing support for event analysis and vulnerability verification;
the method comprises the steps of inputting basic information of a network security event, utilizing an auxiliary tool module to conduct security detection, collecting information including website source codes, operating system logs, website web access logs and middleware logs by a data collecting module, utilizing the auxiliary tool module to conduct virus, Trojan and malicious code detection, taking found virus files, Trojan files and WebShell files as initial clues, analyzing by an event handling module to obtain clue trees and attacker information, analyzing and clue displaying by the event handling module, confirming analysis results based on the information of an expert knowledge base module, and determining an event by a handling conclusion module according to the obtained clue trees and the attacker relevant information to obtain an improvement suggestion and issue an event handling report.
2. An emergency handling system for network security events according to claim 1, wherein: the data collected by the data collection module comprises website source codes, operating system logs, website web access logs and middleware log information.
3. An emergency handling system for network security events according to claim 1, wherein: the analysis of events in the event handling module includes automatic analysis and manual analysis.
4. An emergency handling system for network security events according to claim 1, wherein: the auxiliary tool module comprises a vulnerability verification tool for verifying the vulnerability existence condition of the target object and a virus horse hanging detection tool for detecting whether the target object exists in the backdoor, and further comprises a log analysis tool, a log segmentation tool and a file recovery tool.
5. An emergency handling system for network security events according to claim 4, wherein: the vulnerability verification tool comprises a system vulnerability verification tool, a website vulnerability verification tool, a database vulnerability verification tool and an SQL injection verification tool.
6. An emergency handling system for network security events according to claim 4, wherein: the virus horse hanging detection tool comprises a virus detection tool, a Trojan horse detection tool and a malicious code detection tool.
7. An emergency handling method using the emergency handling system for network security events according to any one of claims 1 to 6, characterized in that: the method comprises the following steps:
step 1: inputting basic information of the network security event and utilizing an auxiliary tool module to carry out security detection;
step 2: the data acquisition module acquires information including website source codes, operating system logs, website web access logs and middleware logs, and utilizes the auxiliary tool module to check viruses, trojans and malicious codes and search implanted virus files, trojan files and WebShell files;
and step 3: the found virus file, Trojan file and WebShell file are taken as initial clues and are input into an emergency disposal system, and an event disposal module analyzes the initial clues to obtain a clue tree and attacker information;
and 4, step 4: confirming the analysis result of the step 3 manually based on the information of the expert knowledge base module; if the result is correct, the next step is carried out, otherwise, the step 3 is returned;
and 5: according to the obtained clue tree and relevant information of the attacker, the handling conclusion module qualitatively determines the event, obtains an improvement suggestion and provides an event handling report;
step 6: and (5) rectification.
8. The emergency handling method of an emergency handling system for network security events according to claim 7, wherein: in the step 1, the security detection comprises system vulnerability, website vulnerability and database vulnerability verification.
9. The emergency handling method of an emergency handling system for network security events according to claim 7, wherein: in the step 6, the modification is based on the modification suggestion and the event report, and the website cleaning, the system recovery and the vulnerability reinforcement are completed by using an auxiliary tool.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810944468.4A CN108989336B (en) | 2018-08-19 | 2018-08-19 | Emergency disposal system and emergency disposal method for network security event |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810944468.4A CN108989336B (en) | 2018-08-19 | 2018-08-19 | Emergency disposal system and emergency disposal method for network security event |
Publications (2)
Publication Number | Publication Date |
---|---|
CN108989336A CN108989336A (en) | 2018-12-11 |
CN108989336B true CN108989336B (en) | 2021-09-28 |
Family
ID=64553383
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201810944468.4A Active CN108989336B (en) | 2018-08-19 | 2018-08-19 | Emergency disposal system and emergency disposal method for network security event |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN108989336B (en) |
Families Citing this family (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110324308A (en) * | 2019-05-17 | 2019-10-11 | 国家工业信息安全发展研究中心 | Network security emergency disposal system |
CN110493188A (en) * | 2019-07-12 | 2019-11-22 | 中国电子科技集团公司电子科学研究院 | A kind of method, relevant apparatus and storage medium handling network safety event |
CN111614696B (en) * | 2020-06-02 | 2022-11-18 | 深圳供电局有限公司 | Network security emergency response method and system based on knowledge graph |
CN113824745A (en) * | 2021-11-24 | 2021-12-21 | 武汉大学 | Network safety emergency disposal system based on recurrent neural network model |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102594783A (en) * | 2011-01-14 | 2012-07-18 | 中国科学院软件研究所 | Network security emergency responding method |
CN103905237A (en) * | 2012-12-28 | 2014-07-02 | 中国电信股份有限公司 | Telecom exchange network management system and management method |
CN104766166A (en) * | 2015-03-27 | 2015-07-08 | 杭州安恒信息技术有限公司 | Grade-protection-oriented information system security compliance check method |
CN106339439A (en) * | 2016-08-22 | 2017-01-18 | 成都众易通科技有限公司 | Big data analysis method |
Family Cites Families (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2012139127A1 (en) * | 2011-04-08 | 2012-10-11 | Wombat Security Technologies, Inc. | Context-aware training systems, apparatuses, and methods |
-
2018
- 2018-08-19 CN CN201810944468.4A patent/CN108989336B/en active Active
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102594783A (en) * | 2011-01-14 | 2012-07-18 | 中国科学院软件研究所 | Network security emergency responding method |
CN103905237A (en) * | 2012-12-28 | 2014-07-02 | 中国电信股份有限公司 | Telecom exchange network management system and management method |
CN104766166A (en) * | 2015-03-27 | 2015-07-08 | 杭州安恒信息技术有限公司 | Grade-protection-oriented information system security compliance check method |
CN106339439A (en) * | 2016-08-22 | 2017-01-18 | 成都众易通科技有限公司 | Big data analysis method |
Also Published As
Publication number | Publication date |
---|---|
CN108989336A (en) | 2018-12-11 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN108989336B (en) | Emergency disposal system and emergency disposal method for network security event | |
US10678669B2 (en) | Field content based pattern generation for heterogeneous logs | |
CN107087001B (en) | distributed internet important address space retrieval system | |
US8667586B2 (en) | Backward researching time stamped events to find an origin of pestware | |
KR101589656B1 (en) | System and method for detecting and inquiring metamorphic malignant code based on action | |
CN112307374B (en) | To-do-based jump method, device, equipment and storage medium | |
CN101923617A (en) | Cloud-based sample database dynamic maintaining method | |
Landauer et al. | A framework for cyber threat intelligence extraction from raw log data | |
CN111104579A (en) | Identification method and device for public network assets and storage medium | |
CA2883090A1 (en) | Systems and methods for automated memory and thread execution anomaly detection in a computer network | |
CN101267357A (en) | A SQL injection attack detection method and system | |
JP2007058514A (en) | Information processor, information processing method and program | |
CN107832618A (en) | A kind of SQL injection detecting system and its method based on fine granularity control of authority | |
CN115033894B (en) | Software component supply chain safety detection method and device based on knowledge graph | |
Di Lucca et al. | Clone analysis in the web era: An approach to identify cloned web pages | |
CN116186716A (en) | Security analysis method and device for continuous integrated deployment | |
CN112307478A (en) | Script virus detection method, system, electronic equipment and storage medium | |
KR100996839B1 (en) | Automatic verification system for computer virus vaccine database and method thereof | |
CN109657462B (en) | Data detection method, system, electronic device and storage medium | |
CN107392033B (en) | Android device penetration test system and automatic penetration test method thereof | |
KR20100037325A (en) | System and method for construction automatic bibliography based pattern, and recording medium therefor | |
KR20170025201A (en) | Method and apparatus for automatic process of query | |
CN114422341B (en) | Industrial control asset identification method and system based on fingerprint characteristics | |
CN113806321B (en) | Log processing method and system | |
CN115664853A (en) | Network security data association analysis method, device and system and storage medium |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |