CN110135169A - Leak detection method and device - Google Patents

Leak detection method and device Download PDF

Info

Publication number
CN110135169A
CN110135169A CN201910423228.4A CN201910423228A CN110135169A CN 110135169 A CN110135169 A CN 110135169A CN 201910423228 A CN201910423228 A CN 201910423228A CN 110135169 A CN110135169 A CN 110135169A
Authority
CN
China
Prior art keywords
loophole
inspection
vulnerability information
instruments
technical staff
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201910423228.4A
Other languages
Chinese (zh)
Inventor
杨枭
陈夏裕
施靖萱
秦岳
章明飞
顾雪明
张鹏
申枭
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Jiangsu Hengtong Industrial Control Safety Research Institute Co Ltd
Original Assignee
Jiangsu Hengtong Industrial Control Safety Research Institute Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Jiangsu Hengtong Industrial Control Safety Research Institute Co Ltd filed Critical Jiangsu Hengtong Industrial Control Safety Research Institute Co Ltd
Priority to CN201910423228.4A priority Critical patent/CN110135169A/en
Publication of CN110135169A publication Critical patent/CN110135169A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/90Details of database functions independent of the retrieved data types
    • G06F16/95Retrieval from the web
    • G06F16/953Querying, e.g. by the use of web search engines
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/90Details of database functions independent of the retrieved data types
    • G06F16/95Retrieval from the web
    • G06F16/958Organisation or management of web site content, e.g. publishing, maintaining pages or automatic linking
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/577Assessing vulnerabilities and evaluating computer system security

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Databases & Information Systems (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Software Systems (AREA)
  • Data Mining & Analysis (AREA)
  • Computing Systems (AREA)
  • Computer And Data Communications (AREA)

Abstract

The embodiment of the present application provides a kind of leak detection method and device, comprising: obtains the first vulnerability information of vulnerability information distribution platform publication;Obtain the loophole instruments of inspection for being directed to first vulnerability information;Intranet is scanned by the loophole instruments of inspection, to detect at least one corresponding equipment of preset address section with the presence or absence of the corresponding loophole of the first vulnerability information.First obtain the first vulnerability information, then the loophole instruments of inspection for being directed to the first vulnerability information is being obtained, Hole Detection is carried out to the equipment in content using the loophole instruments of inspection, due to can just try to obtain the loophole instruments of inspection for the vulnerability information after obtaining the first vulnerability information, therefore compared with prior art, the application can have found loophole in time.

Description

Leak detection method and device
Technical field
This application involves Hole Detection technical fields, in particular to a kind of leak detection method and device.
Background technique
In industrial enterprise, there are numerous industrial control equipments.Due to the complexity of industrial control equipment, start a leak in industrial control equipment When, it is right the case where can not often finding these loopholes in time, cause loophole by hacker using causing leakage of information, virus to spread Industrial enterprise causes damages.
Summary of the invention
In view of this, the embodiment of the present application provides a kind of leak detection method and device, to improve in the prior art The problem of can not finding loophole in time.
In a first aspect, the embodiment of the present application provides a kind of leak detection method, which comprises obtain vulnerability information First vulnerability information of distribution platform publication;Obtain the loophole instruments of inspection for being directed to first vulnerability information;Pass through the leakage The hole instruments of inspection is scanned Intranet, is believed with detecting at least one corresponding equipment of preset address section with the presence or absence of the first loophole Cease corresponding loophole.
In the above-described embodiment, the first vulnerability information is first obtained, is then obtaining the loophole for being directed to the first vulnerability information The instruments of inspection carries out Hole Detection to the equipment in content using the loophole instruments of inspection, due to that can obtain the first loophole letter Just try to obtain the loophole instruments of inspection for the vulnerability information after breath, therefore compared with prior art, the application can and Shi Faxian loophole.
It is described to obtain the loophole instruments of inspection for being directed to first vulnerability information in a possible design, comprising: to Task is write in terminal device transmission corresponding with technical staff;The technical staff is obtained to write for first vulnerability information The loophole instruments of inspection.
In the above-described embodiment, it can be sent to the terminal device of technical staff and write task, writing in task can be with Description information including the first vulnerability information carries out loophole inspection according to the description information of the first vulnerability information by technical staff Tool is write.Since the corresponding loophole of the first vulnerability information may be the newest loophole being detected, on the market not yet For the detection instrument of the loophole, therefore it can be sent to technical staff and write task, loophole inspection man is write by technical staff Tool, to be quickly obtained the loophole instruments of inspection.
In a possible design, it is described to terminal device corresponding with technical staff transmission write task after, institute State method further include: start timing after writing task described in the transmission;If the duration of timing is greater than or equal to the first preset duration Shi Wei receives the loophole instruments of inspection that the terminal device is sent, and sends and makes to server corresponding with network security company The commission of the loophole instruments of inspection is requested;It receives the network security company that the server is sent and is directed to the first vulnerability information system The loophole instruments of inspection of work.
If not receiving the loophole instruments of inspection that technical staff is sent by terminal device within the first preset duration, Show the loophole instruments of inspection writes that there are difficulty, then can send commission request to network security company, request profession Network security company manufactures the loophole instruments of inspection, improves the manufacturing speed of the loophole instruments of inspection.
In a possible design, first vulnerability information include loophole feature description, it is described to technology people Task is write in the corresponding terminal device transmission of member, comprising: the feature is described the technical characteristic with each technical staff prestored It is matched, the object technology personnel for writing task described at least one undertaking is determined, to object technology described at least one Personnel send task of writing, the default item of the matching degree satisfaction of the technical characteristic of the object technology personnel and feature description Part.
The matched technical staff of technical characteristic is searched in technical staff according to the feature of loophole, then as can The object technology personnel for task of writing are accepted, is then sent to object technology personnel and writes task, the characteristic matching based on loophole The progress efficiency for the task of writing can be improved in suitable technical staff.
In a possible design, described send to object technology personnel described at least one writes task, comprising: root According to the task amount of the technical staff of task table record, each technical staff at least one described technical staff is obtained The busy gear of locating work;The technical staff minimum in the busy gear of work is obtained, is in the busy gear of work to described Task is write in the corresponding terminal device transmission of minimum technical staff.
After obtaining the matched object technology personnel of technical characteristic, can also according to the task amount of technical staff come Reasonable distribution writes task, and the task of writing is distributed to the lower technical staff of work busy degree, is both conducive to technical staff Work allotment is carried out, the quick progress for the task of writing also is utilized.
It is described to the technical staff corresponding terminal minimum in the busy gear of work in a possible design Task is write in equipment transmission, comprising: right according to the professional ability score value of the technical staff minimum in the busy gear of work The technical staff minimum in the busy gear of work is ranked up according to sequence from high to low;It is highest to select sequence Technical staff is as whole selecting technology personnel;Task is write to the corresponding terminal device transmission of the end selecting technology personnel.First obtain The professional ability score value of the low whole technical staff of the busy gear that works, is then arranged according to the sequence of score value from high to low Sequence is selected the technical staff that professional ability score value is high in the technical staff in the busy gear of same work, is further increased That writes task writes speed.
It is described to obtain the loophole instruments of inspection for being directed to first vulnerability information in a possible design, comprising: to Server corresponding with network security company sends the commission request of the production loophole instruments of inspection;Receive what the server was sent Network security company is directed to the loophole instruments of inspection of first vulnerability information production.
Can directly to network security company send production the loophole instruments of inspection commission request, by network security company into The production of the row loophole instruments of inspection, since the corresponding loophole of the first vulnerability information may be newest loophole, on the market without existing Some loophole instruments of inspection, therefore the network security company of profession is entrusted to be conducive to being rapidly completed for the loophole instruments of inspection.
It is described to send production loophole inspection man to server corresponding with network security company in a possible design After the commission request of tool, the method also includes: after sending the commission and requesting start timing;If the duration of timing is greater than Or the loophole instruments of inspection that the server is sent is not received when equal to the second preset duration, to end corresponding with technical staff Task is write in end equipment transmission;The technical staff that the corresponding terminal device of the technical staff is sent is received to leak for described first The loophole instruments of inspection of hole message composition.
By sending commission request to network security company and sending that write task both modes same to technical staff When make the loophole instruments of inspection, improve the loophole instruments of inspection producing efficiency.
In a possible design, first vulnerability information includes the feature description of loophole, described to pacify to network The corresponding server of full company sends the commission request of the production loophole instruments of inspection, comprising: the feature is described and prestored The technical characteristic that each network security company is good at is matched, and determines that at least one accepts the target network of the commission request Security firm sends commission request, the skill of the target network security firm to target network security firm described at least one Art feature and the matching degree of feature description meet preset condition.
The suitable network security company of characteristic matching based on loophole, can be improved the producing efficiency of the loophole instruments of inspection.
It is described to obtain the loophole instruments of inspection for being directed to first vulnerability information in a possible design, comprising: by Artificial intelligence program writes the loophole instruments of inspection for first vulnerability information.
The instruments of inspection of the first vulnerability information is write by artificial intelligence program, artificial intelligence program can largely improve The instruments of inspection writes efficiency.
In a possible design, the training process of the artificial intelligence program include: using sample vulnerability information as Input quantity is input to original manual intelligent program using the sample loophole instruments of inspection as output quantity, to the original manual intelligence Program is trained, and obtains the artificial intelligence program of training completion.
It can use sample vulnerability information and original manual intelligent program be trained with the sample loophole instruments of inspection, obtain The artificial intelligence program that training is completed.
It is described to obtain the loophole instruments of inspection for being directed to first vulnerability information in a possible design, comprising: to adjust Manually intelligence writes the loophole instruments of inspection for first vulnerability information;Judge the people in third preset duration Whether work, which intelligently writes, is completed the loophole instruments of inspection;It is made if it is not, being sent to server corresponding with network security company The commission of the loophole instruments of inspection is requested;Judge the network security that the server is sent whether is received in the second preset duration Company is directed to the loophole instruments of inspection of first vulnerability information production;If it is not, being sent out to terminal device corresponding with technical staff Send the task of writing;The technical staff that the corresponding terminal device of the technical staff is sent is received to compile for first vulnerability information The loophole instruments of inspection write.
If artificial intelligence, which is not write, in third preset duration completes the loophole instruments of inspection, sends and make to network security company Make the commission request of the loophole instruments of inspection;If not receiving network security corporation after sending the second preset duration of commission request The loophole instruments of inspection of work then sends task of writing to technical staff, improves the producing efficiency of the loophole instruments of inspection as much as possible.
In a possible design, it is being scanned by preset address section of the loophole instruments of inspection to Intranet Afterwards, the method also includes: judge at least one corresponding equipment of the preset address section with the presence or absence of the first vulnerability information pair The loophole answered;If so, sending what characterization was held there are the loophole information warning of the corresponding loophole of the first vulnerability information to administrator Administrator terminal equipment.
If there is the corresponding loophole of the first vulnerability information, loophole information warning is sent to administrator, to make administrator Loophole can be handled as early as possible.
In a possible design, at least one corresponding equipment of the judgement preset address section is with the presence or absence of the After the corresponding loophole of one vulnerability information, the method also includes: if at least one corresponding equipment of the preset address section is not There are the corresponding loopholes of the first vulnerability information, send the safety instruction information that the corresponding loophole of the first vulnerability information is not present in characterization The administrator terminal equipment held to administrator.
If there is no the corresponding loophole of the first vulnerability information, safety instruction information is sent to administrator, so as to accuse Know not yet there is the corresponding loophole of the first vulnerability information in Administrator system.
In a possible design, first vulnerability information for obtaining the publication of vulnerability information distribution platform, comprising: benefit The website that vulnerability information distribution platform is crawled with crawler, obtains the vulnerability information of update, and the vulnerability information of the update is described First vulnerability information.
The website that vulnerability information distribution platform is actively crawled using crawler, is then obtained the vulnerability information of update, actively obtained The vulnerability information of update is taken, so that the real-time of the first vulnerability information is stronger.
Second aspect, the embodiment of the present application provide a kind of Hole Detection device, and described device includes: that vulnerability information receives Module, for obtaining the first vulnerability information of vulnerability information distribution platform publication;Tool obtains module, for obtaining for described The loophole instruments of inspection of first vulnerability information;Vulnerability scanning module, for being swept by the loophole instruments of inspection to Intranet It retouches, to detect at least one corresponding equipment of preset address section with the presence or absence of the corresponding loophole of the first vulnerability information.
In a possible design, tool obtain module include: task sending submodule, for technical staff couple Task is write in the terminal device transmission answered;Tool obtains submodule, obtains the technical staff for first vulnerability information The loophole instruments of inspection write.
In a possible design, described device further include: timing module, for being opened after writing task described in the transmission Beginning timing;Sending module is entrusted, does not receive the terminal when being greater than or equal to the first preset duration for the duration in timing When the loophole instruments of inspection that equipment is sent, the committee of the production loophole instruments of inspection is sent to server corresponding with network security company Support request;Tool receiving module is directed to first vulnerability information for receiving the network security company that the server is sent The loophole instruments of inspection of production.
In a possible design, task sending submodule, specifically for each skill that the feature is described and prestored The technical characteristic of art personnel matches, and the object technology personnel that task is write described at least one undertaking is determined, at least One object technology personnel sends task of writing, of the technical characteristic of the object technology personnel and feature description Meet preset condition with degree.
In a possible design, the task sending submodule includes: busy gear time submodule, for according to work The task amount for making the technical staff of task list record, obtains at least one described technical staff locating for each technical staff The busy gear of work;Task sends time submodule, is in the minimum technical staff of the busy gear of work, Xiang Suoshu for obtaining Task is write in the corresponding terminal device transmission of the technical staff minimum in the busy gear of work.
In a possible design, the task sending submodule further include: ability sequence time submodule is used for basis The professional ability score value of the technical staff minimum in the busy gear of work, to described minimum in the busy gear of work Technical staff is ranked up according to sequence from high to low;Time submodule is selected eventually, for selecting the highest technical staff of sequence As whole selecting technology personnel;Task sends time submodule, compiles for sending to the corresponding terminal device of the end selecting technology personnel Writing task.
In a possible design, tool obtain module include: commission submodule, for network security company pair The server answered sends the commission request of the production loophole instruments of inspection;Tool receiving submodule, for receiving the server hair The network security company sent is directed to the loophole instruments of inspection of first vulnerability information production.
In a possible design, tool obtains module further include: timing submodule, for being asked in the transmission commission Start timing after asking;Task writes submodule, does not receive when being greater than or equal to the second preset duration for the duration in timing When the loophole instruments of inspection that the server is sent, task is write to terminal device corresponding with technical staff transmission;Tool connects Submodule is received, is directed to first vulnerability information for receiving the technical staff that the corresponding terminal device of the technical staff is sent The loophole instruments of inspection write.
In a possible design, the commission submodule is specifically used for each network for describing the feature with prestoring The technical characteristic that security firm is good at is matched, and it is public to determine that at least one accepts the target network safety of the commission request Department sends commission request, the technical characteristic of the target network security firm to target network security firm described at least one Meet preset condition with the matching degree of feature description.
In a possible design, tool obtains module and is specifically used for: by artificial intelligence program for first leakage The loophole instruments of inspection described in the message composition of hole.
It further include artificial intelligence training module in a possible design, for using sample vulnerability information as input Amount, using the sample loophole instruments of inspection as output quantity, is input to original manual intelligent program, to the original manual intelligent program It is trained, obtains the artificial intelligence program of training completion.
In a possible design, it includes: artificial intelligence calling module that tool, which obtains module, for calling artificial intelligence The loophole instruments of inspection is write for first vulnerability information;Third preset duration module, it is default in third for judging Whether the artificial intelligence, which writes, in duration is completed the loophole instruments of inspection;Request commission module, for network security The corresponding server of company sends the commission request of the production loophole instruments of inspection;Second preset duration module, for judging the Whether receive what the network security company that the server is sent made for first vulnerability information in two preset durations The loophole instruments of inspection;Task module is write, for writing task to terminal device corresponding with technical staff transmission;Loophole tool Receiving module is directed to first vulnerability information for receiving the technical staff that the corresponding terminal device of the technical staff is sent The loophole instruments of inspection write.
In a possible design, described device further include: loophole judgment module, for judging the preset address section At least one corresponding equipment whether there is the corresponding loophole of the first vulnerability information;Information warning module is deposited for sending characterization In the administrator terminal equipment that the loophole information warning of the corresponding loophole of the first vulnerability information is held to administrator.
In a possible design, described device further includes safety instruction module, for right in the preset address section At least one equipment answered is corresponding there is no when the corresponding loophole of the first vulnerability information, sending characterization there is no the first vulnerability informations Loophole the administrator terminal equipment held to administrator of safety instruction information.
In a possible design, information crawler module, for crawling the net of vulnerability information distribution platform using crawler It stands, obtains the vulnerability information of update, the vulnerability information of the update is first vulnerability information.
The third aspect, the application provide a kind of electronic equipment, comprising: processor, memory and bus, the memory are deposited The executable machine readable instructions of the processor are contained, when electronic equipment operation, the processor and the storage By bus communication between device, execution first aspect or first aspect when the machine readable instructions are executed by the processor Method described in any optional implementation.
Fourth aspect, the application provide a kind of computer readable storage medium, store on the computer readable storage medium There is computer program, any optional realization of first aspect or first aspect is executed when which is run by processor Method described in mode.
5th aspect, the application provide a kind of computer program product, and the computer program product is transported on computers When row, so that computer executes the method in any possible implementation of first aspect or first aspect.
Above objects, features, and advantages to enable the embodiment of the present application to be realized are clearer and more comprehensible, be cited below particularly compared with Good embodiment, and cooperate appended attached drawing, it is described in detail below.
Detailed description of the invention
Illustrate the technical solutions in the embodiments of the present application or in the prior art in order to clearer, to embodiment or will show below There is attached drawing needed in technical description to be briefly described, it should be apparent that, the accompanying drawings in the following description is only this Some embodiments of application for those of ordinary skill in the art without creative efforts, can be with It obtains other drawings based on these drawings.
Fig. 1 is the flow chart of leak detection method provided by the embodiments of the present application;
Fig. 2 is a kind of flow chart of specific embodiment shown in step S110;
Fig. 3 is the flow chart of another specific embodiment shown in step S110;
Fig. 4 is the flow chart of another specific embodiment shown in step S110;
Fig. 5 is the schematic block diagram of Hole Detection device provided by the embodiments of the present application;
Fig. 6 is the structural block diagram of the electronic equipment 600 in the embodiment of the present application.
Specific embodiment
It is often not reasonable to the assets information screening in corporate intranet in current industrial enterprise, when starting a leak, Can not the assets to corporate intranet quickly checked.The prior art is usually to carry out assets combing and investigation leakage using artificial Hole, efficiency are lower;The prior art may also carry out batch to the industrial equipment in enterprise using existing Hole Detection script and test Card will cause system resource saturation and the database problem locked because of application program caused by being repeatedly accessed.
Before introducing the embodiment of the present application, scene environment applied by the embodiment of the present application is first introduced, the application is real The leak detection method for applying example offer may operate at corporate intranet safety management platform, which can realize in industrial control system The basic functions such as Subscriber Management System, equipment management system, task management system, loophole collection management system.
User in Subscriber Management System can fulfil corresponding responsibility according to the administration authority of oneself, and responsibility can wrap Include: menu configuration, user information maintenance, rights management configuration etc., all users including administrator do not have physics It deletes and change system identity authenticates (such as short-message verification, Sign-On authentication) function, data are all transferred in the erasing for being related to data Library manager (Database Administrator, abbreviation DBA) is responsible for, and guarantees the safety of data, is easy to the backtracking of data Analysis.
Equipment management in equipment management system can be supported to realize there are three types of mode: newly-increased manually;File imports;One key The search discovery of network segment formula.By three of the above mode, it can realize that the assets for automatically managing enterprises are set to greatest extent Standby, assets are the cores of safety management, confirm asset management and carry out the classification of assets.Pass through the scanning function of port and loophole The asset of equipments information updated and maintaining enterprise Intranet staff is responsible for may be implemented, looked forward to according to the different rights of user The asset of equipments netted in the industry can be carried out increase, deletion, modification and the inquiry of assets information function after being scanned is realized.
Task management system mainly undertakes the task of the asset equipment of periodic scanning corporate intranet, judges the money of corporate intranet Producing equipment whether there is security risk, to reduce the asset equipment of Intranet at work because of economic loss caused by safety problem. Security scanners in task management system can carry out the automatic scanning of asset of equipments according to task strategy, can also synchronize wound Build different scanning strategy task lists.
Loophole collection management system carries out the statistics and analysis of loophole data by two major classes;It include two moulds in the first kind Block: loophole library module, can be with the vulnerability information of the corresponding website of industry control loophole distribution platform of synchronized update authority, and can prop up Local loophole data query is held, corresponding vulnerability database synchronization plan can be formulated;Internal risks scan module is collected scanning and is appointed The Intranet asset of equipments information of corresponding address section is shown in business, is facilitated the follow-up of administrative staff and is executed operation.Second class The function that graphic analyses is mainly carried out to asset of equipments, the grade of facility information, risk port information, loophole is compared by analyzing The data such as not are compared and classify to draw the analysis chart of assets chart.
Embodiment
Referring to Figure 1, Fig. 1 shows leak detection method provided by the embodiments of the present application, which can be with It is individually run in terminal device, can also individually execute, specifically comprise the following steps: in server
Step S110 obtains the first vulnerability information of vulnerability information distribution platform publication.
Vulnerability information distribution platform can be the industry control loophole distribution platform of authority, and the first vulnerability information is vulnerability information hair The relevant information for the new loophole that cloth platform timely updates.
Obtain vulnerability information distribution platform publication the first vulnerability information mode can there are many, it is alternatively possible to connect The first vulnerability information that vulnerability information distribution platform is sent is received, vulnerability information distribution platform can be published at interval of scheduled duration It is detected in the first vulnerability information obtained in above-mentioned scheduled duration, such as previous hour for being just published at interval of one hour New loophole relevant information.
It is alternatively possible to crawl the website of vulnerability information distribution platform using crawler, the vulnerability information of update is obtained, it is described The vulnerability information of update is first vulnerability information.
The website that vulnerability information distribution platform is actively crawled using crawler, is then obtained the vulnerability information of update, actively obtained The vulnerability information of update is taken, so that the real-time of the first vulnerability information is stronger.
Step S120 obtains the loophole instruments of inspection for being directed to first vulnerability information.
The loophole instruments of inspection is to examine the instruments of inspection that whether there is loophole in equipment to be checked, the acquisition of the loophole instruments of inspection There are many modes, writes task for example, can send to technical staff, then writes leakage according to the task of writing by technical staff The hole instruments of inspection;Commission request can also be sent to network security company, request network security company makes the loophole instruments of inspection; The loophole instruments of inspection can also be write by artificial intelligence.It is limit to the application that the acquisition pattern of the instruments of inspection, which should not be construed, System.
Step S130 is scanned by preset address section of the loophole instruments of inspection to Intranet, to detect default ground Section at least one corresponding equipment in location whether there is the corresponding loophole of the first vulnerability information.
Intranet can be the Intranet of multiple industrial equipment compositions.Preset address section is the partial address section or whole in Intranet Address field can also be with for example, it may be whole address fields of Intranet, are also possible to by the address field of staff's artificial screening It is the device address of industrial equipment crucial in Intranet.Technical staff can directly carry out equipment scanning, can also be scanned The addition of task, technical staff can add scan task by way of adding IP address section.
The first vulnerability information is first obtained, then the loophole instruments of inspection for being directed to the first vulnerability information is being obtained, is utilizing loophole The instruments of inspection carries out Hole Detection to the equipment in content, due to can just try to obtain needle after obtaining the first vulnerability information To the loophole instruments of inspection of the vulnerability information, therefore compared with prior art, the application can have found loophole in time.
Optionally, in a specific embodiment, after step s 130, can also include the following steps:
Judge at least one corresponding equipment of the preset address section with the presence or absence of the corresponding loophole of the first vulnerability information.
If so, sending characterization, there are the pipes that the loophole information warning of the corresponding loophole of the first vulnerability information is held to administrator Reason person's terminal device.
If it is not, sending what characterization was held there is no the safety instruction information of the corresponding loophole of the first vulnerability information to administrator Administrator terminal equipment.
If there is the corresponding loophole of the first vulnerability information, it is whole to send the administrator that loophole information warning is held to administrator End equipment, so that administrator be allow to handle as early as possible loophole.If there is no the corresponding loophole of the first vulnerability information, hair It send safety instruction information to administrator, not yet there is the corresponding leakage of the first vulnerability information in Administrator system so as to inform Hole.
Fig. 2 is referred to, in a specific embodiment, step S110 specifically comprises the following steps:
Step S111 writes task to terminal device corresponding with technical staff transmission.
Write may include in task the first vulnerability information description information, can to the first vulnerability information reflect loophole It is described, such as describes the loophole in the layering of osi model, can also be classified based on the threat types of loophole to loophole. Each technical staff is corresponding with the terminal device respectively used, and technical staff can be executed by corresponding terminal device and write journey The task of sequence.Terminal device can be computer, be also possible to tablet computer, and the concrete type of terminal device should not be construed It is the limitation to the application.
In a specific embodiment, writing write required by task is viewpoint proving program (Proof of Concept, abbreviation POC) script, write the canonical schema of writing for the POC validation framework that there can be specification in task, frame therein Frame has defined the development specifications of itself, has the verifying function requirements of details description and POC () function, exists in addition to this POC () function writes that there is no limit, technical staff to carry out relevant patrol by different vulnerability informations to technical staff The function for collecting verifying is write.
Optionally, internal technical staff is simply trained, it can be so that internal technical staff carries out some letters Single POC script is write, and corporate intranet safety management platform can arrange the POC script write quick at any time to realize Calling.Technical staff can improve and test to existing POC script at any time, and the batch scanning of assets in Intranet is supported to test Card.
Step S111 is specifically included: the feature described to match with the technical characteristic of each technical staff prestored, It determines the object technology personnel for writing task described at least one undertaking, sends and compile to object technology personnel described at least one The matching degree of writing task, the technical characteristic of the object technology personnel and feature description meets preset condition.
Preset condition also refers to loophole in the layering field of osi model, also also refers to the threat based on loophole The classification for the loophole that type obtains.It is limitation to the application that actual conditions representated by preset condition, which should not be construed,.
Feature is described to match with the technical characteristic of each technical staff prestored, can be to obtain loophole in OSI mould The layering of type, such as the loophole are to belong to application layer, session layer, network layer or data link layer, then from multiple technical staff Middle screening is good at loophole at least one technical staff in the layering field of osi model, then to technical staff's corresponding end Task is write in end equipment transmission.
The classification for being also possible to obtain loophole is to belong to the memory destruction class loophole, CGI class loophole that obtain control;Obtain letter Class loophole, configuration error class loophole are verified in the input of breath;The memory of refusal service destroys class, the leakage of exception treatment error handle class Then hole filters out the technical staff for being good at corresponding vulnerability classification from multiple technical staff.
Optionally, described send to object technology personnel described at least one writes task, comprising: according to task table The task amount of the technical staff of record obtains busy locating for each technical staff at least one described technical staff Commonplace gear;The technical staff minimum in the busy gear of work is obtained, to the technology people minimum in the busy gear of work Task is write in the corresponding terminal device transmission of member.
Task table records the task amount for having technical staff, and each technology can be divided according to task amount The busy gear of work locating for personnel, for example, task amount between 1 to 5, corresponds to first grade of busy gear;Task Amount is between 6 to 10, the corresponding busy gear of second gear;Task amount is between 11 to 15, the corresponding busy gear ... of third gear
It includes 10 technical staff that at least one described technical staff, which might as well be set, first grade corresponding in 10 technical staff Busy gear has 4 people, and the corresponding busy gear of second gear has 3 people, and the corresponding busy gear of third gear has 3 people, then can be to Corresponding 4 technical staff of first grade of busy gear, which send, writes task.
Optionally, described to be write to the corresponding terminal device transmission of the technical staff minimum in the busy gear of work Task, comprising: according to the professional ability score value of the technical staff minimum in the busy gear of work, be in work to described The minimum technical staff of busy gear is ranked up according to sequence from high to low;Select the highest technical staff's conduct of sequence Whole selecting technology personnel;Task is write to the corresponding terminal device transmission of the end selecting technology personnel.
Professional ability score value can reflect the qualification of the professional ability of technical staff, and score value is higher to represent technical staff Professional ability it is more skilled, therefore, can be according to professional energy after obtaining the technical staff in the busy gear of same work Power score value is ranked up technical staff by sequence from high to low.Such as to 4 people for being in first grade of busy gear, according to special Industry ability score value is ranked up, and selects the highest technical staff of professional ability score value, as whole selecting technology personnel, then to Task is write in the corresponding terminal device transmission of whole selecting technology personnel.
The professional ability score value of the low whole technical staff of the busy gear of work is first obtained, then from high to low according to score value Sequence be ranked up, select the high technology people of professional ability score value in the technical staff in the busy gear of same work Member, further increase the task of writing writes speed.
After step S111 and before step S112, it can also include the following steps:
Start timing after task is write described in the transmission.
If the duration of timing does not receive the loophole inspection that the terminal device is sent when being greater than or equal to the first preset duration Tool is tested, the commission request of the production loophole instruments of inspection is sent to server corresponding with network security company.
Receive the loophole inspection man that the network security company that the server is sent is directed to first vulnerability information production Tool.
Network security company, which can be, provides the company of Network Security Service, Network Security Service for other enterprises or individual It may include production Hole Detection tool, production antivirus software etc..If not receiving technical staff within the first preset duration The loophole instruments of inspection sent by terminal device, then show the loophole instruments of inspection writes that there are difficulty, then can be to net Network security firm sends commission request, requests the network security company manufacture loophole instruments of inspection of profession, improves loophole inspection man The manufacturing speed of tool.
Step S112 obtains the technical staff and is directed to the loophole instruments of inspection that first vulnerability information is write.
Since the corresponding loophole of the first vulnerability information may be the newest loophole being detected, there are no be directed on the market The detection instrument of the loophole, therefore can be sent to technical staff and write task, the loophole instruments of inspection is write by technical staff, from And it is quickly obtained the loophole instruments of inspection.
Fig. 3 is referred to, in another embodiment specific implementation mode, step S110 specifically comprises the following steps:
Step S211 sends the commission request of the production loophole instruments of inspection to server corresponding with network security company.
It is alternatively possible to which the feature is described the technical characteristic being good at each network security company prestored progress Match, determines that at least one accepts the target network security firm of the commission request, pacify to target network described at least one Full company sends commission request, and the matching degree that the technical characteristic of the target network security firm and the feature describe meets pre- If condition.
Preset condition herein can be identical as the preset condition being mentioned above, can also be with default item mentioned above Part is different, and preset condition can refer to that loophole in the layering field of osi model, also also refers to the threat types based on loophole and obtains The classification of the loophole arrived.It is limitation to the application that actual conditions representated by preset condition, which should not be construed,.
For example, the layering field of osi model where determining the corresponding loophole of the first vulnerability information, then selection is good at this The network security company in layering field;It can also determine threat types belonging to the corresponding loophole of the first vulnerability information, then The network security company of the loophole of the threat types is good in selection.
After step S211, it can also include the following steps: to start timing after sending the commission request;If timing Duration the loophole instruments of inspection that the server is sent is not received when being greater than or equal to the second preset duration, to technology people Task is write in the corresponding terminal device transmission of member;The technical staff that the corresponding terminal device of the technical staff is sent is received to be directed to The loophole instruments of inspection that first vulnerability information is write.
If the loophole inspection man of network security company return is not received in the second preset duration after sending commission request Tool, then illustrate that there are certain manufacture difficulties for the loophole instruments of inspection, therefore, technical staff can be entrusted to write loophole inspection man Tool, by the transmission commission request of network security company and writing both modes of task to technical staff's transmission while making The loophole instruments of inspection improves the producing efficiency of the loophole instruments of inspection.
Step S212 receives the leakage that the network security company that the server is sent is directed to first vulnerability information production The hole instruments of inspection.
If network security company completes the production of Hole Detection tool in the second preset duration, net can be directly received The loophole instruments of inspection that server where network security firm is sent.
Fig. 4 is referred to, in another specific embodiment, step S110 specifically comprises the following steps:
Step S311 calls artificial intelligence to write the loophole instruments of inspection for first vulnerability information.
The loophole instruments of inspection is write for first vulnerability information by artificial intelligence program.Artificial intelligence program can That largely improves the instruments of inspection writes efficiency.
Optionally, the training process of artificial intelligence program includes: using sample vulnerability information as input quantity, by sample loophole The instruments of inspection is input to original manual intelligent program as output quantity, is trained, obtains to the original manual intelligent program The artificial intelligence program that training is completed.
Artificial intelligence program can be made more and more intelligent by training, so as to more quickly and accurately write loophole The program of detection instrument.
Step S312 judges whether the artificial intelligence writes in third preset duration and completes the loophole inspection man Tool, if it is not, executing step S313.
Third preset duration is a preset time span, is specifically as follows a hour or half an hour, It is limitation to the application that the specific duration of third preset duration, which should not be construed,.If artificial intelligence is in third preset duration Completion is not write, then can be shown that the loophole instruments of inspection writes that there are certain difficulty, it is also possible to show current artificial Intelligent program can not be competent at writing for the loophole instruments of inspection, therefore execute step S313.
Step S313 sends the commission request of the production loophole instruments of inspection to server corresponding with network security company.
Step S314 judges the network security company needle that the server is sent whether is received in the second preset duration To the loophole instruments of inspection of first vulnerability information production, if it is not, executing step S315.
Second preset duration is a preset time span, and time span can be with third preset duration phase It together, can also be different from third preset duration.It can be opened sending commission request to server corresponding with network security company Beginning timing, if network security firm does not complete the production of the loophole instruments of inspection still in the second preset duration, further illustrating should The production of the loophole instruments of inspection executes step S315 there are biggish difficulty, when executing step S315, can stop to The commission request that network security company sends, so as to economize on resources;It can not also stop to the transmission of network security company Commission request.
Step S315 writes task to terminal device corresponding with technical staff transmission.
Step S316 receives the technical staff that the corresponding terminal device of the technical staff is sent and is directed to first loophole The loophole instruments of inspection of message composition.
The commission request sent to network security company can not stopped while sending to technical staff and writing task, Both sides can be entrusted to make the loophole instruments of inspection simultaneously, to largely improve the acquisition efficiency of the loophole instruments of inspection.
Refer to Fig. 5, Fig. 5 shows Hole Detection device provided by the embodiments of the present application, it should be appreciated that the device 500 with Above-mentioned Fig. 1 embodiment of the method is corresponding, is able to carry out each step that above method embodiment is related to, the specific function of device 500 Can may refer to it is described above, it is appropriate herein to omit detailed description to avoid repeating.Device 500 includes at least one energy Operating system (the operating of device 500 is stored in memory or is solidificated in the form of software or firmware (firmware) System, OS) in software function module.Specifically, which includes:
Vulnerability information receiving module 510, for obtaining the first vulnerability information of vulnerability information distribution platform publication.
Tool obtains module 520, for obtaining the loophole instruments of inspection for being directed to first vulnerability information.
Vulnerability scanning module 530, for being scanned by the loophole instruments of inspection to Intranet, to detect preset address At least one corresponding equipment of section whether there is the corresponding loophole of the first vulnerability information.
The application also provides a kind of device, and Fig. 6 is the structural block diagram of the electronic equipment 600 in the embodiment of the present application, such as Fig. 6 It is shown.Electronic equipment 600 may include processor 610, communication interface 620, memory 630 and at least one communication bus 640. Wherein, communication bus 640 is for realizing the direct connection communication of these components.Wherein, in the embodiment of the present application equipment communication Interface 620 is used to carry out the communication of signaling or data with other node devices.Processor 610 can be a kind of ic core Piece, the processing capacity with signal.Above-mentioned processor 610 can be general processor, including central processing unit (Central Processing Unit, abbreviation CPU), network processing unit (Network Processor, abbreviation NP) etc.;It can also be number Signal processor (DSP), specific integrated circuit (ASIC), ready-made programmable gate array (FPGA) or other programmable logic devices Part, discrete gate or transistor logic, discrete hardware components.It may be implemented or execute the disclosure in the embodiment of the present application Each method, step and logic diagram.General processor can be microprocessor or the processor 610 be also possible to it is any often The processor etc. of rule.
Memory 630 may be, but not limited to, random access memory (Random Access Memory, RAM), only It reads memory (Read Only Memory, ROM), programmable read only memory (Programmable Read-Only Memory, PROM), erasable read-only memory (Erasable Programmable Read-Only Memory, EPROM), Electricallyerasable ROM (EEROM) (Electric Erasable Programmable Read-Only Memory, EEPROM) etc.. Computer-readable instruction fetch is stored in memory 630, when the computer-readable instruction fetch is executed by the processor 610 When, electronic equipment 600 can execute each step that above-mentioned Fig. 1 is related to Fig. 3 embodiment of the method.
Electronic equipment 600 can also include storage control, input-output unit, audio unit, display unit.
The memory 630, processor 610, Peripheral Interface, input-output unit, audio unit, is shown storage control Show that each element of unit is directly or indirectly electrically connected between each other, to realize the transmission or interaction of data.For example, these elements It can be realized and be electrically connected by one or more communication bus 640 between each other.The processor 610 is for executing memory The executable module stored in 630.
Input-output unit is used to be supplied to user input data and realizes user and the server (or local terminal) Interaction.The input-output unit may be, but not limited to, mouse and keyboard etc..
Audio unit provides a user audio interface, may include one or more microphones, one or more loudspeaking Device and voicefrequency circuit.
Display unit provided between the electronic equipment and user an interactive interface (such as user interface) or It is referred to for display image data to user.In the present embodiment, the display unit can be liquid crystal display or touch-control is aobvious Show device.It can be the capacitance type touch control screen or resistance type touch control screen of support single-point and multi-point touch operation if touch control display Deng.Single-point and multi-point touch operation is supported to refer to that touch control display can sense one or more positions on the touch control display The touch control operation setting place while generating, and the touch control operation that this is sensed transfers to processor to be calculated and handled.
Input-output unit is used to be supplied to the interaction that user input data realizes user and processing terminal.The input is defeated Unit may be, but not limited to, out, mouse and keyboard etc..
It is appreciated that structure shown in fig. 6 is only to illustrate, the electronic equipment 600 may also include more than shown in Fig. 6 Perhaps less component or with the configuration different from shown in Fig. 6.Each component shown in Fig. 6 can use hardware, software Or combinations thereof realize.
The application also provides a kind of computer readable storage medium, is stored with computer on the computer readable storage medium Program executes method described in embodiment of the method when the computer program is run by processor.
The application also provides a kind of computer program product to be made when the computer program product is run on computers It obtains computer and executes method described in embodiment of the method.
It is apparent to those skilled in the art that for convenience and simplicity of description, the system of foregoing description Specific work process, no longer can excessively be repeated herein with reference to the corresponding process in preceding method.
It should be noted that all the embodiments in this specification are described in a progressive manner, each embodiment weight Point explanation is the difference from other embodiments, and the same or similar parts between the embodiments can be referred to each other. For device class embodiment, since it is basically similar to the method embodiment, so being described relatively simple, related place ginseng See the part explanation of embodiment of the method.
In several embodiments provided herein, it should be understood that disclosed device and method can also pass through it Its mode is realized.The apparatus embodiments described above are merely exemplary, for example, the flow chart and block diagram in attached drawing are aobvious The device of multiple embodiments according to the application, architectural framework in the cards, the function of method and computer program product are shown It can and operate.In this regard, each box in flowchart or block diagram can represent one of a module, section or code Point, a part of the module, section or code includes one or more for implementing the specified logical function executable Instruction.It should also be noted that function marked in the box can also be attached to be different from some implementations as replacement The sequence marked in figure occurs.For example, two continuous boxes can actually be basically executed in parallel, they sometimes may be used To execute in the opposite order, this depends on the function involved.It is also noted that each of block diagram and or flow chart The combination of box in box and block diagram and or flow chart can be based on the defined function of execution or the dedicated of movement The system of hardware is realized, or can be realized using a combination of dedicated hardware and computer instructions.
In addition, each functional module in each embodiment of the application can integrate one independent portion of formation together Point, it is also possible to modules individualism, an independent part can also be integrated to form with two or more modules.
It, can be with if the function is realized and when sold or used as an independent product in the form of software function module It is stored in a computer readable storage medium.Based on this understanding, the technical solution of the application is substantially in other words The part of the part that contributes to existing technology or the technical solution can be embodied in the form of software products, the meter Calculation machine software product is stored in a storage medium, including some instructions are used so that a computer equipment (can be a People's computer, server or network equipment etc.) execute each embodiment the method for the application all or part of the steps. And storage medium above-mentioned includes: that USB flash disk, mobile hard disk, read-only memory (ROM, Read-Only Memory), arbitrary access are deposited The various media that can store program code such as reservoir (RAM, Random Access Memory), magnetic or disk.It needs Illustrate, herein, relational terms such as first and second and the like be used merely to by an entity or operation with Another entity or operation distinguish, and without necessarily requiring or implying between these entities or operation, there are any this realities The relationship or sequence on border.Moreover, term " includes " or any other variant thereof is intended to cover non-exclusive inclusion, thus So that the process, method, article or equipment for including a series of elements not only includes those elements, but also including not clear The other element listed, or further include for elements inherent to such a process, method, article, or device.Do not having more In the case where more limitations, the element that is limited by sentence "including a ...", it is not excluded that including process, the side of the element There is also other identical elements in method, article or equipment.
The foregoing is merely preferred embodiment of the present application, are not intended to limit this application, for the skill of this field For art personnel, various changes and changes are possible in this application.Within the spirit and principles of this application, made any to repair Change, equivalent replacement, improvement etc., should be included within the scope of protection of this application.It should also be noted that similar label and letter exist Similar terms are indicated in following attached drawing, therefore, once being defined in a certain Xiang Yi attached drawing, are then not required in subsequent attached drawing It is further defined and explained.
The above, the only specific embodiment of the application, but the protection scope of the application is not limited thereto, it is any Those familiar with the art within the technical scope of the present application, can easily think of the change or the replacement, and should all contain Lid is within the scope of protection of this application.Therefore, the protection scope of the application shall be subject to the protection scope of the claim.

Claims (10)

1. a kind of leak detection method, which is characterized in that the described method includes:
Obtain the first vulnerability information of vulnerability information distribution platform publication;
Obtain the loophole instruments of inspection for being directed to first vulnerability information;
It is scanned by preset address section of the loophole instruments of inspection to Intranet, it is corresponding at least to detect preset address section One equipment whether there is the corresponding loophole of the first vulnerability information.
2. the method according to claim 1, wherein the loophole inspection obtained for first vulnerability information Test tool, comprising:
Task is write to terminal device corresponding with technical staff transmission;
It obtains the technical staff and is directed to the loophole instruments of inspection that first vulnerability information is write.
3. according to the method described in claim 2, it is characterized in that, described send to terminal device corresponding with technical staff is compiled After writing task, the method also includes:
Start timing after task is write described in the transmission;
If the duration of timing does not receive the loophole inspection man that the terminal device is sent when being greater than or equal to the first preset duration Tool sends the commission request of the production loophole instruments of inspection to server corresponding with network security company;
Receive the loophole instruments of inspection that the network security company that the server is sent is directed to first vulnerability information production.
4. according to the method described in claim 2, it is characterized in that, first vulnerability information include loophole feature description, It is described to write task to terminal device corresponding with technical staff transmission, comprising:
The feature is described to match with the technical characteristic of each technical staff prestored, is determined described at least one undertaking The object technology personnel for writing task send to object technology personnel described at least one and write task, the object technology people The technical characteristic of member and the matching degree of feature description meet preset condition.
5. according to the method described in claim 4, it is characterized in that, described send to object technology personnel described at least one is compiled Writing task, comprising:
According to the task amount of the technical staff of task table record, each skill at least one described technical staff is obtained The busy gear of work locating for art personnel;
The technical staff minimum in the busy gear of work is obtained, to the technical staff pair minimum in the busy gear of work Task is write in the terminal device transmission answered.
6. according to the method described in claim 5, it is characterized in that, described to the technology minimum in the busy gear of work Task is write in the corresponding terminal device transmission of personnel, comprising:
According to the professional ability score value of the technical staff minimum in the busy gear of work, the busy shelves of work are in described The minimum technical staff in position is ranked up according to sequence from high to low;
The highest technical staff of sequence is selected as whole selecting technology personnel;
Task is write to the corresponding terminal device transmission of the end selecting technology personnel.
7. the method according to claim 1, wherein the loophole inspection obtained for first vulnerability information Test tool, comprising:
The commission request of the production loophole instruments of inspection is sent to server corresponding with network security company;
Receive the loophole instruments of inspection that the network security company that the server is sent is directed to first vulnerability information production.
8. the method according to the description of claim 7 is characterized in that described send to server corresponding with network security company After making the commission request of the loophole instruments of inspection, the method also includes:
Start timing after sending the commission request;
If the duration of timing does not receive the loophole instruments of inspection that the server is sent when being greater than or equal to the second preset duration, Task is write to terminal device corresponding with technical staff transmission;
It receives the technical staff that the corresponding terminal device of the technical staff is sent and is directed to the leakage that first vulnerability information is write The hole instruments of inspection.
9. the method according to the description of claim 7 is characterized in that first vulnerability information include loophole feature description, The commission request that the production loophole instruments of inspection is sent to server corresponding with network security company, comprising:
The technical characteristic that feature description is good at each network security company prestored is matched, determines at least one The target network security firm for accepting the commission request, sends commission to target network security firm described at least one and asks It asks, the matching degree of the technical characteristic of the target network security firm and feature description meets preset condition.
10. a kind of Hole Detection device, which is characterized in that described device includes:
Vulnerability information receiving module, for obtaining the first vulnerability information of vulnerability information distribution platform publication;
Tool obtains module, for obtaining the loophole instruments of inspection for being directed to first vulnerability information;
Vulnerability scanning module, it is corresponding to detect preset address section for being scanned by the loophole instruments of inspection to Intranet At least one equipment whether there is the corresponding loophole of the first vulnerability information.
CN201910423228.4A 2019-05-21 2019-05-21 Leak detection method and device Pending CN110135169A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910423228.4A CN110135169A (en) 2019-05-21 2019-05-21 Leak detection method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910423228.4A CN110135169A (en) 2019-05-21 2019-05-21 Leak detection method and device

Publications (1)

Publication Number Publication Date
CN110135169A true CN110135169A (en) 2019-08-16

Family

ID=67571837

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910423228.4A Pending CN110135169A (en) 2019-05-21 2019-05-21 Leak detection method and device

Country Status (1)

Country Link
CN (1) CN110135169A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111309311A (en) * 2020-03-04 2020-06-19 杭州安恒信息技术股份有限公司 Vulnerability detection tool generation method, device, equipment and readable storage medium

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101727533A (en) * 2008-10-30 2010-06-09 新奥特硅谷视频技术有限责任公司 Automatic BUG distribution method capable of adaptive parameter regulation
CN102226913A (en) * 2011-05-23 2011-10-26 中国科学院软件研究所 Method for automatically generating Bug repair plan and Bug repair method
CN102945351A (en) * 2012-11-05 2013-02-27 中国科学院软件研究所 Security vulnerability fixing method based on two-dimensional code for mobile intelligent terminal in cloud environment
CN105975863A (en) * 2016-04-27 2016-09-28 国网天津市电力公司 Method for evaluating and calculating information security risk of power distribution automation terminal equipment
CN107766730A (en) * 2017-09-18 2018-03-06 北京知道未来信息技术有限公司 A kind of method that leak early warning is carried out for extensive target

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101727533A (en) * 2008-10-30 2010-06-09 新奥特硅谷视频技术有限责任公司 Automatic BUG distribution method capable of adaptive parameter regulation
CN102226913A (en) * 2011-05-23 2011-10-26 中国科学院软件研究所 Method for automatically generating Bug repair plan and Bug repair method
CN102945351A (en) * 2012-11-05 2013-02-27 中国科学院软件研究所 Security vulnerability fixing method based on two-dimensional code for mobile intelligent terminal in cloud environment
CN105975863A (en) * 2016-04-27 2016-09-28 国网天津市电力公司 Method for evaluating and calculating information security risk of power distribution automation terminal equipment
CN107766730A (en) * 2017-09-18 2018-03-06 北京知道未来信息技术有限公司 A kind of method that leak early warning is carried out for extensive target

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
李珍 等: "面向源代码的软件漏洞静态检测综述", 《网络与信息安全学报》 *
禚月: "电力行业漏洞信息集成系统的设计与实现", 《中国优秀硕士学位论文全文数据库》 *
胡浩: "面向漏洞生命周期的安全风险度量方法", 《软件学报》 *

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111309311A (en) * 2020-03-04 2020-06-19 杭州安恒信息技术股份有限公司 Vulnerability detection tool generation method, device, equipment and readable storage medium
CN111309311B (en) * 2020-03-04 2023-04-25 杭州安恒信息技术股份有限公司 Vulnerability detection tool generation method, device, equipment and readable storage medium

Similar Documents

Publication Publication Date Title
CN109409043A (en) Login method, terminal device and the medium of application system
KR102017756B1 (en) Apparatus and method for detecting abnormal behavior
CN108377227A (en) Server account manages system, account login method, update method and equipment
US8136029B2 (en) Method and system for characterising a web site by sampling
CN103875015A (en) Multi-factor identity fingerprinting with user behavior
CN104272327B (en) Job management method and management system
CN109817347A (en) Inline diagnosis platform, its right management method and Rights Management System
CN106844730A (en) The display methods and device of file content
CN112948217B (en) Server repair checking method and device, storage medium and electronic equipment
CN110213234A (en) Developer's recognition methods, device, equipment and the storage medium of application file
CN106779485A (en) Total management system and data processing method based on SOA framework
CN111143391A (en) Data sharing exchange method and system
CN103248511B (en) A kind of analysis methods, devices and systems of single-point service feature
CN116738449A (en) DSMM-based data security management and control and operation system
CN113037505B (en) Method and system for realizing trusted Web application
CN110135169A (en) Leak detection method and device
CN113868669A (en) Vulnerability detection method and system
CN109725985A (en) The management method and device of virtual machine template
CN107430590A (en) Data compare
CN110378120A (en) Application programming interfaces attack detection method, device and readable storage medium storing program for executing
CN116228402A (en) Financial credit investigation feature warehouse technical support system
US20180260820A1 (en) System device and process for an educational regulatory electronic tool kit
US20190311140A1 (en) Automatically Discovering Attribute Permissions
CN115296936A (en) Automatic method and system for assisting detection of anti-network crime
CN115238311A (en) Archive management system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20190816