CN110135169A - Leak detection method and device - Google Patents
Leak detection method and device Download PDFInfo
- Publication number
- CN110135169A CN110135169A CN201910423228.4A CN201910423228A CN110135169A CN 110135169 A CN110135169 A CN 110135169A CN 201910423228 A CN201910423228 A CN 201910423228A CN 110135169 A CN110135169 A CN 110135169A
- Authority
- CN
- China
- Prior art keywords
- loophole
- inspection
- vulnerability information
- instruments
- technical staff
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/90—Details of database functions independent of the retrieved data types
- G06F16/95—Retrieval from the web
- G06F16/953—Querying, e.g. by the use of web search engines
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/90—Details of database functions independent of the retrieved data types
- G06F16/95—Retrieval from the web
- G06F16/958—Organisation or management of web site content, e.g. publishing, maintaining pages or automatic linking
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- Databases & Information Systems (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Software Systems (AREA)
- Data Mining & Analysis (AREA)
- Computing Systems (AREA)
- Computer And Data Communications (AREA)
Abstract
The embodiment of the present application provides a kind of leak detection method and device, comprising: obtains the first vulnerability information of vulnerability information distribution platform publication;Obtain the loophole instruments of inspection for being directed to first vulnerability information;Intranet is scanned by the loophole instruments of inspection, to detect at least one corresponding equipment of preset address section with the presence or absence of the corresponding loophole of the first vulnerability information.First obtain the first vulnerability information, then the loophole instruments of inspection for being directed to the first vulnerability information is being obtained, Hole Detection is carried out to the equipment in content using the loophole instruments of inspection, due to can just try to obtain the loophole instruments of inspection for the vulnerability information after obtaining the first vulnerability information, therefore compared with prior art, the application can have found loophole in time.
Description
Technical field
This application involves Hole Detection technical fields, in particular to a kind of leak detection method and device.
Background technique
In industrial enterprise, there are numerous industrial control equipments.Due to the complexity of industrial control equipment, start a leak in industrial control equipment
When, it is right the case where can not often finding these loopholes in time, cause loophole by hacker using causing leakage of information, virus to spread
Industrial enterprise causes damages.
Summary of the invention
In view of this, the embodiment of the present application provides a kind of leak detection method and device, to improve in the prior art
The problem of can not finding loophole in time.
In a first aspect, the embodiment of the present application provides a kind of leak detection method, which comprises obtain vulnerability information
First vulnerability information of distribution platform publication;Obtain the loophole instruments of inspection for being directed to first vulnerability information;Pass through the leakage
The hole instruments of inspection is scanned Intranet, is believed with detecting at least one corresponding equipment of preset address section with the presence or absence of the first loophole
Cease corresponding loophole.
In the above-described embodiment, the first vulnerability information is first obtained, is then obtaining the loophole for being directed to the first vulnerability information
The instruments of inspection carries out Hole Detection to the equipment in content using the loophole instruments of inspection, due to that can obtain the first loophole letter
Just try to obtain the loophole instruments of inspection for the vulnerability information after breath, therefore compared with prior art, the application can and
Shi Faxian loophole.
It is described to obtain the loophole instruments of inspection for being directed to first vulnerability information in a possible design, comprising: to
Task is write in terminal device transmission corresponding with technical staff;The technical staff is obtained to write for first vulnerability information
The loophole instruments of inspection.
In the above-described embodiment, it can be sent to the terminal device of technical staff and write task, writing in task can be with
Description information including the first vulnerability information carries out loophole inspection according to the description information of the first vulnerability information by technical staff
Tool is write.Since the corresponding loophole of the first vulnerability information may be the newest loophole being detected, on the market not yet
For the detection instrument of the loophole, therefore it can be sent to technical staff and write task, loophole inspection man is write by technical staff
Tool, to be quickly obtained the loophole instruments of inspection.
In a possible design, it is described to terminal device corresponding with technical staff transmission write task after, institute
State method further include: start timing after writing task described in the transmission;If the duration of timing is greater than or equal to the first preset duration
Shi Wei receives the loophole instruments of inspection that the terminal device is sent, and sends and makes to server corresponding with network security company
The commission of the loophole instruments of inspection is requested;It receives the network security company that the server is sent and is directed to the first vulnerability information system
The loophole instruments of inspection of work.
If not receiving the loophole instruments of inspection that technical staff is sent by terminal device within the first preset duration,
Show the loophole instruments of inspection writes that there are difficulty, then can send commission request to network security company, request profession
Network security company manufactures the loophole instruments of inspection, improves the manufacturing speed of the loophole instruments of inspection.
In a possible design, first vulnerability information include loophole feature description, it is described to technology people
Task is write in the corresponding terminal device transmission of member, comprising: the feature is described the technical characteristic with each technical staff prestored
It is matched, the object technology personnel for writing task described at least one undertaking is determined, to object technology described at least one
Personnel send task of writing, the default item of the matching degree satisfaction of the technical characteristic of the object technology personnel and feature description
Part.
The matched technical staff of technical characteristic is searched in technical staff according to the feature of loophole, then as can
The object technology personnel for task of writing are accepted, is then sent to object technology personnel and writes task, the characteristic matching based on loophole
The progress efficiency for the task of writing can be improved in suitable technical staff.
In a possible design, described send to object technology personnel described at least one writes task, comprising: root
According to the task amount of the technical staff of task table record, each technical staff at least one described technical staff is obtained
The busy gear of locating work;The technical staff minimum in the busy gear of work is obtained, is in the busy gear of work to described
Task is write in the corresponding terminal device transmission of minimum technical staff.
After obtaining the matched object technology personnel of technical characteristic, can also according to the task amount of technical staff come
Reasonable distribution writes task, and the task of writing is distributed to the lower technical staff of work busy degree, is both conducive to technical staff
Work allotment is carried out, the quick progress for the task of writing also is utilized.
It is described to the technical staff corresponding terminal minimum in the busy gear of work in a possible design
Task is write in equipment transmission, comprising: right according to the professional ability score value of the technical staff minimum in the busy gear of work
The technical staff minimum in the busy gear of work is ranked up according to sequence from high to low;It is highest to select sequence
Technical staff is as whole selecting technology personnel;Task is write to the corresponding terminal device transmission of the end selecting technology personnel.First obtain
The professional ability score value of the low whole technical staff of the busy gear that works, is then arranged according to the sequence of score value from high to low
Sequence is selected the technical staff that professional ability score value is high in the technical staff in the busy gear of same work, is further increased
That writes task writes speed.
It is described to obtain the loophole instruments of inspection for being directed to first vulnerability information in a possible design, comprising: to
Server corresponding with network security company sends the commission request of the production loophole instruments of inspection;Receive what the server was sent
Network security company is directed to the loophole instruments of inspection of first vulnerability information production.
Can directly to network security company send production the loophole instruments of inspection commission request, by network security company into
The production of the row loophole instruments of inspection, since the corresponding loophole of the first vulnerability information may be newest loophole, on the market without existing
Some loophole instruments of inspection, therefore the network security company of profession is entrusted to be conducive to being rapidly completed for the loophole instruments of inspection.
It is described to send production loophole inspection man to server corresponding with network security company in a possible design
After the commission request of tool, the method also includes: after sending the commission and requesting start timing;If the duration of timing is greater than
Or the loophole instruments of inspection that the server is sent is not received when equal to the second preset duration, to end corresponding with technical staff
Task is write in end equipment transmission;The technical staff that the corresponding terminal device of the technical staff is sent is received to leak for described first
The loophole instruments of inspection of hole message composition.
By sending commission request to network security company and sending that write task both modes same to technical staff
When make the loophole instruments of inspection, improve the loophole instruments of inspection producing efficiency.
In a possible design, first vulnerability information includes the feature description of loophole, described to pacify to network
The corresponding server of full company sends the commission request of the production loophole instruments of inspection, comprising: the feature is described and prestored
The technical characteristic that each network security company is good at is matched, and determines that at least one accepts the target network of the commission request
Security firm sends commission request, the skill of the target network security firm to target network security firm described at least one
Art feature and the matching degree of feature description meet preset condition.
The suitable network security company of characteristic matching based on loophole, can be improved the producing efficiency of the loophole instruments of inspection.
It is described to obtain the loophole instruments of inspection for being directed to first vulnerability information in a possible design, comprising: by
Artificial intelligence program writes the loophole instruments of inspection for first vulnerability information.
The instruments of inspection of the first vulnerability information is write by artificial intelligence program, artificial intelligence program can largely improve
The instruments of inspection writes efficiency.
In a possible design, the training process of the artificial intelligence program include: using sample vulnerability information as
Input quantity is input to original manual intelligent program using the sample loophole instruments of inspection as output quantity, to the original manual intelligence
Program is trained, and obtains the artificial intelligence program of training completion.
It can use sample vulnerability information and original manual intelligent program be trained with the sample loophole instruments of inspection, obtain
The artificial intelligence program that training is completed.
It is described to obtain the loophole instruments of inspection for being directed to first vulnerability information in a possible design, comprising: to adjust
Manually intelligence writes the loophole instruments of inspection for first vulnerability information;Judge the people in third preset duration
Whether work, which intelligently writes, is completed the loophole instruments of inspection;It is made if it is not, being sent to server corresponding with network security company
The commission of the loophole instruments of inspection is requested;Judge the network security that the server is sent whether is received in the second preset duration
Company is directed to the loophole instruments of inspection of first vulnerability information production;If it is not, being sent out to terminal device corresponding with technical staff
Send the task of writing;The technical staff that the corresponding terminal device of the technical staff is sent is received to compile for first vulnerability information
The loophole instruments of inspection write.
If artificial intelligence, which is not write, in third preset duration completes the loophole instruments of inspection, sends and make to network security company
Make the commission request of the loophole instruments of inspection;If not receiving network security corporation after sending the second preset duration of commission request
The loophole instruments of inspection of work then sends task of writing to technical staff, improves the producing efficiency of the loophole instruments of inspection as much as possible.
In a possible design, it is being scanned by preset address section of the loophole instruments of inspection to Intranet
Afterwards, the method also includes: judge at least one corresponding equipment of the preset address section with the presence or absence of the first vulnerability information pair
The loophole answered;If so, sending what characterization was held there are the loophole information warning of the corresponding loophole of the first vulnerability information to administrator
Administrator terminal equipment.
If there is the corresponding loophole of the first vulnerability information, loophole information warning is sent to administrator, to make administrator
Loophole can be handled as early as possible.
In a possible design, at least one corresponding equipment of the judgement preset address section is with the presence or absence of the
After the corresponding loophole of one vulnerability information, the method also includes: if at least one corresponding equipment of the preset address section is not
There are the corresponding loopholes of the first vulnerability information, send the safety instruction information that the corresponding loophole of the first vulnerability information is not present in characterization
The administrator terminal equipment held to administrator.
If there is no the corresponding loophole of the first vulnerability information, safety instruction information is sent to administrator, so as to accuse
Know not yet there is the corresponding loophole of the first vulnerability information in Administrator system.
In a possible design, first vulnerability information for obtaining the publication of vulnerability information distribution platform, comprising: benefit
The website that vulnerability information distribution platform is crawled with crawler, obtains the vulnerability information of update, and the vulnerability information of the update is described
First vulnerability information.
The website that vulnerability information distribution platform is actively crawled using crawler, is then obtained the vulnerability information of update, actively obtained
The vulnerability information of update is taken, so that the real-time of the first vulnerability information is stronger.
Second aspect, the embodiment of the present application provide a kind of Hole Detection device, and described device includes: that vulnerability information receives
Module, for obtaining the first vulnerability information of vulnerability information distribution platform publication;Tool obtains module, for obtaining for described
The loophole instruments of inspection of first vulnerability information;Vulnerability scanning module, for being swept by the loophole instruments of inspection to Intranet
It retouches, to detect at least one corresponding equipment of preset address section with the presence or absence of the corresponding loophole of the first vulnerability information.
In a possible design, tool obtain module include: task sending submodule, for technical staff couple
Task is write in the terminal device transmission answered;Tool obtains submodule, obtains the technical staff for first vulnerability information
The loophole instruments of inspection write.
In a possible design, described device further include: timing module, for being opened after writing task described in the transmission
Beginning timing;Sending module is entrusted, does not receive the terminal when being greater than or equal to the first preset duration for the duration in timing
When the loophole instruments of inspection that equipment is sent, the committee of the production loophole instruments of inspection is sent to server corresponding with network security company
Support request;Tool receiving module is directed to first vulnerability information for receiving the network security company that the server is sent
The loophole instruments of inspection of production.
In a possible design, task sending submodule, specifically for each skill that the feature is described and prestored
The technical characteristic of art personnel matches, and the object technology personnel that task is write described at least one undertaking is determined, at least
One object technology personnel sends task of writing, of the technical characteristic of the object technology personnel and feature description
Meet preset condition with degree.
In a possible design, the task sending submodule includes: busy gear time submodule, for according to work
The task amount for making the technical staff of task list record, obtains at least one described technical staff locating for each technical staff
The busy gear of work;Task sends time submodule, is in the minimum technical staff of the busy gear of work, Xiang Suoshu for obtaining
Task is write in the corresponding terminal device transmission of the technical staff minimum in the busy gear of work.
In a possible design, the task sending submodule further include: ability sequence time submodule is used for basis
The professional ability score value of the technical staff minimum in the busy gear of work, to described minimum in the busy gear of work
Technical staff is ranked up according to sequence from high to low;Time submodule is selected eventually, for selecting the highest technical staff of sequence
As whole selecting technology personnel;Task sends time submodule, compiles for sending to the corresponding terminal device of the end selecting technology personnel
Writing task.
In a possible design, tool obtain module include: commission submodule, for network security company pair
The server answered sends the commission request of the production loophole instruments of inspection;Tool receiving submodule, for receiving the server hair
The network security company sent is directed to the loophole instruments of inspection of first vulnerability information production.
In a possible design, tool obtains module further include: timing submodule, for being asked in the transmission commission
Start timing after asking;Task writes submodule, does not receive when being greater than or equal to the second preset duration for the duration in timing
When the loophole instruments of inspection that the server is sent, task is write to terminal device corresponding with technical staff transmission;Tool connects
Submodule is received, is directed to first vulnerability information for receiving the technical staff that the corresponding terminal device of the technical staff is sent
The loophole instruments of inspection write.
In a possible design, the commission submodule is specifically used for each network for describing the feature with prestoring
The technical characteristic that security firm is good at is matched, and it is public to determine that at least one accepts the target network safety of the commission request
Department sends commission request, the technical characteristic of the target network security firm to target network security firm described at least one
Meet preset condition with the matching degree of feature description.
In a possible design, tool obtains module and is specifically used for: by artificial intelligence program for first leakage
The loophole instruments of inspection described in the message composition of hole.
It further include artificial intelligence training module in a possible design, for using sample vulnerability information as input
Amount, using the sample loophole instruments of inspection as output quantity, is input to original manual intelligent program, to the original manual intelligent program
It is trained, obtains the artificial intelligence program of training completion.
In a possible design, it includes: artificial intelligence calling module that tool, which obtains module, for calling artificial intelligence
The loophole instruments of inspection is write for first vulnerability information;Third preset duration module, it is default in third for judging
Whether the artificial intelligence, which writes, in duration is completed the loophole instruments of inspection;Request commission module, for network security
The corresponding server of company sends the commission request of the production loophole instruments of inspection;Second preset duration module, for judging the
Whether receive what the network security company that the server is sent made for first vulnerability information in two preset durations
The loophole instruments of inspection;Task module is write, for writing task to terminal device corresponding with technical staff transmission;Loophole tool
Receiving module is directed to first vulnerability information for receiving the technical staff that the corresponding terminal device of the technical staff is sent
The loophole instruments of inspection write.
In a possible design, described device further include: loophole judgment module, for judging the preset address section
At least one corresponding equipment whether there is the corresponding loophole of the first vulnerability information;Information warning module is deposited for sending characterization
In the administrator terminal equipment that the loophole information warning of the corresponding loophole of the first vulnerability information is held to administrator.
In a possible design, described device further includes safety instruction module, for right in the preset address section
At least one equipment answered is corresponding there is no when the corresponding loophole of the first vulnerability information, sending characterization there is no the first vulnerability informations
Loophole the administrator terminal equipment held to administrator of safety instruction information.
In a possible design, information crawler module, for crawling the net of vulnerability information distribution platform using crawler
It stands, obtains the vulnerability information of update, the vulnerability information of the update is first vulnerability information.
The third aspect, the application provide a kind of electronic equipment, comprising: processor, memory and bus, the memory are deposited
The executable machine readable instructions of the processor are contained, when electronic equipment operation, the processor and the storage
By bus communication between device, execution first aspect or first aspect when the machine readable instructions are executed by the processor
Method described in any optional implementation.
Fourth aspect, the application provide a kind of computer readable storage medium, store on the computer readable storage medium
There is computer program, any optional realization of first aspect or first aspect is executed when which is run by processor
Method described in mode.
5th aspect, the application provide a kind of computer program product, and the computer program product is transported on computers
When row, so that computer executes the method in any possible implementation of first aspect or first aspect.
Above objects, features, and advantages to enable the embodiment of the present application to be realized are clearer and more comprehensible, be cited below particularly compared with
Good embodiment, and cooperate appended attached drawing, it is described in detail below.
Detailed description of the invention
Illustrate the technical solutions in the embodiments of the present application or in the prior art in order to clearer, to embodiment or will show below
There is attached drawing needed in technical description to be briefly described, it should be apparent that, the accompanying drawings in the following description is only this
Some embodiments of application for those of ordinary skill in the art without creative efforts, can be with
It obtains other drawings based on these drawings.
Fig. 1 is the flow chart of leak detection method provided by the embodiments of the present application;
Fig. 2 is a kind of flow chart of specific embodiment shown in step S110;
Fig. 3 is the flow chart of another specific embodiment shown in step S110;
Fig. 4 is the flow chart of another specific embodiment shown in step S110;
Fig. 5 is the schematic block diagram of Hole Detection device provided by the embodiments of the present application;
Fig. 6 is the structural block diagram of the electronic equipment 600 in the embodiment of the present application.
Specific embodiment
It is often not reasonable to the assets information screening in corporate intranet in current industrial enterprise, when starting a leak,
Can not the assets to corporate intranet quickly checked.The prior art is usually to carry out assets combing and investigation leakage using artificial
Hole, efficiency are lower;The prior art may also carry out batch to the industrial equipment in enterprise using existing Hole Detection script and test
Card will cause system resource saturation and the database problem locked because of application program caused by being repeatedly accessed.
Before introducing the embodiment of the present application, scene environment applied by the embodiment of the present application is first introduced, the application is real
The leak detection method for applying example offer may operate at corporate intranet safety management platform, which can realize in industrial control system
The basic functions such as Subscriber Management System, equipment management system, task management system, loophole collection management system.
User in Subscriber Management System can fulfil corresponding responsibility according to the administration authority of oneself, and responsibility can wrap
Include: menu configuration, user information maintenance, rights management configuration etc., all users including administrator do not have physics
It deletes and change system identity authenticates (such as short-message verification, Sign-On authentication) function, data are all transferred in the erasing for being related to data
Library manager (Database Administrator, abbreviation DBA) is responsible for, and guarantees the safety of data, is easy to the backtracking of data
Analysis.
Equipment management in equipment management system can be supported to realize there are three types of mode: newly-increased manually;File imports;One key
The search discovery of network segment formula.By three of the above mode, it can realize that the assets for automatically managing enterprises are set to greatest extent
Standby, assets are the cores of safety management, confirm asset management and carry out the classification of assets.Pass through the scanning function of port and loophole
The asset of equipments information updated and maintaining enterprise Intranet staff is responsible for may be implemented, looked forward to according to the different rights of user
The asset of equipments netted in the industry can be carried out increase, deletion, modification and the inquiry of assets information function after being scanned is realized.
Task management system mainly undertakes the task of the asset equipment of periodic scanning corporate intranet, judges the money of corporate intranet
Producing equipment whether there is security risk, to reduce the asset equipment of Intranet at work because of economic loss caused by safety problem.
Security scanners in task management system can carry out the automatic scanning of asset of equipments according to task strategy, can also synchronize wound
Build different scanning strategy task lists.
Loophole collection management system carries out the statistics and analysis of loophole data by two major classes;It include two moulds in the first kind
Block: loophole library module, can be with the vulnerability information of the corresponding website of industry control loophole distribution platform of synchronized update authority, and can prop up
Local loophole data query is held, corresponding vulnerability database synchronization plan can be formulated;Internal risks scan module is collected scanning and is appointed
The Intranet asset of equipments information of corresponding address section is shown in business, is facilitated the follow-up of administrative staff and is executed operation.Second class
The function that graphic analyses is mainly carried out to asset of equipments, the grade of facility information, risk port information, loophole is compared by analyzing
The data such as not are compared and classify to draw the analysis chart of assets chart.
Embodiment
Referring to Figure 1, Fig. 1 shows leak detection method provided by the embodiments of the present application, which can be with
It is individually run in terminal device, can also individually execute, specifically comprise the following steps: in server
Step S110 obtains the first vulnerability information of vulnerability information distribution platform publication.
Vulnerability information distribution platform can be the industry control loophole distribution platform of authority, and the first vulnerability information is vulnerability information hair
The relevant information for the new loophole that cloth platform timely updates.
Obtain vulnerability information distribution platform publication the first vulnerability information mode can there are many, it is alternatively possible to connect
The first vulnerability information that vulnerability information distribution platform is sent is received, vulnerability information distribution platform can be published at interval of scheduled duration
It is detected in the first vulnerability information obtained in above-mentioned scheduled duration, such as previous hour for being just published at interval of one hour
New loophole relevant information.
It is alternatively possible to crawl the website of vulnerability information distribution platform using crawler, the vulnerability information of update is obtained, it is described
The vulnerability information of update is first vulnerability information.
The website that vulnerability information distribution platform is actively crawled using crawler, is then obtained the vulnerability information of update, actively obtained
The vulnerability information of update is taken, so that the real-time of the first vulnerability information is stronger.
Step S120 obtains the loophole instruments of inspection for being directed to first vulnerability information.
The loophole instruments of inspection is to examine the instruments of inspection that whether there is loophole in equipment to be checked, the acquisition of the loophole instruments of inspection
There are many modes, writes task for example, can send to technical staff, then writes leakage according to the task of writing by technical staff
The hole instruments of inspection;Commission request can also be sent to network security company, request network security company makes the loophole instruments of inspection;
The loophole instruments of inspection can also be write by artificial intelligence.It is limit to the application that the acquisition pattern of the instruments of inspection, which should not be construed,
System.
Step S130 is scanned by preset address section of the loophole instruments of inspection to Intranet, to detect default ground
Section at least one corresponding equipment in location whether there is the corresponding loophole of the first vulnerability information.
Intranet can be the Intranet of multiple industrial equipment compositions.Preset address section is the partial address section or whole in Intranet
Address field can also be with for example, it may be whole address fields of Intranet, are also possible to by the address field of staff's artificial screening
It is the device address of industrial equipment crucial in Intranet.Technical staff can directly carry out equipment scanning, can also be scanned
The addition of task, technical staff can add scan task by way of adding IP address section.
The first vulnerability information is first obtained, then the loophole instruments of inspection for being directed to the first vulnerability information is being obtained, is utilizing loophole
The instruments of inspection carries out Hole Detection to the equipment in content, due to can just try to obtain needle after obtaining the first vulnerability information
To the loophole instruments of inspection of the vulnerability information, therefore compared with prior art, the application can have found loophole in time.
Optionally, in a specific embodiment, after step s 130, can also include the following steps:
Judge at least one corresponding equipment of the preset address section with the presence or absence of the corresponding loophole of the first vulnerability information.
If so, sending characterization, there are the pipes that the loophole information warning of the corresponding loophole of the first vulnerability information is held to administrator
Reason person's terminal device.
If it is not, sending what characterization was held there is no the safety instruction information of the corresponding loophole of the first vulnerability information to administrator
Administrator terminal equipment.
If there is the corresponding loophole of the first vulnerability information, it is whole to send the administrator that loophole information warning is held to administrator
End equipment, so that administrator be allow to handle as early as possible loophole.If there is no the corresponding loophole of the first vulnerability information, hair
It send safety instruction information to administrator, not yet there is the corresponding leakage of the first vulnerability information in Administrator system so as to inform
Hole.
Fig. 2 is referred to, in a specific embodiment, step S110 specifically comprises the following steps:
Step S111 writes task to terminal device corresponding with technical staff transmission.
Write may include in task the first vulnerability information description information, can to the first vulnerability information reflect loophole
It is described, such as describes the loophole in the layering of osi model, can also be classified based on the threat types of loophole to loophole.
Each technical staff is corresponding with the terminal device respectively used, and technical staff can be executed by corresponding terminal device and write journey
The task of sequence.Terminal device can be computer, be also possible to tablet computer, and the concrete type of terminal device should not be construed
It is the limitation to the application.
In a specific embodiment, writing write required by task is viewpoint proving program (Proof of
Concept, abbreviation POC) script, write the canonical schema of writing for the POC validation framework that there can be specification in task, frame therein
Frame has defined the development specifications of itself, has the verifying function requirements of details description and POC () function, exists in addition to this
POC () function writes that there is no limit, technical staff to carry out relevant patrol by different vulnerability informations to technical staff
The function for collecting verifying is write.
Optionally, internal technical staff is simply trained, it can be so that internal technical staff carries out some letters
Single POC script is write, and corporate intranet safety management platform can arrange the POC script write quick at any time to realize
Calling.Technical staff can improve and test to existing POC script at any time, and the batch scanning of assets in Intranet is supported to test
Card.
Step S111 is specifically included: the feature described to match with the technical characteristic of each technical staff prestored,
It determines the object technology personnel for writing task described at least one undertaking, sends and compile to object technology personnel described at least one
The matching degree of writing task, the technical characteristic of the object technology personnel and feature description meets preset condition.
Preset condition also refers to loophole in the layering field of osi model, also also refers to the threat based on loophole
The classification for the loophole that type obtains.It is limitation to the application that actual conditions representated by preset condition, which should not be construed,.
Feature is described to match with the technical characteristic of each technical staff prestored, can be to obtain loophole in OSI mould
The layering of type, such as the loophole are to belong to application layer, session layer, network layer or data link layer, then from multiple technical staff
Middle screening is good at loophole at least one technical staff in the layering field of osi model, then to technical staff's corresponding end
Task is write in end equipment transmission.
The classification for being also possible to obtain loophole is to belong to the memory destruction class loophole, CGI class loophole that obtain control;Obtain letter
Class loophole, configuration error class loophole are verified in the input of breath;The memory of refusal service destroys class, the leakage of exception treatment error handle class
Then hole filters out the technical staff for being good at corresponding vulnerability classification from multiple technical staff.
Optionally, described send to object technology personnel described at least one writes task, comprising: according to task table
The task amount of the technical staff of record obtains busy locating for each technical staff at least one described technical staff
Commonplace gear;The technical staff minimum in the busy gear of work is obtained, to the technology people minimum in the busy gear of work
Task is write in the corresponding terminal device transmission of member.
Task table records the task amount for having technical staff, and each technology can be divided according to task amount
The busy gear of work locating for personnel, for example, task amount between 1 to 5, corresponds to first grade of busy gear;Task
Amount is between 6 to 10, the corresponding busy gear of second gear;Task amount is between 11 to 15, the corresponding busy gear ... of third gear
It includes 10 technical staff that at least one described technical staff, which might as well be set, first grade corresponding in 10 technical staff
Busy gear has 4 people, and the corresponding busy gear of second gear has 3 people, and the corresponding busy gear of third gear has 3 people, then can be to
Corresponding 4 technical staff of first grade of busy gear, which send, writes task.
Optionally, described to be write to the corresponding terminal device transmission of the technical staff minimum in the busy gear of work
Task, comprising: according to the professional ability score value of the technical staff minimum in the busy gear of work, be in work to described
The minimum technical staff of busy gear is ranked up according to sequence from high to low;Select the highest technical staff's conduct of sequence
Whole selecting technology personnel;Task is write to the corresponding terminal device transmission of the end selecting technology personnel.
Professional ability score value can reflect the qualification of the professional ability of technical staff, and score value is higher to represent technical staff
Professional ability it is more skilled, therefore, can be according to professional energy after obtaining the technical staff in the busy gear of same work
Power score value is ranked up technical staff by sequence from high to low.Such as to 4 people for being in first grade of busy gear, according to special
Industry ability score value is ranked up, and selects the highest technical staff of professional ability score value, as whole selecting technology personnel, then to
Task is write in the corresponding terminal device transmission of whole selecting technology personnel.
The professional ability score value of the low whole technical staff of the busy gear of work is first obtained, then from high to low according to score value
Sequence be ranked up, select the high technology people of professional ability score value in the technical staff in the busy gear of same work
Member, further increase the task of writing writes speed.
After step S111 and before step S112, it can also include the following steps:
Start timing after task is write described in the transmission.
If the duration of timing does not receive the loophole inspection that the terminal device is sent when being greater than or equal to the first preset duration
Tool is tested, the commission request of the production loophole instruments of inspection is sent to server corresponding with network security company.
Receive the loophole inspection man that the network security company that the server is sent is directed to first vulnerability information production
Tool.
Network security company, which can be, provides the company of Network Security Service, Network Security Service for other enterprises or individual
It may include production Hole Detection tool, production antivirus software etc..If not receiving technical staff within the first preset duration
The loophole instruments of inspection sent by terminal device, then show the loophole instruments of inspection writes that there are difficulty, then can be to net
Network security firm sends commission request, requests the network security company manufacture loophole instruments of inspection of profession, improves loophole inspection man
The manufacturing speed of tool.
Step S112 obtains the technical staff and is directed to the loophole instruments of inspection that first vulnerability information is write.
Since the corresponding loophole of the first vulnerability information may be the newest loophole being detected, there are no be directed on the market
The detection instrument of the loophole, therefore can be sent to technical staff and write task, the loophole instruments of inspection is write by technical staff, from
And it is quickly obtained the loophole instruments of inspection.
Fig. 3 is referred to, in another embodiment specific implementation mode, step S110 specifically comprises the following steps:
Step S211 sends the commission request of the production loophole instruments of inspection to server corresponding with network security company.
It is alternatively possible to which the feature is described the technical characteristic being good at each network security company prestored progress
Match, determines that at least one accepts the target network security firm of the commission request, pacify to target network described at least one
Full company sends commission request, and the matching degree that the technical characteristic of the target network security firm and the feature describe meets pre-
If condition.
Preset condition herein can be identical as the preset condition being mentioned above, can also be with default item mentioned above
Part is different, and preset condition can refer to that loophole in the layering field of osi model, also also refers to the threat types based on loophole and obtains
The classification of the loophole arrived.It is limitation to the application that actual conditions representated by preset condition, which should not be construed,.
For example, the layering field of osi model where determining the corresponding loophole of the first vulnerability information, then selection is good at this
The network security company in layering field;It can also determine threat types belonging to the corresponding loophole of the first vulnerability information, then
The network security company of the loophole of the threat types is good in selection.
After step S211, it can also include the following steps: to start timing after sending the commission request;If timing
Duration the loophole instruments of inspection that the server is sent is not received when being greater than or equal to the second preset duration, to technology people
Task is write in the corresponding terminal device transmission of member;The technical staff that the corresponding terminal device of the technical staff is sent is received to be directed to
The loophole instruments of inspection that first vulnerability information is write.
If the loophole inspection man of network security company return is not received in the second preset duration after sending commission request
Tool, then illustrate that there are certain manufacture difficulties for the loophole instruments of inspection, therefore, technical staff can be entrusted to write loophole inspection man
Tool, by the transmission commission request of network security company and writing both modes of task to technical staff's transmission while making
The loophole instruments of inspection improves the producing efficiency of the loophole instruments of inspection.
Step S212 receives the leakage that the network security company that the server is sent is directed to first vulnerability information production
The hole instruments of inspection.
If network security company completes the production of Hole Detection tool in the second preset duration, net can be directly received
The loophole instruments of inspection that server where network security firm is sent.
Fig. 4 is referred to, in another specific embodiment, step S110 specifically comprises the following steps:
Step S311 calls artificial intelligence to write the loophole instruments of inspection for first vulnerability information.
The loophole instruments of inspection is write for first vulnerability information by artificial intelligence program.Artificial intelligence program can
That largely improves the instruments of inspection writes efficiency.
Optionally, the training process of artificial intelligence program includes: using sample vulnerability information as input quantity, by sample loophole
The instruments of inspection is input to original manual intelligent program as output quantity, is trained, obtains to the original manual intelligent program
The artificial intelligence program that training is completed.
Artificial intelligence program can be made more and more intelligent by training, so as to more quickly and accurately write loophole
The program of detection instrument.
Step S312 judges whether the artificial intelligence writes in third preset duration and completes the loophole inspection man
Tool, if it is not, executing step S313.
Third preset duration is a preset time span, is specifically as follows a hour or half an hour,
It is limitation to the application that the specific duration of third preset duration, which should not be construed,.If artificial intelligence is in third preset duration
Completion is not write, then can be shown that the loophole instruments of inspection writes that there are certain difficulty, it is also possible to show current artificial
Intelligent program can not be competent at writing for the loophole instruments of inspection, therefore execute step S313.
Step S313 sends the commission request of the production loophole instruments of inspection to server corresponding with network security company.
Step S314 judges the network security company needle that the server is sent whether is received in the second preset duration
To the loophole instruments of inspection of first vulnerability information production, if it is not, executing step S315.
Second preset duration is a preset time span, and time span can be with third preset duration phase
It together, can also be different from third preset duration.It can be opened sending commission request to server corresponding with network security company
Beginning timing, if network security firm does not complete the production of the loophole instruments of inspection still in the second preset duration, further illustrating should
The production of the loophole instruments of inspection executes step S315 there are biggish difficulty, when executing step S315, can stop to
The commission request that network security company sends, so as to economize on resources;It can not also stop to the transmission of network security company
Commission request.
Step S315 writes task to terminal device corresponding with technical staff transmission.
Step S316 receives the technical staff that the corresponding terminal device of the technical staff is sent and is directed to first loophole
The loophole instruments of inspection of message composition.
The commission request sent to network security company can not stopped while sending to technical staff and writing task,
Both sides can be entrusted to make the loophole instruments of inspection simultaneously, to largely improve the acquisition efficiency of the loophole instruments of inspection.
Refer to Fig. 5, Fig. 5 shows Hole Detection device provided by the embodiments of the present application, it should be appreciated that the device 500 with
Above-mentioned Fig. 1 embodiment of the method is corresponding, is able to carry out each step that above method embodiment is related to, the specific function of device 500
Can may refer to it is described above, it is appropriate herein to omit detailed description to avoid repeating.Device 500 includes at least one energy
Operating system (the operating of device 500 is stored in memory or is solidificated in the form of software or firmware (firmware)
System, OS) in software function module.Specifically, which includes:
Vulnerability information receiving module 510, for obtaining the first vulnerability information of vulnerability information distribution platform publication.
Tool obtains module 520, for obtaining the loophole instruments of inspection for being directed to first vulnerability information.
Vulnerability scanning module 530, for being scanned by the loophole instruments of inspection to Intranet, to detect preset address
At least one corresponding equipment of section whether there is the corresponding loophole of the first vulnerability information.
The application also provides a kind of device, and Fig. 6 is the structural block diagram of the electronic equipment 600 in the embodiment of the present application, such as Fig. 6
It is shown.Electronic equipment 600 may include processor 610, communication interface 620, memory 630 and at least one communication bus 640.
Wherein, communication bus 640 is for realizing the direct connection communication of these components.Wherein, in the embodiment of the present application equipment communication
Interface 620 is used to carry out the communication of signaling or data with other node devices.Processor 610 can be a kind of ic core
Piece, the processing capacity with signal.Above-mentioned processor 610 can be general processor, including central processing unit (Central
Processing Unit, abbreviation CPU), network processing unit (Network Processor, abbreviation NP) etc.;It can also be number
Signal processor (DSP), specific integrated circuit (ASIC), ready-made programmable gate array (FPGA) or other programmable logic devices
Part, discrete gate or transistor logic, discrete hardware components.It may be implemented or execute the disclosure in the embodiment of the present application
Each method, step and logic diagram.General processor can be microprocessor or the processor 610 be also possible to it is any often
The processor etc. of rule.
Memory 630 may be, but not limited to, random access memory (Random Access Memory, RAM), only
It reads memory (Read Only Memory, ROM), programmable read only memory (Programmable Read-Only
Memory, PROM), erasable read-only memory (Erasable Programmable Read-Only Memory, EPROM),
Electricallyerasable ROM (EEROM) (Electric Erasable Programmable Read-Only Memory, EEPROM) etc..
Computer-readable instruction fetch is stored in memory 630, when the computer-readable instruction fetch is executed by the processor 610
When, electronic equipment 600 can execute each step that above-mentioned Fig. 1 is related to Fig. 3 embodiment of the method.
Electronic equipment 600 can also include storage control, input-output unit, audio unit, display unit.
The memory 630, processor 610, Peripheral Interface, input-output unit, audio unit, is shown storage control
Show that each element of unit is directly or indirectly electrically connected between each other, to realize the transmission or interaction of data.For example, these elements
It can be realized and be electrically connected by one or more communication bus 640 between each other.The processor 610 is for executing memory
The executable module stored in 630.
Input-output unit is used to be supplied to user input data and realizes user and the server (or local terminal)
Interaction.The input-output unit may be, but not limited to, mouse and keyboard etc..
Audio unit provides a user audio interface, may include one or more microphones, one or more loudspeaking
Device and voicefrequency circuit.
Display unit provided between the electronic equipment and user an interactive interface (such as user interface) or
It is referred to for display image data to user.In the present embodiment, the display unit can be liquid crystal display or touch-control is aobvious
Show device.It can be the capacitance type touch control screen or resistance type touch control screen of support single-point and multi-point touch operation if touch control display
Deng.Single-point and multi-point touch operation is supported to refer to that touch control display can sense one or more positions on the touch control display
The touch control operation setting place while generating, and the touch control operation that this is sensed transfers to processor to be calculated and handled.
Input-output unit is used to be supplied to the interaction that user input data realizes user and processing terminal.The input is defeated
Unit may be, but not limited to, out, mouse and keyboard etc..
It is appreciated that structure shown in fig. 6 is only to illustrate, the electronic equipment 600 may also include more than shown in Fig. 6
Perhaps less component or with the configuration different from shown in Fig. 6.Each component shown in Fig. 6 can use hardware, software
Or combinations thereof realize.
The application also provides a kind of computer readable storage medium, is stored with computer on the computer readable storage medium
Program executes method described in embodiment of the method when the computer program is run by processor.
The application also provides a kind of computer program product to be made when the computer program product is run on computers
It obtains computer and executes method described in embodiment of the method.
It is apparent to those skilled in the art that for convenience and simplicity of description, the system of foregoing description
Specific work process, no longer can excessively be repeated herein with reference to the corresponding process in preceding method.
It should be noted that all the embodiments in this specification are described in a progressive manner, each embodiment weight
Point explanation is the difference from other embodiments, and the same or similar parts between the embodiments can be referred to each other.
For device class embodiment, since it is basically similar to the method embodiment, so being described relatively simple, related place ginseng
See the part explanation of embodiment of the method.
In several embodiments provided herein, it should be understood that disclosed device and method can also pass through it
Its mode is realized.The apparatus embodiments described above are merely exemplary, for example, the flow chart and block diagram in attached drawing are aobvious
The device of multiple embodiments according to the application, architectural framework in the cards, the function of method and computer program product are shown
It can and operate.In this regard, each box in flowchart or block diagram can represent one of a module, section or code
Point, a part of the module, section or code includes one or more for implementing the specified logical function executable
Instruction.It should also be noted that function marked in the box can also be attached to be different from some implementations as replacement
The sequence marked in figure occurs.For example, two continuous boxes can actually be basically executed in parallel, they sometimes may be used
To execute in the opposite order, this depends on the function involved.It is also noted that each of block diagram and or flow chart
The combination of box in box and block diagram and or flow chart can be based on the defined function of execution or the dedicated of movement
The system of hardware is realized, or can be realized using a combination of dedicated hardware and computer instructions.
In addition, each functional module in each embodiment of the application can integrate one independent portion of formation together
Point, it is also possible to modules individualism, an independent part can also be integrated to form with two or more modules.
It, can be with if the function is realized and when sold or used as an independent product in the form of software function module
It is stored in a computer readable storage medium.Based on this understanding, the technical solution of the application is substantially in other words
The part of the part that contributes to existing technology or the technical solution can be embodied in the form of software products, the meter
Calculation machine software product is stored in a storage medium, including some instructions are used so that a computer equipment (can be a
People's computer, server or network equipment etc.) execute each embodiment the method for the application all or part of the steps.
And storage medium above-mentioned includes: that USB flash disk, mobile hard disk, read-only memory (ROM, Read-Only Memory), arbitrary access are deposited
The various media that can store program code such as reservoir (RAM, Random Access Memory), magnetic or disk.It needs
Illustrate, herein, relational terms such as first and second and the like be used merely to by an entity or operation with
Another entity or operation distinguish, and without necessarily requiring or implying between these entities or operation, there are any this realities
The relationship or sequence on border.Moreover, term " includes " or any other variant thereof is intended to cover non-exclusive inclusion, thus
So that the process, method, article or equipment for including a series of elements not only includes those elements, but also including not clear
The other element listed, or further include for elements inherent to such a process, method, article, or device.Do not having more
In the case where more limitations, the element that is limited by sentence "including a ...", it is not excluded that including process, the side of the element
There is also other identical elements in method, article or equipment.
The foregoing is merely preferred embodiment of the present application, are not intended to limit this application, for the skill of this field
For art personnel, various changes and changes are possible in this application.Within the spirit and principles of this application, made any to repair
Change, equivalent replacement, improvement etc., should be included within the scope of protection of this application.It should also be noted that similar label and letter exist
Similar terms are indicated in following attached drawing, therefore, once being defined in a certain Xiang Yi attached drawing, are then not required in subsequent attached drawing
It is further defined and explained.
The above, the only specific embodiment of the application, but the protection scope of the application is not limited thereto, it is any
Those familiar with the art within the technical scope of the present application, can easily think of the change or the replacement, and should all contain
Lid is within the scope of protection of this application.Therefore, the protection scope of the application shall be subject to the protection scope of the claim.
Claims (10)
1. a kind of leak detection method, which is characterized in that the described method includes:
Obtain the first vulnerability information of vulnerability information distribution platform publication;
Obtain the loophole instruments of inspection for being directed to first vulnerability information;
It is scanned by preset address section of the loophole instruments of inspection to Intranet, it is corresponding at least to detect preset address section
One equipment whether there is the corresponding loophole of the first vulnerability information.
2. the method according to claim 1, wherein the loophole inspection obtained for first vulnerability information
Test tool, comprising:
Task is write to terminal device corresponding with technical staff transmission;
It obtains the technical staff and is directed to the loophole instruments of inspection that first vulnerability information is write.
3. according to the method described in claim 2, it is characterized in that, described send to terminal device corresponding with technical staff is compiled
After writing task, the method also includes:
Start timing after task is write described in the transmission;
If the duration of timing does not receive the loophole inspection man that the terminal device is sent when being greater than or equal to the first preset duration
Tool sends the commission request of the production loophole instruments of inspection to server corresponding with network security company;
Receive the loophole instruments of inspection that the network security company that the server is sent is directed to first vulnerability information production.
4. according to the method described in claim 2, it is characterized in that, first vulnerability information include loophole feature description,
It is described to write task to terminal device corresponding with technical staff transmission, comprising:
The feature is described to match with the technical characteristic of each technical staff prestored, is determined described at least one undertaking
The object technology personnel for writing task send to object technology personnel described at least one and write task, the object technology people
The technical characteristic of member and the matching degree of feature description meet preset condition.
5. according to the method described in claim 4, it is characterized in that, described send to object technology personnel described at least one is compiled
Writing task, comprising:
According to the task amount of the technical staff of task table record, each skill at least one described technical staff is obtained
The busy gear of work locating for art personnel;
The technical staff minimum in the busy gear of work is obtained, to the technical staff pair minimum in the busy gear of work
Task is write in the terminal device transmission answered.
6. according to the method described in claim 5, it is characterized in that, described to the technology minimum in the busy gear of work
Task is write in the corresponding terminal device transmission of personnel, comprising:
According to the professional ability score value of the technical staff minimum in the busy gear of work, the busy shelves of work are in described
The minimum technical staff in position is ranked up according to sequence from high to low;
The highest technical staff of sequence is selected as whole selecting technology personnel;
Task is write to the corresponding terminal device transmission of the end selecting technology personnel.
7. the method according to claim 1, wherein the loophole inspection obtained for first vulnerability information
Test tool, comprising:
The commission request of the production loophole instruments of inspection is sent to server corresponding with network security company;
Receive the loophole instruments of inspection that the network security company that the server is sent is directed to first vulnerability information production.
8. the method according to the description of claim 7 is characterized in that described send to server corresponding with network security company
After making the commission request of the loophole instruments of inspection, the method also includes:
Start timing after sending the commission request;
If the duration of timing does not receive the loophole instruments of inspection that the server is sent when being greater than or equal to the second preset duration,
Task is write to terminal device corresponding with technical staff transmission;
It receives the technical staff that the corresponding terminal device of the technical staff is sent and is directed to the leakage that first vulnerability information is write
The hole instruments of inspection.
9. the method according to the description of claim 7 is characterized in that first vulnerability information include loophole feature description,
The commission request that the production loophole instruments of inspection is sent to server corresponding with network security company, comprising:
The technical characteristic that feature description is good at each network security company prestored is matched, determines at least one
The target network security firm for accepting the commission request, sends commission to target network security firm described at least one and asks
It asks, the matching degree of the technical characteristic of the target network security firm and feature description meets preset condition.
10. a kind of Hole Detection device, which is characterized in that described device includes:
Vulnerability information receiving module, for obtaining the first vulnerability information of vulnerability information distribution platform publication;
Tool obtains module, for obtaining the loophole instruments of inspection for being directed to first vulnerability information;
Vulnerability scanning module, it is corresponding to detect preset address section for being scanned by the loophole instruments of inspection to Intranet
At least one equipment whether there is the corresponding loophole of the first vulnerability information.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910423228.4A CN110135169A (en) | 2019-05-21 | 2019-05-21 | Leak detection method and device |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910423228.4A CN110135169A (en) | 2019-05-21 | 2019-05-21 | Leak detection method and device |
Publications (1)
Publication Number | Publication Date |
---|---|
CN110135169A true CN110135169A (en) | 2019-08-16 |
Family
ID=67571837
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201910423228.4A Pending CN110135169A (en) | 2019-05-21 | 2019-05-21 | Leak detection method and device |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN110135169A (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111309311A (en) * | 2020-03-04 | 2020-06-19 | 杭州安恒信息技术股份有限公司 | Vulnerability detection tool generation method, device, equipment and readable storage medium |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101727533A (en) * | 2008-10-30 | 2010-06-09 | 新奥特硅谷视频技术有限责任公司 | Automatic BUG distribution method capable of adaptive parameter regulation |
CN102226913A (en) * | 2011-05-23 | 2011-10-26 | 中国科学院软件研究所 | Method for automatically generating Bug repair plan and Bug repair method |
CN102945351A (en) * | 2012-11-05 | 2013-02-27 | 中国科学院软件研究所 | Security vulnerability fixing method based on two-dimensional code for mobile intelligent terminal in cloud environment |
CN105975863A (en) * | 2016-04-27 | 2016-09-28 | 国网天津市电力公司 | Method for evaluating and calculating information security risk of power distribution automation terminal equipment |
CN107766730A (en) * | 2017-09-18 | 2018-03-06 | 北京知道未来信息技术有限公司 | A kind of method that leak early warning is carried out for extensive target |
-
2019
- 2019-05-21 CN CN201910423228.4A patent/CN110135169A/en active Pending
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101727533A (en) * | 2008-10-30 | 2010-06-09 | 新奥特硅谷视频技术有限责任公司 | Automatic BUG distribution method capable of adaptive parameter regulation |
CN102226913A (en) * | 2011-05-23 | 2011-10-26 | 中国科学院软件研究所 | Method for automatically generating Bug repair plan and Bug repair method |
CN102945351A (en) * | 2012-11-05 | 2013-02-27 | 中国科学院软件研究所 | Security vulnerability fixing method based on two-dimensional code for mobile intelligent terminal in cloud environment |
CN105975863A (en) * | 2016-04-27 | 2016-09-28 | 国网天津市电力公司 | Method for evaluating and calculating information security risk of power distribution automation terminal equipment |
CN107766730A (en) * | 2017-09-18 | 2018-03-06 | 北京知道未来信息技术有限公司 | A kind of method that leak early warning is carried out for extensive target |
Non-Patent Citations (3)
Title |
---|
李珍 等: "面向源代码的软件漏洞静态检测综述", 《网络与信息安全学报》 * |
禚月: "电力行业漏洞信息集成系统的设计与实现", 《中国优秀硕士学位论文全文数据库》 * |
胡浩: "面向漏洞生命周期的安全风险度量方法", 《软件学报》 * |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111309311A (en) * | 2020-03-04 | 2020-06-19 | 杭州安恒信息技术股份有限公司 | Vulnerability detection tool generation method, device, equipment and readable storage medium |
CN111309311B (en) * | 2020-03-04 | 2023-04-25 | 杭州安恒信息技术股份有限公司 | Vulnerability detection tool generation method, device, equipment and readable storage medium |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN109409043A (en) | Login method, terminal device and the medium of application system | |
KR102017756B1 (en) | Apparatus and method for detecting abnormal behavior | |
CN108377227A (en) | Server account manages system, account login method, update method and equipment | |
US8136029B2 (en) | Method and system for characterising a web site by sampling | |
CN103875015A (en) | Multi-factor identity fingerprinting with user behavior | |
CN104272327B (en) | Job management method and management system | |
CN106844730A (en) | The display methods and device of file content | |
CN112948217B (en) | Server repair checking method and device, storage medium and electronic equipment | |
CN110266872A (en) | Management-control method, device and the cloud address book system of address book data | |
CN110213234A (en) | Developer's recognition methods, device, equipment and the storage medium of application file | |
CN106779485A (en) | Total management system and data processing method based on SOA framework | |
CN111143391A (en) | Data sharing exchange method and system | |
CN103248511B (en) | A kind of analysis methods, devices and systems of single-point service feature | |
CN113037505B (en) | Method and system for realizing trusted Web application | |
CN110135169A (en) | Leak detection method and device | |
CN109725985A (en) | The management method and device of virtual machine template | |
CN107430590A (en) | Data compare | |
CN116738449A (en) | DSMM-based data security management and control and operation system | |
CN110378120A (en) | Application programming interfaces attack detection method, device and readable storage medium storing program for executing | |
US20180260820A1 (en) | System device and process for an educational regulatory electronic tool kit | |
CN109299598A (en) | Data managing method and device | |
Kersten et al. | 'Give Me Structure': Synthesis and Evaluation of a (Network) Threat Analysis Process Supporting Tier 1 Investigations in a Security Operation Center | |
CN112637873A (en) | Robustness testing method and device based on wireless communication network of unmanned system | |
CN113886837A (en) | Vulnerability detection tool credibility verification method and system | |
Eitel | Environmental Aware Vulnerability Scoring. |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20190816 |