CN110532780A - A kind of vulnerability scanning system and its operation method based on vulnerability scan - Google Patents
A kind of vulnerability scanning system and its operation method based on vulnerability scan Download PDFInfo
- Publication number
- CN110532780A CN110532780A CN201910674610.2A CN201910674610A CN110532780A CN 110532780 A CN110532780 A CN 110532780A CN 201910674610 A CN201910674610 A CN 201910674610A CN 110532780 A CN110532780 A CN 110532780A
- Authority
- CN
- China
- Prior art keywords
- vulnerability
- scanning
- scan
- data
- server
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Withdrawn
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/25—Integrating or interfacing systems involving database management systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/03—Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
- G06F2221/034—Test or assess a computer or a system
Landscapes
- Engineering & Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Databases & Information Systems (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Software Systems (AREA)
- Data Mining & Analysis (AREA)
- Computing Systems (AREA)
- Computer And Data Communications (AREA)
Abstract
The present invention provides a kind of vulnerability scanning system based on vulnerability scan, including etc. user agent's system, scanning server and vulnerability scan system to be scanned, the vulnerability scanning server and the vulnerability scan communicate to connect;The vulnerability scan system includes complete edition vulnerability scan, classification vulnerability scan and recombination vulnerability scan;The scanning server collects the characteristic information of user agent's system, then the scanning server is according to the characteristic information, then the characteristic information of acquisition is compared with the loophole data in vulnerability scan, analyzes and finally obtain scanning result by server, result information after analysis scanning, judge that user agent's system whether there is loophole, and feeds back to user agent's system;Disclosed herein as well is the operating processes of the system, including examine, and acquire, and compare, and modification finally terminates.The application realizes a standardized scanning system, and the scanning process of an additional standard.
Description
Technical field
The present invention relates to field of computer, specially a kind of vulnerability scanning system and its fortune based on vulnerability scan
Row method.
Background technique
With networking and information-based high speed development, computer network has gradually penetrated into each neck of national economy
Domain, with the every aspect of people's life and work.Think that the IT wave of representative becomes increasingly popular network application, level is gradually
Deeply, it share numerous enterprises, tissue, mechanism, individual etc. can sufficiently, utilizes the information and resource of network.
However, with network information application level gradually deeply, application field from traditional, small businesses system gradually to
Large-scale, key service system extension, people are more and more stronger to the dependence of computer network, therewith bring network security problem
Also it becomes increasingly conspicuous.Overall conception and design are carried out under the environment of a safety due to just assuming that since establishing, it is relevant
Agreement is also specially to be designed for the network interconnection in a trustable environment, same the considerations of lacking safety measure.And mesh
Various computers, server and other network equipments on preceding network it is all more or less there are loophole or security risks, this is just
So that the participant of more and more different backgrounds and different motivations gets involved in the environment of internet, using present in computer
Loophole or security risk are attacked user and the interference of virus, brings the puzzlement on Working Life for people.
It can be seen that the vulnerability scanning system using different scanning technological development from the state of development of current vulnerability scanning system
System, to a certain extent can be with the safety of effective guarantee system and network.But ununified standard is to existing these
System standardized, functionally with all there is limitation in performance, the need of system and network can only be met under particular circumstances
It wants, it cannot be in the macroscopically whole safety for guaranteeing computer system.
Summary of the invention
In view of this, the technical problem to be solved in the present invention is to provide a kind of vulnerability scanning systems based on vulnerability scan
And its operation method, it solves the ununified standard of existing vulnerability scanning system and asks what these existing systems were standardized
Topic.
The technical scheme of the present invention is realized as follows:
A kind of vulnerability scanning system based on vulnerability scan, including etc. user agent's system to be scanned, scan service
Device and vulnerability scan system,
The vulnerability scanning server and the vulnerability scan communicate to connect;The vulnerability scan system includes complete edition
Vulnerability scan, classification vulnerability scan and recombination vulnerability scan;
The scanning server collects the characteristic information of user agent's system, and then the scanning server is according to institute
Characteristic information is stated, then the characteristic information of acquisition is compared with the loophole data in vulnerability scan, analyzes most by server
After obtain scanning result, the result information after analysis scanning judges that user agent's system with the presence or absence of loophole, and feeds back to user
Agency plant.
Preferably, the vulnerability scan further includes data upgrade-system, data backup system and data entry system, is led to
Cross the data upgrade-system, the data backup system and the data entry system to data in the vulnerability scan into
Row increase, update and it is perfect.
It preferably, further include vulnerability definitions editing machine and dictionary editing machine inside the scanning server, the loophole is fixed
Adopted editing machine is for manual editing's loophole data to specified loophole data file;The dictionary editing machine is used for manual editing's dictionary
In software and hardware product information, involved product information marked by design dictionary module in vulnerability scanning system
Standardization description.
Preferably, data detection module is additionally provided in the scanning server, the data detection module is for detecting
Whether the vulnerability scan is latest edition, if it is not, the vulnerability scan of downloading latest edition.
Preferably, proxy data management system, the proxy data management system pair are provided in the scanning server
The characteristic information and the result information are updated and store, and are provided with proxy database in the proxy data system;
The loophole proxy database stores the characteristic information and the result information.
Preferably, the operating method of the vulnerability scanning system based on vulnerability scan, comprising the following steps:
Step 1 is examined: the vulnerability scanning server tests to the data in the vulnerability scan;
Step 2, acquisition: the vulnerability scanning server system is scanned the characteristic information of user agent's system
It collects;
Step 3 compares: described that the characteristic information is compared with the loophole data of the vulnerability scan, judgement
It is whether leaky, if there is then entering next step, terminate all operations if not;
Step 4, modification: to judging that leaky user agent's system repairs;
Step 5 terminates.
Preferably, in the step 2, there are three types of acquisition modes:
Total system scanning carries out whole scannings to user agent's system using the vulnerability scanning server;
Part system scanning, specifically partially sweeps user agent's Systematic selection using the vulnerability scanning server
It retouches;
Skeleton scanning, is scanned using body frame structure of the loophole server to user agent's system.
Preferably, when in the step 1 to examining, setting permission allows module in vulnerability scan, passes through the permission
After allowing module to allow, the vulnerability scanning server tests to the data of the vulnerability scan.
The utility model has the advantages that
A kind of vulnerability scanning system based on vulnerability scan provided by the invention, including include etc. user's generation to be scanned
Reason system, scanning server and vulnerability scan system collect the characteristic information of user agent's system by scanning server, so
Scanning server is according to characteristic information afterwards, then server by the loophole data in the characteristic information and vulnerability scan of acquisition into
Row is relatively, analysis is last show that scanning result, the result information after analysis scanning judge user agent's system with the presence or absence of leakage
Hole, and user agent's system is fed back to, the application realizes a standardized scanning system, and adds sweeping for a standard
Retouch process.
Detailed description of the invention
Fig. 1 is the schematic diagram of the vulnerability scanning system based on vulnerability scan in the present invention;
Fig. 2 is the operation logic figure of the vulnerability scanning system based on vulnerability scan in the present invention.
Specific embodiment
Following will be combined with the drawings in the embodiments of the present invention, and technical solution in the embodiment of the present invention carries out clear, complete
Site preparation description, it is clear that described embodiments are only a part of the embodiments of the present invention, instead of all the embodiments.It is based on
Embodiment in the present invention, figure obtained by those of ordinary skill in the art without making creative efforts have it
His embodiment, shall fall within the protection scope of the present invention.
As shown in Figs. 1-2, the embodiment of the present invention proposes a kind of vulnerability scanning system based on vulnerability scan, including etc.
User agent's system, scanning server and vulnerability scan system to be scanned, in the present embodiment, the vulnerability scan system of use
System is directed to the OVAL Database Systems that vulnerability assessment process proposes using by american computer emergency-response group.
The vulnerability scanning server and the vulnerability scan communicate to connect;The vulnerability scan system includes complete edition
Vulnerability scan, classification vulnerability scan and recombination vulnerability scan;Vulnerability scanning user agent is provided by central server
Graphical operation platform complete computer system scanning process.User agent end mainly include two parts communication module and
Functional module.Communication module is then used to be communicatively coupled with central server side, sends the response for requesting and receiving server
As a result.Server provides workable feature operation by friendly graphic user interface, to user agent.It is entire scanned
The function of user agent embodies a concentrated reflection of three aspects before system scanning in journey, and user agent carries out system configuration, with center
It is communicatively coupled between server.In scanning process, scan progress is shown with graphical interfaces, while user can choose immediately
Stop the scanning to computer system.User once stops scanning, and after system pop-up dialog box is confirmed, is shown to and is at present
The scanning result of the host only.After the end of scan, shows scanning result report content, can choose and check user agent's system
Overall situation existing for middle loophole, the details of each security breaches or the loophole situation according to different classifications.Prompt is protected
Scanning result is deposited, user selects scanning result reports the path for whether storing and storing.Under implied terms, as a result report is saved
Under the default path of system.
The scanning server collects the characteristic information of user agent's system, and then the scanning server is according to institute
Characteristic information is stated, then the characteristic information of acquisition is compared with the loophole data in vulnerability scan, analyzes most by server
After obtain scanning result, the result information after analysis scanning judges that user agent's system with the presence or absence of loophole, and feeds back to user
Agency plant.
Preferably, the vulnerability scan further includes data upgrade-system, data backup system and data entry system, is led to
Cross the data upgrade-system, the data backup system and the data entry system to data in the vulnerability scan into
Row increase, update and it is perfect.
It further include vulnerability definitions editing machine and dictionary editing machine, the vulnerability definitions editing machine inside the scanning server
For manual editing's loophole data to specified loophole data file.Some special information, can for specific user agent
To regard vulnerability information as.Administrative staff during being managed to user agent, can according to different user act on behalf of be
System requires, according to coding criterion, it then follows and grammer, foundation add customized vulnerability definitions information into vulnerability scan manually,
It can also be with the operation of the existing vulnerability definitions information of executive editor or deletion.
The dictionary editing machine passes through in vulnerability scanning system for the software and hardware product information in manual editing's dictionary
It designs dictionary module and involved product information is standardized description.The design of dictionary can make never to obtain with module
Information matched, can make same information by conversion after, finally obtain unified description.This requires will relate in system
And the different descriptions of all information arrived, all mapped with unified standardization expression.When there is new product to occur, user
Member can add information into dictionary, or edit to existing information.
Preferably, data detection module is additionally provided in the scanning server, the data detection module is for detecting
Whether the vulnerability scan is latest edition, if it is not, the vulnerability scan of downloading latest edition.
Preferably, proxy data management system, the proxy data management system pair are provided in the scanning server
The characteristic information and the result information are updated and store, and are provided with proxy database in the proxy data system;
The loophole proxy database stores the characteristic information and the result information.
Preferably, the operating method of the vulnerability scanning system based on vulnerability scan, comprising the following steps:
Step 1 is examined: the vulnerability scanning server tests to the data in the vulnerability scan;
Step 2, acquisition: the vulnerability scanning server system is scanned the characteristic information of user agent's system
It collects;
Step 3 compares: described that the characteristic information is compared with the loophole data of the vulnerability scan, judgement
It is whether leaky, if there is then entering next step, terminate all operations if not;
Step 4, modification: to judging that leaky user agent's system repairs;
Step 5 terminates.
Preferably, in the step 2, vulnerability scanning system provides different vulnerability scans for user agent, convenient for using
Family independently selects the scanning mode executed to computer system.Vulnerability scan is the core in vulnerability scanning system.In
Feature and its relevant information in relation to loophole are defined in vulnerability scan, including number, the loophole title, loophole to loophole
Date of publication, the description to vulnerability information, vulnerability definitions type, threat level are low, medium, important, crucial, impacted
Operating system version information, part vulnerability definitions additionally provide illustrating for the corresponding solution of the loophole, loophole data
Library includes that the level of detail of content determines whether scanning system can comprehensively detect the leakage for including in user agent's system
Hole.But for another angle, vulnerability scan also determines the scan efficiency of vulnerability scanning system, therefore system
It is necessary to provide a user the vulnerability scan of diversified forms, user can select the scanning for being suitble to this system as the case may be
Mode carries out system scanning and analysis.
This system mainly provides user's complete edition vulnerability scan that three kinds of different scanning modes use and sweeps to agency
Retouch the system spy that system is scanned according to user agent to agency using the vulnerability scan provided for being different operation platform
Reference ceases the recombination vulnerability scan to be formed and is scanned to agency.
There are three types of acquisition modes:
Total system scanning carries out whole scannings to user agent's system using the vulnerability scanning server;
Part system scanning, specifically partially sweeps user agent's Systematic selection using the vulnerability scanning server
It retouches;
Skeleton scanning, is scanned using body frame structure of the loophole server to user agent's system.
Preferably, when in the step 1 to examining, setting permission allows module in vulnerability scan, passes through the permission
After allowing module to allow, the vulnerability scanning server tests to the data of the vulnerability scan.
Finally, it should be noted that the foregoing is merely presently preferred embodiments of the present invention, it is merely to illustrate skill of the invention
Art scheme, is not intended to limit the scope of the present invention.Any modification for being made all within the spirits and principles of the present invention,
Equivalent replacement, improvement etc., are included within the scope of protection of the present invention.
Claims (8)
1. a kind of vulnerability scanning system and its operating method based on vulnerability scan, which is characterized in that including etc. it is to be scanned
User agent's system, scanning server and vulnerability scan system,
The vulnerability scanning server and the vulnerability scan communicate to connect;The vulnerability scan system includes complete edition loophole
Database, classification vulnerability scan and recombination vulnerability scan;
The scanning server collects the characteristic information of user agent's system, and then the scanning server is according to the spy
Reference breath, then the characteristic information of acquisition is compared with the loophole data in vulnerability scan, analyzes last obtain by server
Scanning result out, the result information after analysis scanning, judges that user agent's system whether there is loophole, and feed back to user agent
System.
2. the vulnerability scanning system according to claim 1 based on vulnerability scan, which is characterized in that the loophole data
Library further includes data upgrade-system, data backup system and data entry system, passes through the data upgrade-system, the data
Standby system and the data entry system increase data in the vulnerability scan, updates and perfect.
3. the vulnerability scanning system according to claim 2 based on vulnerability scan, which is characterized in that the scan service
It further include vulnerability definitions editing machine and dictionary editing machine inside device, the vulnerability definitions editing machine is used for manual editing's loophole data
To specified loophole data file;The dictionary editing machine is swept for the software and hardware product information in manual editing's dictionary in loophole
It retouches in system and involved product information is standardized by description by design dictionary module.
4. the vulnerability scanning system based on vulnerability scan according to claim 1, which is characterized in that the scanning
Data detection module is additionally provided in server, the data detection module is for detecting whether the vulnerability scan is newest
Version, if it is not, the vulnerability scan of downloading latest edition.
5. the vulnerability scanning system according to claim 1 based on vulnerability scan, which is characterized in that the scan service
Be provided with proxy data management system in device, the proxy data management system to the characteristic information and the result information into
Row updates and storage, is provided with proxy database in the proxy data system;The loophole proxy database stores the spy
Reference breath and the result information.
6. the operating method of the vulnerability scanning system according to claim 1 based on vulnerability scan, which is characterized in that packet
Include following steps:
Step 1 is examined: the vulnerability scanning server tests to the data in the vulnerability scan;
Step 2, acquisition: the vulnerability scanning server system is scanned receipts to the characteristic information of user agent's system
Collection;
Step 3 compares: it is described that the characteristic information is compared with the loophole data of the vulnerability scan, judge whether
It is leaky, if there is then entering next step, terminate all operations if not;
Step 4, modification: to judging that leaky user agent's system repairs;
Step 5 terminates.
7. the operating method of the vulnerability scanning system according to claim 6 based on vulnerability scan, which is characterized in that institute
When stating in step 1 to examining, setting permission allows module in vulnerability scan, after allowing module to allow by the permission, institute
Vulnerability scanning server is stated to test to the data of the vulnerability scan.
8. the operating method of the vulnerability scanning system according to claim 6 based on vulnerability scan, which is characterized in that institute
It states in step 2, there are three types of acquisition modes:
Total system scanning carries out whole scannings to user agent's system using the vulnerability scanning server;
Part system scanning, is specifically partially scanned user agent's Systematic selection using the vulnerability scanning server;
Skeleton scanning, is scanned using body frame structure of the loophole server to user agent's system.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910674610.2A CN110532780A (en) | 2019-07-25 | 2019-07-25 | A kind of vulnerability scanning system and its operation method based on vulnerability scan |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910674610.2A CN110532780A (en) | 2019-07-25 | 2019-07-25 | A kind of vulnerability scanning system and its operation method based on vulnerability scan |
Publications (1)
Publication Number | Publication Date |
---|---|
CN110532780A true CN110532780A (en) | 2019-12-03 |
Family
ID=68660977
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201910674610.2A Withdrawn CN110532780A (en) | 2019-07-25 | 2019-07-25 | A kind of vulnerability scanning system and its operation method based on vulnerability scan |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN110532780A (en) |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111625841A (en) * | 2020-07-29 | 2020-09-04 | 杭州海康威视数字技术股份有限公司 | Virus processing method, device and equipment |
CN111881456A (en) * | 2020-07-29 | 2020-11-03 | 江苏云从曦和人工智能有限公司 | Security risk management and control method, device, equipment and medium |
CN112632559A (en) * | 2020-12-24 | 2021-04-09 | 北京天融信网络安全技术有限公司 | Vulnerability automatic verification method, device, equipment and storage medium |
-
2019
- 2019-07-25 CN CN201910674610.2A patent/CN110532780A/en not_active Withdrawn
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111625841A (en) * | 2020-07-29 | 2020-09-04 | 杭州海康威视数字技术股份有限公司 | Virus processing method, device and equipment |
CN111625841B (en) * | 2020-07-29 | 2020-10-30 | 杭州海康威视数字技术股份有限公司 | Virus processing method, device and equipment |
CN111881456A (en) * | 2020-07-29 | 2020-11-03 | 江苏云从曦和人工智能有限公司 | Security risk management and control method, device, equipment and medium |
CN112632559A (en) * | 2020-12-24 | 2021-04-09 | 北京天融信网络安全技术有限公司 | Vulnerability automatic verification method, device, equipment and storage medium |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN110532780A (en) | A kind of vulnerability scanning system and its operation method based on vulnerability scan | |
US20210273961A1 (en) | Apparatus and method for a cyber-threat defense system | |
JP6930742B2 (en) | Methods and equipment for managing security in computer networks | |
US7451175B2 (en) | System and method for managing computer networks | |
JP4052604B2 (en) | Virus detection in client / server systems | |
CN111786949A (en) | Firewall security policy automatic adaptation system and method | |
US6757727B1 (en) | Top-down network analysis system and method with adaptive filtering capabilities | |
US8572563B2 (en) | User interfaces and software reuse in model based software systems | |
US20090198707A1 (en) | System and method for managing firewall log records | |
CN107347078B (en) | Operating system weak password security detection method based on cloud service | |
CN105391729A (en) | Web loophole automatic mining method based on fuzzy test | |
CN107315952A (en) | Method and apparatus for determining application program suspicious actions | |
CN107103239B (en) | Source code based on application system business processing logic is gone beyond one's commission detection method and device | |
KR100898867B1 (en) | System and method for enterprise it security management | |
CN108959029A (en) | Collect the method and system with report server abnormal log | |
US20120131543A1 (en) | Method and system for capturing user interface structure in a model based software system | |
CN110061981A (en) | A kind of attack detection method and device | |
CN108052826B (en) | Distributed sensitive data scan method and system based on anti-data-leakage terminal | |
CN110968479A (en) | Business-level full-link monitoring method for application program and server | |
CN104346573A (en) | Method and device for realizing WEB application system information security frame | |
JP2006025434A (en) | System and method for high capacity fault correlation | |
Sommestad et al. | Combining defense graphs and enterprise architecture models for security analysis | |
US20060026466A1 (en) | Support methodology for diagnostic patterns | |
CN110516434A (en) | Franchise account scanning system | |
CN113965354A (en) | Mail approval method and system based on terminal mail SSL protocol |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
WW01 | Invention patent application withdrawn after publication | ||
WW01 | Invention patent application withdrawn after publication |
Application publication date: 20191203 |