CN110532780A - A kind of vulnerability scanning system and its operation method based on vulnerability scan - Google Patents

A kind of vulnerability scanning system and its operation method based on vulnerability scan Download PDF

Info

Publication number
CN110532780A
CN110532780A CN201910674610.2A CN201910674610A CN110532780A CN 110532780 A CN110532780 A CN 110532780A CN 201910674610 A CN201910674610 A CN 201910674610A CN 110532780 A CN110532780 A CN 110532780A
Authority
CN
China
Prior art keywords
vulnerability
scanning
scan
data
server
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
CN201910674610.2A
Other languages
Chinese (zh)
Inventor
林永松
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Anhui Yongshun Information Technology Co Ltd
Original Assignee
Anhui Yongshun Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Anhui Yongshun Information Technology Co Ltd filed Critical Anhui Yongshun Information Technology Co Ltd
Priority to CN201910674610.2A priority Critical patent/CN110532780A/en
Publication of CN110532780A publication Critical patent/CN110532780A/en
Withdrawn legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/25Integrating or interfacing systems involving database management systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/577Assessing vulnerabilities and evaluating computer system security
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/03Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
    • G06F2221/034Test or assess a computer or a system

Landscapes

  • Engineering & Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Databases & Information Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Software Systems (AREA)
  • Data Mining & Analysis (AREA)
  • Computing Systems (AREA)
  • Computer And Data Communications (AREA)

Abstract

The present invention provides a kind of vulnerability scanning system based on vulnerability scan, including etc. user agent's system, scanning server and vulnerability scan system to be scanned, the vulnerability scanning server and the vulnerability scan communicate to connect;The vulnerability scan system includes complete edition vulnerability scan, classification vulnerability scan and recombination vulnerability scan;The scanning server collects the characteristic information of user agent's system, then the scanning server is according to the characteristic information, then the characteristic information of acquisition is compared with the loophole data in vulnerability scan, analyzes and finally obtain scanning result by server, result information after analysis scanning, judge that user agent's system whether there is loophole, and feeds back to user agent's system;Disclosed herein as well is the operating processes of the system, including examine, and acquire, and compare, and modification finally terminates.The application realizes a standardized scanning system, and the scanning process of an additional standard.

Description

A kind of vulnerability scanning system and its operation method based on vulnerability scan
Technical field
The present invention relates to field of computer, specially a kind of vulnerability scanning system and its fortune based on vulnerability scan Row method.
Background technique
With networking and information-based high speed development, computer network has gradually penetrated into each neck of national economy Domain, with the every aspect of people's life and work.Think that the IT wave of representative becomes increasingly popular network application, level is gradually Deeply, it share numerous enterprises, tissue, mechanism, individual etc. can sufficiently, utilizes the information and resource of network.
However, with network information application level gradually deeply, application field from traditional, small businesses system gradually to Large-scale, key service system extension, people are more and more stronger to the dependence of computer network, therewith bring network security problem Also it becomes increasingly conspicuous.Overall conception and design are carried out under the environment of a safety due to just assuming that since establishing, it is relevant Agreement is also specially to be designed for the network interconnection in a trustable environment, same the considerations of lacking safety measure.And mesh Various computers, server and other network equipments on preceding network it is all more or less there are loophole or security risks, this is just So that the participant of more and more different backgrounds and different motivations gets involved in the environment of internet, using present in computer Loophole or security risk are attacked user and the interference of virus, brings the puzzlement on Working Life for people.
It can be seen that the vulnerability scanning system using different scanning technological development from the state of development of current vulnerability scanning system System, to a certain extent can be with the safety of effective guarantee system and network.But ununified standard is to existing these System standardized, functionally with all there is limitation in performance, the need of system and network can only be met under particular circumstances It wants, it cannot be in the macroscopically whole safety for guaranteeing computer system.
Summary of the invention
In view of this, the technical problem to be solved in the present invention is to provide a kind of vulnerability scanning systems based on vulnerability scan And its operation method, it solves the ununified standard of existing vulnerability scanning system and asks what these existing systems were standardized Topic.
The technical scheme of the present invention is realized as follows:
A kind of vulnerability scanning system based on vulnerability scan, including etc. user agent's system to be scanned, scan service Device and vulnerability scan system,
The vulnerability scanning server and the vulnerability scan communicate to connect;The vulnerability scan system includes complete edition Vulnerability scan, classification vulnerability scan and recombination vulnerability scan;
The scanning server collects the characteristic information of user agent's system, and then the scanning server is according to institute Characteristic information is stated, then the characteristic information of acquisition is compared with the loophole data in vulnerability scan, analyzes most by server After obtain scanning result, the result information after analysis scanning judges that user agent's system with the presence or absence of loophole, and feeds back to user Agency plant.
Preferably, the vulnerability scan further includes data upgrade-system, data backup system and data entry system, is led to Cross the data upgrade-system, the data backup system and the data entry system to data in the vulnerability scan into Row increase, update and it is perfect.
It preferably, further include vulnerability definitions editing machine and dictionary editing machine inside the scanning server, the loophole is fixed Adopted editing machine is for manual editing's loophole data to specified loophole data file;The dictionary editing machine is used for manual editing's dictionary In software and hardware product information, involved product information marked by design dictionary module in vulnerability scanning system Standardization description.
Preferably, data detection module is additionally provided in the scanning server, the data detection module is for detecting Whether the vulnerability scan is latest edition, if it is not, the vulnerability scan of downloading latest edition.
Preferably, proxy data management system, the proxy data management system pair are provided in the scanning server The characteristic information and the result information are updated and store, and are provided with proxy database in the proxy data system; The loophole proxy database stores the characteristic information and the result information.
Preferably, the operating method of the vulnerability scanning system based on vulnerability scan, comprising the following steps:
Step 1 is examined: the vulnerability scanning server tests to the data in the vulnerability scan;
Step 2, acquisition: the vulnerability scanning server system is scanned the characteristic information of user agent's system It collects;
Step 3 compares: described that the characteristic information is compared with the loophole data of the vulnerability scan, judgement It is whether leaky, if there is then entering next step, terminate all operations if not;
Step 4, modification: to judging that leaky user agent's system repairs;
Step 5 terminates.
Preferably, in the step 2, there are three types of acquisition modes:
Total system scanning carries out whole scannings to user agent's system using the vulnerability scanning server;
Part system scanning, specifically partially sweeps user agent's Systematic selection using the vulnerability scanning server It retouches;
Skeleton scanning, is scanned using body frame structure of the loophole server to user agent's system.
Preferably, when in the step 1 to examining, setting permission allows module in vulnerability scan, passes through the permission After allowing module to allow, the vulnerability scanning server tests to the data of the vulnerability scan.
The utility model has the advantages that
A kind of vulnerability scanning system based on vulnerability scan provided by the invention, including include etc. user's generation to be scanned Reason system, scanning server and vulnerability scan system collect the characteristic information of user agent's system by scanning server, so Scanning server is according to characteristic information afterwards, then server by the loophole data in the characteristic information and vulnerability scan of acquisition into Row is relatively, analysis is last show that scanning result, the result information after analysis scanning judge user agent's system with the presence or absence of leakage Hole, and user agent's system is fed back to, the application realizes a standardized scanning system, and adds sweeping for a standard Retouch process.
Detailed description of the invention
Fig. 1 is the schematic diagram of the vulnerability scanning system based on vulnerability scan in the present invention;
Fig. 2 is the operation logic figure of the vulnerability scanning system based on vulnerability scan in the present invention.
Specific embodiment
Following will be combined with the drawings in the embodiments of the present invention, and technical solution in the embodiment of the present invention carries out clear, complete Site preparation description, it is clear that described embodiments are only a part of the embodiments of the present invention, instead of all the embodiments.It is based on Embodiment in the present invention, figure obtained by those of ordinary skill in the art without making creative efforts have it His embodiment, shall fall within the protection scope of the present invention.
As shown in Figs. 1-2, the embodiment of the present invention proposes a kind of vulnerability scanning system based on vulnerability scan, including etc. User agent's system, scanning server and vulnerability scan system to be scanned, in the present embodiment, the vulnerability scan system of use System is directed to the OVAL Database Systems that vulnerability assessment process proposes using by american computer emergency-response group.
The vulnerability scanning server and the vulnerability scan communicate to connect;The vulnerability scan system includes complete edition Vulnerability scan, classification vulnerability scan and recombination vulnerability scan;Vulnerability scanning user agent is provided by central server Graphical operation platform complete computer system scanning process.User agent end mainly include two parts communication module and Functional module.Communication module is then used to be communicatively coupled with central server side, sends the response for requesting and receiving server As a result.Server provides workable feature operation by friendly graphic user interface, to user agent.It is entire scanned The function of user agent embodies a concentrated reflection of three aspects before system scanning in journey, and user agent carries out system configuration, with center It is communicatively coupled between server.In scanning process, scan progress is shown with graphical interfaces, while user can choose immediately Stop the scanning to computer system.User once stops scanning, and after system pop-up dialog box is confirmed, is shown to and is at present The scanning result of the host only.After the end of scan, shows scanning result report content, can choose and check user agent's system Overall situation existing for middle loophole, the details of each security breaches or the loophole situation according to different classifications.Prompt is protected Scanning result is deposited, user selects scanning result reports the path for whether storing and storing.Under implied terms, as a result report is saved Under the default path of system.
The scanning server collects the characteristic information of user agent's system, and then the scanning server is according to institute Characteristic information is stated, then the characteristic information of acquisition is compared with the loophole data in vulnerability scan, analyzes most by server After obtain scanning result, the result information after analysis scanning judges that user agent's system with the presence or absence of loophole, and feeds back to user Agency plant.
Preferably, the vulnerability scan further includes data upgrade-system, data backup system and data entry system, is led to Cross the data upgrade-system, the data backup system and the data entry system to data in the vulnerability scan into Row increase, update and it is perfect.
It further include vulnerability definitions editing machine and dictionary editing machine, the vulnerability definitions editing machine inside the scanning server For manual editing's loophole data to specified loophole data file.Some special information, can for specific user agent To regard vulnerability information as.Administrative staff during being managed to user agent, can according to different user act on behalf of be System requires, according to coding criterion, it then follows and grammer, foundation add customized vulnerability definitions information into vulnerability scan manually, It can also be with the operation of the existing vulnerability definitions information of executive editor or deletion.
The dictionary editing machine passes through in vulnerability scanning system for the software and hardware product information in manual editing's dictionary It designs dictionary module and involved product information is standardized description.The design of dictionary can make never to obtain with module Information matched, can make same information by conversion after, finally obtain unified description.This requires will relate in system And the different descriptions of all information arrived, all mapped with unified standardization expression.When there is new product to occur, user Member can add information into dictionary, or edit to existing information.
Preferably, data detection module is additionally provided in the scanning server, the data detection module is for detecting Whether the vulnerability scan is latest edition, if it is not, the vulnerability scan of downloading latest edition.
Preferably, proxy data management system, the proxy data management system pair are provided in the scanning server The characteristic information and the result information are updated and store, and are provided with proxy database in the proxy data system; The loophole proxy database stores the characteristic information and the result information.
Preferably, the operating method of the vulnerability scanning system based on vulnerability scan, comprising the following steps:
Step 1 is examined: the vulnerability scanning server tests to the data in the vulnerability scan;
Step 2, acquisition: the vulnerability scanning server system is scanned the characteristic information of user agent's system It collects;
Step 3 compares: described that the characteristic information is compared with the loophole data of the vulnerability scan, judgement It is whether leaky, if there is then entering next step, terminate all operations if not;
Step 4, modification: to judging that leaky user agent's system repairs;
Step 5 terminates.
Preferably, in the step 2, vulnerability scanning system provides different vulnerability scans for user agent, convenient for using Family independently selects the scanning mode executed to computer system.Vulnerability scan is the core in vulnerability scanning system.In Feature and its relevant information in relation to loophole are defined in vulnerability scan, including number, the loophole title, loophole to loophole Date of publication, the description to vulnerability information, vulnerability definitions type, threat level are low, medium, important, crucial, impacted Operating system version information, part vulnerability definitions additionally provide illustrating for the corresponding solution of the loophole, loophole data Library includes that the level of detail of content determines whether scanning system can comprehensively detect the leakage for including in user agent's system Hole.But for another angle, vulnerability scan also determines the scan efficiency of vulnerability scanning system, therefore system It is necessary to provide a user the vulnerability scan of diversified forms, user can select the scanning for being suitble to this system as the case may be Mode carries out system scanning and analysis.
This system mainly provides user's complete edition vulnerability scan that three kinds of different scanning modes use and sweeps to agency Retouch the system spy that system is scanned according to user agent to agency using the vulnerability scan provided for being different operation platform Reference ceases the recombination vulnerability scan to be formed and is scanned to agency.
There are three types of acquisition modes:
Total system scanning carries out whole scannings to user agent's system using the vulnerability scanning server;
Part system scanning, specifically partially sweeps user agent's Systematic selection using the vulnerability scanning server It retouches;
Skeleton scanning, is scanned using body frame structure of the loophole server to user agent's system.
Preferably, when in the step 1 to examining, setting permission allows module in vulnerability scan, passes through the permission After allowing module to allow, the vulnerability scanning server tests to the data of the vulnerability scan.
Finally, it should be noted that the foregoing is merely presently preferred embodiments of the present invention, it is merely to illustrate skill of the invention Art scheme, is not intended to limit the scope of the present invention.Any modification for being made all within the spirits and principles of the present invention, Equivalent replacement, improvement etc., are included within the scope of protection of the present invention.

Claims (8)

1. a kind of vulnerability scanning system and its operating method based on vulnerability scan, which is characterized in that including etc. it is to be scanned User agent's system, scanning server and vulnerability scan system,
The vulnerability scanning server and the vulnerability scan communicate to connect;The vulnerability scan system includes complete edition loophole Database, classification vulnerability scan and recombination vulnerability scan;
The scanning server collects the characteristic information of user agent's system, and then the scanning server is according to the spy Reference breath, then the characteristic information of acquisition is compared with the loophole data in vulnerability scan, analyzes last obtain by server Scanning result out, the result information after analysis scanning, judges that user agent's system whether there is loophole, and feed back to user agent System.
2. the vulnerability scanning system according to claim 1 based on vulnerability scan, which is characterized in that the loophole data Library further includes data upgrade-system, data backup system and data entry system, passes through the data upgrade-system, the data Standby system and the data entry system increase data in the vulnerability scan, updates and perfect.
3. the vulnerability scanning system according to claim 2 based on vulnerability scan, which is characterized in that the scan service It further include vulnerability definitions editing machine and dictionary editing machine inside device, the vulnerability definitions editing machine is used for manual editing's loophole data To specified loophole data file;The dictionary editing machine is swept for the software and hardware product information in manual editing's dictionary in loophole It retouches in system and involved product information is standardized by description by design dictionary module.
4. the vulnerability scanning system based on vulnerability scan according to claim 1, which is characterized in that the scanning Data detection module is additionally provided in server, the data detection module is for detecting whether the vulnerability scan is newest Version, if it is not, the vulnerability scan of downloading latest edition.
5. the vulnerability scanning system according to claim 1 based on vulnerability scan, which is characterized in that the scan service Be provided with proxy data management system in device, the proxy data management system to the characteristic information and the result information into Row updates and storage, is provided with proxy database in the proxy data system;The loophole proxy database stores the spy Reference breath and the result information.
6. the operating method of the vulnerability scanning system according to claim 1 based on vulnerability scan, which is characterized in that packet Include following steps:
Step 1 is examined: the vulnerability scanning server tests to the data in the vulnerability scan;
Step 2, acquisition: the vulnerability scanning server system is scanned receipts to the characteristic information of user agent's system Collection;
Step 3 compares: it is described that the characteristic information is compared with the loophole data of the vulnerability scan, judge whether It is leaky, if there is then entering next step, terminate all operations if not;
Step 4, modification: to judging that leaky user agent's system repairs;
Step 5 terminates.
7. the operating method of the vulnerability scanning system according to claim 6 based on vulnerability scan, which is characterized in that institute When stating in step 1 to examining, setting permission allows module in vulnerability scan, after allowing module to allow by the permission, institute Vulnerability scanning server is stated to test to the data of the vulnerability scan.
8. the operating method of the vulnerability scanning system according to claim 6 based on vulnerability scan, which is characterized in that institute It states in step 2, there are three types of acquisition modes:
Total system scanning carries out whole scannings to user agent's system using the vulnerability scanning server;
Part system scanning, is specifically partially scanned user agent's Systematic selection using the vulnerability scanning server;
Skeleton scanning, is scanned using body frame structure of the loophole server to user agent's system.
CN201910674610.2A 2019-07-25 2019-07-25 A kind of vulnerability scanning system and its operation method based on vulnerability scan Withdrawn CN110532780A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910674610.2A CN110532780A (en) 2019-07-25 2019-07-25 A kind of vulnerability scanning system and its operation method based on vulnerability scan

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910674610.2A CN110532780A (en) 2019-07-25 2019-07-25 A kind of vulnerability scanning system and its operation method based on vulnerability scan

Publications (1)

Publication Number Publication Date
CN110532780A true CN110532780A (en) 2019-12-03

Family

ID=68660977

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910674610.2A Withdrawn CN110532780A (en) 2019-07-25 2019-07-25 A kind of vulnerability scanning system and its operation method based on vulnerability scan

Country Status (1)

Country Link
CN (1) CN110532780A (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111625841A (en) * 2020-07-29 2020-09-04 杭州海康威视数字技术股份有限公司 Virus processing method, device and equipment
CN111881456A (en) * 2020-07-29 2020-11-03 江苏云从曦和人工智能有限公司 Security risk management and control method, device, equipment and medium
CN112632559A (en) * 2020-12-24 2021-04-09 北京天融信网络安全技术有限公司 Vulnerability automatic verification method, device, equipment and storage medium

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111625841A (en) * 2020-07-29 2020-09-04 杭州海康威视数字技术股份有限公司 Virus processing method, device and equipment
CN111625841B (en) * 2020-07-29 2020-10-30 杭州海康威视数字技术股份有限公司 Virus processing method, device and equipment
CN111881456A (en) * 2020-07-29 2020-11-03 江苏云从曦和人工智能有限公司 Security risk management and control method, device, equipment and medium
CN112632559A (en) * 2020-12-24 2021-04-09 北京天融信网络安全技术有限公司 Vulnerability automatic verification method, device, equipment and storage medium

Similar Documents

Publication Publication Date Title
CN110532780A (en) A kind of vulnerability scanning system and its operation method based on vulnerability scan
US20210273961A1 (en) Apparatus and method for a cyber-threat defense system
JP6930742B2 (en) Methods and equipment for managing security in computer networks
US7451175B2 (en) System and method for managing computer networks
JP4052604B2 (en) Virus detection in client / server systems
CN111786949A (en) Firewall security policy automatic adaptation system and method
US6757727B1 (en) Top-down network analysis system and method with adaptive filtering capabilities
US8572563B2 (en) User interfaces and software reuse in model based software systems
US20090198707A1 (en) System and method for managing firewall log records
CN107347078B (en) Operating system weak password security detection method based on cloud service
CN105391729A (en) Web loophole automatic mining method based on fuzzy test
CN107315952A (en) Method and apparatus for determining application program suspicious actions
CN107103239B (en) Source code based on application system business processing logic is gone beyond one's commission detection method and device
KR100898867B1 (en) System and method for enterprise it security management
CN108959029A (en) Collect the method and system with report server abnormal log
US20120131543A1 (en) Method and system for capturing user interface structure in a model based software system
CN110061981A (en) A kind of attack detection method and device
CN108052826B (en) Distributed sensitive data scan method and system based on anti-data-leakage terminal
CN110968479A (en) Business-level full-link monitoring method for application program and server
CN104346573A (en) Method and device for realizing WEB application system information security frame
JP2006025434A (en) System and method for high capacity fault correlation
Sommestad et al. Combining defense graphs and enterprise architecture models for security analysis
US20060026466A1 (en) Support methodology for diagnostic patterns
CN110516434A (en) Franchise account scanning system
CN113965354A (en) Mail approval method and system based on terminal mail SSL protocol

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
WW01 Invention patent application withdrawn after publication
WW01 Invention patent application withdrawn after publication

Application publication date: 20191203