CN113238971A - Automatic penetration testing system and method based on state machine - Google Patents
Automatic penetration testing system and method based on state machine Download PDFInfo
- Publication number
- CN113238971A CN113238971A CN202110781972.9A CN202110781972A CN113238971A CN 113238971 A CN113238971 A CN 113238971A CN 202110781972 A CN202110781972 A CN 202110781972A CN 113238971 A CN113238971 A CN 113238971A
- Authority
- CN
- China
- Prior art keywords
- state
- target system
- module
- information
- asset
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/36—Preventing errors by testing or debugging software
- G06F11/3668—Software testing
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06N—COMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N3/00—Computing arrangements based on biological models
- G06N3/02—Neural networks
- G06N3/04—Architecture, e.g. interconnection topology
- G06N3/044—Recurrent networks, e.g. Hopfield networks
Abstract
The invention provides an automatic penetration test system based on a state machine, which comprises a state collection module, a state analysis module and a state analysis module, wherein the state collection module is used for carrying out asset collection on a target system based on an asset address from a client; the state blasting module is used for carrying out port blasting on the target system to acquire port information of the target system; the state integration module is used for integrating and extracting the acquired information of the target system; the state verification module is used for decoding the information of the target system and identifying whether the target system has a bug or not through a fingerprint; and the state generation module is used for automatically generating a test report and displaying the threat analysis existing in the target system. The state machine artificial intelligence mode is adopted, the vulnerability is accurately identified through the state verification module, and the state verification module is supplemented through the state learning module, so that the automatic penetration mode of the state machine can be found, learned and perfected more quickly, and the false alarm rate and the accuracy rate of modern automatic penetration tests are better solved.
Description
Technical Field
The invention relates to the technical field of computer network security, in particular to an automatic penetration testing system and method based on a state machine.
Background
With the rapid development of various applications of the internet (e.g., internet banking, electronic commerce, big data, cloud storage, etc.), people are going deep in their lives, and if these internet applications carrying a large amount of information have potential safety hazards and are utilized maliciously by attackers, personal information, even the entire application system, will face safety risks. With the vigorous development of internet applications bearing various and massive data information, people pay more and more attention to the information security of the internet applications. At this time, Penetration testing (pennetration Test) is to completely simulate an attack technique and a vulnerability mining technique which may be used by a hacker, deeply detect the security of a target system, discover the most vulnerable link of the system, discover complex and interrelated security problems and deeper vulnerabilities, and report the invasion process and details to a user. However, the manual penetration test method requires an experienced security engineer to perform non-destructive simulated attacks on the operating system, the network device, the application system, and the like in the network by using a network security scanner and a dedicated security test tool through manual experience. The human resources required to be input are large, the requirement on the professional skills of the testers is high, the value of the penetration test report directly depends on the professional skills of the testers, and the standardized penetration test service cannot be provided; meanwhile, the problem of shortage of penetration test service personnel exists for a long time. For general internet application administrators, security-based management takes a lot of work time and requires well-known technical knowledge of attacks and defense and continuous research of new methods and technologies. The existing known various vulnerability security tools have high entrance threshold, which is very challenging for administrators, and the tests from vulnerability discovery to vulnerability exploitation require a great deal of labor cost.
An automated penetration tool establishes a test task by means of a penetration test task configuration wizard. And then, automatically collecting target network information through an automation tool, selecting a matched attack component according to the target fingerprint to attack the target, and outputting a penetration test report based on a test result. However, the penetration test object has limitations, does not support identification and extraction of information, cannot detect related risks for a WEB application system, has a high false alarm rate, does not support iterative attack, does not support vulnerability risk priority ranking based on actual business risks, and still needs penetration testers with considerable experience to operate and use to exert the capability.
Disclosure of Invention
Aiming at the problems in the prior art, the invention provides an automatic penetration test method for the safety level of the information system, which is used for establishing a penetration test platform, automatically testing the safety of the information system, supporting one-key rapid automatic scanning, having strong report function, supporting output in various formats and deeply analyzing the safety of a target system.
The embodiment of the invention provides an automatic penetration testing system based on a state machine, which comprises:
the state collection module is used for carrying out asset collection on the target system based on the asset address from the client;
the state blasting module is connected with the state collecting module and used for carrying out port blasting on the target system to obtain port information of the target system;
the state integration module is connected with the state blasting module and used for integrating and extracting the acquired information of the target system;
the state verification module is connected with the state integration module and used for decoding the information of the target system and scanning whether the target system has a bug through fingerprint identification; and
and the state generating module is connected with the state verifying module and used for automatically generating a test report and displaying the threat analysis existing in the target system.
In the automatic penetration test system based on the state machine, the state collection module obtains a plurality of asset domain names and a plurality of IPs of the target system through a domain name reverse-check platform reverse-check IP according to the asset addresses obtained from the client.
In the automatic penetration testing system based on the state machine, the state blasting module detects the plurality of asset domain names and the plurality of assets IP collected by the state collecting module through an Nmap system to acquire the port information of the target system.
In the automatic penetration testing system based on the state machine, the state integration module utilizes a FastText model to integrate and identify the information of the target system.
The automatic penetration testing system based on the state machine further comprises a state learning module which is connected with the state verification module and used for learning the fingerprint rule of the information of the target system by adopting an LSTM recurrent neural algorithm when the state verification module cannot scan the target system, and adding the learned fingerprint rule into a fingerprint library; and also for learning decoding rules for the information of the target system using an LSTM recurrent neural algorithm to bypass the WAF rules by the validation module.
According to another aspect of the present invention, there is also provided a state machine-based automated penetration testing method, comprising:
step S1, collecting assets of the target system based on the assets address from the client;
step S2, performing port blasting on the target system to obtain port information of the target system;
step S3, integrating and extracting the acquired information of the target system;
step S4, decoding the information of the target system, and scanning whether the target system has a bug through fingerprint identification; and
and step S5, automatically generating a test report to show the threat analysis existing in the target system.
In the automatic penetration testing method based on the state machine, in step S1, according to the asset address acquired from the client, a domain name reverse checking platform is used to reversely check the IP to acquire a plurality of asset domain names and a plurality of IPs of the target system.
In the automatic penetration testing method based on the state machine provided by the invention, in step S2, the Nmap system detects the asset domain names and the IPs collected by the state collection module, and obtains the port information of the target system.
In the automatic penetration testing method based on the state machine, in step S3, information of the target system is integrated and identified by using a FastText model.
The automatic penetration testing method based on the state machine further comprises the following steps:
step S61, when the target system can not be scanned in the step S4, learning the fingerprint rules of the information of the target system by adopting an LSTM recurrent neural algorithm, and adding the learned fingerprint rules into a fingerprint database;
step S62, learning the decoding rule of the information of the target system by adopting an LSTM recurrent neural algorithm so as to enable the verification module to bypass the WAF rule.
The embodiment of the invention has the following beneficial effects: the automatic penetration test system based on the state machine adopts the state machine artificial intelligence mode, precisely identifies the loophole through the state verification module, and supplements the state verification module through the state learning module, so that the automatic penetration mode of the state machine can be found, learned and perfected more quickly, and the false alarm rate and the accuracy of modern automatic penetration test are better solved.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the drawings without creative efforts.
FIG. 1 is a schematic diagram of a state machine-based automated penetration testing system according to an embodiment of the present invention;
FIG. 2 is a flow chart of a method for automated state machine based penetration testing according to an embodiment of the present invention;
fig. 3 is a block diagram of a specific example of an automated state machine-based penetration testing apparatus according to an embodiment of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
FIG. 1 is a schematic diagram of a state machine-based automated penetration testing system according to an embodiment of the present invention; as shown in FIG. 1, the state machine-based automated penetration test system provided by the present invention includes a state collection module 110 for performing asset collection on a target system based on an asset address from a client; the state blasting module 120 is connected to the state collecting module and configured to perform port blasting on the target system to obtain port information of the target system; the state integration module 130 is connected to the state blasting module and is used for integrating and extracting the acquired information of the target system; the state verification module 140 is connected to the state integration module, and is configured to decode information of the target system and scan whether a vulnerability exists in the target system through fingerprint identification; and a state generating module 150 connected to the state verifying module, for automatically generating a test report to show the threat analysis existing in the target system.
Specifically, in an embodiment of the present invention, when the penetration test is started, the asset address is sent to the automated penetration test system of the server through the client, the server starts a state machine, and the status collection module 110 obtains the plurality of asset domain names and the plurality of IPs of the target system by reversely checking the IPs through the domain name reverse checking platform according to the asset address obtained from the client. The domain name back-check platform comprises an enterprise check, a sky check, domain name blasting, a Zhongkui eye and a CDN.
Specifically, in an embodiment of the present invention, the state blasting module 120 detects the asset domain names and the IPs collected by the state collection module through an Nmap system, and obtains the port information of the target system.
Specifically, in an embodiment of the present invention, the state integration module 130 performs integrated identification on the information of the target system by using a FastText model. Wherein the FastText model includes an input model, a hidden model, and an output model. And inputting the domain names, the IPs and the port information into an input model, and outputting the integrated result to a state verification module for verification through an output model.
Specifically, in an embodiment of the present invention, the state verification module 140 first decodes the information of the target system from the state integration module according to an encoding rule, and then inputs the decoded information into the fingerprint library for fingerprint identification, and if the decoded information can be matched with a fingerprint in the fingerprint library, it indicates that the target system has a vulnerability and can be penetrated.
Further, in an embodiment of the present invention, the present invention further includes a state learning module 160, connected to the state verification module, and configured to learn a fingerprint rule of information of the target system by using an LSTM recurrent neural algorithm when the state verification module cannot scan the target system, and add the learned fingerprint rule to a fingerprint library; and also for learning decoding rules for the information of the target system using an LSTM recurrent neural algorithm to bypass the WAF rules by the validation module. Specifically, because the fingerprint library does not contain fingerprints of all holes, when the state verification module cannot verify the target system, the state learning module self-learns the information of the target system which cannot be verified, so as to early warn or learn about the existence of the holes more quickly.
Specifically, in an embodiment of the present invention, the attack state machine generates a series of penetration test information including host information and penetration test results for the target system, and the state generation module generates penetration test reports in formats such as XML, JSON, HTML, WORD, and the like after performing statistics.
The automatic penetration test system based on the state machine adopts the state machine artificial intelligence mode, precisely identifies the loophole through the state verification module, and supplements the state verification module through the state learning module, so that the automatic penetration mode of the state machine can be found, learned and perfected more quickly, and the false alarm rate and the accuracy of modern automatic penetration test are better solved.
Referring to fig. 2, based on the same inventive concept, the present invention also discloses an automated penetration testing method based on a state machine, comprising:
step S1, collecting assets of the target system based on the assets address from the client;
specifically, in step S1, the multiple asset domain names and multiple IPs of the target system are obtained by back-checking the IPs through the domain name back-checking platform. The domain name back-check platform comprises an enterprise check, a sky check, domain name blasting, a Zhongkui eye and a CDN.
Step S2, performing port blasting on the target system to obtain port information of the target system;
specifically, in step S2, the Nmap system detects the asset domain names and the IPs collected by the status collection module, and obtains the port information of the target system.
Step S3, integrating and extracting the acquired information of the target system;
specifically, in step S3, information of the target system is identified integrally using the FastText model.
Step S4, decoding the information of the target system, and scanning whether the target system has a bug through fingerprint identification; and
and step S5, automatically generating a test report to show the threat analysis existing in the target system.
Specifically, the method further comprises the following steps:
step S61, when the target system can not be scanned in the step S4, learning the fingerprint rules of the information of the target system by adopting an LSTM recurrent neural algorithm, and adding the learned fingerprint rules into a fingerprint database;
step S62, learning the decoding rule of the information of the target system by adopting an LSTM recurrent neural algorithm so as to enable the verification module to bypass the WAF rule.
It should be noted that the above description of the various modules is divided into these modules for clarity of illustration. However, in actual implementation, the boundaries of the various modules may be fuzzy. For example, any or all of the functional modules herein may share various hardware and/or software elements. Also for example, any and/or all of the functional modules herein may be implemented in whole or in part by a common processor executing software instructions. Additionally, various software sub-modules executed by one or more processors may be shared among the various software modules. Accordingly, the scope of the present invention is not limited by the mandatory boundaries between the various hardware and/or software elements, unless explicitly claimed otherwise.
Fig. 3 is a schematic diagram of a hardware structure of an automatic penetration testing apparatus based on a state machine according to an embodiment of the present invention, as shown in fig. 3, the apparatus includes one or more processors 31 and a memory 32, where one processor 31 is taken as an example in fig. 3. The processor 31 and the memory 32 may be connected by a bus or other means, such as the bus connection in fig. 3.
The Processor 31 may be a Central Processing Unit (CPU), the Processor 31 may also be other general-purpose processors, a Digital Signal Processor (DSP), an Application Specific Integrated Circuit (ASIC), a Field-Programmable Gate Array (FPGA), other Programmable logic devices, discrete Gate or transistor logic devices, discrete hardware components, or any combination thereof. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like.
The memory 32, which is a non-transitory computer readable storage medium, may be used to store non-transitory software programs, non-transitory computer executable programs, and modules, such as program instructions/modules corresponding to the method for state machine-based automated penetration testing in embodiments of the present invention. The processor 31 executes various functional applications of the server and data processing by running non-transitory software programs, instructions and modules stored in the memory 32, namely, implements the method of the state machine-based automated penetration test in the above embodiments.
The memory 32 may include a storage program area and a storage data area, wherein the storage program area may store an operating system, an application program required for at least one function; the storage data area may store data created according to the use of the LED driving pulse modulation device, and the like. Further, the memory 32 may include high speed random access memory, and may also include non-transitory memory, such as at least one magnetic disk storage device, flash memory device, or other non-transitory solid state storage device. In some embodiments, the memory 32 optionally includes memory remotely located from the processor 31, and these remote memories may be connected to the LED driving pulse modulation device via a network. Examples of such networks include, but are not limited to, the internet, intranets, local area networks, mobile communication networks, and combinations thereof.
The one or more modules are stored in the memory 32 and, when executed by the one or more processors 31, perform the method of state machine-based automated penetration testing as described above.
The product can execute the method provided by the embodiment of the invention, and has corresponding functional modules and beneficial effects of the execution method. For details of the technique not described in detail in the embodiment, reference may be made to the related description in the embodiment shown in fig. 1.
Embodiments of the present invention also provide a non-transitory computer storage medium storing computer-executable instructions that can execute the method for automated penetration testing based on a state machine as described above. The storage medium may be a magnetic Disk, an optical Disk, a Read-Only Memory (ROM) > Random Access Memory (RAM) > Flash Memory > Hard Disk (Hard Disk Drive, abbreviated as HDD) or a Solid-State Drive (SSD), etc.; the storage medium may also comprise a combination of memories of the kind described above.
It will be understood by those skilled in the art that all or part of the processes of the methods of the embodiments described above can be implemented by a computer program, which can be stored in a computer-readable storage medium, and when executed, can include the processes of the embodiments of the methods described above. The storage medium may be a magnetic disk, an optical disk, a read-only memory (ROM), a Random Access Memory (RAM), or the like.
Although the embodiments of the present invention have been described in conjunction with the accompanying drawings, those skilled in the art may make various modifications and variations without departing from the spirit and scope of the invention, and such modifications and variations fall within the scope defined by the appended claims.
Claims (10)
1. An automated penetration testing system based on a state machine, comprising:
the state collection module is used for carrying out asset collection on the target system based on the asset address from the client;
the state blasting module is connected with the state collecting module and used for carrying out port blasting on the target system to obtain port information of the target system;
the state integration module is connected with the state blasting module and used for integrating and extracting the acquired information of the target system;
the state verification module is connected with the state integration module and used for decoding the information of the target system and scanning whether the target system has a bug through fingerprint identification; and
and the state generating module is connected with the state verifying module and used for automatically generating a test report and displaying the threat analysis existing in the target system.
2. The state machine-based automated penetration test system of claim 1, wherein the state collection module obtains a plurality of asset domain names and a plurality of IPs of the target system by back-checking IPs through a domain name back-checking platform according to the asset addresses obtained from a client.
3. The state machine-based automated penetration testing system of claim 2, wherein the state blasting module detects the plurality of asset domain names and IPs collected by the state collection module through an Nmap system to obtain port information of the target system.
4. The state machine-based automated penetration test system of claim 1, wherein the state integration module utilizes a FastText model for integrated identification of information for the target system.
5. The state machine-based automated penetration test system according to claim 1, further comprising a state learning module, connected to the state verification module, for learning fingerprint rules of information of the target system using LSTM recurrent neural algorithm and adding the learned fingerprint rules to a fingerprint library when the state verification module cannot scan the target system; and also for learning decoding rules for the information of the target system using an LSTM recurrent neural algorithm to bypass the WAF rules by the validation module.
6. An automated penetration testing method based on a state machine is characterized by comprising the following steps:
step S1, collecting assets of the target system based on the assets address from the client;
step S2, performing port blasting on the target system to obtain port information of the target system;
step S3, integrating and extracting the acquired information of the target system;
step S4, decoding the information of the target system, and scanning whether the target system has a bug through fingerprint identification; and
and step S5, automatically generating a test report to show the threat analysis existing in the target system.
7. The state-machine-based automated penetration test method according to claim 6, wherein in step S1, the plurality of asset domain names and the plurality of IPs of the target system are obtained by a domain name back-check platform back-checking the IPs according to the asset address obtained from the client.
8. The state-machine-based automated penetration testing method according to claim 7, wherein in step S2, the Nmap system probes the asset domain names and IPs collected by the state collection module to obtain the port information of the target system.
9. The state-machine based automated penetration test method of claim 6, wherein in step S3, information of the target system is identified integrally using a FastText model.
10. The state-machine based automated penetration testing method of claim 6, further comprising:
step S61, when the target system can not be scanned in the step S4, learning the fingerprint rules of the information of the target system by adopting an LSTM recurrent neural algorithm, and adding the learned fingerprint rules into a fingerprint database;
step S62, learning the decoding rule of the target system information by using LSTM recurrent neural algorithm to make the verification module bypass WAF rule.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110781972.9A CN113238971A (en) | 2021-07-12 | 2021-07-12 | Automatic penetration testing system and method based on state machine |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110781972.9A CN113238971A (en) | 2021-07-12 | 2021-07-12 | Automatic penetration testing system and method based on state machine |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN113238971A true CN113238971A (en) | 2021-08-10 |
Family
ID=77135360
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110781972.9A Pending CN113238971A (en) | 2021-07-12 | 2021-07-12 | Automatic penetration testing system and method based on state machine |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113238971A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113746705A (en) * | 2021-09-09 | 2021-12-03 | 北京天融信网络安全技术有限公司 | Penetration testing method and device, electronic equipment and storage medium |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109190380A (en) * | 2018-08-20 | 2019-01-11 | 杭州安恒信息技术股份有限公司 | The method and system that batch website loophole quickly detects are realized based on web fingerprint |
| CN110968873A (en) * | 2019-11-22 | 2020-04-07 | 上海交通大学 | System and method for automatic penetration test based on artificial intelligence |
| CN111310194A (en) * | 2020-02-14 | 2020-06-19 | 全球能源互联网研究院有限公司 | Vulnerability penetration verification method and device |
| CN111488588A (en) * | 2020-04-17 | 2020-08-04 | 北京墨云科技有限公司 | Automatic penetration testing method based on AI |
| CN111600919A (en) * | 2019-02-21 | 2020-08-28 | 北京金睛云华科技有限公司 | Web detection method and device based on artificial intelligence |
-
2021
- 2021-07-12 CN CN202110781972.9A patent/CN113238971A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109190380A (en) * | 2018-08-20 | 2019-01-11 | 杭州安恒信息技术股份有限公司 | The method and system that batch website loophole quickly detects are realized based on web fingerprint |
| CN111600919A (en) * | 2019-02-21 | 2020-08-28 | 北京金睛云华科技有限公司 | Web detection method and device based on artificial intelligence |
| CN110968873A (en) * | 2019-11-22 | 2020-04-07 | 上海交通大学 | System and method for automatic penetration test based on artificial intelligence |
| CN111310194A (en) * | 2020-02-14 | 2020-06-19 | 全球能源互联网研究院有限公司 | Vulnerability penetration verification method and device |
| CN111488588A (en) * | 2020-04-17 | 2020-08-04 | 北京墨云科技有限公司 | Automatic penetration testing method based on AI |
Non-Patent Citations (1)
| Title |
|---|
| COISINI: "Web攻击检测机器学习深度实践", 《HTTPS://BLOG.CSDN.NET/KCLAX/ARTICLE/DETAILS/93631780》 * |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113746705A (en) * | 2021-09-09 | 2021-12-03 | 北京天融信网络安全技术有限公司 | Penetration testing method and device, electronic equipment and storage medium |
| CN113746705B (en) * | 2021-09-09 | 2024-01-23 | 北京天融信网络安全技术有限公司 | Penetration test method and device, electronic equipment and storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN108471429B (en) | Network attack warning method and system | |
| CN108833186B (en) | Network attack prediction method and device | |
| CN108683687B (en) | Network attack identification method and system | |
| US10721245B2 (en) | Method and device for automatically verifying security event | |
| CN108881263B (en) | Network attack result detection method and system | |
| US11265334B1 (en) | Methods and systems for detecting malicious servers | |
| CN108833185B (en) | Network attack route restoration method and system | |
| WO2015047802A2 (en) | Advanced persistent threat (apt) detection center | |
| CN111401416A (en) | Abnormal website identification method and device and abnormal countermeasure identification method | |
| CN111884989B (en) | Vulnerability detection method and system for electric power web system | |
| CN114553523A (en) | Attack detection method and device based on attack detection model, medium and equipment | |
| CN113542227A (en) | Account security protection method and device, electronic device and storage medium | |
| CN113886829B (en) | Method and device for detecting defect host, electronic equipment and storage medium | |
| CN114528457A (en) | Web fingerprint detection method and related equipment | |
| CN114760106A (en) | Network attack determination method, system, electronic device and storage medium | |
| CN113114680A (en) | Detection method and detection device for file uploading vulnerability | |
| Zamiri-Gourabi et al. | Gas what? I can see your GasPots. Studying the fingerprintability of ICS honeypots in the wild | |
| CN113238971A (en) | Automatic penetration testing system and method based on state machine | |
| KR101464736B1 (en) | Security Assurance Management System and Web Page Monitoring Method | |
| CN117220957A (en) | Attack behavior response method and system based on threat information | |
| CN111885034A (en) | Internet of things attack event tracking method and device and computer equipment | |
| CN115643044A (en) | Data processing method, device, server and storage medium | |
| CN111125702A (en) | Virus identification method and device | |
| CN116015800A (en) | Scanner identification method and device, electronic equipment and storage medium | |
| CN115827379A (en) | Abnormal process detection method, device, equipment and medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20210810 |