CN113709174A - Network vulnerability heat reappearance and repair method for power monitoring system - Google Patents

Network vulnerability heat reappearance and repair method for power monitoring system Download PDF

Info

Publication number
CN113709174A
CN113709174A CN202111029561.0A CN202111029561A CN113709174A CN 113709174 A CN113709174 A CN 113709174A CN 202111029561 A CN202111029561 A CN 202111029561A CN 113709174 A CN113709174 A CN 113709174A
Authority
CN
China
Prior art keywords
vulnerability
patch
information
environment
power monitoring
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202111029561.0A
Other languages
Chinese (zh)
Other versions
CN113709174B (en
Inventor
王文婷
徐征
马强
黄华
刘鑫
聂其贵
林琳
刘宏伟
赵基盛
关昊
李明宇
张秋实
李建坡
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Electric Power Research Institute of State Grid Shandong Electric Power Co Ltd
State Grid Shandong Electric Power Co Ltd
Northeast Electric Power University
Information and Telecommunication Branch of State Grid Shandong Electric Power Co Ltd
Original Assignee
Electric Power Research Institute of State Grid Shandong Electric Power Co Ltd
State Grid Shandong Electric Power Co Ltd
Northeast Dianli University
Information and Telecommunication Branch of State Grid Shandong Electric Power Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Electric Power Research Institute of State Grid Shandong Electric Power Co Ltd, State Grid Shandong Electric Power Co Ltd, Northeast Dianli University, Information and Telecommunication Branch of State Grid Shandong Electric Power Co Ltd filed Critical Electric Power Research Institute of State Grid Shandong Electric Power Co Ltd
Priority to CN202111029561.0A priority Critical patent/CN113709174B/en
Publication of CN113709174A publication Critical patent/CN113709174A/en
Application granted granted Critical
Publication of CN113709174B publication Critical patent/CN113709174B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1433Vulnerability analysis
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Debugging And Monitoring (AREA)

Abstract

The invention discloses a method for recovering and repairing a power monitoring system network vulnerability heat, which comprises the steps of automatically configuring a vulnerability heat recovery environment, analyzing a vulnerability utilization mode, searching and repairing a vulnerability hot patch and the like, can automatically realize the vulnerability heat recovery, analyzes the vulnerability utilization mode and finally achieves the goal of vulnerability repair. Compared with the traditional method, the method provided by the invention has the advantages that the complicated process of configuring the environment during artificial loophole reproduction is reduced by an automatic reproduction mode, the workload of an artificial loophole analysis utilization mode is reduced, the autonomous hot patch searching and repairing based on the analysis loophole utilization mode are realized, and the method has the advantages of scientific and reasonable method, strong applicability, good effect and the like.

Description

Network vulnerability heat reappearance and repair method for power monitoring system
Technical Field
The invention relates to a power monitoring technology, in particular to a power monitoring system network vulnerability heat reappearing and repairing method.
Background
The power monitoring system network vulnerability hot-replication and repair mainly comprises three parts, namely vulnerability hot-replication, vulnerability utilization analysis and vulnerability hot-patch repair. The vulnerability hot recurrence refers to the utilization process of a certain vulnerability existing in the system, which is combined with the acquired vulnerability information to self-configure a recurrence environment and recur the vulnerability without influencing the normal service of the system; the vulnerability utilization analysis is to identify the vulnerability type and determine the vulnerability generation reason and other key information by combining system defects based on vulnerability information and through technologies such as manual analysis, fuzzy analysis and the like; the vulnerability hot patch repairing refers to the steps of aiming at system defects, searching corresponding vulnerability patches according to vulnerability generation reasons, configuring patch operating environments and then installing the patches so as to achieve the purpose of repairing vulnerabilities. In summary, after the vulnerability information is obtained, under the condition that normal service operation of the power monitoring system network is not affected, the vulnerability exploitation process can be simulated in a vulnerability hot-replication mode, the vulnerability exploitation mode is analyzed to extract key field information of the replication process, namely executed functions, memory context information, registers and other data, and then relevant patches are searched after the vulnerability generation reason is obtained, so that vulnerability repair is realized. The current bug fixing technology still has the following problems:
(1) the existing vulnerability repair technology cannot automatically build a vulnerability recurrence environment, search and construct a vulnerability utilization mode;
(2) the existing vulnerability repair technology cannot autonomously analyze a vulnerability utilization mode according to vulnerability recurrence information;
(3) the existing vulnerability patching technology cannot independently search hot patch information based on vulnerability generation reasons, and realizes vulnerability hot patch patching under the condition of not interrupting the current service of equipment.
Disclosure of Invention
The invention mainly aims to improve and innovate the vulnerability repair technology on the basis of the existing network vulnerability repair technology, and provides a vulnerability hot-replication and repair method which is scientific, reasonable, high in applicability and good in effect. The method is based on the existing vulnerability repairing method, based on vulnerability information, a vulnerability environment is automatically set up, a vulnerability utilization mode is searched or constructed, vulnerability reproduction is completed under the condition that the current service of the power monitoring system network is not interrupted, the utilization mode is analyzed and processed through a semantic analysis technology, and repairing modes such as hot patches are searched to complete vulnerability repairing.
The technical scheme adopted by the invention is as follows: a power monitoring system network vulnerability thermal reappearance and repair method comprises the following steps: automatically configuring a vulnerability thermal recurrence environment method; a vulnerability exploiting mode analyzing method; a vulnerability hot patch searching and repairing method.
Further, the method for automatically configuring the vulnerability thermal recurrence environment comprises the following steps: when the bug hot replication is carried out, the rapid simulation kernel virtual machine technology is utilized to realize the virtualized configuration of bug replication environment vectors, and the kernel virtual machine KVM is used for carrying out hardware acceleration on the rapid simulator QEMU while the normal state of the power monitoring system network is maintained; during configuration, firstly, known vulnerability information is read, vulnerability recurrence environment data, namely variables such as a system kernel file kernel, a system memory, bios during vulnerability operation, a hard disk had, a network card file net and a mirror image hard disk drive, are obtained, a recurrence environment vector TargetVuln _ map corresponding to the vulnerability is established, resources such as the kernel, the memory, the bios, the had, the net and the drive are read and distributed, vulnerability recurrence is carried out in a dynamic code translation mode, and an actual trigger scene of each vulnerability is completely recovered.
Further, the vulnerability exploiting mode analyzing method comprises the following steps: establishing a three-dimensional coordinate system, marking vulnerability occurrence NewV by using a related application state, a middle component state and a bottom register state of a vulnerability discovery site as three-dimensional coordinate points, automatically crawling related vulnerability information in a common network, a national information security vulnerability sharing platform and a Chinese national information security vulnerability library, screening a plurality of vulnerabilities of the same type, calculating a correlation coefficient among the vulnerabilities according to each vulnerability occurrence coordinate point, searching vulnerability information similar to new vulnerabilities, and defining a similarity calculation formula as follows:
Figure 100002_DEST_PATH_IMAGE001
(1)
wherein the content of the first and second substances,
Figure 250071DEST_PATH_IMAGE002
is the dimension of the vulnerability coordinate point,
Figure 902769DEST_PATH_IMAGE003
is newThe number of the loopholes is increased,
Figure 928363DEST_PATH_IMAGE004
for the relevant vulnerability crawled from the network, the similarity of the two is calculated
Figure DEST_PATH_IMAGE005
The loophole with the highest similarity can be analyzed and obtained for searching
Figure 350117DEST_PATH_IMAGE006
The concept certification and the vulnerability of the related release are analyzed by common words, and the specific formula is as follows:
Figure DEST_PATH_IMAGE007
(2)
binding vulnerabilities
Figure 553696DEST_PATH_IMAGE008
By means of, obtain
Figure 428111DEST_PATH_IMAGE009
And determining the vulnerability utilization mode according to the vulnerability trigger point.
Furthermore, the vulnerability hot patch searching and repairing method comprises the following steps: according to the obtained vulnerability trigger point and the vulnerability type, searching related vulnerability hot patches by adopting a search mode based on a search engine, searching corresponding patches with similar vulnerabilities, collecting information of the searched vulnerability hot patches, extracting factors such as an operating system patch _ os, an equipment type patch _ dev, a software version patch _ svsion, a programming language type patch _ language and the like in the patches, and constructing a patch information text vector patch _ mag; extracting information such as an operating system pathc _ os, a device type pathc _ dev, a software version pathc _ svision, a programming language type pathc _ language and the like of the vulnerability reproduction environment, establishing a vulnerability information text vector vuln _ mag, and analyzing the correlation between the patch information and the vulnerability information by using a formula (3):
Figure 867183DEST_PATH_IMAGE010
(3)
wherein the content of the first and second substances,
Figure 268077DEST_PATH_IMAGE011
and selecting the patches according to the sequence of the correlation degree from high to low to operate the related patches in the generated virtualized environment after the correlation degree calculation result is obtained, detecting whether the hot patch repair is effective, and performing hot patch repair on the actual environment of the power monitoring system network after verification is finished.
The invention has the advantages that: according to the method for reproducing and repairing the power monitoring system network vulnerability heat, disclosed by the invention, the vulnerability heat reproduction can be automatically realized, and the vulnerability utilization mode is analyzed, so that the purpose of vulnerability repair is finally achieved. Compared with the traditional method, the automatic vulnerability replication method has the advantages that the complicated process of configuring the environment during artificial vulnerability replication is reduced through the automatic replication method, the workload of the artificial vulnerability analysis utilization method is reduced, the automatic hot patch searching and repairing based on the vulnerability analysis utilization method is realized, and the automatic vulnerability replication method has the advantages of being scientific and reasonable, strong in applicability, good in effect and the like.
In addition to the objects, features and advantages described above, other objects, features and advantages of the present invention are also provided. The present invention will be described in further detail below with reference to the drawings.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this application, illustrate embodiments of the invention and, together with the description, serve to explain the invention and not to limit the invention.
FIG. 1 is a flow chart of a method for recovering and repairing network vulnerability heat of a power monitoring system according to the present invention;
fig. 2 is a schematic diagram of analyzing vulnerability similarity coordinates by the power monitoring system network vulnerability heat recovery and repair method.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention is described in further detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
Referring to fig. 1 and fig. 2, a power monitoring system network vulnerability thermal recovery and repair method includes: automatically configuring a vulnerability thermal recurrence environment method; a vulnerability exploiting mode analyzing method; a vulnerability hot patch searching and repairing method.
The method for automatically configuring the vulnerability thermal recurrence environment comprises the following steps: when the bug hot replication is carried out, a Quick emulation Kernel-based Virtual Machine (QEMU-KVM) technology is utilized to realize the virtualized configuration of bug replication environment vectors, and the Kernel Virtual Machine (KVM) is used for carrying out hardware acceleration on a Quick Emulator QEMU while the normal state of a power monitoring system network is maintained; during configuration, firstly, known vulnerability information is read, vulnerability recurrence environment data, namely variables such as a system kernel file kernel, a system memory, bios during vulnerability operation, a hard disk had, a network card file net and a mirror image hard disk drive, are obtained, a recurrence environment vector TargetVuln _ map corresponding to the vulnerability is established, resources such as the kernel, the memory, the bios, the had, the net and the drive are read and distributed, vulnerability recurrence is carried out in a dynamic code translation mode, and an actual trigger scene of each vulnerability is completely recovered.
The vulnerability exploiting mode analyzing method comprises the following steps: establishing a three-dimensional coordinate system, marking new V (AppState, middle component State, and UnderlyingState) for generating the Vulnerability by using a relevant application state (AppState), middle component state (MiddleState) and bottom layer register state (UnderlyingState) of a Vulnerability recurrence field as three-dimensional coordinate points, automatically crawling Common Vulnerability disclosure (CVE) in a public network, National Information Security sharing platform (China National Vulnerability Database, CNVD), and China National Information Security Vulnerability library (China National Vulnerability Database of Information Security, CNNVD), screening a plurality of Vulnerabilities of the same type, and calculating a relevant coefficient between Vulnerabilities according to the coordinate points of the Vulnerability generation to find Vulnerability Information similar to the new Vulnerability, wherein a similarity calculation formula is defined as:
Figure 501612DEST_PATH_IMAGE012
(1)
wherein the content of the first and second substances,
Figure DEST_PATH_IMAGE013
is the dimension of the vulnerability coordinate point,
Figure 128903DEST_PATH_IMAGE014
in order to newly create a vulnerability,
Figure DEST_PATH_IMAGE015
for the relevant vulnerability crawled from the network, the similarity of the two is calculated
Figure 247031DEST_PATH_IMAGE016
The loophole with the highest similarity can be analyzed and obtained for searching
Figure DEST_PATH_IMAGE017
The Concept certification (POC) and the Exploit (expit, EXP) of the related release are analyzed for common words, and the specific formula is as follows:
Figure 643378DEST_PATH_IMAGE018
(2)
binding vulnerabilities
Figure 172448DEST_PATH_IMAGE019
By means of, obtain
Figure 21455DEST_PATH_IMAGE020
And determining the vulnerability utilization mode according to the vulnerability trigger point.
The vulnerability hot patch searching and repairing method comprises the following steps: according to the obtained vulnerability trigger point and the vulnerability type, searching related vulnerability hot patches by adopting a search mode based on a search engine, searching corresponding patches with similar vulnerabilities, collecting information of the searched vulnerability hot patches, extracting factors such as an operating system patch _ os, an equipment type patch _ dev, a software version patch _ svsion, a programming language type patch _ language and the like in the patches, and constructing a patch information text vector patch _ mag; extracting information such as an operating system pathc _ os, a device type pathc _ dev, a software version pathc _ svision, a programming language type pathc _ language and the like of the vulnerability reproduction environment, establishing a vulnerability information text vector vuln _ mag, and analyzing the correlation between the patch information and the vulnerability information by using a formula (3):
Figure DEST_PATH_IMAGE021
(3)
wherein the content of the first and second substances,
Figure 536750DEST_PATH_IMAGE022
and selecting the patches according to the sequence of the correlation degree from high to low to operate the related patches in the generated virtualized environment after the correlation degree calculation result is obtained, detecting whether the hot patch repair is effective, and performing hot patch repair on the actual environment of the power monitoring system network after verification is finished.
The above description is only for the purpose of illustrating the preferred embodiments of the present invention and is not to be construed as limiting the invention, and any modifications, equivalents, improvements and the like that fall within the spirit and principle of the present invention are intended to be included therein.

Claims (4)

1. A power monitoring system network vulnerability thermal reappearance and repair method is characterized by comprising the following steps: automatically configuring a vulnerability thermal recurrence environment method; a vulnerability exploiting mode analyzing method; a vulnerability hot patch searching and repairing method.
2. The power monitoring system network vulnerability thermal rendering and patching method of claim 1, wherein the automatic configuration vulnerability thermal rendering environment method comprises: when the bug hot replication is carried out, the rapid simulation kernel virtual machine technology is utilized to realize the virtualized configuration of bug replication environment vectors, and the kernel virtual machine KVM is used for carrying out hardware acceleration on the rapid simulator QEMU while the normal state of the power monitoring system network is maintained; during configuration, firstly, known vulnerability information is read, vulnerability recurrence environment data, namely variables such as a system kernel file kernel, a system memory, bios during vulnerability operation, a hard disk had, a network card file net and a mirror image hard disk drive, are obtained, a recurrence environment vector TargetVuln _ map corresponding to the vulnerability is established, resources such as the kernel, the memory, the bios, the had, the net and the drive are read and distributed, vulnerability recurrence is carried out in a dynamic code translation mode, and an actual trigger scene of each vulnerability is completely recovered.
3. The power monitoring system network vulnerability thermal rendering and patching method of claim 1, wherein the vulnerability exploitation manner analysis method comprises: establishing a three-dimensional coordinate system, marking vulnerability occurrence NewV by using a related application state, a middle component state and a bottom register state of a vulnerability discovery site as three-dimensional coordinate points, automatically crawling related vulnerability information in a common network, a national information security vulnerability sharing platform and a Chinese national information security vulnerability library, screening a plurality of vulnerabilities of the same type, calculating a correlation coefficient among the vulnerabilities according to each vulnerability occurrence coordinate point, searching vulnerability information similar to new vulnerabilities, and defining a similarity calculation formula as follows:
Figure DEST_PATH_IMAGE001
(1)
wherein the content of the first and second substances,
Figure 461290DEST_PATH_IMAGE002
is the dimension of the vulnerability coordinate point,
Figure 913000DEST_PATH_IMAGE003
in order to newly create a vulnerability,
Figure 462930DEST_PATH_IMAGE004
for relevant vulnerabilities crawled from the networkBy calculating the similarity of both
Figure 141036DEST_PATH_IMAGE005
The loophole with the highest similarity can be analyzed and obtained for searching
Figure 434614DEST_PATH_IMAGE006
The concept certification and the vulnerability of the related release are analyzed by common words, and the specific formula is as follows:
Figure 757142DEST_PATH_IMAGE007
(2)
binding vulnerabilities
Figure 212395DEST_PATH_IMAGE008
By means of, obtain
Figure 377797DEST_PATH_IMAGE009
And determining the vulnerability utilization mode according to the vulnerability trigger point.
4. The power monitoring system network vulnerability thermal rendering and patching method of claim 1, wherein the vulnerability thermal patch finding and patching method comprises: according to the obtained vulnerability trigger point and the vulnerability type, searching related vulnerability hot patches by adopting a search mode based on a search engine, searching corresponding patches with similar vulnerabilities, collecting information of the searched vulnerability hot patches, extracting factors such as an operating system patch _ os, an equipment type patch _ dev, a software version patch _ svsion, a programming language type patch _ language and the like in the patches, and constructing a patch information text vector patch _ mag; extracting information such as an operating system pathc _ os, a device type pathc _ dev, a software version pathc _ svision, a programming language type pathc _ language and the like of the vulnerability reproduction environment, establishing a vulnerability information text vector vuln _ mag, and analyzing the correlation between the patch information and the vulnerability information by using a formula (3):
Figure 209486DEST_PATH_IMAGE010
(3)
wherein the content of the first and second substances,
Figure 901368DEST_PATH_IMAGE011
and selecting the patches according to the sequence of the correlation degree from high to low to operate the related patches in the generated virtualized environment after the correlation degree calculation result is obtained, detecting whether the hot patch repair is effective, and performing hot patch repair on the actual environment of the power monitoring system network after verification is finished.
CN202111029561.0A 2021-09-03 2021-09-03 Network vulnerability heat reappearance and repair method for power monitoring system Active CN113709174B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202111029561.0A CN113709174B (en) 2021-09-03 2021-09-03 Network vulnerability heat reappearance and repair method for power monitoring system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202111029561.0A CN113709174B (en) 2021-09-03 2021-09-03 Network vulnerability heat reappearance and repair method for power monitoring system

Publications (2)

Publication Number Publication Date
CN113709174A true CN113709174A (en) 2021-11-26
CN113709174B CN113709174B (en) 2023-04-18

Family

ID=78657730

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202111029561.0A Active CN113709174B (en) 2021-09-03 2021-09-03 Network vulnerability heat reappearance and repair method for power monitoring system

Country Status (1)

Country Link
CN (1) CN113709174B (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114301638A (en) * 2021-12-13 2022-04-08 山石网科通信技术股份有限公司 Method and device for reproducing firewall rules, storage medium and processor
CN114329486A (en) * 2021-12-24 2022-04-12 中电信数智科技有限公司 Asset vulnerability management method and device, electronic equipment and storage medium
CN115310099A (en) * 2022-10-12 2022-11-08 北京盛邦赛云科技有限公司 Vulnerability coordinate system establishing method, vulnerability analyzing device and related equipment

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103745158A (en) * 2014-01-26 2014-04-23 北京奇虎科技有限公司 Method and device for repairing system bugs
US20190005246A1 (en) * 2017-06-29 2019-01-03 Aqua Security Software, Ltd. System for Virtual Patching Security Vulnerabilities in Software Containers
CN109714314A (en) * 2018-11-21 2019-05-03 中国电子科技网络信息安全有限公司 A kind of construction method for the holographic vulnerability database reappearing loophole Life cycle
CN112286823A (en) * 2020-11-18 2021-01-29 山石网科通信技术股份有限公司 Method and device for testing kernel of operating system

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103745158A (en) * 2014-01-26 2014-04-23 北京奇虎科技有限公司 Method and device for repairing system bugs
US20190005246A1 (en) * 2017-06-29 2019-01-03 Aqua Security Software, Ltd. System for Virtual Patching Security Vulnerabilities in Software Containers
CN109714314A (en) * 2018-11-21 2019-05-03 中国电子科技网络信息安全有限公司 A kind of construction method for the holographic vulnerability database reappearing loophole Life cycle
CN112286823A (en) * 2020-11-18 2021-01-29 山石网科通信技术股份有限公司 Method and device for testing kernel of operating system

Non-Patent Citations (6)

* Cited by examiner, † Cited by third party
Title
李志茹等: "电网企业统一漏洞补丁管理系统设计与应用", 《电力信息与通信技术》 *
温涛等: "UVDA:自动化融合异构安全漏洞库框架的设计与实现", 《通信学报》 *
滕忠钢: "利用"Kali Linux"与"Docker"技术进行渗透测试实验", 《信息技术与信息化》 *
邹雅毅等: "开源软件漏洞补丁的采集与整理", 《河北省科学院学报》 *
陈一鸣等: "基于Docker的漏洞验证框架的设计与实现", 《电子技术应用》 *
靳宪龙等: "基于Crash的漏洞利用自动生成系统", 《现代计算机》 *

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114301638A (en) * 2021-12-13 2022-04-08 山石网科通信技术股份有限公司 Method and device for reproducing firewall rules, storage medium and processor
CN114301638B (en) * 2021-12-13 2024-02-06 山石网科通信技术股份有限公司 Firewall rule reproduction method and device, storage medium and processor
CN114329486A (en) * 2021-12-24 2022-04-12 中电信数智科技有限公司 Asset vulnerability management method and device, electronic equipment and storage medium
CN115310099A (en) * 2022-10-12 2022-11-08 北京盛邦赛云科技有限公司 Vulnerability coordinate system establishing method, vulnerability analyzing device and related equipment

Also Published As

Publication number Publication date
CN113709174B (en) 2023-04-18

Similar Documents

Publication Publication Date Title
CN113709174B (en) Network vulnerability heat reappearance and repair method for power monitoring system
Tian et al. A real-time correlation of host-level events in cyber range service for smart campus
CN101438529B (en) Proactive computer malware protection through dynamic translation
CN101788915A (en) White list updating method based on trusted process tree
JP2021022400A (en) Analysis system, method and program
CN106951345A (en) A kind of conformance test method and device of magnetic disk of virtual machine data
CN107515778A (en) A kind of origin method for tracing and system based on context-aware
US20230168916A1 (en) Method and System for Interactive Cyber Simulation Exercises
CN113868648A (en) Automatic shelling engine implementation method for malicious files
CN110875928A (en) Attack tracing method, device, medium and equipment
CN116527332B (en) Network attack drilling method, device, equipment and storage medium
Le et al. Iot Botnet detection using system call graphs and one-class CNN classification
CN103455677B (en) Environmental simulation method and system
CN113468524A (en) RASP-based machine learning model security detection method
CN105701405A (en) System and method for antivirus checking of native images of software assemblies
Zhang et al. Automatic detection of Android malware via hybrid graph neural network
CN112257077A (en) Automatic vulnerability mining method based on deep learning
CN107203410A (en) A kind of VMI method and system based on redirection of system call
KR102507189B1 (en) Method for extracting neural networks via meltdown
Thevenon et al. iMRC: Integrated Monitoring & Recovery Component, a Solution to Guarantee the Security of Embedded Systems.
CN115220736A (en) Target automatic deployment method based on OPENSTACK
CN102999719B (en) A kind of malicious code on-line analysis based on hardware simulator and system
Zhou et al. A hardware-based architecture-neutral framework for real-time iot workload forensics
Yao et al. Research on IoT Device Vulnerability Mining Technology Based on Static Preprocessing and Coloring Analysis
Newlin et al. ARC Containers for AI Workloads: Singularity Performance Overhead

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant