CN114461252A - Software service upgrading method based on big data vulnerability analysis and Internet AI system - Google Patents

Software service upgrading method based on big data vulnerability analysis and Internet AI system Download PDF

Info

Publication number
CN114461252A
CN114461252A CN202210218871.5A CN202210218871A CN114461252A CN 114461252 A CN114461252 A CN 114461252A CN 202210218871 A CN202210218871 A CN 202210218871A CN 114461252 A CN114461252 A CN 114461252A
Authority
CN
China
Prior art keywords
vulnerability
abnormal
application
analysis unit
outputting
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202210218871.5A
Other languages
Chinese (zh)
Other versions
CN114461252B (en
Inventor
刘小召
范相军
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Guangdong Sanding Industrial Group Co Ltd
Original Assignee
Mudanjiang Langlian Network Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Mudanjiang Langlian Network Technology Co ltd filed Critical Mudanjiang Langlian Network Technology Co ltd
Priority to CN202210218871.5A priority Critical patent/CN114461252B/en
Priority to CN202210860383.4A priority patent/CN115220765A/en
Publication of CN114461252A publication Critical patent/CN114461252A/en
Application granted granted Critical
Publication of CN114461252B publication Critical patent/CN114461252B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/60Software deployment
    • G06F8/65Updates
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/577Assessing vulnerabilities and evaluating computer system security
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/03Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
    • G06F2221/033Test or assess software

Abstract

The embodiment of the application provides a software service upgrading method based on big data vulnerability analysis and an Internet AI system, and further decision is made according to vulnerability field vectors in the process of analyzing the target application abnormal vulnerability, so that vulnerability relevance between the decided target application abnormal vulnerability and the application decision vulnerability is stronger. The known labeling connection of the vulnerability analysis aiming at the application abnormal operation data is realized through the target application abnormal vulnerability, so that the software service upgrading is carried out on the online micro-service application according to the target application abnormal vulnerability, the reliability of vulnerability repair in the software service upgrading process can be improved, and the stability of software service operation is improved.

Description

Software service upgrading method based on big data vulnerability analysis and Internet AI system
Technical Field
The application relates to the technical field of internet information, in particular to a software service upgrading method based on big data vulnerability analysis and an internet AI system.
Background
Software bugs are errors existing in the development process of software products, bugs can also be errors generated only in special scenes, and generally the bugs are regarded as bugs when software cannot achieve the expected effect of users or are inconsistent with the expected result. For example, with the development of internet information technology, many online functional services, that is, online micro service applications, are generated, and these online micro service applications are developed and generated for providing services to users as soon as possible (e.g., applets), so that the operation stability of the online micro service applications relates to the core experience of the users. Therefore, the analysis of the application exception vulnerability is carried out on the application exception operation data generated in the operation process, and the software service upgrading content matched with the application exception operation data can be conveniently provided for updating and iterating.
However, in an actual related technical scheme, vulnerability analysis and mining are usually performed on affected results generated by a vulnerability, not field vectors of the vulnerability itself, however, even the same vulnerability may cause different affected results, which may cause inaccuracy in vulnerability analysis, and problem vulnerabilities analyzed in the related art may not accurately reflect known regularized annotation vulnerabilities during feature expression, which may cause vulnerability analysis to have noise due to many reasons, and further cause stability of software service operation to be affected.
Disclosure of Invention
In order to overcome at least the above defects in the prior art, the present application aims to provide a software service upgrading method based on big data vulnerability analysis and an internet AI system.
In a first aspect, the present application provides a software service upgrading method based on big data vulnerability analysis, which is applied to an internet AI system, and the method includes:
acquiring application abnormal operation data of the online micro-service application, wherein the application abnormal operation data represents an application abnormal vulnerability of the online micro-service application;
outputting a vulnerability analysis unit cluster of the abnormal application operation data according to the abnormal application operation data, wherein vulnerability analysis units in the vulnerability analysis unit cluster are respectively associated with different vulnerability analysis instances of the abnormal application operation data;
starting a vulnerability analysis unit in the vulnerability analysis unit cluster for the application abnormal operation data, and outputting an application decision vulnerability of the online microservice application in the application abnormal operation data;
outputting a target application abnormal vulnerability according to the application abnormal operation data, the vulnerability field vector of the application decision vulnerability, the vulnerability field vectors of a plurality of known marked vulnerabilities and the vulnerability analysis unit cluster, and performing software service upgrade on the online micro service application according to the target application abnormal vulnerability, wherein the target application abnormal vulnerability is a known marked vulnerability in the plurality of known marked vulnerabilities, and the known marked vulnerability is an application decision vulnerability of a known mark.
In a possible implementation manner of the first aspect, the outputting the application abnormal operation data according to the application abnormal operation data by the vulnerability analysis unit cluster includes:
and outputting the vulnerability analysis unit cluster of the abnormal application operation data according to the abnormal operation situation of the abnormal application operation data in each abnormal application operation event and a prior authentication vulnerability analysis unit cluster corresponding to each abnormal application operation event, wherein the abnormal operation situation represents an abnormal service process which is not operated and activated in the abnormal application operation data in the corresponding abnormal application operation event, a standby linkage abnormal service process and an abnormal service process which is operated and activated, and the prior authentication vulnerability analysis unit cluster is a vulnerability analysis unit cluster determined by the abnormal application operation event before the corresponding abnormal application operation event.
In a possible implementation manner of the first aspect, the outputting the vulnerability analysis unit cluster of the abnormal application operation data according to the abnormal operation situation of the abnormal application operation data in each abnormal application operation event and the prior authentication vulnerability analysis unit cluster corresponding to each abnormal application operation event includes:
in any application operation abnormal event R, outputting the operation abnormal situation of the application abnormal operation data in the application operation abnormal event R, wherein R is a positive integer;
acquiring a prior authentication vulnerability analysis unit cluster determined in an application operation abnormal event R-1;
outputting a vulnerability analysis unit corresponding to the application running abnormal event R according to the running abnormal situation of the application running abnormal event R of the application abnormal running data and a prior authentication vulnerability analysis unit cluster determined by the application running abnormal event R-1;
adding the vulnerability analysis unit corresponding to the application running abnormal event R into the prior authentication vulnerability analysis unit cluster determined by the application running abnormal event R-1, and outputting the vulnerability analysis unit cluster corresponding to the application running abnormal event R.
In a possible implementation manner of the first aspect, the outputting, according to the abnormal operation situation of the abnormal operation data in the abnormal operation event R of the application and the previous authentication vulnerability analysis unit cluster determined in the abnormal operation event R-1 of the application, a vulnerability analysis unit corresponding to the abnormal operation event R of the application includes:
outputting a vulnerability analysis unit corresponding to the abnormal application operation event R according to an abnormal service process cluster of the abnormal application operation data, a first abnormal service process cluster and a second abnormal service process cluster and a first vulnerability analysis unit in a prior authentication vulnerability analysis unit cluster determined by the abnormal application operation event R-1, wherein the abnormal service process cluster comprises an abnormal service process formed by abnormal service processes which are already run and activated when the abnormal application operation event R is run, the first abnormal service process cluster comprises an abnormal service process which waits for linkage when the abnormal application event R is run, and the second abnormal service process cluster comprises an abnormal service process which is not yet run and activated in the abnormal application operation data when the abnormal application operation event R is run.
In a possible implementation manner of the first aspect, the outputting, according to the abnormal service process cluster, the first abnormal service process cluster, the second abnormal service process cluster of the abnormal application operation data and the first vulnerability analysis unit in the previous authentication vulnerability analysis unit cluster determined by the abnormal application operation event R-1, a vulnerability analysis unit corresponding to the abnormal application operation event R includes:
constructing a first abnormal service process data set of the application operation abnormal event R by using the first two abnormal service processes in the abnormal service process cluster, the first abnormal service process in the first abnormal service process cluster, the first abnormal service process in the second abnormal service process cluster and the first vulnerability analysis unit in the prior authentication vulnerability analysis unit cluster determined by the application operation abnormal event R-1;
processing the first abnormal service process data set according to a first preset vulnerability analysis element coefficient space and a first preset vulnerability analysis derived space, and outputting a second abnormal service process data set of the application operation abnormal event R;
and processing the second abnormal service process data set according to a vulnerability analysis decision model, and outputting a vulnerability analysis unit corresponding to the application operation abnormal event R.
In a possible implementation manner of the first aspect, the outputting a target application exception vulnerability according to the application exception operation data, the vulnerability field vector of the application decision vulnerability, the vulnerability field vectors of a plurality of known marked vulnerabilities, and the vulnerability analysis unit cluster includes:
according to the application abnormal operation data, acquiring a first vulnerability triggering and connecting vector between a forward abnormal service process of the application decision vulnerability and the application decision vulnerability in the application abnormal operation data and a second vulnerability triggering and connecting vector between a backward abnormal service process of the application decision vulnerability and the application decision vulnerability in the application abnormal operation data;
and outputting the target application abnormal vulnerability according to the first vulnerability triggering and connecting vector, the second vulnerability triggering and connecting vector, the vulnerability field vector of the application decision vulnerability, the vulnerability field vectors of the known marked vulnerabilities and the vulnerability analysis unit cluster.
In a possible implementation manner of the first aspect, the outputting the target application exception vulnerability according to the first vulnerability trigger adaptor vector, the second vulnerability trigger adaptor vector, the vulnerability field vector of the application decision vulnerability, the vulnerability field vectors of the plurality of known annotation vulnerabilities, and the vulnerability analysis unit cluster includes:
according to a persistence feature analysis rule, respectively performing persistence feature analysis on the vulnerability field vector of the application decision vulnerability and the vulnerability field vector of each known marked vulnerability, and outputting persistence features of the application decision vulnerability and the persistence features of each known marked vulnerability;
and outputting the target application abnormal vulnerability according to the first vulnerability triggering and connecting vector, the second vulnerability triggering and connecting vector, the continuous characteristic of the application decision vulnerability, the continuous characteristic of each known marking vulnerability, the vulnerability field vector of each known marking vulnerability and the first vulnerability analysis unit in the vulnerability analysis unit cluster.
In a possible implementation manner of the first aspect, the outputting the target application exception vulnerability according to the first vulnerability trigger engagement vector, the second vulnerability trigger engagement vector, the persistent characteristics of the application decision vulnerability, the persistent characteristics of each known tagged vulnerability, the vulnerability field vector of each known tagged vulnerability, and the first vulnerability analysis unit in the vulnerability analysis unit cluster includes:
constructing a first vulnerability relevance array by using the first vulnerability triggering and connecting vector, the second vulnerability triggering and connecting vector, the persistence characteristics of the application decision vulnerability, the persistence characteristics of each known marked vulnerability, the vulnerability field vector of each known marked vulnerability and a first vulnerability analysis unit in the vulnerability analysis unit cluster;
processing the first vulnerability correlation array according to a second preset vulnerability analysis element coefficient space and a second preset vulnerability analysis derivative space, and outputting a second vulnerability correlation array;
processing the second vulnerability relevance array according to vulnerability relevance rules, and outputting vulnerability relevance between each known marked vulnerability and the application decision vulnerability;
and outputting the known mark vulnerabilities of which the vulnerability relevance meets preset conditions in the plurality of known mark vulnerabilities as the target application abnormal vulnerabilities.
In one possible implementation of the first aspect, the method further comprises:
outputting vulnerability field vectors of the known annotation vulnerabilities according to the known annotation vulnerabilities and knowledge point contact vectors among the known annotation vulnerabilities;
wherein, the plurality of known mark vulnerabilities include a first known mark vulnerability, a second known mark vulnerability and a third known mark vulnerability, the first known mark vulnerability is a forward knowledge contact entity of the second known mark vulnerability, no knowledge point contact vector exists between the third known mark vulnerability and the second known mark vulnerability, and outputting vulnerability field vectors of the plurality of known mark vulnerabilities according to the plurality of known mark vulnerabilities and knowledge point contact vectors between the plurality of known mark vulnerabilities includes:
performing persistent centralized feature analysis on the first known annotation vulnerability, the second known annotation vulnerability and the third known annotation vulnerability, and outputting a first persistent centralized feature of the first known annotation vulnerability, a second persistent centralized feature of the second known annotation vulnerability and a third persistent centralized feature of the third known annotation vulnerability;
inputting the first persistent centralized feature and the second persistent centralized feature into a feature extraction model, performing nonlinear mapping on the second persistent centralized feature according to target nonlinear relation information through the feature extraction model, and outputting a fourth persistent centralized feature of the second known marked vulnerability;
processing the first persistent concentrated feature and the second persistent concentrated feature according to a first distinctive feature between the first persistent concentrated feature and the fourth persistent concentrated feature and a second distinctive feature between the third persistent concentrated feature and the fourth persistent concentrated feature, and outputting a vulnerability field vector of the first known marked vulnerability and a vulnerability field vector of the second known marked vulnerability.
For example, in a possible implementation manner of the first aspect, the step of upgrading the software service of the online microservice application according to the target application exception vulnerability includes:
acquiring a vulnerability influence characteristic sequence of the target application abnormal vulnerability corresponding to an application table entry of the on-line micro-service application in a target function configuration interval, wherein the vulnerability influence characteristic sequence related to the target application abnormal vulnerability comprises vulnerability influence characteristics of each abnormal vulnerability node in the target application abnormal vulnerability;
and according to a vulnerability repair decision program in the developed and deployed software service upgrading application related to the target application abnormal vulnerability, performing vulnerability repair attribute decision on a vulnerability influence characteristic sequence related to the target application abnormal vulnerability to obtain vulnerability repair attribute decision information, and performing vulnerability repair firmware scheduling on the software service upgrading application according to the vulnerability repair attribute decision information, and then performing software service upgrading on the on-line micro-service application according to the software service upgrading application.
For example, in a possible implementation manner of the first aspect, after the step of upgrading the software service of the online microservice application according to the target application exception vulnerability, the method further includes:
according to the simulation test use activity of a first node and the simulation test use activity of a second node in the application test on-line activity after software service upgrading is carried out on the on-line microservice application, outputting a first normal operation index sequence and first operation abnormal change information of the simulation test use activity of the first node, and obtaining first key change data of the simulation test use activity of the first node relative to a simulation change item:
outputting first vulnerability supplementary repair data through a first normal operation index sequence, first operation abnormal change information and first key change data of the first node use activity through simulation test of the first node;
and judging whether the application operation data after bug supplementary repair corresponding to the first bug supplementary repair data has operation improvement indexes or not according to the learned bug supplementary repair analysis model.
For example, in a possible implementation manner of the first aspect, outputting the first normal operation index sequence and the first abnormal operation change information of the simulated test usage activity of the first test channel according to the simulated test usage activity of the first test channel and the simulated test usage activity of the second test channel in the application test online activity includes: the following steps are executed for the simulation test using activity of the first test channel and the simulation test using activity of the second test channel which are continued in the application test on-line activity: for each first simulation test use case in the simulation test use activities of the first test channel and the simulation test use activities of the second test channel, outputting a first operation abnormal point associated with each first simulation test use case according to simulation test use track information of each first simulation test use case in the simulation test use activities of the first test channel and the simulation test use activities of the second test channel and first application test acquisition data corresponding to the application test on-line activities, and determining a first operation abnormal point variable of each first simulation test use case and a first normal operation index sequence of the simulation test use activities of the first test channel; and outputting first running abnormal change information of the simulated test use activity of the first test channel according to the first running abnormal point variable of each first simulated test use case.
For example, in one possible implementation of the first aspect, the outputting of the simulation test of the first test channel uses first critical variation data of activity versus simulation variation items, including: and outputting first key change data of the simulation test use activity of the first test channel relative to the simulation change items according to the quantity of key change matching rules which are mapped to the simulation change items by the frequently-changed item characteristics of each first simulation test use case in the simulation test process.
In a second aspect, an embodiment of the present application further provides an internet AI system, where the internet AI system includes a processor and a machine-readable storage medium, where a computer program is stored in the machine-readable storage medium, and the computer program is loaded and executed by the processor to implement the software service upgrading method based on big data vulnerability analysis of the first aspect.
According to the above aspect, the corresponding vulnerability analysis unit cluster can be determined according to the application abnormal operation data, and the vulnerability analysis units in the vulnerability analysis unit cluster are started for the application abnormal operation data to obtain the application decision vulnerability in the application abnormal operation data, wherein the application decision vulnerability can represent the application abnormal vulnerability of the online microservice application. According to the application abnormal operation data, the vulnerability field vector of the application decision vulnerability, the vulnerability field vector of the known marked vulnerability and the vulnerability analysis unit cluster, determining the target application abnormal vulnerability from the plurality of known marked vulnerabilities, wherein the target application abnormal vulnerability is the known marked vulnerability of the application decision vulnerability in the application abnormal operation data, and as the decision is further made according to the vulnerability field vector in the process of analyzing the target application abnormal vulnerability, the vulnerability relevance between the decided target application abnormal vulnerability and the application decision vulnerability is stronger. The known marking connection aiming at the vulnerability analysis of the application abnormal operation data is realized through the target application abnormal vulnerability, so that the software service upgrading is carried out on the online micro-service application according to the target application abnormal vulnerability, the vulnerability repairing reliability in the software service upgrading process can be improved, and the software service operation stability is improved.
Drawings
Fig. 1 is a schematic architecture diagram of a software service upgrade system based on big data vulnerability analysis according to an embodiment of the present application;
fig. 2 is a schematic flowchart of a software service upgrading method based on big data vulnerability analysis according to an embodiment of the present disclosure.
Detailed Description
Fig. 1 is a schematic architecture diagram of a software service upgrade system 10 based on big data vulnerability analysis according to an embodiment of the present application. The software service upgrade system 10 based on big data vulnerability analysis may include an internet AI system 100 and an online microservice system 200 communicatively connected to the internet AI system 100. The big data vulnerability analysis-based software service upgrade system 10 shown in fig. 1 is only one possible example, and in other possible embodiments, the big data vulnerability analysis-based software service upgrade system 10 may also include only at least some of the components shown in fig. 1 or may also include other components.
In this embodiment, the internet AI system 100 and the online micro-service system 200 in the software service upgrading system 10 based on big data vulnerability analysis may execute the software service upgrading method based on big data vulnerability analysis according to the cooperation, which is described in the following method embodiments, and the detailed description of the steps of executing the internet AI system 100 and the online micro-service system 200 may refer to the following method embodiments.
ST101, obtaining application abnormal operation data of the on-line micro-service application, wherein the application abnormal operation data represents an application abnormal vulnerability of the on-line micro-service application.
In some possible embodiments, the online microservice application is any online internet function service, such as an e-commerce live broadcast function service, and the application abnormal operation data of the online microservice application is operation data of the internet function service in an abnormal operation condition (such as application crash, application reloading, application data loss, and the like) in an operation process.
ST102, outputting a vulnerability analysis unit cluster of the application abnormal operation data according to the application abnormal operation data, wherein vulnerability analysis units in the vulnerability analysis unit cluster are respectively associated with different vulnerability analysis instances of the application abnormal operation data.
The vulnerability analysis unit cluster comprises a plurality of vulnerability analysis units, and the vulnerability analysis units in the vulnerability analysis unit cluster have different vulnerability analysis orders, namely different vulnerability analysis units are started in different vulnerability analysis instances of application abnormal operation data. Each vulnerability analysis unit can be used for analyzing data of different operation time sequences or data of different operation types in the application abnormal operation data, namely one vulnerability analysis unit can correspond to a certain operation time sequence or a certain operation activity type, and different vulnerability analysis units can be flexibly determined from the application abnormal operation data according to required requirements and rules in the actual application process.
And ST103, starting a vulnerability analysis unit in the vulnerability analysis unit cluster for the application abnormal operation data, and outputting an application decision vulnerability of the on-line microservice application in the application abnormal operation data.
The application decision loopholes of the online microservice application are specific problem loopholes in the abnormal application operation data, and the specific problem loopholes cannot accurately reflect the known normalized marking loopholes when performing feature expression, namely the application decision loopholes needing to be connected with the known marking loopholes. In some possible embodiments, the vulnerability analysis unit in the vulnerability analysis unit cluster is enabled for the application abnormal operation data, and the application decision vulnerability of the on-line microservice application in the application abnormal operation data is output.
ST104, outputting a target application abnormal vulnerability according to the application abnormal operation data, the vulnerability field vector of the application decision vulnerability, the vulnerability field vectors of a plurality of known marked vulnerabilities and the vulnerability analysis unit cluster, and upgrading software service of the on-line micro service application according to the target application abnormal vulnerability, wherein the target application abnormal vulnerability is a known marked vulnerability which is connected with the application decision vulnerability in the plurality of known marked vulnerabilities, and the known marked vulnerability is an application decision vulnerability of the known mark.
The target application exception vulnerability is a known annotation vulnerability related to an application decision vulnerability of the microservice application in the application exception operation data.
Due to the design, in the process of analyzing the target application abnormal vulnerability, the decision is further made according to the vulnerability field vector, so that the vulnerability relevance between the decided target application abnormal vulnerability and the application decision vulnerability is stronger. The known marking connection aiming at the vulnerability analysis of the application abnormal operation data is realized through the target application abnormal vulnerability, so that the software service upgrading is carried out on the online micro-service application according to the target application abnormal vulnerability, the vulnerability repairing reliability in the software service upgrading process can be improved, and the software service operation stability is improved.
The above embodiments are described below with reference to further examples, for example, the above method includes the following steps.
ST201, obtaining application abnormal operation data of the on-line micro-service application, wherein the application abnormal operation data represents an application abnormal bug of the on-line micro-service application.
In some possible embodiments, the online micro service application is a medical consultation user, and the application abnormal operation data of the online micro service application is consultation interaction data of the medical consultation user in the treatment service process or service data of the medical consultation user to the medical consultation user.
ST202, outputting a vulnerability analysis unit cluster of the application abnormal operation data according to the application abnormal operation data, wherein vulnerability analysis units in the vulnerability analysis unit cluster are respectively associated with different vulnerability analysis instances of the application abnormal operation data.
In some possible embodiments, the vulnerability analysis unit cluster of the application abnormal operation data is output according to an operation abnormal situation of the application abnormal operation data in each application operation abnormal event and a prior authentication vulnerability analysis unit cluster corresponding to each application operation abnormal event, the operation abnormal situation represents an abnormal service process which is not operated and activated in the application abnormal operation data in the corresponding application operation abnormal event, an abnormal service process which is formed by a waiting linkage abnormal service process and an operated and activated abnormal service process, and the prior authentication vulnerability analysis unit cluster is a vulnerability analysis unit cluster determined by the application operation abnormal event before the corresponding application operation abnormal event.
The abnormal operation situation is used for representing state information of the abnormal service process of the abnormal operation data of the application, one abnormal operation event is also an abnormal unit, and after the corresponding vulnerability analysis unit is started for the abnormal operation data by one abnormal operation event, the state information of the abnormal service process of the abnormal operation data of the application is updated, so that the abnormal operation situation corresponding to the abnormal operation data of the application is updated. And the standby linkage abnormal service process is an abnormal service process belonging to the application decision vulnerability, and the abnormal service process formed by the running activated abnormal service process is an abnormal service process belonging to the application decision vulnerability. In some possible embodiments, the abnormal service process which is not already running in the application abnormal running data is also referred to as a potential running abnormal service process, and the linkage-waiting abnormal service process is also referred to as an abnormal service process which has been running in linkage with other abnormal service processes.
Since the vulnerability analysis unit cluster outputting the application abnormal operation data includes a plurality of application operation abnormal events according to the application abnormal operation data, the above embodiment is described below by taking one application operation abnormal event as an example.
In some possible embodiments, in any application running exception event R, the running exception situation of the application running exception data in the application running exception event R is output, where R is a positive integer. And acquiring a prior authentication vulnerability analysis unit cluster determined by the application operation abnormal event R-1. And outputting a vulnerability analysis unit corresponding to the application running abnormal event R according to the running abnormal situation of the application running abnormal event R of the application abnormal running data and the prior authentication vulnerability analysis unit cluster determined by the application running abnormal event R-1. And adding the vulnerability analysis unit corresponding to the application running abnormal event R into the prior authentication vulnerability analysis unit cluster determined by the application running abnormal event R-1, and outputting the vulnerability analysis unit cluster corresponding to the application running abnormal event R.
In some possible embodiments, the vulnerability analysis unit corresponding to the application running abnormal event R is output according to an abnormal service process cluster of the application running abnormal data, a first abnormal service process cluster, a second abnormal service process cluster and a first vulnerability analysis unit in a prior authentication vulnerability analysis unit cluster determined by the application running abnormal event R-1, the abnormal service process cluster includes an abnormal service process formed by an activated abnormal service process which is already run when the application runs the abnormal event R, the first abnormal service process cluster includes an abnormal service process which waits for linkage when the application runs the abnormal event R, and the second abnormal service process cluster includes an abnormal service process which is not already run in the application running abnormal data when the application runs the abnormal event R.
For example, the first two abnormal service processes in the abnormal service process cluster, the first abnormal service process in the first abnormal service process cluster, the first abnormal service process in the second abnormal service process cluster, and the first vulnerability analysis unit in the previous authentication vulnerability analysis unit cluster determined by the application running abnormal event R-1 are used to construct the first abnormal service process data set of the application running abnormal event R. And processing the first abnormal service process data set according to a first preset vulnerability analysis element coefficient space and a first preset vulnerability analysis derived space, and outputting a second abnormal service process data set of the application operation abnormal event R. And processing the second abnormal service process data set according to the vulnerability analysis decision model, and outputting a vulnerability analysis unit corresponding to the application operation abnormal event R.
And fourthly, adding the vulnerability analysis unit corresponding to the application running abnormal event R into the prior authentication vulnerability analysis unit cluster determined by the application running abnormal event R-1, and outputting the vulnerability analysis unit cluster corresponding to the application running abnormal event R.
And determining and adaptively updating the vulnerability analysis unit cluster through the processing of the fourth part.
And ST203, starting a vulnerability analysis unit in the vulnerability analysis unit cluster for the application abnormal operation data, and outputting an application decision vulnerability of the on-line microservice application in the application abnormal operation data.
The vulnerability analysis unit in the vulnerability analysis unit cluster is described in the above ST202, and ST203 will be described below by some embodiments.
And ST204, acquiring a vulnerability field vector of the application decision vulnerability.
In some possible embodiments, feature extraction is performed on each abnormal service process in the application abnormal operation data, and a vulnerability field vector of each abnormal service process in the application abnormal operation data is output. And fusing the vulnerability field vectors of the abnormal service processes in the application decision vulnerability and outputting the vulnerability field vectors of the application decision vulnerability.
According to the design, the vulnerability field vector of the application decision vulnerability can be obtained by applying the vulnerability field vector of the abnormal service process in the abnormal operation data, the vulnerability field vector of the application decision vulnerability is combined with the vulnerability field vector of each abnormal service process, and the feature expression performance of the vulnerability field vector of the application decision vulnerability is stronger.
In order to more clearly describe the above embodiment, the above embodiment will be described in two steps.
And A, extracting the characteristics of each abnormal service process in the abnormal application operation data, and outputting the vulnerability field vector of each abnormal service process in the abnormal application operation data.
In some possible embodiments, for any abnormal service process in the application abnormal operation data, the abnormal service process is convolved, and a first abnormal service process characteristic of the abnormal service process is output. And carrying out continuous centralized feature analysis on the abnormal service process, and outputting a second abnormal service process feature of the abnormal service process. And acquiring a third abnormal service process characteristic of the abnormal service process according to the abnormal service process and the abnormal service process associated with the abnormal service process in the application abnormal operation data, wherein the third abnormal service process characteristic is a vulnerability triggering engagement vector of the abnormal service process. And splicing the first abnormal service process characteristic, the second abnormal service process characteristic and the third abnormal service process characteristic, and outputting a vulnerability field vector of the abnormal service process.
And B, fusing vulnerability field vectors of the abnormal service processes in the application decision vulnerability, and outputting the vulnerability field vectors of the application decision vulnerability.
In some possible embodiments, the vulnerability field vectors of the abnormal service processes in the application decision vulnerability are spliced, and the vulnerability field vector of the application decision vulnerability is output.
ST205, outputting a target application abnormal vulnerability according to the application abnormal operation data, the vulnerability field vector of the application decision vulnerability, the vulnerability field vectors of a plurality of known marked vulnerabilities and the vulnerability analysis unit cluster, wherein the target application abnormal vulnerability is a known marked vulnerability which is connected with the application decision vulnerability in the plurality of known marked vulnerabilities, and the known marked vulnerability is a known marked application decision vulnerability.
In some possible embodiments, according to the application abnormal operation data, a first vulnerability triggering engagement vector between a forward abnormal service process of the application decision vulnerability and the application decision vulnerability in the application abnormal operation data and a second vulnerability triggering engagement vector between a backward abnormal service process of the application decision vulnerability and the application decision vulnerability in the application abnormal operation data are obtained. And outputting the target application abnormal vulnerability according to the first vulnerability triggering and connecting vector, the second vulnerability triggering and connecting vector, the vulnerability field vector of the application decision vulnerability, the vulnerability field vectors of the known marked vulnerabilities and the vulnerability analysis unit cluster.
The application decision vulnerability forward abnormal service process in the application abnormal operation data is also the forward abnormal activity of the application decision vulnerability in the application abnormal operation data, and the first vulnerability triggering engagement vector can represent the forward abnormal activity characteristics of the application decision vulnerability in the application abnormal operation data. Correspondingly, the backward abnormal service process of the application decision bug in the application abnormal operation data is also the backward abnormal activity of the application decision bug in the application abnormal operation data, and the second bug triggers the backward abnormal activity characteristic of the application decision bug in the application abnormal operation data of the engagement vector.
In order to more clearly describe the above embodiment, the above embodiment will be described in two steps.
And step R, according to the application abnormal operation data, acquiring a first vulnerability triggering and connecting vector between a forward abnormal service process of the application decision-making vulnerability in the application abnormal operation data and the application decision-making vulnerability, and a second vulnerability triggering and connecting vector between a backward abnormal service process of the application decision-making vulnerability in the application abnormal operation data and the application decision-making vulnerability.
In some possible embodiments, the forward abnormal service process of the application decision vulnerability in the application abnormal operation data and the application decision vulnerability are input into a vulnerability trigger analysis model, feature extraction is performed on the forward abnormal service process of the application decision vulnerability and the application decision vulnerability, and the first vulnerability trigger engagement vector is output. Inputting the backward abnormal service process of the application decision vulnerability and the application decision vulnerability in the application abnormal operation data into a vulnerability triggering analysis model, extracting the characteristics of the backward abnormal service process of the application decision vulnerability and the application decision vulnerability, and outputting the second backward abnormal activity characteristics.
And N, outputting the target application abnormal vulnerability according to the first vulnerability triggering and connecting vector, the second vulnerability triggering and connecting vector, the vulnerability field vector of the application decision vulnerability, the vulnerability field vectors of the known marked vulnerabilities and the vulnerability analysis unit cluster.
In some possible embodiments, according to a persistence feature analysis rule, persistent feature analysis is performed on the vulnerability field vector of the application decision vulnerability and the vulnerability field vectors of the known marked vulnerabilities respectively, and persistence features of the application decision vulnerability and the persistence features of the known marked vulnerabilities are output. And outputting the target application abnormal vulnerability according to the first vulnerability triggering and connecting vector, the second vulnerability triggering and connecting vector, the persistence characteristics of the application decision vulnerability, the persistence characteristics of each known marked vulnerability, the vulnerability field vector of each known marked vulnerability and the first vulnerability analysis unit in the vulnerability analysis unit cluster.
The above embodiment will be explained as divided into two steps.
And a, respectively carrying out continuous characteristic analysis on the vulnerability field vector of the application decision vulnerability and the vulnerability field vectors of all known marked vulnerabilities according to a continuous characteristic analysis rule, and outputting the continuous characteristic of the application decision vulnerability and the continuous characteristic of all known marked vulnerabilities.
In some possible embodiments, a first continuous association coefficient between the application decision vulnerability and each known annotation vulnerability and a second continuous association coefficient between each known annotation vulnerability and the application decision vulnerability are obtained according to the vulnerability field vector of the application decision vulnerability and the vulnerability field vector of each known annotation vulnerability. And binding the vulnerability field vector of the application decision vulnerability with the corresponding first continuous correlation coefficient, and outputting the continuous characteristic of the application decision vulnerability, wherein the correspondence refers to the correspondence with the known marked vulnerability. And binding the vulnerability field vector of each known marked vulnerability with the corresponding second continuous correlation coefficient, and outputting the continuous characteristic of each known marked vulnerability.
And b, outputting the target application abnormal vulnerability according to the first vulnerability triggering and connecting vector, the second vulnerability triggering and connecting vector, the persistence characteristic of the application decision vulnerability, the persistence characteristic of each known marked vulnerability, the vulnerability field vector of each known marked vulnerability and the first vulnerability analysis unit in the vulnerability analysis unit cluster.
In some possible embodiments, the first vulnerability trigger join vector, the second vulnerability trigger join vector, the persistence feature of the application decision vulnerability, the persistence feature of each known tagged vulnerability, the vulnerability field vector of each known tagged vulnerability, and the first vulnerability analysis unit in the vulnerability analysis unit cluster are used to construct a first vulnerability association array. And processing the first vulnerability relevance array according to a second preset vulnerability analysis element coefficient space and a second preset vulnerability analysis derivative space, and outputting a second vulnerability relevance array. And processing the second vulnerability relevance array according to the vulnerability relevance rule, and outputting vulnerability relevance between each known marked vulnerability and the application decision vulnerability. And outputting the known mark vulnerabilities of which the vulnerability relevance meets preset conditions in the plurality of known mark vulnerabilities as the target application abnormal vulnerability.
In some possible embodiments, the vulnerability field vectors of the known annotation vulnerabilities are output according to the known annotation vulnerabilities and a knowledge point relation vector between the known annotation vulnerabilities.
For example, the plurality of known annotation vulnerabilities includes a first known annotation vulnerability that is a forward knowledge link entity of the second known annotation vulnerability, a second known annotation vulnerability that is a forward knowledge link vector that does not exist between the third known annotation vulnerability and the second known annotation vulnerability. And performing persistent centralized feature analysis on the first known annotation vulnerability, the second known annotation vulnerability and the third known annotation vulnerability, and outputting a first persistent centralized feature of the first known annotation vulnerability, a second persistent centralized feature of the second known annotation vulnerability and a third persistent centralized feature of the third known annotation vulnerability. Inputting the first persistent centralized feature and the second persistent centralized feature into a feature extraction model, performing nonlinear mapping on the second persistent centralized feature according to target nonlinear relation information through the feature extraction model, and outputting a fourth persistent centralized feature of the second known marked vulnerability. Processing the first persistent set feature and the second persistent set feature according to a first distinctive feature between the first persistent set feature and the fourth persistent set feature and a second distinctive feature between the third persistent set feature and the fourth persistent set feature, and outputting a vulnerability field vector of the first known marked vulnerability and a vulnerability field vector of the second known marked vulnerability.
For example, for ST104, the software service upgrade for the online microservice application according to the target application exception vulnerability may be implemented by the following exemplary steps.
ST301, acquiring a vulnerability influence characteristic sequence of the target application abnormal vulnerability corresponding to the application table entry of the on-line micro service application in the target function configuration interval, wherein the vulnerability influence characteristic sequence associated with the target application abnormal vulnerability comprises vulnerability influence characteristics of each abnormal vulnerability node in the target application abnormal vulnerability.
ST302, according to a vulnerability repair decision program in the developed and deployed software service upgrading application related to the target application abnormal vulnerability, vulnerability repair attribute decision is carried out on a vulnerability influence characteristic sequence related to the target application abnormal vulnerability to obtain vulnerability repair attribute decision information, and after vulnerability repair firmware scheduling is carried out on the software service upgrading application according to the vulnerability repair attribute decision information, software service upgrading is carried out on the online micro-service application according to the software service upgrading application.
By means of the design, in the process of software service upgrading, by obtaining the vulnerability influence characteristic sequence of the application table entry of the online micro-service application in the target function configuration interval, then determining vulnerability repair attribute decision information of the vulnerability influence characteristic sequence associated with the current abnormal vulnerability of the target application before sending and repairing are carried out, then carrying out vulnerability repair firmware scheduling on the software service upgrading application, and then carrying out software service upgrading, the accuracy of software service upgrading is improved.
For example, after the step of upgrading the software service of the online microservice application according to the target application exception vulnerability, the method provided by the embodiment may further include the following steps.
ST401, according to the simulation test using activity of the first test channel and the simulation test using activity of the second test channel in the application test online activity after the software service upgrade is performed on the online microservice application, outputting a first normal operation index sequence and first operation abnormal change information of the simulation test using activity of the first test channel, and obtaining first key change data of the simulation test using activity of the first test channel relative to a simulation change item.
ST402, outputting first vulnerability supplementary repair data through a first normal operation index sequence, first operation abnormal change information and first key change data of the simulation test use activity of the first test channel.
And ST403, judging whether the application operation data after bug supplementary repair corresponding to the first bug supplementary repair data has operation improvement indexes according to the learned bug supplementary repair analysis model.
For example, the vulnerability compensation and restoration analysis model may be trained according to the application operation data sample and the corresponding marked operation effect index, so that the trained vulnerability compensation and restoration analysis model may predict the operation effect index of the application operation data after vulnerability compensation and restoration, and thus may preset the characteristics of the operation improvement index, and when the operation effect index of the application operation data after vulnerability compensation and restoration and the operation improvement index satisfy the association relationship, it may be determined that the application operation data after vulnerability compensation and restoration corresponding to the first vulnerability compensation and restoration data has the operation improvement index.
According to the steps, the vulnerability repair situation can be further analyzed after the software service of the on-line micro-service application is upgraded, and therefore vulnerability supplementary repair data are generated, so that a subsequent developer can further evaluate the operation stability after vulnerability supplementary repair is carried out, whether operation improvement indexes exist in application operation data after vulnerability supplementary repair is continuously analyzed and detected, and a closed-loop feedback mechanism for vulnerability supplementary repair is achieved.
For example, outputting a first normal operation index sequence and a first abnormal operation change information of a simulation test using activity of a first test channel and a simulation test using activity of a second test channel in an application test on-line activity according to the simulation test using activity of the first test channel and the simulation test using activity of the second test channel includes: the following steps are executed for the simulation test using activity of the first test channel and the simulation test using activity of the second test channel which are continuous in the application on-test activity: for each first simulation test use case in the simulation test use activities of the first test channel and the simulation test use activities of the second test channel, outputting a first operation abnormal point associated with each first simulation test use case according to simulation test use track information of each first simulation test use case in the simulation test use activities of the first test channel and the simulation test use activities of the second test channel and first application test acquisition data corresponding to the application test on-line activities, and determining a first operation abnormal point variable of each first simulation test use case and a first normal operation index sequence of the simulation test use activities of the first test channel; and outputting first running abnormal change information of the simulated test use activity of the first test channel according to the first running abnormal point variable of each first simulated test use case.
For example, outputting a simulated test of the first test channel uses first critical variation data of activity versus simulated variation items, including: and outputting first key change data of the simulation test use activity of the first test channel relative to the simulation change items according to the quantity of key change matching rules which are mapped to the simulation change items by the frequently-changed item characteristics of each first simulation test use case in the simulation test process.
In an embodiment, which may be according to independent concepts, the internet AI system 100 may comprise: a processor 101 and a machine-readable storage medium 102. Wherein the machine-readable storage medium 102 is used for storing a program that supports the internet AI system 100 to execute the big data vulnerability analysis based software service upgrading method provided in any one of the foregoing embodiments, and the processor 101 is configured to execute the program stored in the machine-readable storage medium 102.
The program includes one or more computer instructions, wherein the one or more computer instructions, when executed by the processor 101, enable all or part of the steps of any one of the above embodiments to be implemented.
The architecture of the internet AI system 100 may further include a communication unit 103, which is used for the internet AI system 100 to communicate with other devices (for example, the online microservice system 200).
In addition, the present application provides a computer storage medium for storing computer software instructions for the internet AI system 100, which includes a program for executing the software service upgrading method based on big data vulnerability analysis in any of the above method embodiments.
Finally, it should be noted that: the above embodiments are only used to illustrate the technical solutions of the present application, and not to limit the same; although the present application has been described in detail with reference to the foregoing embodiments, it should be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some technical features may be equivalently replaced; and such modifications or substitutions do not depart from the spirit and scope of the corresponding technical solutions in the embodiments of the present application.

Claims (10)

1. A software service upgrading method based on big data vulnerability analysis is applied to the Internet AI system, and comprises the following steps:
acquiring application abnormal operation data of the online micro-service application, wherein the application abnormal operation data represents an application abnormal vulnerability of the online micro-service application;
outputting a vulnerability analysis unit cluster of the abnormal application operation data according to the abnormal application operation data, wherein vulnerability analysis units in the vulnerability analysis unit cluster are respectively associated with different vulnerability analysis instances of the abnormal application operation data;
starting a vulnerability analysis unit in the vulnerability analysis unit cluster for the application abnormal operation data, and outputting an application decision vulnerability of the online microservice application in the application abnormal operation data;
outputting a target application abnormal vulnerability according to the application abnormal operation data, the vulnerability field vector of the application decision vulnerability, the vulnerability field vectors of a plurality of known marked vulnerabilities and the vulnerability analysis unit cluster, and performing software service upgrade on the online micro service application according to the target application abnormal vulnerability, wherein the target application abnormal vulnerability is a known marked vulnerability in the plurality of known marked vulnerabilities, and the known marked vulnerability is an application decision vulnerability of a known mark.
2. The big data vulnerability analysis based software service upgrade method according to claim 1, wherein the method further comprises:
outputting vulnerability field vectors of the known annotation vulnerabilities according to the known annotation vulnerabilities and knowledge point contact vectors among the known annotation vulnerabilities;
wherein, the plurality of known mark vulnerabilities include a first known mark vulnerability, a second known mark vulnerability and a third known mark vulnerability, the first known mark vulnerability is a forward knowledge contact entity of the second known mark vulnerability, no knowledge point contact vector exists between the third known mark vulnerability and the second known mark vulnerability, and outputting vulnerability field vectors of the plurality of known mark vulnerabilities according to the plurality of known mark vulnerabilities and knowledge point contact vectors between the plurality of known mark vulnerabilities includes:
performing persistent centralized feature analysis on the first known annotation vulnerability, the second known annotation vulnerability and the third known annotation vulnerability, and outputting a first persistent centralized feature of the first known annotation vulnerability, a second persistent centralized feature of the second known annotation vulnerability and a third persistent centralized feature of the third known annotation vulnerability;
inputting the first persistent centralized feature and the second persistent centralized feature into a feature extraction model, performing nonlinear mapping on the second persistent centralized feature according to target nonlinear relation information through the feature extraction model, and outputting a fourth persistent centralized feature of the second known marked vulnerability;
processing the first persistent concentrated feature and the second persistent concentrated feature according to a first distinctive feature between the first persistent concentrated feature and the fourth persistent concentrated feature and a second distinctive feature between the third persistent concentrated feature and the fourth persistent concentrated feature, and outputting a vulnerability field vector of the first known marked vulnerability and a vulnerability field vector of the second known marked vulnerability.
3. The big data vulnerability analysis-based software service upgrading method according to claim 1, wherein the vulnerability analysis unit cluster outputting the application abnormal operation data according to the application abnormal operation data comprises:
and outputting the vulnerability analysis unit cluster of the abnormal application running data according to the running abnormal situation of the abnormal application running data in each abnormal application running event and a prior authentication vulnerability analysis unit cluster corresponding to each abnormal application running event, wherein the running abnormal situation represents an abnormal service process which is not run and activated in the abnormal application running data in the corresponding abnormal application running event, an abnormal service process waiting for linkage and an abnormal service process which is run and activated in the abnormal application running event, and the prior authentication vulnerability analysis unit cluster is a vulnerability analysis unit cluster determined by the abnormal application running event before the corresponding abnormal application running event.
4. The software service upgrading method based on big data vulnerability analysis according to claim 3, wherein the vulnerability analysis unit cluster outputting the application abnormal operation data according to the operation abnormal situation of the application abnormal operation data in each application operation abnormal event and the prior authentication vulnerability analysis unit cluster corresponding to each application operation abnormal event comprises:
in any application operation abnormal event R, outputting the operation abnormal situation of the application abnormal operation data in the application operation abnormal event R, wherein R is a positive integer;
acquiring a prior authentication vulnerability analysis unit cluster determined in an application operation abnormal event R-1;
outputting a vulnerability analysis unit corresponding to the application running abnormal event R according to the running abnormal situation of the application running abnormal event R of the application abnormal running data and a prior authentication vulnerability analysis unit cluster determined by the application running abnormal event R-1;
adding the vulnerability analysis unit corresponding to the application running abnormal event R into the prior authentication vulnerability analysis unit cluster determined by the application running abnormal event R-1, and outputting the vulnerability analysis unit cluster corresponding to the application running abnormal event R.
5. The software service upgrading method based on big data vulnerability analysis according to claim 4, wherein the outputting vulnerability analysis units corresponding to the application running abnormal event R according to the running abnormal situation of the application running abnormal event R of the application abnormal running data and the prior authentication vulnerability analysis unit cluster determined by the application running abnormal event R-1 comprises:
outputting a vulnerability analysis unit corresponding to the abnormal application operation event R according to an abnormal service process cluster of the abnormal application operation data, a first abnormal service process cluster and a second abnormal service process cluster and a first vulnerability analysis unit in a prior authentication vulnerability analysis unit cluster determined by the abnormal application operation event R-1, wherein the abnormal service process cluster comprises an abnormal service process formed by abnormal service processes which are already run and activated when the abnormal application operation event R is run, the first abnormal service process cluster comprises an abnormal service process which waits for linkage when the abnormal application event R is run, and the second abnormal service process cluster comprises an abnormal service process which is not yet run and activated in the abnormal application operation data when the abnormal application operation event R is run.
6. The software service upgrading method based on big data vulnerability analysis according to claim 5, wherein the outputting the vulnerability analysis unit corresponding to the application operation abnormal event R according to the abnormal service process cluster, the first abnormal service process cluster, the second abnormal service process cluster of the application abnormal operation data and the first vulnerability analysis unit in the prior authentication vulnerability analysis unit cluster determined by the application operation abnormal event R-1 comprises:
constructing a first abnormal service process data set of the application operation abnormal event R by using the first two abnormal service processes in the abnormal service process cluster, the first abnormal service process in the first abnormal service process cluster, the first abnormal service process in the second abnormal service process cluster and the first vulnerability analysis unit in the prior authentication vulnerability analysis unit cluster determined by the application operation abnormal event R-1;
processing the first abnormal service process data set according to a first preset vulnerability analysis element coefficient space and a first preset vulnerability analysis derived space, and outputting a second abnormal service process data set of the application operation abnormal event R;
and processing the second abnormal service process data set according to a vulnerability analysis decision model, and outputting a vulnerability analysis unit corresponding to the application operation abnormal event R.
7. The big-data vulnerability analysis-based software service upgrade method according to claim 1, wherein the outputting a target application exception vulnerability according to the application exception running data, the vulnerability field vector of the application decision vulnerability, the vulnerability field vectors of a plurality of known annotation vulnerabilities, and the vulnerability analysis unit cluster comprises:
according to the application abnormal operation data, acquiring a first vulnerability triggering and connecting vector between a forward abnormal service process of the application decision vulnerability and the application decision vulnerability in the application abnormal operation data and a second vulnerability triggering and connecting vector between a backward abnormal service process of the application decision vulnerability and the application decision vulnerability in the application abnormal operation data;
and outputting the target application abnormal vulnerability according to the first vulnerability triggering and connecting vector, the second vulnerability triggering and connecting vector, the vulnerability field vector of the application decision vulnerability, the vulnerability field vectors of the known marked vulnerabilities and the vulnerability analysis unit cluster.
8. The big-data vulnerability analysis-based software service upgrade method according to claim 7, wherein the outputting the target application exception vulnerability according to the first vulnerability trigger engagement vector, the second vulnerability trigger engagement vector, the vulnerability field vector of the application decision vulnerability, the vulnerability field vectors of the plurality of known annotated vulnerabilities, and the vulnerability analysis unit cluster comprises:
according to a persistence feature analysis rule, respectively performing persistence feature analysis on the vulnerability field vector of the application decision vulnerability and the vulnerability field vector of each known marked vulnerability, and outputting persistence features of the application decision vulnerability and the persistence features of each known marked vulnerability;
and outputting the target application abnormal vulnerability according to the first vulnerability triggering and connecting vector, the second vulnerability triggering and connecting vector, the continuous characteristic of the application decision vulnerability, the continuous characteristic of each known marking vulnerability, the vulnerability field vector of each known marking vulnerability and the first vulnerability analysis unit in the vulnerability analysis unit cluster.
9. The big-data vulnerability analysis-based software service upgrade method according to claim 8, wherein the outputting the target application exception vulnerability according to the first vulnerability trigger engagement vector, the second vulnerability trigger engagement vector, the persistence feature of the application decision vulnerability, the persistence feature of each known annotation vulnerability, the vulnerability field vector of each known annotation vulnerability and a first vulnerability analysis unit in the vulnerability analysis unit cluster comprises:
constructing a first vulnerability relevance array by using the first vulnerability triggering and connecting vector, the second vulnerability triggering and connecting vector, the persistence characteristics of the application decision vulnerability, the persistence characteristics of each known marked vulnerability, the vulnerability field vector of each known marked vulnerability and a first vulnerability analysis unit in the vulnerability analysis unit cluster;
processing the first vulnerability correlation array according to a second preset vulnerability analysis element coefficient space and a second preset vulnerability analysis derivative space, and outputting a second vulnerability correlation array;
processing the second vulnerability relevance array according to vulnerability relevance rules, and outputting vulnerability relevance between each known marked vulnerability and the application decision vulnerability;
and outputting the known mark vulnerabilities of which the vulnerability relevance meets preset conditions in the plurality of known mark vulnerabilities as the target application abnormal vulnerabilities.
10. An internet AI system, comprising a processor and a machine-readable storage medium, wherein the machine-readable storage medium stores a computer program, and the computer program is loaded and executed based on the processor to implement the big data vulnerability analysis-based software service upgrade method according to any one of claims 1 to 9.
CN202210218871.5A 2022-03-08 2022-03-08 Software service upgrading method based on big data vulnerability analysis and Internet AI system Active CN114461252B (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN202210218871.5A CN114461252B (en) 2022-03-08 2022-03-08 Software service upgrading method based on big data vulnerability analysis and Internet AI system
CN202210860383.4A CN115220765A (en) 2022-03-08 2022-03-08 Vulnerability supplementary repair analysis method and system based on big data vulnerability analysis

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210218871.5A CN114461252B (en) 2022-03-08 2022-03-08 Software service upgrading method based on big data vulnerability analysis and Internet AI system

Related Child Applications (1)

Application Number Title Priority Date Filing Date
CN202210860383.4A Division CN115220765A (en) 2022-03-08 2022-03-08 Vulnerability supplementary repair analysis method and system based on big data vulnerability analysis

Publications (2)

Publication Number Publication Date
CN114461252A true CN114461252A (en) 2022-05-10
CN114461252B CN114461252B (en) 2022-09-16

Family

ID=81417570

Family Applications (2)

Application Number Title Priority Date Filing Date
CN202210218871.5A Active CN114461252B (en) 2022-03-08 2022-03-08 Software service upgrading method based on big data vulnerability analysis and Internet AI system
CN202210860383.4A Withdrawn CN115220765A (en) 2022-03-08 2022-03-08 Vulnerability supplementary repair analysis method and system based on big data vulnerability analysis

Family Applications After (1)

Application Number Title Priority Date Filing Date
CN202210860383.4A Withdrawn CN115220765A (en) 2022-03-08 2022-03-08 Vulnerability supplementary repair analysis method and system based on big data vulnerability analysis

Country Status (1)

Country Link
CN (2) CN114461252B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114880675A (en) * 2022-05-23 2022-08-09 银川嘉华盟科贸有限公司 Service vulnerability analysis method based on smart cloud computing and server

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116578442B (en) * 2023-05-05 2024-02-06 北京无限自在文化传媒股份有限公司 Application crash analysis method based on artificial intelligence decision and big data storage system

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030172342A1 (en) * 2002-03-08 2003-09-11 Uri Elzur System and method for identifying upper layer protocol message boundaries
WO2014198202A1 (en) * 2013-06-09 2014-12-18 Hangzhou H3C Technologies Co., Ltd Load switch command including identification of source server cluster and target server cluster
CN111488578A (en) * 2019-01-28 2020-08-04 维萨国际服务协会 Continuous vulnerability management for modern applications
CN112905261A (en) * 2021-03-05 2021-06-04 南京领行科技股份有限公司 API (application program interface) control method and device and electronic equipment
US20210266289A1 (en) * 2020-02-21 2021-08-26 Unisys Corporation Secured container management
CN113704771A (en) * 2021-08-31 2021-11-26 姜虎 Service vulnerability mining method based on artificial intelligence analysis and big data mining system
CN114095273A (en) * 2021-12-06 2022-02-25 青岛力口互联网科技有限公司 Deep learning-based internet vulnerability mining method and big data mining system

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030172342A1 (en) * 2002-03-08 2003-09-11 Uri Elzur System and method for identifying upper layer protocol message boundaries
WO2014198202A1 (en) * 2013-06-09 2014-12-18 Hangzhou H3C Technologies Co., Ltd Load switch command including identification of source server cluster and target server cluster
CN104243337A (en) * 2013-06-09 2014-12-24 杭州华三通信技术有限公司 Method and device for cross-cluster load balancing
CN111488578A (en) * 2019-01-28 2020-08-04 维萨国际服务协会 Continuous vulnerability management for modern applications
US20210266289A1 (en) * 2020-02-21 2021-08-26 Unisys Corporation Secured container management
CN112905261A (en) * 2021-03-05 2021-06-04 南京领行科技股份有限公司 API (application program interface) control method and device and electronic equipment
CN113704771A (en) * 2021-08-31 2021-11-26 姜虎 Service vulnerability mining method based on artificial intelligence analysis and big data mining system
CN114095273A (en) * 2021-12-06 2022-02-25 青岛力口互联网科技有限公司 Deep learning-based internet vulnerability mining method and big data mining system

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
P. ZHAO 等: "Density-based Clustering Method for Hardware Trojan Detection Based on Gate-level Structural Features", 《2019 ASIAN HARDWARE ORIENTED SECURITY AND TRUST SYMPOSIUM (ASIANHOST)》 *
王飞雪 等: "基于激活漏洞能力条件的软件漏洞自动分类框架", 《重庆理工大学学报(自然科学版)》 *

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114880675A (en) * 2022-05-23 2022-08-09 银川嘉华盟科贸有限公司 Service vulnerability analysis method based on smart cloud computing and server

Also Published As

Publication number Publication date
CN114461252B (en) 2022-09-16
CN115220765A (en) 2022-10-21

Similar Documents

Publication Publication Date Title
CN114461252B (en) Software service upgrading method based on big data vulnerability analysis and Internet AI system
CN107451474B (en) Software bug fixing method and device for terminal
US20100058313A1 (en) Updating a computer system
US10289743B2 (en) Client-side minimal download and simulated page navigation features
US10901580B2 (en) Associating ancillary information with an application user interface
CN111984228B (en) Interface document processing method and device, computer equipment and storage medium
CN108874661B (en) Test mapping relation library generation method and device, computer equipment and storage medium
CN111158741B (en) Method and device for monitoring dependency relationship change of service module on third party class library
CN109492181A (en) Method for page jump, device, computer equipment and storage medium
US20140359077A1 (en) Method and apparatus for transmitting symbol files
CN113297086A (en) Test case generation method and device, electronic equipment and storage medium
CN116431520A (en) Test scene determination method, device, electronic equipment and storage medium
US9009666B1 (en) Systems and methods for testing software and for storing and tracking test assets with the software
CN112052037A (en) Application software development method, device, equipment and medium
US8739146B2 (en) Systems and methods for generating and distributing executable procedures for technical desk-side support
CN109857716B (en) System interaction log recording method and device, storage medium and server
CN112181407B (en) Service realization processing method, device, system, electronic equipment and storage medium
CN113568834A (en) SDK code compatibility detection method, device, computer equipment and medium
CN113190462A (en) Dynamic data debugging method, device and equipment
KR101737575B1 (en) Method and device for verifying data based on sql sentences generated automatically
CN112860284B (en) SP upgrade package generation method and device for equipment remote upgrade and computer equipment
CN114928566B (en) Function test method and device of client, storage medium and electronic equipment
CN116680203B (en) Multi-tenant-oriented SaaS platform testing method, device, equipment and medium
CN113448822B (en) Test method, test device, computer readable medium and electronic equipment
CN116382797A (en) Data processing method, device, computer equipment and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
TA01 Transfer of patent application right

Effective date of registration: 20220715

Address after: 157000 No. 13, 4th District, Chaihe Town, Hailin City, Mudanjiang City, Heilongjiang Province

Applicant after: Hong Xingfa

Address before: 157000 No. 23, zone 2, Chaihe Town, Hailin City, Mudanjiang City, Heilongjiang Province

Applicant before: Mudanjiang langlian Network Technology Co.,Ltd.

TA01 Transfer of patent application right
TA01 Transfer of patent application right

Effective date of registration: 20220818

Address after: Room 114, No. 16, Lane 1, Longwangpu Road, Nancheng Street, Dongguan City, Guangdong Province, 523000

Applicant after: Guangdong Sanding Industrial Group Co., Ltd.

Address before: 157000 No. 13, 4th District, Chaihe Town, Hailin City, Mudanjiang City, Heilongjiang Province

Applicant before: Hong Xingfa

TA01 Transfer of patent application right
GR01 Patent grant
GR01 Patent grant