CN115118498B - Vulnerability data analysis method and system based on relevance - Google Patents
Vulnerability data analysis method and system based on relevance Download PDFInfo
- Publication number
- CN115118498B CN115118498B CN202210742550.5A CN202210742550A CN115118498B CN 115118498 B CN115118498 B CN 115118498B CN 202210742550 A CN202210742550 A CN 202210742550A CN 115118498 B CN115118498 B CN 115118498B
- Authority
- CN
- China
- Prior art keywords
- vulnerability
- influence
- vulnerabilities
- version
- loopholes
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 56
- 238000007405 data analysis Methods 0.000 title claims abstract description 29
- 238000004590 computer program Methods 0.000 claims description 6
- 238000004364 calculation method Methods 0.000 claims description 4
- 238000010276 construction Methods 0.000 claims description 3
- 230000011218 segmentation Effects 0.000 claims description 3
- 230000006378 damage Effects 0.000 abstract description 5
- 238000012423 maintenance Methods 0.000 abstract description 4
- 238000005516 engineering process Methods 0.000 abstract description 3
- 230000009286 beneficial effect Effects 0.000 description 4
- 238000012800 visualization Methods 0.000 description 2
- 238000013475 authorization Methods 0.000 description 1
- 238000009412 basement excavation Methods 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 238000005065 mining Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000011160 research Methods 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Stored Programmes (AREA)
Abstract
The application provides a vulnerability data analysis method based on relevance, and relates to the technical field of information security. According to the method, a vulnerability library is constructed by acquiring network vulnerabilities; extracting key information of influence ranges of all vulnerabilities in a vulnerability library, and performing influence version name entity identification on the key information to obtain the number of the influence ranges of the vulnerabilities and the occurrence times of each influence version of all the vulnerabilities; the likelihood duty cycle of the association between vulnerabilities is calculated based on the number of scope of influence of the vulnerabilities and the number of occurrences of each of the affected versions of the entire vulnerability. According to the method, the technology of extracting the keywords from the vulnerability information in the vulnerability database is used for obtaining the association probability duty ratio, so that the association degree between the vulnerabilities is analyzed, and the higher the association degree is, the greater the possibility of being utilized is, and the greater the vulnerability hazard degree is. By analyzing the relevance among the loopholes, the method can effectively early warn and defend the damage of the loopholes, and has important significance for network maintenance.
Description
Technical Field
The application relates to the technical field of information security, in particular to a vulnerability data analysis method and system based on relevance.
Background
Vulnerabilities are flaws in the specific implementation of hardware, software, protocols, or system security policies that may enable an attacker to access or destroy the system without authorization. The prior art shows that although the individual influence of a plurality of isolated vulnerabilities is small, the vulnerabilities are often connected, and if the connection is utilized by hackers organically organizing through a network, the connection is cut into from one vulnerability, and the vulnerabilities related to the connection in the network are gradually utilized to the whole network. Therefore, the research on the relevance between the mining loopholes is of great significance.
With the increasingly mature vulnerability scanning technology and CVE standard and universal vulnerability scoring system CVSS vulnerability rating method in recent years, vulnerability information existing in a network can be scanned, but relevance and mutual utilization relation between the vulnerability information cannot be analyzed. Namely, the existing method cannot detect the relevance between loopholes.
Disclosure of Invention
(one) solving the technical problems
Aiming at the defects of the prior art, the application provides a vulnerability data analysis method and a vulnerability data analysis system based on relevance, which solve the technical problem that the relevance between vulnerabilities cannot be detected by the existing method.
(II) technical scheme
In order to achieve the above purpose, the application is realized by the following technical scheme:
in a first aspect, the present application provides a vulnerability data analysis method based on relevance, the method comprising:
s1, acquiring network vulnerabilities and constructing a vulnerability library;
s2, extracting key information of influence ranges of all vulnerabilities in a vulnerability library, and identifying influence version name entities of the key information to obtain the number of the influence ranges of the vulnerabilities and the occurrence times of each influence version of all vulnerabilities;
s3, calculating the probability duty ratio of the association between the vulnerabilities based on the number of the influence ranges of the vulnerabilities and the occurrence times of each influence version of all vulnerabilities.
Preferably, the step S2 includes:
extracting keyword information from a vulnerability influence range field of each vulnerability in a vulnerability database by using an open source word segmentation tool jieba, and identifying an influence version name entity of the keyword information to obtain { vulnerability numbers: the [ vulnerability influencing software version ] } dictionary format is stored in file f 1; and counting according to the file f1 to obtain the number of the influence ranges of the loopholes and the occurrence times of each influence version of all the loopholes.
Preferably, the counting the number of the influence ranges of the obtained loopholes includes:
and counting to obtain the number of the influence ranges of the part of the loopholes or counting to obtain the number of the influence ranges of each loophole.
Preferably, the step S2 includes:
according to the file f1, obtaining the number m of the influence range of each vulnerability through statistics 1 、m2、m 3 …m x …m X Wherein X represents the number of vulnerabilities.
The number of occurrences of each affected version of the total vulnerability n 1 、n 2 、n 3 、…n x …n X 。
Preferably, the step S3 includes:
acquiring the probability duty ratio of each vulnerability and other vulnerability association according to the number of the influence ranges of each vulnerability and the occurrence times of each influence version of all vulnerabilities;
or selecting to obtain the probability duty ratio of the specified loopholes and other loopholes according to the number of the influence ranges of the specified loopholes and the occurrence times of each influence version of all loopholes.
Preferably, the calculation mode of the probability duty ratio of the correlation between the calculation vulnerabilities includes:
Z x =m x -(1/n 1 +1/n 2 +…+1/n x-1 +1/n x+1 +...+1/n X )
wherein:
Z x representing a likelihood ratio of association between vulnerability x and other vulnerabilities;
m x representing the number of influence ranges of the vulnerability x;
n 1 、n 2 、n 3 、…n x …n X representing the number of occurrences of each affected version of the overall vulnerability.
Preferably, the method further comprises:
let m 1 、m 2 、m 3 …m x …m X Saving in file f 2;
establishing a corresponding empty set for each influence version word appearing in the file f2, traversing each vulnerability influence version in the file f2, appearing the vulnerability influence version in a dictionary value in the file f1, and adding a key vulnerability number corresponding to the value into the set corresponding to the vulnerability influence version; and obtaining a set corresponding to each influence version name, adding 1 to the relevance of the loopholes appearing in one set, counting all sets, and calculating the final relevance among the loopholes.
In a second aspect, the present application provides a vulnerability data analysis system based on relevance, including:
the vulnerability library construction module is used for acquiring network vulnerabilities and constructing a vulnerability library;
the entity identification module is used for extracting key information of the influence range of each vulnerability in the vulnerability database, carrying out influence version name entity identification on the key information, and obtaining the number of the influence ranges of the vulnerability and the occurrence times of each influence version of all the vulnerabilities;
and the relevance calculating module is used for acquiring the possibility duty ratio of the loopholes and other loopholes based on the number of the influence ranges of the loopholes and the occurrence times of each influence version of all loopholes.
In a third aspect, the present application provides a computer-readable storage medium storing a computer program for relevance-based vulnerability data analysis, wherein the computer program causes a computer to perform the relevance-based vulnerability data analysis method as described above.
In a fourth aspect, the present application provides an electronic device comprising:
one or more processors;
a memory; and
one or more programs, wherein the one or more programs are stored in the memory and configured to be executed by the one or more processors, the programs comprising instructions for performing the relevance-based vulnerability data analysis method as described above.
(III) beneficial effects
The application provides a vulnerability data analysis method and system based on relevance. Compared with the prior art, the method has the following beneficial effects:
according to the method, a vulnerability library is constructed by acquiring network vulnerabilities; extracting key information of influence ranges of all vulnerabilities in a vulnerability library, and performing influence version name entity identification on the key information to obtain the number of the influence ranges of the vulnerabilities and the occurrence times of each influence version of all the vulnerabilities; the likelihood duty cycle of the association between vulnerabilities is calculated based on the number of scope of influence of the vulnerabilities and the number of occurrences of each of the affected versions of the entire vulnerability. According to the method, the technology of extracting the keywords from the vulnerability information in the vulnerability database is used for obtaining the association probability duty ratio, so that the association degree between the vulnerabilities is analyzed, and the higher the association degree is, the greater the possibility of being utilized is, and the greater the vulnerability hazard degree is. By analyzing the relevance among the loopholes, the method can effectively early warn and defend the damage of the loopholes, and has important significance for network maintenance.
Drawings
In order to more clearly illustrate the embodiments of the application or the technical solutions in the prior art, the drawings that are required in the embodiments or the description of the prior art will be briefly described, it being obvious that the drawings in the following description are only some embodiments of the application, and that other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
Fig. 1 is a block diagram of a correlation-based vulnerability data analysis method according to an embodiment of the present application.
Detailed Description
For the purpose of making the objects, technical solutions and advantages of the embodiments of the present application more clear, the technical solutions in the embodiments of the present application are clearly and completely described, and it is obvious that the described embodiments are some embodiments of the present application, but not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the application without making any inventive effort, are intended to be within the scope of the application.
The embodiment of the application solves the technical problem that the correlation between the loopholes cannot be detected by the existing method by providing the correlation-based loophole data analysis method and the correlation-based loophole data analysis system, and obtains the probability duty ratio of the correlation between the loopholes, so that the correlation degree between the loopholes is analyzed, and the pre-warning and the defending of the loophole harm are realized.
The above technical scheme is better understood, and the following detailed description will be given with reference to the accompanying drawings and specific embodiments.
The embodiment of the application provides a vulnerability data analysis method based on relevance, which is shown in fig. 1 and comprises the following steps:
s1, acquiring network vulnerabilities and constructing a vulnerability library;
s2, extracting key information of influence ranges of all vulnerabilities in a vulnerability library, and identifying influence version name entities of the key information to obtain the number of the influence ranges of the vulnerabilities and the occurrence times of each influence version of all vulnerabilities;
s3, calculating the probability duty ratio of the association between the vulnerabilities based on the number of the influence ranges of the vulnerabilities and the occurrence times of each influence version of all vulnerabilities.
According to the method and the device for extracting the keywords from the vulnerability information in the vulnerability database, the association probability ratio is obtained, so that the association degree between the vulnerabilities is analyzed, and the higher the association degree is, the greater the possibility of being utilized is, and the greater the vulnerability hazard degree is. By analyzing the relevance among the loopholes, the method can effectively early warn and defend the damage of the loopholes, and has important significance for network maintenance.
The following describes the steps in detail:
in step S1, a network vulnerability is obtained, and a vulnerability database is constructed. The specific implementation process is as follows:
and obtaining main stream loopholes such as cnve, cnnvd and the like to construct a loophole library, wherein the storage content comprises a loophole number, a loophole description, a loophole influence range and the like.
In step S2, key information of the influence scope of each vulnerability in the vulnerability database is extracted, and the key information is subjected to influence version name entity identification to obtain the number of influence scopes of the vulnerability and the occurrence times of each influence version of all vulnerabilities. The specific implementation process is as follows:
it should be noted that, in this step, the number of the influence ranges of each vulnerability or the number of the influence ranges of part of vulnerabilities may be counted according to the implementation requirements.
Extracting keyword information from a vulnerability influence range field of each vulnerability in a vulnerability database by using an open source word segmentation tool jieba, and identifying an influence version name entity of the keyword information to obtain { vulnerability numbers: the [ vulnerability impact software version ] } dictionary format is stored in file f 1.
According to the file f1, obtaining the number m of the influence range of each vulnerability through statistics 1 、m 2 、m 3 …m x …m X Wherein X represents the number of vulnerabilities.
The number of occurrences of each affected version of the total vulnerability n 1 、n 2 、n 3 、…n x …n X 。
Let m 1 、m 2 、m 3 …m x …m X Stored in file f 2.
In step S3, a likelihood ratio of association between vulnerabilities is calculated based on the number of scope of influence of the vulnerabilities and the number of occurrences of each of the affected versions of all vulnerabilities. The specific implementation process is as follows:
in the implementation process, the probability duty ratio of each vulnerability and other vulnerability association can be calculated according to the number of the influence ranges of each vulnerability and the occurrence times of each influence version of all vulnerabilities. The probability duty ratio of the specified loopholes and other loopholes can be calculated according to the number of the influence ranges of the specified loopholes and the occurrence times of each influence version of all loopholes. Of course, a given vulnerability may protect 1 or more.
According to the obtained result in the step S2, calculating the software influence range weight ratio 1/n of the vulnerability x . Probability duty cycle Z for vulnerability and other vulnerability associations x 。
Z x =m x -(1/n 1 +1/n 2 +…+1/n x-1 +1/n x+1 +...+1/n X )
Wherein:
Z x representing a likelihood ratio of association between vulnerability x and other vulnerabilities;
m x representing the number of influence ranges of the vulnerability x;
n 1 、n 2 、n 3 、…n x …n X representing the number of occurrences of each affected version of the overall vulnerability.
The likelihood ratio of the vulnerability 1 and other vulnerability association is as follows:
Z 1 =m 1 -(1/n 2 +1/n 3 …1/n x +...+1/n X )。
the likelihood duty cycle of vulnerability 2 and other vulnerability associations is:
Z 2 =m 2 -(1/n 1 +1/n 3 …1/n x +...+1/n X )。
the likelihood duty cycle of vulnerability X and other vulnerability associations is:
Z X =m X -(1/n 1 +1/n 2 +1/n 3 …1/n x +...+1/n X-1 )。
the greater the value of the likelihood ratio of association, the greater the likelihood that the vulnerability information is utilized, and the greater the degree of jeopardy of the vulnerability information.
In a specific implementation process, the embodiment of the application can also establish a corresponding empty set by segmenting each affected version appearing in the file f2, for example, a vulnerability affected version: and traversing each vulnerability influence version in the file f2 in the { } format, and adding the key vulnerability number corresponding to the value into the set corresponding to the vulnerability influence version when the vulnerability influence version appears in the dictionary value in the file f 1.
And obtaining a set corresponding to each influence version name according to the previous operation, wherein the vulnerability association degree appearing in one set is increased by 1. And counting all result sets, and calculating the final association degree among the vulnerabilities.
The larger the value of the association degree is, the higher the possibility that the vulnerability information is utilized is, and the higher the hazard degree of the vulnerability information is. Compared with the probability duty ratio of the association, the association degree can more intuitively show the association between the loopholes, and is convenient for subsequent visualization or inquiry of names and loopholes numbers of the loopholes influencing versions. However, all the affected versions need to be traversed one by one, judgment is performed, the set is added, and the solving speed is low. In the process of the embodiment, the probability duty ratio or the association degree of the association can be selected according to the actual requirement.
The embodiment of the application also provides a vulnerability data analysis system based on the relevance, which comprises the following steps:
the vulnerability library construction module is used for acquiring network vulnerabilities and constructing a vulnerability library;
the entity identification module is used for extracting key information of the influence range of each vulnerability in the vulnerability database, carrying out influence version name entity identification on the key information, and obtaining the number of the influence ranges of the vulnerability and the occurrence times of each influence version of all the vulnerabilities;
and the relevance calculating module is used for acquiring the possibility duty ratio of the loopholes and other loopholes based on the number of the influence ranges of the loopholes and the occurrence times of each influence version of all loopholes.
It can be understood that the correlation-based vulnerability data analysis system provided by the embodiment of the present application corresponds to the correlation-based vulnerability data analysis method, and the explanation, the example, the beneficial effects, and other parts of the content of the correlation-based vulnerability data analysis system may refer to the corresponding content in the correlation-based vulnerability data analysis method, which is not described herein.
The embodiment of the application also provides a computer readable storage medium which stores a computer program for analyzing the vulnerability data based on the relevance, wherein the computer program enables a computer to execute the vulnerability data analysis method based on the relevance.
The embodiment of the application also provides electronic equipment, which comprises:
one or more processors;
a memory; and
one or more programs, wherein the one or more programs are stored in the memory and configured to be executed by the one or more processors, the programs comprising instructions for performing the relevance-based vulnerability data analysis method as described above.
In summary, compared with the prior art, the method has the following beneficial effects:
1. according to the method and the device for extracting the keywords from the vulnerability information in the vulnerability database, the association probability ratio is obtained, so that the association degree between the vulnerabilities is analyzed, and the higher the association degree is, the greater the possibility of being utilized is, and the greater the vulnerability hazard degree is. By analyzing the relevance among the loopholes, the method can effectively early warn and defend the damage of the loopholes, and has important significance for network maintenance.
2. The embodiment of the application can excavate relevance aiming at the appointed loopholes, not only can quicken the speed of information excavation, but also can pertinently early warn and defend the loopholes.
3. The embodiment of the application also provides a method for solving the association degree between the loopholes, which can more intuitively embody the association between the loopholes and is convenient for subsequent visualization or inquiring of the names and the loophole numbers of the loophole influence versions.
It is noted that relational terms such as first and second, and the like are used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Moreover, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising one … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.
The above embodiments are only for illustrating the technical solution of the present application, and are not limiting; although the application has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical scheme described in the foregoing embodiments can be modified or some technical features thereof can be replaced by equivalents; such modifications and substitutions do not depart from the spirit and scope of the technical solutions of the embodiments of the present application.
Claims (9)
1. A correlation-based vulnerability data analysis method, the method comprising the steps of:
s1, acquiring network vulnerabilities and constructing a vulnerability library;
s2, extracting key information of influence ranges of all vulnerabilities in a vulnerability library, and identifying influence version name entities of the key information to obtain the number of the influence ranges of the vulnerabilities and the occurrence times of each influence version of all vulnerabilities;
s3, calculating the probability duty ratio of association between vulnerabilities based on the number of the influence ranges of the vulnerabilities and the occurrence times of each influence version of all vulnerabilities;
the calculation mode for calculating the probability duty ratio of the association between the vulnerabilities comprises the following steps:
Z x =m x -(1/n 1 +1/n 2 +…+1/n x-1 +1/n x+1 +...+1/n X )
wherein:
Z x representing a likelihood ratio of association between vulnerability x and other vulnerabilities;
m x representing the number of influence ranges of the vulnerability x;
n 1 、n 2 、n 3 、…n x …n X representing the number of occurrences of each affected version of the overall vulnerability.
2. The method for analyzing vulnerability data based on relevance according to claim 1, wherein the step S2 includes:
extracting keyword information from a vulnerability influence range field of each vulnerability in a vulnerability database by using an open source word segmentation tool jieba, and identifying an influence version name entity of the keyword information to obtain { vulnerability numbers: the [ vulnerability influencing software version ] } dictionary format is stored in file f 1; and counting according to the file f1 to obtain the number of the influence ranges of the loopholes and the occurrence times of each influence version of all the loopholes.
3. The method for analyzing vulnerability data based on relevance according to claim 2, wherein the counting the number of influence ranges of the obtained vulnerabilities comprises:
and counting to obtain the number of the influence ranges of the part of the loopholes or counting to obtain the number of the influence ranges of each loophole.
4. The method for analyzing vulnerability data based on relevance according to claim 3, wherein the step S2 includes:
according to the file f1, obtaining the number m of the influence range of each vulnerability through statistics 1 、m 2 、m 3 …m x …m X Wherein X represents the number of vulnerabilities;
the number of occurrences of each affected version of the total vulnerability n 1 、n 2 、n 3 、…n x …n X 。
5. The method for analyzing vulnerability data based on relevance according to claim 1, wherein the step S3 includes:
acquiring the probability duty ratio of each vulnerability and other vulnerability association according to the number of the influence ranges of each vulnerability and the occurrence times of each influence version of all vulnerabilities;
or selecting to obtain the probability duty ratio of the specified loopholes and other loopholes according to the number of the influence ranges of the specified loopholes and the occurrence times of each influence version of all loopholes.
6. The association-based vulnerability data analysis method of claim 4, further comprising:
let m 1 、m 2 、m 3 …m x …m X Saving in file f 2;
establishing a corresponding empty set for each influence version word appearing in the file f2, traversing each vulnerability influence version in the file f2, appearing the vulnerability influence version in a dictionary value in the file f1, and adding a key vulnerability number corresponding to the value into the set corresponding to the vulnerability influence version; and obtaining a set corresponding to each influence version name, adding 1 to the relevance of the loopholes appearing in one set, counting all sets, and calculating the final relevance among the loopholes.
7. A relevance-based vulnerability data analysis system, comprising:
the vulnerability library construction module is used for acquiring network vulnerabilities and constructing a vulnerability library;
the entity identification module is used for extracting key information of the influence range of each vulnerability in the vulnerability database, carrying out influence version name entity identification on the key information, and obtaining the number of the influence ranges of the vulnerability and the occurrence times of each influence version of all the vulnerabilities;
the relevance calculating module is used for obtaining the probability duty ratio of the loopholes and other loopholes based on the number of the influence ranges of the loopholes and the occurrence times of each influence version of all the loopholes;
the calculation mode for calculating the probability duty ratio of the association between the vulnerabilities comprises the following steps:
Z x =m x -(1/n 1 +1/n 2 +…+1/n x-1 +1/n x+1 +...+1/n X )
wherein:
Z x representing a likelihood ratio of association between vulnerability x and other vulnerabilities;
m x representing the number of influence ranges of the vulnerability x;
n 1 、n 2 、n 3 、…n x …n X representing the number of occurrences of each affected version of the overall vulnerability.
8. A computer-readable storage medium storing a computer program for relevance-based vulnerability data analysis, wherein the computer program causes a computer to execute the relevance-based vulnerability data analysis method of any one of claims 1-6.
9. An electronic device, comprising:
one or more processors;
a memory; and
one or more programs, wherein the one or more programs are stored in the memory and configured to be executed by the one or more processors, the programs comprising instructions for performing the relevance-based vulnerability data analysis method of any one of claims 1-6.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202210742550.5A CN115118498B (en) | 2022-06-28 | 2022-06-28 | Vulnerability data analysis method and system based on relevance |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202210742550.5A CN115118498B (en) | 2022-06-28 | 2022-06-28 | Vulnerability data analysis method and system based on relevance |
Publications (2)
Publication Number | Publication Date |
---|---|
CN115118498A CN115118498A (en) | 2022-09-27 |
CN115118498B true CN115118498B (en) | 2023-11-28 |
Family
ID=83329406
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202210742550.5A Active CN115118498B (en) | 2022-06-28 | 2022-06-28 | Vulnerability data analysis method and system based on relevance |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN115118498B (en) |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108154034A (en) * | 2017-12-21 | 2018-06-12 | 北京知道创宇信息技术有限公司 | Leak analysis method and device based on WordPress |
CN108197476A (en) * | 2017-12-27 | 2018-06-22 | 中国信息通信研究院 | The leak detection method and device of a kind of intelligent terminal |
CN113961934A (en) * | 2021-10-22 | 2022-01-21 | 苏州棱镜七彩信息科技有限公司 | Multi-level associated source code method based on open source vulnerability |
CN114139160A (en) * | 2021-10-15 | 2022-03-04 | 北京中科微澜科技有限公司 | Method and system for determining software vulnerability influence range |
Family Cites Families (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US10803061B2 (en) * | 2018-07-31 | 2020-10-13 | Veracode, Inc. | Software vulnerability graph database |
-
2022
- 2022-06-28 CN CN202210742550.5A patent/CN115118498B/en active Active
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108154034A (en) * | 2017-12-21 | 2018-06-12 | 北京知道创宇信息技术有限公司 | Leak analysis method and device based on WordPress |
CN108197476A (en) * | 2017-12-27 | 2018-06-22 | 中国信息通信研究院 | The leak detection method and device of a kind of intelligent terminal |
CN114139160A (en) * | 2021-10-15 | 2022-03-04 | 北京中科微澜科技有限公司 | Method and system for determining software vulnerability influence range |
CN113961934A (en) * | 2021-10-22 | 2022-01-21 | 苏州棱镜七彩信息科技有限公司 | Multi-level associated source code method based on open source vulnerability |
Also Published As
Publication number | Publication date |
---|---|
CN115118498A (en) | 2022-09-27 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US11250137B2 (en) | Vulnerability assessment based on machine inference | |
CN114172701B (en) | Knowledge-graph-based APT attack detection method and device | |
CN111431939B (en) | CTI-based SDN malicious flow defense method | |
CN114760106B (en) | Network attack determination method, system, electronic equipment and storage medium | |
Ma et al. | An API Semantics‐Aware Malware Detection Method Based on Deep Learning | |
US9600644B2 (en) | Method, a computer program and apparatus for analyzing symbols in a computer | |
CN112817877B (en) | Abnormal script detection method and device, computer equipment and storage medium | |
CN117792741A (en) | Network attack detection and tracing method based on behavior feature analysis | |
CN115118498B (en) | Vulnerability data analysis method and system based on relevance | |
Mastjik et al. | Comparison of pattern matching techniques on identification of same family malware | |
CN109918638B (en) | Network data monitoring method | |
CN115795466A (en) | Malicious software organization identification method and equipment | |
CN115361182A (en) | Botnet behavior analysis method and device, electronic equipment and medium | |
CN113127640B (en) | Malicious spam comment attack identification method based on natural language processing | |
CN112163217A (en) | Malicious software variant identification method, device, equipment and computer storage medium | |
CN112597498A (en) | Webshell detection method, system and device and readable storage medium | |
CN113127865B (en) | Malicious file repairing method and device, electronic equipment and storage medium | |
CN118468296B (en) | Clone vulnerability detection method, system and equipment | |
WO2022201309A1 (en) | Information complementing device, information complementing method, and computer readable recording medium | |
CN115587224A (en) | Method for accessing database, safety protection equipment, medium and electronic equipment | |
Qi et al. | A General Construction Method of Cyber Security Knowledge Graph | |
CN117201104A (en) | Log processing method, device, equipment and medium | |
CN117834176A (en) | Threat information extraction method and device, electronic equipment and storage medium | |
CN113901462A (en) | Container abnormity identification method and system, electronic equipment and storage medium | |
CN117596052A (en) | Intelligent detection method and system for complex attack behavior of power network |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |