CN115118498B - Vulnerability data analysis method and system based on relevance - Google Patents

Vulnerability data analysis method and system based on relevance Download PDF

Info

Publication number
CN115118498B
CN115118498B CN202210742550.5A CN202210742550A CN115118498B CN 115118498 B CN115118498 B CN 115118498B CN 202210742550 A CN202210742550 A CN 202210742550A CN 115118498 B CN115118498 B CN 115118498B
Authority
CN
China
Prior art keywords
vulnerability
influence
vulnerabilities
version
loopholes
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202210742550.5A
Other languages
Chinese (zh)
Other versions
CN115118498A (en
Inventor
杨牧天
刘梅
吴敬征
罗天悦
丁山松
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Zhongke Weilan Technology Co ltd
Original Assignee
Beijing Zhongke Weilan Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Zhongke Weilan Technology Co ltd filed Critical Beijing Zhongke Weilan Technology Co ltd
Priority to CN202210742550.5A priority Critical patent/CN115118498B/en
Publication of CN115118498A publication Critical patent/CN115118498A/en
Application granted granted Critical
Publication of CN115118498B publication Critical patent/CN115118498B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1433Vulnerability analysis

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Stored Programmes (AREA)

Abstract

The application provides a vulnerability data analysis method based on relevance, and relates to the technical field of information security. According to the method, a vulnerability library is constructed by acquiring network vulnerabilities; extracting key information of influence ranges of all vulnerabilities in a vulnerability library, and performing influence version name entity identification on the key information to obtain the number of the influence ranges of the vulnerabilities and the occurrence times of each influence version of all the vulnerabilities; the likelihood duty cycle of the association between vulnerabilities is calculated based on the number of scope of influence of the vulnerabilities and the number of occurrences of each of the affected versions of the entire vulnerability. According to the method, the technology of extracting the keywords from the vulnerability information in the vulnerability database is used for obtaining the association probability duty ratio, so that the association degree between the vulnerabilities is analyzed, and the higher the association degree is, the greater the possibility of being utilized is, and the greater the vulnerability hazard degree is. By analyzing the relevance among the loopholes, the method can effectively early warn and defend the damage of the loopholes, and has important significance for network maintenance.

Description

Vulnerability data analysis method and system based on relevance
Technical Field
The application relates to the technical field of information security, in particular to a vulnerability data analysis method and system based on relevance.
Background
Vulnerabilities are flaws in the specific implementation of hardware, software, protocols, or system security policies that may enable an attacker to access or destroy the system without authorization. The prior art shows that although the individual influence of a plurality of isolated vulnerabilities is small, the vulnerabilities are often connected, and if the connection is utilized by hackers organically organizing through a network, the connection is cut into from one vulnerability, and the vulnerabilities related to the connection in the network are gradually utilized to the whole network. Therefore, the research on the relevance between the mining loopholes is of great significance.
With the increasingly mature vulnerability scanning technology and CVE standard and universal vulnerability scoring system CVSS vulnerability rating method in recent years, vulnerability information existing in a network can be scanned, but relevance and mutual utilization relation between the vulnerability information cannot be analyzed. Namely, the existing method cannot detect the relevance between loopholes.
Disclosure of Invention
(one) solving the technical problems
Aiming at the defects of the prior art, the application provides a vulnerability data analysis method and a vulnerability data analysis system based on relevance, which solve the technical problem that the relevance between vulnerabilities cannot be detected by the existing method.
(II) technical scheme
In order to achieve the above purpose, the application is realized by the following technical scheme:
in a first aspect, the present application provides a vulnerability data analysis method based on relevance, the method comprising:
s1, acquiring network vulnerabilities and constructing a vulnerability library;
s2, extracting key information of influence ranges of all vulnerabilities in a vulnerability library, and identifying influence version name entities of the key information to obtain the number of the influence ranges of the vulnerabilities and the occurrence times of each influence version of all vulnerabilities;
s3, calculating the probability duty ratio of the association between the vulnerabilities based on the number of the influence ranges of the vulnerabilities and the occurrence times of each influence version of all vulnerabilities.
Preferably, the step S2 includes:
extracting keyword information from a vulnerability influence range field of each vulnerability in a vulnerability database by using an open source word segmentation tool jieba, and identifying an influence version name entity of the keyword information to obtain { vulnerability numbers: the [ vulnerability influencing software version ] } dictionary format is stored in file f 1; and counting according to the file f1 to obtain the number of the influence ranges of the loopholes and the occurrence times of each influence version of all the loopholes.
Preferably, the counting the number of the influence ranges of the obtained loopholes includes:
and counting to obtain the number of the influence ranges of the part of the loopholes or counting to obtain the number of the influence ranges of each loophole.
Preferably, the step S2 includes:
according to the file f1, obtaining the number m of the influence range of each vulnerability through statistics 1 、m2、m 3 …m x …m X Wherein X represents the number of vulnerabilities.
The number of occurrences of each affected version of the total vulnerability n 1 、n 2 、n 3 、…n x …n X
Preferably, the step S3 includes:
acquiring the probability duty ratio of each vulnerability and other vulnerability association according to the number of the influence ranges of each vulnerability and the occurrence times of each influence version of all vulnerabilities;
or selecting to obtain the probability duty ratio of the specified loopholes and other loopholes according to the number of the influence ranges of the specified loopholes and the occurrence times of each influence version of all loopholes.
Preferably, the calculation mode of the probability duty ratio of the correlation between the calculation vulnerabilities includes:
Z x =m x -(1/n 1 +1/n 2 +…+1/n x-1 +1/n x+1 +...+1/n X )
wherein:
Z x representing a likelihood ratio of association between vulnerability x and other vulnerabilities;
m x representing the number of influence ranges of the vulnerability x;
n 1 、n 2 、n 3 、…n x …n X representing the number of occurrences of each affected version of the overall vulnerability.
Preferably, the method further comprises:
let m 1 、m 2 、m 3 …m x …m X Saving in file f 2;
establishing a corresponding empty set for each influence version word appearing in the file f2, traversing each vulnerability influence version in the file f2, appearing the vulnerability influence version in a dictionary value in the file f1, and adding a key vulnerability number corresponding to the value into the set corresponding to the vulnerability influence version; and obtaining a set corresponding to each influence version name, adding 1 to the relevance of the loopholes appearing in one set, counting all sets, and calculating the final relevance among the loopholes.
In a second aspect, the present application provides a vulnerability data analysis system based on relevance, including:
the vulnerability library construction module is used for acquiring network vulnerabilities and constructing a vulnerability library;
the entity identification module is used for extracting key information of the influence range of each vulnerability in the vulnerability database, carrying out influence version name entity identification on the key information, and obtaining the number of the influence ranges of the vulnerability and the occurrence times of each influence version of all the vulnerabilities;
and the relevance calculating module is used for acquiring the possibility duty ratio of the loopholes and other loopholes based on the number of the influence ranges of the loopholes and the occurrence times of each influence version of all loopholes.
In a third aspect, the present application provides a computer-readable storage medium storing a computer program for relevance-based vulnerability data analysis, wherein the computer program causes a computer to perform the relevance-based vulnerability data analysis method as described above.
In a fourth aspect, the present application provides an electronic device comprising:
one or more processors;
a memory; and
one or more programs, wherein the one or more programs are stored in the memory and configured to be executed by the one or more processors, the programs comprising instructions for performing the relevance-based vulnerability data analysis method as described above.
(III) beneficial effects
The application provides a vulnerability data analysis method and system based on relevance. Compared with the prior art, the method has the following beneficial effects:
according to the method, a vulnerability library is constructed by acquiring network vulnerabilities; extracting key information of influence ranges of all vulnerabilities in a vulnerability library, and performing influence version name entity identification on the key information to obtain the number of the influence ranges of the vulnerabilities and the occurrence times of each influence version of all the vulnerabilities; the likelihood duty cycle of the association between vulnerabilities is calculated based on the number of scope of influence of the vulnerabilities and the number of occurrences of each of the affected versions of the entire vulnerability. According to the method, the technology of extracting the keywords from the vulnerability information in the vulnerability database is used for obtaining the association probability duty ratio, so that the association degree between the vulnerabilities is analyzed, and the higher the association degree is, the greater the possibility of being utilized is, and the greater the vulnerability hazard degree is. By analyzing the relevance among the loopholes, the method can effectively early warn and defend the damage of the loopholes, and has important significance for network maintenance.
Drawings
In order to more clearly illustrate the embodiments of the application or the technical solutions in the prior art, the drawings that are required in the embodiments or the description of the prior art will be briefly described, it being obvious that the drawings in the following description are only some embodiments of the application, and that other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
Fig. 1 is a block diagram of a correlation-based vulnerability data analysis method according to an embodiment of the present application.
Detailed Description
For the purpose of making the objects, technical solutions and advantages of the embodiments of the present application more clear, the technical solutions in the embodiments of the present application are clearly and completely described, and it is obvious that the described embodiments are some embodiments of the present application, but not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the application without making any inventive effort, are intended to be within the scope of the application.
The embodiment of the application solves the technical problem that the correlation between the loopholes cannot be detected by the existing method by providing the correlation-based loophole data analysis method and the correlation-based loophole data analysis system, and obtains the probability duty ratio of the correlation between the loopholes, so that the correlation degree between the loopholes is analyzed, and the pre-warning and the defending of the loophole harm are realized.
The above technical scheme is better understood, and the following detailed description will be given with reference to the accompanying drawings and specific embodiments.
The embodiment of the application provides a vulnerability data analysis method based on relevance, which is shown in fig. 1 and comprises the following steps:
s1, acquiring network vulnerabilities and constructing a vulnerability library;
s2, extracting key information of influence ranges of all vulnerabilities in a vulnerability library, and identifying influence version name entities of the key information to obtain the number of the influence ranges of the vulnerabilities and the occurrence times of each influence version of all vulnerabilities;
s3, calculating the probability duty ratio of the association between the vulnerabilities based on the number of the influence ranges of the vulnerabilities and the occurrence times of each influence version of all vulnerabilities.
According to the method and the device for extracting the keywords from the vulnerability information in the vulnerability database, the association probability ratio is obtained, so that the association degree between the vulnerabilities is analyzed, and the higher the association degree is, the greater the possibility of being utilized is, and the greater the vulnerability hazard degree is. By analyzing the relevance among the loopholes, the method can effectively early warn and defend the damage of the loopholes, and has important significance for network maintenance.
The following describes the steps in detail:
in step S1, a network vulnerability is obtained, and a vulnerability database is constructed. The specific implementation process is as follows:
and obtaining main stream loopholes such as cnve, cnnvd and the like to construct a loophole library, wherein the storage content comprises a loophole number, a loophole description, a loophole influence range and the like.
In step S2, key information of the influence scope of each vulnerability in the vulnerability database is extracted, and the key information is subjected to influence version name entity identification to obtain the number of influence scopes of the vulnerability and the occurrence times of each influence version of all vulnerabilities. The specific implementation process is as follows:
it should be noted that, in this step, the number of the influence ranges of each vulnerability or the number of the influence ranges of part of vulnerabilities may be counted according to the implementation requirements.
Extracting keyword information from a vulnerability influence range field of each vulnerability in a vulnerability database by using an open source word segmentation tool jieba, and identifying an influence version name entity of the keyword information to obtain { vulnerability numbers: the [ vulnerability impact software version ] } dictionary format is stored in file f 1.
According to the file f1, obtaining the number m of the influence range of each vulnerability through statistics 1 、m 2 、m 3 …m x …m X Wherein X represents the number of vulnerabilities.
The number of occurrences of each affected version of the total vulnerability n 1 、n 2 、n 3 、…n x …n X
Let m 1 、m 2 、m 3 …m x …m X Stored in file f 2.
In step S3, a likelihood ratio of association between vulnerabilities is calculated based on the number of scope of influence of the vulnerabilities and the number of occurrences of each of the affected versions of all vulnerabilities. The specific implementation process is as follows:
in the implementation process, the probability duty ratio of each vulnerability and other vulnerability association can be calculated according to the number of the influence ranges of each vulnerability and the occurrence times of each influence version of all vulnerabilities. The probability duty ratio of the specified loopholes and other loopholes can be calculated according to the number of the influence ranges of the specified loopholes and the occurrence times of each influence version of all loopholes. Of course, a given vulnerability may protect 1 or more.
According to the obtained result in the step S2, calculating the software influence range weight ratio 1/n of the vulnerability x . Probability duty cycle Z for vulnerability and other vulnerability associations x
Z x =m x -(1/n 1 +1/n 2 +…+1/n x-1 +1/n x+1 +...+1/n X )
Wherein:
Z x representing a likelihood ratio of association between vulnerability x and other vulnerabilities;
m x representing the number of influence ranges of the vulnerability x;
n 1 、n 2 、n 3 、…n x …n X representing the number of occurrences of each affected version of the overall vulnerability.
The likelihood ratio of the vulnerability 1 and other vulnerability association is as follows:
Z 1 =m 1 -(1/n 2 +1/n 3 …1/n x +...+1/n X )。
the likelihood duty cycle of vulnerability 2 and other vulnerability associations is:
Z 2 =m 2 -(1/n 1 +1/n 3 …1/n x +...+1/n X )。
the likelihood duty cycle of vulnerability X and other vulnerability associations is:
Z X =m X -(1/n 1 +1/n 2 +1/n 3 …1/n x +...+1/n X-1 )。
the greater the value of the likelihood ratio of association, the greater the likelihood that the vulnerability information is utilized, and the greater the degree of jeopardy of the vulnerability information.
In a specific implementation process, the embodiment of the application can also establish a corresponding empty set by segmenting each affected version appearing in the file f2, for example, a vulnerability affected version: and traversing each vulnerability influence version in the file f2 in the { } format, and adding the key vulnerability number corresponding to the value into the set corresponding to the vulnerability influence version when the vulnerability influence version appears in the dictionary value in the file f 1.
And obtaining a set corresponding to each influence version name according to the previous operation, wherein the vulnerability association degree appearing in one set is increased by 1. And counting all result sets, and calculating the final association degree among the vulnerabilities.
The larger the value of the association degree is, the higher the possibility that the vulnerability information is utilized is, and the higher the hazard degree of the vulnerability information is. Compared with the probability duty ratio of the association, the association degree can more intuitively show the association between the loopholes, and is convenient for subsequent visualization or inquiry of names and loopholes numbers of the loopholes influencing versions. However, all the affected versions need to be traversed one by one, judgment is performed, the set is added, and the solving speed is low. In the process of the embodiment, the probability duty ratio or the association degree of the association can be selected according to the actual requirement.
The embodiment of the application also provides a vulnerability data analysis system based on the relevance, which comprises the following steps:
the vulnerability library construction module is used for acquiring network vulnerabilities and constructing a vulnerability library;
the entity identification module is used for extracting key information of the influence range of each vulnerability in the vulnerability database, carrying out influence version name entity identification on the key information, and obtaining the number of the influence ranges of the vulnerability and the occurrence times of each influence version of all the vulnerabilities;
and the relevance calculating module is used for acquiring the possibility duty ratio of the loopholes and other loopholes based on the number of the influence ranges of the loopholes and the occurrence times of each influence version of all loopholes.
It can be understood that the correlation-based vulnerability data analysis system provided by the embodiment of the present application corresponds to the correlation-based vulnerability data analysis method, and the explanation, the example, the beneficial effects, and other parts of the content of the correlation-based vulnerability data analysis system may refer to the corresponding content in the correlation-based vulnerability data analysis method, which is not described herein.
The embodiment of the application also provides a computer readable storage medium which stores a computer program for analyzing the vulnerability data based on the relevance, wherein the computer program enables a computer to execute the vulnerability data analysis method based on the relevance.
The embodiment of the application also provides electronic equipment, which comprises:
one or more processors;
a memory; and
one or more programs, wherein the one or more programs are stored in the memory and configured to be executed by the one or more processors, the programs comprising instructions for performing the relevance-based vulnerability data analysis method as described above.
In summary, compared with the prior art, the method has the following beneficial effects:
1. according to the method and the device for extracting the keywords from the vulnerability information in the vulnerability database, the association probability ratio is obtained, so that the association degree between the vulnerabilities is analyzed, and the higher the association degree is, the greater the possibility of being utilized is, and the greater the vulnerability hazard degree is. By analyzing the relevance among the loopholes, the method can effectively early warn and defend the damage of the loopholes, and has important significance for network maintenance.
2. The embodiment of the application can excavate relevance aiming at the appointed loopholes, not only can quicken the speed of information excavation, but also can pertinently early warn and defend the loopholes.
3. The embodiment of the application also provides a method for solving the association degree between the loopholes, which can more intuitively embody the association between the loopholes and is convenient for subsequent visualization or inquiring of the names and the loophole numbers of the loophole influence versions.
It is noted that relational terms such as first and second, and the like are used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Moreover, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising one … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.
The above embodiments are only for illustrating the technical solution of the present application, and are not limiting; although the application has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical scheme described in the foregoing embodiments can be modified or some technical features thereof can be replaced by equivalents; such modifications and substitutions do not depart from the spirit and scope of the technical solutions of the embodiments of the present application.

Claims (9)

1. A correlation-based vulnerability data analysis method, the method comprising the steps of:
s1, acquiring network vulnerabilities and constructing a vulnerability library;
s2, extracting key information of influence ranges of all vulnerabilities in a vulnerability library, and identifying influence version name entities of the key information to obtain the number of the influence ranges of the vulnerabilities and the occurrence times of each influence version of all vulnerabilities;
s3, calculating the probability duty ratio of association between vulnerabilities based on the number of the influence ranges of the vulnerabilities and the occurrence times of each influence version of all vulnerabilities;
the calculation mode for calculating the probability duty ratio of the association between the vulnerabilities comprises the following steps:
Z x =m x -(1/n 1 +1/n 2 +…+1/n x-1 +1/n x+1 +...+1/n X )
wherein:
Z x representing a likelihood ratio of association between vulnerability x and other vulnerabilities;
m x representing the number of influence ranges of the vulnerability x;
n 1 、n 2 、n 3 、…n x …n X representing the number of occurrences of each affected version of the overall vulnerability.
2. The method for analyzing vulnerability data based on relevance according to claim 1, wherein the step S2 includes:
extracting keyword information from a vulnerability influence range field of each vulnerability in a vulnerability database by using an open source word segmentation tool jieba, and identifying an influence version name entity of the keyword information to obtain { vulnerability numbers: the [ vulnerability influencing software version ] } dictionary format is stored in file f 1; and counting according to the file f1 to obtain the number of the influence ranges of the loopholes and the occurrence times of each influence version of all the loopholes.
3. The method for analyzing vulnerability data based on relevance according to claim 2, wherein the counting the number of influence ranges of the obtained vulnerabilities comprises:
and counting to obtain the number of the influence ranges of the part of the loopholes or counting to obtain the number of the influence ranges of each loophole.
4. The method for analyzing vulnerability data based on relevance according to claim 3, wherein the step S2 includes:
according to the file f1, obtaining the number m of the influence range of each vulnerability through statistics 1 、m 2 、m 3 …m x …m X Wherein X represents the number of vulnerabilities;
the number of occurrences of each affected version of the total vulnerability n 1 、n 2 、n 3 、…n x …n X
5. The method for analyzing vulnerability data based on relevance according to claim 1, wherein the step S3 includes:
acquiring the probability duty ratio of each vulnerability and other vulnerability association according to the number of the influence ranges of each vulnerability and the occurrence times of each influence version of all vulnerabilities;
or selecting to obtain the probability duty ratio of the specified loopholes and other loopholes according to the number of the influence ranges of the specified loopholes and the occurrence times of each influence version of all loopholes.
6. The association-based vulnerability data analysis method of claim 4, further comprising:
let m 1 、m 2 、m 3 …m x …m X Saving in file f 2;
establishing a corresponding empty set for each influence version word appearing in the file f2, traversing each vulnerability influence version in the file f2, appearing the vulnerability influence version in a dictionary value in the file f1, and adding a key vulnerability number corresponding to the value into the set corresponding to the vulnerability influence version; and obtaining a set corresponding to each influence version name, adding 1 to the relevance of the loopholes appearing in one set, counting all sets, and calculating the final relevance among the loopholes.
7. A relevance-based vulnerability data analysis system, comprising:
the vulnerability library construction module is used for acquiring network vulnerabilities and constructing a vulnerability library;
the entity identification module is used for extracting key information of the influence range of each vulnerability in the vulnerability database, carrying out influence version name entity identification on the key information, and obtaining the number of the influence ranges of the vulnerability and the occurrence times of each influence version of all the vulnerabilities;
the relevance calculating module is used for obtaining the probability duty ratio of the loopholes and other loopholes based on the number of the influence ranges of the loopholes and the occurrence times of each influence version of all the loopholes;
the calculation mode for calculating the probability duty ratio of the association between the vulnerabilities comprises the following steps:
Z x =m x -(1/n 1 +1/n 2 +…+1/n x-1 +1/n x+1 +...+1/n X )
wherein:
Z x representing a likelihood ratio of association between vulnerability x and other vulnerabilities;
m x representing the number of influence ranges of the vulnerability x;
n 1 、n 2 、n 3 、…n x …n X representing the number of occurrences of each affected version of the overall vulnerability.
8. A computer-readable storage medium storing a computer program for relevance-based vulnerability data analysis, wherein the computer program causes a computer to execute the relevance-based vulnerability data analysis method of any one of claims 1-6.
9. An electronic device, comprising:
one or more processors;
a memory; and
one or more programs, wherein the one or more programs are stored in the memory and configured to be executed by the one or more processors, the programs comprising instructions for performing the relevance-based vulnerability data analysis method of any one of claims 1-6.
CN202210742550.5A 2022-06-28 2022-06-28 Vulnerability data analysis method and system based on relevance Active CN115118498B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210742550.5A CN115118498B (en) 2022-06-28 2022-06-28 Vulnerability data analysis method and system based on relevance

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210742550.5A CN115118498B (en) 2022-06-28 2022-06-28 Vulnerability data analysis method and system based on relevance

Publications (2)

Publication Number Publication Date
CN115118498A CN115118498A (en) 2022-09-27
CN115118498B true CN115118498B (en) 2023-11-28

Family

ID=83329406

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210742550.5A Active CN115118498B (en) 2022-06-28 2022-06-28 Vulnerability data analysis method and system based on relevance

Country Status (1)

Country Link
CN (1) CN115118498B (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108154034A (en) * 2017-12-21 2018-06-12 北京知道创宇信息技术有限公司 Leak analysis method and device based on WordPress
CN108197476A (en) * 2017-12-27 2018-06-22 中国信息通信研究院 The leak detection method and device of a kind of intelligent terminal
CN113961934A (en) * 2021-10-22 2022-01-21 苏州棱镜七彩信息科技有限公司 Multi-level associated source code method based on open source vulnerability
CN114139160A (en) * 2021-10-15 2022-03-04 北京中科微澜科技有限公司 Method and system for determining software vulnerability influence range

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10803061B2 (en) * 2018-07-31 2020-10-13 Veracode, Inc. Software vulnerability graph database

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108154034A (en) * 2017-12-21 2018-06-12 北京知道创宇信息技术有限公司 Leak analysis method and device based on WordPress
CN108197476A (en) * 2017-12-27 2018-06-22 中国信息通信研究院 The leak detection method and device of a kind of intelligent terminal
CN114139160A (en) * 2021-10-15 2022-03-04 北京中科微澜科技有限公司 Method and system for determining software vulnerability influence range
CN113961934A (en) * 2021-10-22 2022-01-21 苏州棱镜七彩信息科技有限公司 Multi-level associated source code method based on open source vulnerability

Also Published As

Publication number Publication date
CN115118498A (en) 2022-09-27

Similar Documents

Publication Publication Date Title
US11250137B2 (en) Vulnerability assessment based on machine inference
CN114172701B (en) Knowledge-graph-based APT attack detection method and device
CN111431939B (en) CTI-based SDN malicious flow defense method
CN114760106B (en) Network attack determination method, system, electronic equipment and storage medium
Ma et al. An API Semantics‐Aware Malware Detection Method Based on Deep Learning
US9600644B2 (en) Method, a computer program and apparatus for analyzing symbols in a computer
CN112817877B (en) Abnormal script detection method and device, computer equipment and storage medium
CN117792741A (en) Network attack detection and tracing method based on behavior feature analysis
CN115118498B (en) Vulnerability data analysis method and system based on relevance
Mastjik et al. Comparison of pattern matching techniques on identification of same family malware
CN109918638B (en) Network data monitoring method
CN115795466A (en) Malicious software organization identification method and equipment
CN115361182A (en) Botnet behavior analysis method and device, electronic equipment and medium
CN113127640B (en) Malicious spam comment attack identification method based on natural language processing
CN112163217A (en) Malicious software variant identification method, device, equipment and computer storage medium
CN112597498A (en) Webshell detection method, system and device and readable storage medium
CN113127865B (en) Malicious file repairing method and device, electronic equipment and storage medium
CN118468296B (en) Clone vulnerability detection method, system and equipment
WO2022201309A1 (en) Information complementing device, information complementing method, and computer readable recording medium
CN115587224A (en) Method for accessing database, safety protection equipment, medium and electronic equipment
Qi et al. A General Construction Method of Cyber Security Knowledge Graph
CN117201104A (en) Log processing method, device, equipment and medium
CN117834176A (en) Threat information extraction method and device, electronic equipment and storage medium
CN113901462A (en) Container abnormity identification method and system, electronic equipment and storage medium
CN117596052A (en) Intelligent detection method and system for complex attack behavior of power network

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant