CN116933265A - Vulnerability detection method and device, electronic equipment and storage medium - Google Patents
Vulnerability detection method and device, electronic equipment and storage medium Download PDFInfo
- Publication number
- CN116933265A CN116933265A CN202310629166.9A CN202310629166A CN116933265A CN 116933265 A CN116933265 A CN 116933265A CN 202310629166 A CN202310629166 A CN 202310629166A CN 116933265 A CN116933265 A CN 116933265A
- Authority
- CN
- China
- Prior art keywords
- vulnerability
- asset
- information
- matching
- component
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000001514 detection method Methods 0.000 title claims abstract description 22
- 238000000034 method Methods 0.000 claims abstract description 32
- 230000008859 change Effects 0.000 claims description 12
- 238000012502 risk assessment Methods 0.000 abstract description 8
- 230000008569 process Effects 0.000 abstract description 4
- 238000013507 mapping Methods 0.000 abstract description 3
- 238000005516 engineering process Methods 0.000 description 5
- 238000004590 computer program Methods 0.000 description 4
- 238000010586 diagram Methods 0.000 description 4
- 230000000737 periodic effect Effects 0.000 description 4
- 230000003287 optical effect Effects 0.000 description 2
- 238000013515 script Methods 0.000 description 2
- 230000005540 biological transmission Effects 0.000 description 1
- 230000008878 coupling Effects 0.000 description 1
- 238000010168 coupling process Methods 0.000 description 1
- 238000005859 coupling reaction Methods 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 238000011156 evaluation Methods 0.000 description 1
- 230000006870 function Effects 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
Abstract
The application discloses a vulnerability detection method, a vulnerability detection device, electronic equipment and a storage medium. The method comprises the following steps: acquiring asset fingerprint information, matching the asset fingerprint information with a fingerprint library through an asset scanning engine to obtain asset component information, obtaining an asynchronous vulnerability matching task according to the asset component information, sending the asynchronous vulnerability matching task to a vulnerability matching engine for matching, judging whether a vulnerability exists, if not, not processing, if not, obtaining a vulnerability result, and establishing effective association between the asset fingerprint and the vulnerability information library by maintaining the asset fingerprint and the vulnerability information library, wherein in the asset discovery process, the capability of predicting asset risk can be realized, the risk assessment efficiency and accuracy of the network space asset are greatly improved, and the method can be widely applied to network security systems and network asset space mapping platforms needing asset risk assessment.
Description
Technical Field
The present application relates to the field of data processing and data transmission, and in particular, to a vulnerability detection method, a vulnerability detection device, an electronic device, and a storage medium.
Background
Traditional asset risk assessment systems are also based on scripts, i.e., for each asset component vulnerability risk, written to detect and match whether the asset characteristics match the component characteristics of the vulnerability to predict asset risk. According to the traditional scheme, the coupling degree is high, the detection efficiency is low, time and effort are consumed in writing the detection script, and therefore the vulnerability assessment coverage is incomplete, and the latest vulnerability is difficult to respond. In addition, the network asset data is huge, and all the assets are difficult to evaluate in a short period by using the traditional asset risk evaluation method, so that the practical combat value is lacked.
Therefore, the prior art has defects, and improvement is needed.
Disclosure of Invention
In view of the above problems, the present application aims to provide a vulnerability detection method, a vulnerability detection device, an electronic device and a storage medium, which can more efficiently and accurately evaluate risk of network space assets.
The first aspect of the present application provides a vulnerability detection method, including:
acquiring asset fingerprint information;
judging whether the asset fingerprint information is changed or not;
if not, not processing, if yes, sending the changed asset fingerprint information to an asset scanning engine to obtain asset component information and storing the asset component information into an asset component information base;
obtaining a vulnerability matching task according to the asset component information;
and sending the vulnerability matching task to a vulnerability matching engine for matching to obtain a vulnerability scanning result.
In this scheme, before obtaining the asset fingerprint information, still include:
obtaining vulnerability information;
judging whether the vulnerability information is changed or not;
if not, the processing is not performed, and if yes, the change vulnerability information is sent to a vulnerability matching engine.
In this scheme, before judging whether change takes place to the asset fingerprint information, still include:
acquiring asset fingerprint information;
correlating the asset fingerprint information with vulnerability component information to obtain vulnerability component characteristic correlation information;
storing the vulnerability component characteristic association information to a vulnerability component association library;
wherein, the association comprises automatic association and manual association.
In this scheme, before the vulnerability matching task is sent to the vulnerability matching engine to match, the method further includes:
acquiring an issuing vulnerability matching task;
and sending the issued vulnerability matching task to a vulnerability matching engine for matching to obtain a vulnerability scanning result.
In this scheme, still include:
the system comprises a basic information base and a result base.
The second aspect of the application provides a leak detection device. The device comprises:
the information collection module is used for vulnerability collection service, fingerprint collection service and vulnerability component association service;
the scanning engine module comprises an asset scanning engine and a vulnerability matching engine, wherein the asset scanning engine is used for analyzing asset fingerprint information to obtain asset component information, and the vulnerability matching engine is used for matching vulnerability component characteristics to obtain a vulnerability result;
the output module is used for sending the asset component information to a vulnerability matching engine and storing the vulnerability result into a vulnerability result library;
the storage module is used for storing vulnerability information, fingerprint information, vulnerability component characteristic associated information, asset component information and vulnerability results.
In this scheme, before obtaining the asset fingerprint information, still include:
obtaining vulnerability information;
judging whether the vulnerability information is changed or not;
if not, the processing is not performed, and if yes, the change vulnerability information is sent to a vulnerability matching engine.
In this scheme, before judging whether change takes place to the asset fingerprint information, still include:
acquiring asset fingerprint information;
correlating the asset fingerprint information with vulnerability component information to obtain vulnerability component characteristic correlation information;
storing the vulnerability component characteristic association information to a vulnerability component association library;
wherein, the association comprises automatic association and manual association.
In this scheme, before the vulnerability matching task is sent to the vulnerability matching engine to match, the method further includes:
acquiring an issuing vulnerability matching task;
and sending the issued vulnerability matching task to a vulnerability matching engine for matching to obtain a vulnerability scanning result.
In this scheme, still include:
the system comprises a basic information base and a result base.
In a third aspect of the present disclosure, an electronic device is provided. The electronic device includes: a memory and a processor, the memory having stored thereon a computer program, the processor implementing the method as described above when executing the program.
In a fourth aspect of the present disclosure, there is provided a computer readable storage medium having stored thereon a computer program which when executed by a processor implements a method as according to the first aspect of the present disclosure.
The application discloses a vulnerability detection method, a vulnerability detection device, electronic equipment and a storage medium. Acquiring asset fingerprint information, matching the asset fingerprint information with a fingerprint library through an asset scanning engine to obtain asset component information, obtaining an asynchronous vulnerability matching task according to the asset component information, sending the asynchronous vulnerability matching task to a vulnerability matching engine for matching, judging whether a vulnerability exists, if not, not processing, if not, obtaining a vulnerability result, and establishing effective association between the asset fingerprint and the vulnerability information library by maintaining the asset fingerprint and the vulnerability information library, wherein in the asset discovery process, the capability of predicting asset risk can be realized, the risk assessment efficiency and accuracy of the network space asset are greatly improved, and the method can be widely applied to network security systems and network asset space mapping platforms needing asset risk assessment.
Drawings
FIG. 1 is a flow chart of a vulnerability detection method of the present application;
FIG. 2 illustrates a process flow diagram of vulnerability information according to an embodiment of the disclosure;
FIG. 3 illustrates a vulnerability component association flow diagram in accordance with an embodiment of the disclosure;
fig. 4 illustrates a system block diagram of an exemplary apparatus capable of implementing embodiments of the present disclosure.
Fig. 5 shows a scheme of a vulnerability detection method of the present disclosure.
Detailed Description
In order that the above-recited objects, features and advantages of the present application will be more clearly understood, a more particular description of the application will be rendered by reference to the appended drawings and appended detailed description. It should be noted that, without conflict, the embodiments of the present application and features in the embodiments may be combined with each other.
In the following description, numerous specific details are set forth in order to provide a thorough understanding of the present application, however, the present application may be practiced in other ways than those described herein, and therefore the scope of the present application is not limited to the specific embodiments disclosed below.
FIG. 1 illustrates a flow chart of an efficient network asset risk assessment method of the present application.
As shown in fig. 1, the application discloses a vulnerability detection method, which comprises the following steps:
s102, acquiring asset fingerprint information;
s104, judging whether the asset fingerprint information is changed or not;
s106, if not, processing is not performed, if yes, the changed asset fingerprint information is sent to an asset scanning engine, asset component information is obtained, and the asset component information is stored in an asset component information base;
s108, obtaining a vulnerability matching task according to the asset component information;
s110, the vulnerability matching task is sent to a vulnerability matching engine to be matched, and a vulnerability scanning result is obtained.
According to the embodiment of the application, the asset fingerprint collection service is mainly used for collecting fingerprints and verifying the validity of the Internet asset components, so that the collected fingerprints can be ensured to identify asset component information (information such as CPE, component name, manufacturer, version number and the like). When the fingerprint of the asset is changed, the change information is pushed to the asset scanning engine in real time, so that the asset scanning engine can be matched with the asset information of the corresponding fingerprint which is newly input. When a user issues an instant or periodic asset scanning task, an asset scanning engine acquires asset fingerprints and a fingerprint library to be matched by using plug-in technologies such as nmap, masscan, whatweb and crawlers, stores matched component information into an asset component information library, issues an asynchronous vulnerability matching task to a vulnerability matching engine to perform vulnerability matching, and stores matched vulnerability results into a vulnerability result library. According to the scheme, the asset scanning engine is decoupled from the fingerprint library, and the vulnerability matching engine is decoupled from the vulnerability library. When new asset components or vulnerability information appears, the new asset components can be scanned and whether the components have vulnerabilities can be timely evaluated by only maintaining a fingerprint database, a vulnerability database and a vulnerability component characteristic association database. Thereby adapting to the internet to continuously update the changed asset information and vulnerability information.
According to an embodiment of the present application, before the acquiring the asset fingerprint information, the method further includes:
s202, obtaining vulnerability information;
s204, judging whether the vulnerability information is changed or not;
s206, if not, processing is not performed, and if yes, the change vulnerability information is sent to a vulnerability matching engine.
It should be noted that, the vulnerability collection service mainly collects vulnerability information (cve number, vulnerability name, risk level, vulnerability description, vulnerability solution, affected CPE information, affected component name, vendor, version number, etc.) through crawler technology from the official network such as CVE, CNVD, CNNVD. When the vulnerability information is changed, the changed vulnerability information is pushed to a vulnerability matching engine so that the vulnerability matching engine can match the latest vulnerability.
According to an embodiment of the present application, before determining whether the change occurs to the asset fingerprint information, the method further includes:
s302, acquiring asset fingerprint information;
s304, associating the asset fingerprint information with vulnerability component information to obtain vulnerability component feature association information;
s306, storing the vulnerability component characteristic association information to a vulnerability component association library;
it should be noted that, through the vulnerability component association, the automatic association and the manual association of the component features and the fingerprint features are realized. The automatic association is realized mainly through CPE information, and the manual association is realized through manually inputting the association relation between the vulnerability component characteristics (component name, manufacturer and version number) and the fingerprint for the component characteristics without CPE information.
According to an embodiment of the present application, before the vulnerability matching task is sent to the vulnerability matching engine to match, the method further includes:
acquiring an issuing vulnerability matching task;
and sending the issued vulnerability matching task to a vulnerability matching engine for matching to obtain a vulnerability scanning result.
It should be noted that, the user may also perform full-scale vulnerability matching on the selected asset range by issuing an instant or periodic offline vulnerability matching task, and store the matched vulnerability result into the vulnerability result library.
According to an embodiment of the present application, further comprising:
the system comprises a basic information base and a result base.
It should be noted that, the basic information base mainly stores vulnerability information, component fingerprint information and vulnerability component feature associated information. Providing basic data support for the scan engine. The result library mainly stores asset information scanned by the asset scanning engine and component vulnerability result information matched by the vulnerability matching engine.
The foregoing is a description of embodiments of the method, and the following further describes embodiments of the present disclosure through examples of apparatus.
Fig. 4 shows a block diagram of a vulnerability detection apparatus according to an embodiment of the disclosure.
As shown in fig. 4, a second aspect of the application provides an apparatus. The device comprises:
the information collection module is used for vulnerability collection service, fingerprint collection service and vulnerability component association service;
the scanning engine module comprises an asset scanning engine and a vulnerability matching engine, wherein the asset scanning engine is used for analyzing asset fingerprint information to obtain asset component information, and the vulnerability matching engine is used for matching vulnerability component characteristics to obtain a vulnerability result;
the output module is used for sending the asset component information to a vulnerability matching engine and storing the vulnerability result into a vulnerability result library;
the storage module is used for storing vulnerability information, fingerprint information, vulnerability component characteristic associated information, asset component information and vulnerability results.
According to the embodiment of the application, the asset fingerprint collection service is mainly used for collecting fingerprints and verifying the validity of the Internet asset components, so that the collected fingerprints can be ensured to identify asset component information (information such as CPE, component name, manufacturer, version number and the like). When the fingerprint of the asset is changed, the change information is pushed to the asset scanning engine in real time, so that the asset scanning engine can be matched with the asset information of the corresponding fingerprint which is newly input. When a user issues an instant or periodic asset scanning task, an asset scanning engine acquires asset fingerprints and a fingerprint library to be matched by using plug-in technologies such as nmap, masscan, whatweb and crawlers, stores matched component information into an asset component information library, issues an asynchronous vulnerability matching task to a vulnerability matching engine to perform vulnerability matching, and stores matched vulnerability results into a vulnerability result library. The asset scanning engine is mainly used for matching the acquired asset fingerprints with a fingerprint library through plug-in technologies such as nmap, masscan, whatweb and crawlers aiming at asset scanning tasks configured by users, and further identifying component information. And saving the asset component information to an asset component information base. And simultaneously asynchronously issuing the online vulnerability matching task of the component. The vulnerability matching engine is used for performing feature matching of vulnerability components mainly aiming at an asset scanning task configured by a user and an online vulnerability matching task issued by the asset scanning engine, further judging whether the vulnerability exists in the asset components, and storing component information and vulnerability information with the vulnerability into a vulnerability result library. And the information collection module comprises a vulnerability collection service, a fingerprint collection service and a vulnerability component association service. According to the scheme, the asset scanning engine is decoupled from the fingerprint library, and the vulnerability matching engine is decoupled from the vulnerability library. When new asset components or vulnerability information appears, the new asset components can be scanned and whether the components have vulnerabilities can be timely evaluated by only maintaining a fingerprint database, a vulnerability database and a vulnerability component characteristic association database. Thereby adapting to the internet to continuously update the changed asset information and vulnerability information.
According to an embodiment of the present application, before the acquiring the asset fingerprint information, the method further includes:
obtaining vulnerability information;
judging whether the vulnerability information is changed or not;
if not, the processing is not performed, and if yes, the change vulnerability information is sent to a vulnerability matching engine.
It should be noted that, the vulnerability collection service mainly collects vulnerability information (cve number, vulnerability name, risk level, vulnerability description, vulnerability solution, affected CPE information, affected component name, vendor, version number, etc.) through crawler technology from the official network such as CVE, CNVD, CNNVD. When the vulnerability information is changed, the changed vulnerability information is pushed to a vulnerability matching engine so that the vulnerability matching engine can match the latest vulnerability.
According to an embodiment of the present application, before determining whether the change occurs to the asset fingerprint information, the method further includes:
acquiring asset fingerprint information;
correlating the asset fingerprint information with vulnerability component information to obtain vulnerability component characteristic correlation information;
storing the vulnerability component characteristic association information to a vulnerability component association library;
it should be noted that, through the vulnerability component association, the automatic association and the manual association of the component features and the fingerprint features are realized. The automatic association is realized mainly through CPE information, and the manual association is realized through manually inputting the association relation between the vulnerability component characteristics (component name, manufacturer and version number) and the fingerprint for the component characteristics without CPE information.
According to an embodiment of the present application, before the vulnerability matching task is sent to the vulnerability matching engine to match, the method further includes:
acquiring an issuing vulnerability matching task;
and sending the issued vulnerability matching task to a vulnerability matching engine for matching to obtain a vulnerability scanning result.
It should be noted that, the user may also perform full-scale vulnerability matching on the selected asset range by issuing an instant or periodic offline vulnerability matching task, and store the matched vulnerability result into the vulnerability result library.
According to an embodiment of the present application, further comprising:
the system comprises a basic information base and a result base.
It should be noted that, the basic information base mainly stores vulnerability information, component fingerprint information and vulnerability component feature associated information. Providing basic data support for the scan engine. The result library mainly stores asset information scanned by the asset scanning engine and component vulnerability result information matched by the vulnerability matching engine.
In a third aspect of the present disclosure, an electronic device is provided. The electronic device includes: a memory and a processor, the memory having stored thereon a computer program, the processor implementing the method as described above when executing the program.
In a fourth aspect of the present disclosure, there is provided a computer readable storage medium having stored thereon a computer program which when executed by a processor implements a method as according to the first aspect of the present disclosure.
The application discloses a vulnerability detection method, a vulnerability detection device, electronic equipment and a readable storage medium. Acquiring asset fingerprint information, matching the asset fingerprint information with a fingerprint library through an asset scanning engine to obtain asset component information, obtaining an asynchronous vulnerability matching task according to the asset component information, sending the asynchronous vulnerability matching task to a vulnerability matching engine for matching, judging whether a vulnerability exists, if not, not processing, if not, obtaining a vulnerability result, and establishing effective association between the asset fingerprint and the vulnerability information library by maintaining the asset fingerprint and the vulnerability information library, wherein in the asset discovery process, the capability of predicting asset risk can be realized, the risk assessment efficiency and accuracy of the network space asset are greatly improved, and the method can be widely applied to network security systems and network asset space mapping platforms needing asset risk assessment.
In the several embodiments provided by the present application, it should be understood that the disclosed apparatus and method may be implemented in other ways. The above described device embodiments are only illustrative, e.g. the division of the units is only one logical function division, and there may be other divisions in practice, such as: multiple units or components may be combined or may be integrated into another system, or some features may be omitted, or not performed. In addition, the various components shown or discussed may be coupled or directly coupled or communicatively coupled to each other via some interface, whether indirectly coupled or communicatively coupled to devices or units, whether electrically, mechanically, or otherwise.
The units described above as separate components may or may not be physically separate, and components shown as units may or may not be physical units; can be located in one place or distributed to a plurality of network units; some or all of the units may be selected according to actual needs to achieve the purpose of the solution of this embodiment.
In addition, each functional unit in each embodiment of the present application may be integrated in one processing unit, or each unit may be separately used as one unit, or two or more units may be integrated in one unit; the integrated units may be implemented in hardware or in hardware plus software functional units.
Those of ordinary skill in the art will appreciate that: all or part of the steps for implementing the above method embodiments may be implemented by hardware related to program instructions, and the foregoing program may be stored in a computer readable storage medium, where the program, when executed, performs steps including the above method embodiments; and the aforementioned storage medium includes: a mobile storage device, a Read-only Memory (ROM), a random access Memory (RAM, random Access Memory), a magnetic disk or an optical disk, or the like, which can store program codes.
Alternatively, the above-described integrated units of the present application may be stored in a computer-readable storage medium if implemented in the form of software functional modules and sold or used as separate products. Based on such understanding, the technical solutions of the embodiments of the present application may be embodied in essence or a part contributing to the prior art in the form of a software product stored in a storage medium, including several instructions for causing a computer device (which may be a personal computer, a server, or a network device, etc.) to execute all or part of the methods described in the embodiments of the present application. And the aforementioned storage medium includes: a removable storage device, ROM, RAM, magnetic or optical disk, or other medium capable of storing program code.
Claims (8)
1. A vulnerability detection method, comprising:
acquiring asset fingerprint information;
judging whether the asset fingerprint information is changed or not;
if not, not processing, if yes, sending the changed asset fingerprint information to an asset scanning engine to obtain asset component information and storing the asset component information into an asset component information base;
obtaining a vulnerability matching task according to the asset component information;
and sending the vulnerability matching task to a vulnerability matching engine for matching to obtain a vulnerability scanning result.
2. The method of claim 1, wherein prior to obtaining the asset fingerprint information, further comprising:
obtaining vulnerability information;
judging whether the vulnerability information is changed or not;
if not, the processing is not performed, and if yes, the change vulnerability information is sent to a vulnerability matching engine.
3. The method of claim 1, wherein the determining of the asset fingerprint information, before the change, further comprises:
acquiring asset fingerprint information;
correlating the asset fingerprint information with vulnerability component information to obtain vulnerability component characteristic correlation information;
storing the vulnerability component characteristic association information to a vulnerability component association library;
wherein, the association comprises automatic association and manual association.
4. The method of claim 1, wherein the sending the vulnerability matching task to a vulnerability matching engine for matching, before obtaining the vulnerability scanning result, further comprises:
acquiring an issuing vulnerability matching task;
and sending the issued vulnerability matching task to a vulnerability matching engine for matching to obtain a vulnerability scanning result.
5. The method according to claim 1, characterized in that it comprises:
the system comprises a basic information base and a result base.
6. A vulnerability detection apparatus comprising:
the information collection module is used for acquiring asset fingerprint information and vulnerability information;
the scanning engine module is used for analyzing the asset fingerprint information to obtain a vulnerability result;
the output module is used for storing the vulnerability result into a vulnerability result library;
the storage module is used for storing vulnerability information, fingerprint information, vulnerability component characteristic associated information, asset component information and vulnerability results.
7. An electronic device, comprising:
at least one processor; and a memory communicatively coupled to the at least one processor;
wherein the memory stores instructions executable by the at least one processor to enable the at least one processor to perform the method of any one of claims 1-5.
8. A non-transitory computer readable storage medium storing computer instructions for causing the computer to perform the method of any one of claims 1-5.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202310629166.9A CN116933265A (en) | 2023-05-30 | 2023-05-30 | Vulnerability detection method and device, electronic equipment and storage medium |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202310629166.9A CN116933265A (en) | 2023-05-30 | 2023-05-30 | Vulnerability detection method and device, electronic equipment and storage medium |
Publications (1)
Publication Number | Publication Date |
---|---|
CN116933265A true CN116933265A (en) | 2023-10-24 |
Family
ID=88376401
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202310629166.9A Pending CN116933265A (en) | 2023-05-30 | 2023-05-30 | Vulnerability detection method and device, electronic equipment and storage medium |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN116933265A (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN117376037A (en) * | 2023-12-08 | 2024-01-09 | 山东星维九州安全技术有限公司 | Method, device and storage medium for classifying and scanning network assets |
-
2023
- 2023-05-30 CN CN202310629166.9A patent/CN116933265A/en active Pending
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN117376037A (en) * | 2023-12-08 | 2024-01-09 | 山东星维九州安全技术有限公司 | Method, device and storage medium for classifying and scanning network assets |
CN117376037B (en) * | 2023-12-08 | 2024-02-23 | 山东星维九州安全技术有限公司 | Method, device and storage medium for classifying and scanning network assets |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN112637159A (en) | Network asset scanning method, device and equipment based on active detection technology | |
CN112182588B (en) | Threat information-based operating system vulnerability analysis and detection method and system | |
CN111401416A (en) | Abnormal website identification method and device and abnormal countermeasure identification method | |
CN113259392B (en) | Network security attack and defense method, device and storage medium | |
CN111104579A (en) | Identification method and device for public network assets and storage medium | |
CN113032792A (en) | System service vulnerability detection method, system, equipment and storage medium | |
CN112733045B (en) | User behavior analysis method and device and electronic equipment | |
CN112818352B (en) | Database detection method and device, storage medium and electronic device | |
CN116933265A (en) | Vulnerability detection method and device, electronic equipment and storage medium | |
CN112491874A (en) | Network asset management method and device and related equipment | |
CN114329448A (en) | System security detection method and device, electronic equipment and storage medium | |
CN111985192A (en) | Web attack report generation method, device, equipment and computer medium | |
CN112307464A (en) | Fraud identification method and device and electronic equipment | |
KR20190099816A (en) | Method and system for detecting counterfeit of web page | |
CN113987508A (en) | Vulnerability processing method, device, equipment and medium | |
KR20180060616A (en) | RBA based integrated weak point diagnosis method | |
CN111371581A (en) | Method, device, equipment and medium for detecting business abnormity of Internet of things card | |
CN110233848B (en) | Asset situation analysis method and device | |
CN116015800A (en) | Scanner identification method and device, electronic equipment and storage medium | |
CN110691090A (en) | Website detection method, device, equipment and storage medium | |
CN112347457A (en) | Abnormal account detection method and device, computer equipment and storage medium | |
CN115643044A (en) | Data processing method, device, server and storage medium | |
CN113806736B (en) | Vulnerability detection method, system and storage medium based on mimicry intrusion | |
CN113297583B (en) | Vulnerability risk analysis method, device, equipment and storage medium | |
CN113660227B (en) | Quantitative calculation method and device for network security vulnerability assessment |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination |