CN113569256A - Vulnerability scanning method and apparatus, system, electronic device, computer readable medium - Google Patents
Vulnerability scanning method and apparatus, system, electronic device, computer readable medium Download PDFInfo
- Publication number
- CN113569256A CN113569256A CN202110926107.9A CN202110926107A CN113569256A CN 113569256 A CN113569256 A CN 113569256A CN 202110926107 A CN202110926107 A CN 202110926107A CN 113569256 A CN113569256 A CN 113569256A
- Authority
- CN
- China
- Prior art keywords
- vulnerability
- information
- installation package
- software
- version
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
Landscapes
- Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Stored Programmes (AREA)
Abstract
The disclosure provides a vulnerability scanning method and device, and relates to the technical fields of cloud computing, data processing and the like. One embodiment of the method comprises: receiving a cloud vulnerability scanning task; acquiring software installation package information on at least one cloud host based on a cloud vulnerability scanning task; matching the version information of the preprocessing installation package of the vulnerability library with the version information of the software installation package, wherein the version information of the preprocessing installation package of the vulnerability library is the version information of the software corresponding to different vulnerabilities in the vulnerability library; and determining the cloud host with the holes and the hole information of the cloud host based on the matching result of the version information of the preprocessed installation package and the software installation package information of the hole library. The implementation method improves the vulnerability scanning efficiency of the cloud host.
Description
Technical Field
The present disclosure relates to the field of computer technologies, and in particular, to the field of cloud computing and data processing technologies, and in particular, to a vulnerability scanning method and apparatus, a vulnerability scanning system, an electronic device, a computer-readable medium, and a computer program product.
Background
The cloud computing service is convenient to expand, safe, reliable and low in overall maintenance cost, so that more and more small and medium-sized companies in the internet select a cloud platform as a data center. The cloud platform needs to be additionally provided with a large number of instance cloud hosts at every moment, and vulnerability scanning needs to be carried out on the cloud hosts in order to avoid the cloud platform from being invaded by other software.
The existing vulnerability scanning of the cloud host is carried out on equipment of the cloud host, the scanning task occupies more resources, the performance of the cloud host can be greatly influenced, and the vulnerability scanning efficiency is low when a large amount of cloud hosts are scanned.
Disclosure of Invention
Embodiments of the present disclosure propose vulnerability scanning methods and apparatuses, systems, electronic devices, computer-readable media, and computer program products.
In a first aspect, an embodiment of the present disclosure provides a vulnerability scanning method, which includes: receiving a cloud vulnerability scanning task; acquiring software installation package information on at least one cloud host based on a cloud vulnerability scanning task; matching the version information of the preprocessing installation package of the vulnerability library with the version information of the software installation package, wherein the version information of the preprocessing installation package of the vulnerability library is the version information of the software corresponding to different vulnerabilities in the vulnerability library; and determining the cloud host with the holes and the hole information of the cloud host based on the matching result of the version information of the preprocessed installation package and the software installation package information of the hole library.
In some embodiments, the software installation package information is collected from a distributed data store, and the method further comprises: and storing the identification of the cloud host and the vulnerability information of the cloud host into a distributed data storage.
In some embodiments, the above method further comprises: and processing the vulnerability information in the preset vulnerability library to obtain the version information of the pre-processed installation package of the vulnerability library.
In some embodiments, the processing vulnerability information in a preset vulnerability library to obtain the version information of the pre-processing installation package of the vulnerability library includes: preprocessing vulnerability information in a preset vulnerability library to obtain vulnerability information corresponding to different software; and carrying out installation package version division on the vulnerability information corresponding to different software to obtain the vulnerability library preprocessing installation package version information.
In some embodiments, the performing the version division of the installation package on the vulnerability information corresponding to different software to obtain the version information of the pre-processed installation package of the vulnerability library includes: dividing vulnerability information corresponding to different software according to a preset operating system type, an operating system version, a software installation package name and a software installation package version; and arranging the type of the operating system, the version of the operating system, the name of the software installation package and the version of the software installation package in sequence in one-to-one correspondence with the corresponding vulnerability information to obtain the version information of the preprocessed installation package of the vulnerability library.
In some embodiments, the software installation package information includes: matching the version information of the preprocessing installation package of the vulnerability library with the version information of the software installation package by using the version of the operating system, the name of the software package and the version of the software package, and comprises the following steps: determining software with the same version as the operating system in the version information of the preprocessing installation package of the vulnerability library; matching the determined software installation package name of the software with the software package name; in response to the fact that the software installation package name is successfully matched with the software package name and the software package version is smaller than or equal to the software installation package version corresponding to the software installation package name, determining that the cloud host with the software package name and the software package version is the cloud host with the holes; and determining vulnerability information of the cloud host with the vulnerability in the pre-processing installation package version information of the vulnerability library.
In a second aspect, an embodiment of the present disclosure provides a vulnerability scanning method, including: receiving an installation package version information task; and acquiring and sending software installation package information to the distributed data storage based on the installation package version information task, so that the server side determines the cloud host with the holes and the vulnerability information of the cloud host by executing the method described in any one of the implementation modes in the first aspect based on the software installation package information acquired from the distributed data storage.
In a third aspect, an embodiment of the present disclosure provides a vulnerability scanning apparatus, which includes: a receiving unit configured to receive a cloud vulnerability scanning task; the acquisition unit is configured to acquire software installation package information on at least one cloud host based on the cloud vulnerability scanning task; the matching unit is configured to match the version information of the pre-processing installation package of the vulnerability library with the version information of the software installation package, wherein the version information of the pre-processing installation package of the vulnerability library is the version information of the software corresponding to different vulnerabilities in the vulnerability library; the determining unit is configured to determine a cloud host with the holes and hole information of the cloud host based on a matching result of the version information of the preprocessed installation package of the hole library and the information of the software installation package.
In some embodiments, the software installation package information is collected from a distributed data storage, and the apparatus further includes: a storage unit configured to store the identification of the cloud host and the vulnerability information of the cloud host into a distributed data storage.
In some embodiments, the above apparatus further comprises: and the processing unit is configured to process the vulnerability information in a preset vulnerability library to obtain the version information of the pre-processing installation package of the vulnerability library.
In some embodiments, the processing unit comprises: the obtaining module is configured to preprocess vulnerability information in a preset vulnerability library to obtain vulnerability information corresponding to different software; and the division module is configured to divide the versions of the installation packages of the vulnerability information corresponding to different software to obtain the version information of the preprocessed installation packages of the vulnerability library.
In some embodiments, the dividing module includes: the division submodule is configured to divide vulnerability information corresponding to different software according to a preset operating system type, an operating system version, a software installation package name and a software installation package version; and the arrangement submodule is configured to arrange the operating system type, the operating system version, the software installation package name and the software installation package version in sequence in one-to-one correspondence with the corresponding vulnerability information to obtain the vulnerability library preprocessing installation package version information.
In some embodiments, the software installation package information includes: the operating system version, software package name, software package version, above-mentioned matching unit includes: the determining module is configured to determine software with the same version as the operating system in the version information of the pre-processing installation package of the vulnerability library; a matching module configured to match the determined software installation package name of the software with the software package name; the comparison module is configured to respond to the fact that the software installation package name is successfully matched with the software package name, and the software package version is smaller than or equal to the software installation package version corresponding to the software installation package name, and determine that the cloud host with the software package name and the software package version is the cloud host with the holes; the output module is configured to determine vulnerability information of the cloud host with the vulnerability in the vulnerability library preprocessing installation package version information.
In a fourth aspect, an embodiment of the present disclosure provides a vulnerability scanning system, including: the system comprises a server, a data storage and at least one cloud host; each cloud host is used for receiving the installation package version information task, collecting and sending software installation package information to the distributed data storage based on the installation package version information task; the server side determines a cloud host with the holes and the hole information of the cloud host by executing the method described in any one of the implementation manners in the first aspect based on the software installation package information collected from the distributed data storage.
In a fifth aspect, an embodiment of the present disclosure provides an electronic device, including: one or more processors; a storage device having one or more programs stored thereon; when executed by one or more processors, cause the one or more processors to implement a method as described in any of the implementations of the first or second aspects.
In a sixth aspect, embodiments of the present disclosure provide a computer readable medium, on which a computer program is stored, which when executed by a processor, implements a method as described in any of the implementations of the first or second aspects.
In a seventh aspect, embodiments of the present disclosure provide a computer program product comprising a computer program that, when executed by a processor, implements the method as described in any of the implementations of the first or second aspects.
According to the vulnerability scanning method and device provided by the embodiment of the disclosure, a cloud vulnerability scanning task is received; secondly, acquiring software installation package information on at least one cloud host based on a cloud vulnerability scanning task; matching the version information of the preprocessing installation package of the vulnerability library with the version information of the software installation package, wherein the version information of the preprocessing installation package of the vulnerability library is the version information of the software corresponding to different vulnerabilities in the vulnerability library; and finally, determining the cloud host with the holes and the hole information of the cloud host based on the matching result of the version information of the preprocessed installation package of the hole library and the software installation package information. Therefore, the cloud host with the holes is determined by collecting the software installation package information of the cloud host, and the cloud host does not need to be subjected to hole scanning at the equipment end of the cloud host, so that the efficiency and the speed of hole scanning are improved, and the accuracy of hole scanning is ensured.
The vulnerability scanning system provided by the embodiment of the disclosure comprises: the system comprises a server, a data memory and at least one cloud host, wherein each cloud host uploads respective software installation package information to the data memory so that the server collects the software installation package information from the data memory, the collected software installation package information is matched with the version information of the pre-processed installation package of the vulnerability library, vulnerability information of the cloud host with the vulnerability and vulnerability information of the cloud host are determined, vulnerability scanning is not needed to be carried out at the cloud host, and only version matching is carried out at the server, so that the vulnerability information of the cloud host can be determined, and the efficiency and the speed of vulnerability scanning are improved.
Drawings
Other features, objects and advantages of the disclosure will become more apparent upon reading of the following detailed description of non-limiting embodiments thereof, made with reference to the accompanying drawings in which:
FIG. 1 is an exemplary system architecture diagram in which one embodiment of the present disclosure may be applied;
FIG. 2 is a flow diagram of one embodiment of a vulnerability scanning method according to the present disclosure;
FIG. 3 is a flow diagram of another embodiment of a vulnerability scanning method according to the present disclosure;
FIG. 4 is a schematic structural diagram of an embodiment of a vulnerability scanning apparatus according to the present disclosure;
FIG. 5 is a schematic structural diagram of an embodiment of a vulnerability scanning system according to the present disclosure;
FIG. 6 is a schematic structural diagram of an electronic device suitable for use in implementing embodiments of the present disclosure.
Detailed Description
The present disclosure is described in further detail below with reference to the accompanying drawings and examples. It is to be understood that the specific embodiments described herein are merely illustrative of the relevant invention and not restrictive of the invention. It should be noted that, for convenience of description, only the portions related to the related invention are shown in the drawings.
It should be noted that, in the present disclosure, the embodiments and features of the embodiments may be combined with each other without conflict. The present disclosure will be described in detail below with reference to the accompanying drawings in conjunction with embodiments.
Fig. 1 illustrates an exemplary system architecture 100 to which the vulnerability scanning methods of the present disclosure may be applied.
As shown in fig. 1, the system architecture 100 may include terminals 101, 102, a network 103, a database server 104, and a server 105. The network 103 serves as a medium for providing communication links between the terminals 101, 102, the database server 104 and the server 105. Network 103 may include various connection types, such as wired, wireless communication links, or fiber optic cables, to name a few.
The user 110 may use the terminals 101, 102 to interact with the server 105 over the network 103 to receive or send messages or the like. The terminals 101 and 102 may have various client software installed thereon, such as model training software, image conversion software, shopping software, payment software, web browser, instant messenger, and the like.
Here, the terminals 101 and 102 may be hardware or software. When the terminals 101 and 102 are hardware, they may be various electronic devices with display screens, including but not limited to smart phones, tablet computers, e-book readers, MP3 players (Moving Picture Experts Group Audio Layer III), laptop portable computers, desktop computers, and the like. When the terminals 101 and 102 are software, the software can be installed in the electronic devices listed above to implement the functions of the cloud host. It may be implemented as multiple pieces of software or software modules (e.g., to provide distributed services) or as a single piece of software or software module. And is not particularly limited herein.
The server 105 may also be a server providing various services, such as a background server providing support for various software displayed on the terminals 101, 102. The background server may perform vulnerability scanning on the cloud host systems on the terminals 101 and 102 by using the software installation package information sent by the terminals 101 and 102 or collecting the software installation package information in the database server 104, and may send the scanning result to the terminals 101 and 102 or store the scanning result in the database server 104. In this way, the user 110 may determine, in real time, a cloud host with a leak or vulnerability information of the cloud host with a leak.
Here, the database server 104 and the server 105 may be hardware or software. When they are hardware, they can be implemented as a distributed server cluster composed of a plurality of servers, or as a single server. When they are software, they may be implemented as multiple pieces of software or software modules (e.g., to provide distributed services), or as a single piece of software or software module. And is not particularly limited herein.
It should be noted that the vulnerability scanning method provided by the embodiment of the present application is generally executed by the server 105. Accordingly, vulnerability scanning devices are also typically located in the server 105.
It is noted that database server 104 may not be provided in system architecture 100, as server 105 may perform the relevant functions of database server 104.
It should be understood that the number of terminals, networks, database servers, and servers in fig. 1 are merely illustrative. There may be any number of terminals, networks, database servers, and servers, as desired for implementation.
As shown in fig. 2, a flow 200 of one embodiment of a vulnerability scanning method according to the present disclosure is shown, the vulnerability scanning method comprising the steps of:
In this embodiment, the cloud vulnerability scanning task is a task for scanning vulnerabilities of the cloud host, which is sent to the execution main body on which the vulnerability scanning method is executed, and when the execution main body on which the vulnerability scanning method is executed receives the cloud vulnerability scanning task, the cloud host can be directly controlled to perform vulnerability scanning. The cloud vulnerability scanning task may include: the task name, the cloud host ID to be scanned, the cloud host name to be scanned, and the like.
An execution subject (such as the server 105 shown in fig. 1) on which the vulnerability scanning method runs may obtain the cloud vulnerability scanning task in various ways, for example, obtain the cloud vulnerability scanning task issued by the user 110 through the user terminal (such as the terminals 101 and 102 shown in fig. 1) in real time; if yes, acquiring a cloud vulnerability scanning task prestored in a data server; for another example, for a cloud cluster, a cloud vulnerability scanning task issued by a task scheduling center may be received in real time. The frequency of the cloud vulnerability scanning tasks issued by the task scheduling center is controlled by a user, for example, the scanning tasks are executed at fixed time every day, or the user sends the cloud vulnerability scanning tasks to the task scheduling center by clicking vulnerability scanning buttons arranged on the terminals 101 and 102, and the sending is not limited by times.
The user can also trigger an installation package version information task through a page of a 'click host vulnerability scanning task' arranged on the terminals 101 and 102, so that the cloud host collects respective software installation package information.
In this embodiment, different cloud vulnerability scanning tasks correspond to different cloud hosts and different software on the cloud hosts, the software may be system software of the cloud hosts or application software, and which cloud host needs to be subjected to software installation package information acquisition can be determined based on the ID of the cloud host to be scanned and the name of the cloud host to be scanned in the received cloud vulnerability scanning tasks.
In this embodiment, the software installation package information refers to information related to a software installation package of the cloud host, the software installation package is a set of files that can be decompressed by itself, and includes all files for software installation.
The version of the software on the cloud host can be analyzed by collecting the software installation package information on the cloud host, such as the type and version of the operating system of the software, so that the vulnerability of the cloud host corresponding to the current software version can be effectively identified. Specifically, the software installation package information may include: the cloud host ID is an identifier of a cloud host installed by a software installation package, the operating system is a management system for providing support for software corresponding to the software package name, the software can comprise system software and application software, the software package name is the name of the installation package corresponding to the software, and the software package version is the version of the software installation package.
In this embodiment, at least one cloud host may be a cluster composed of a large number of cloud hosts, and an execution main body on which the vulnerability scanning method is executed may be one of the large number of cloud hosts, or a server, which is mainly used for performing vulnerability scanning on each cloud host of the large number of cloud hosts. Tens of thousands of cloud hosts and hundreds of thousands of cloud hosts can be collectively called as mass cloud hosts.
And step 203, matching the version information of the preprocessing installation package of the vulnerability library with the information of the software installation package.
In this embodiment, the preprocessing the version information of the installation package in the vulnerability database includes: the version information of the software corresponding to different vulnerabilities in the vulnerability database, the version information of the preprocessing installation package of the vulnerability database can be key information corresponding to vulnerability information and software version information, the vulnerability information in the vulnerability database can be vulnerability information obtained by collecting software synthesis of a cloud system in the internet, for example, the version information of the vulnerability database is as follows: and the version of the python software is 3.10.0, and the bugs of the python software in the version information of the pre-processing installation package of the leaky cave library are A and B, namely, the bugs A and B in the version information of the pre-processing installation package of the leaky library correspond to the 3.10.0 version of python software. .
In this embodiment, the formation process of the version information of the preprocessed installation package in the vulnerability library is as follows: collecting vulnerability information of software of different cloud hosts in the Internet, and dividing the vulnerability information in a vulnerability library based on an operating system operated by each software or/and the version of the software so as to enable the vulnerability information to correspond to the version information of the software. Further, the version information of the software may include: the cloud host identification, the operating system type, the operating system version, the software installation package name and the software installation package version.
In this embodiment, the matching of the vulnerability preprocessing installation package version information and the software installation package information is to compare the software version information in the vulnerability preprocessing installation package version information with the software installation package information, and when the software version information has the same or related information with the software installation package information, obtain the identifier of the cloud host and the vulnerability information corresponding to the same or related information, where the cloud host is the cloud host with the vulnerability, and the vulnerability information is the vulnerability information of the cloud host with the vulnerability.
And 204, determining the cloud host with the holes and the vulnerability information of the cloud host based on the matching result of the version information of the preprocessed installation package of the vulnerability library and the software installation package information.
In this embodiment, the process of matching the version information with the software installation package information is related to the content of the software installation package information. When the software installation package information is completely matched with the version information successfully, the cloud host corresponding to the software installation package information is determined to be the cloud host with the holes, and the vulnerability information corresponding to the software installation package information is the vulnerability information of the cloud host with the holes. And when the software installation package information is not successfully matched with the version information, determining that the cloud host has no loophole.
For example, when the software installation package information includes: when the operating system is of the type, matching the version information of the vulnerability preprocessing installation package with the information of the software installation package comprises the following steps: matching the operating system type in the software installation package information with the operating system type in the version information of the preprocessed installation package of the vulnerability library, if the matching is successful, taking the cloud host with the successfully matched operating system type as the cloud host with the vulnerability, and selecting the vulnerability information corresponding to the successfully matched operating system type in the version information of the vulnerability preprocessed installation package as the vulnerability information of the cloud host with the vulnerability.
Optionally, when the software installation package information includes: when the version of the operating system and the name of the software package are operated, matching the version information of the vulnerability preprocessing installation package with the information of the software installation package comprises the following steps: and respectively matching the operating system type and the software package name in the software installation package information with the operating system type and the software package name in the version information of the preprocessed installation package of the vulnerability library, if all the operating system types and the software package names are successfully matched, taking the cloud host with the successfully matched operating system type and software package name as the cloud host with the vulnerability, and selecting vulnerability information corresponding to the successfully matched operating system type and software package name in the version information of the preprocessed installation package of the vulnerability as the vulnerability information of the cloud host with the vulnerability.
Optionally, the execution subject on which the vulnerability scanning method operates may also present a matching result to the user, where the matching result includes: successful matching and unsuccessful matching. And when the matching is successful, determining that at least one cloud host has a bug, displaying the bug information of the cloud host with the bug and the cloud host with the bug to the user, further, sequencing the bug information of the cloud host in the matching result in an ascending order or a descending order based on the influence of the bug on the cloud host, identifying the bug level of the cloud host with the bug, and displaying important information such as the bug level of the cloud host and the tag of the cloud host to the user.
The vulnerability scanning method provided by the embodiment of the disclosure comprises the steps of firstly receiving a cloud vulnerability scanning task; secondly, acquiring software installation package information on at least one cloud host based on a cloud vulnerability scanning task; matching the version information of the preprocessing installation package of the vulnerability library with the version information of the software installation package, wherein the version information of the preprocessing installation package of the vulnerability library is the version information of the software corresponding to different vulnerabilities in the vulnerability library; and finally, determining the cloud host with the holes and the hole information of the cloud host based on the matching result of the version information of the preprocessed installation package of the hole library and the software installation package information. Therefore, the cloud host with the holes is determined by collecting the software installation package information of the cloud host, and the cloud host does not need to be subjected to hole scanning at the equipment end of the cloud host, so that the hole scanning efficiency is improved, and the hole scanning accuracy is ensured.
In this embodiment, at least one cloud host may be a mass cloud host, and for vulnerability scanning of the mass cloud host, real-time acquisition of software installation package information of the cloud host cannot be achieved, and in order to ensure reliability of vulnerability scanning, a distributed data storage may be used to store software installation package information uploaded by different cloud hosts.
In an optional implementation manner of the embodiment of the present disclosure, the software installation package information may be information acquired from a distributed data storage, and the vulnerability scanning method may further include: and storing the identification of the cloud host with the holes and the vulnerability information of the cloud host into a distributed data storage.
In this embodiment, the distributed data storage stores the software installation information of all the cloud hosts together, so that the vulnerability scanning method can be executed on the distributed data storage to scan the software installation information of the cloud hosts corresponding to the cloud vulnerability scanning task after the cloud vulnerability scanning task is obtained.
In this embodiment, the distributed data storage may be a storage cluster composed of a plurality of data storages, where each data storage may correspond to one cloud host, or may correspond to a plurality of cloud hosts. The distributed data storage is used for storing data, and the data is divided into a plurality of nodes for storage, so that the data is easy to query and highly concurrent.
In the optional implementation mode, the distributed data storage is adopted to store the information of the cloud hosts, so that the running reliability of the system is ensured when the software installation information of at least one cloud host is massive data of the cloud hosts, the data loss is prevented, and the reliability of vulnerability scanning is ensured.
In some optional implementation manners of this embodiment, the vulnerability scanning method further includes: and processing the vulnerability information in the preset vulnerability library to obtain the version information of the pre-processed installation package of the vulnerability library.
In this alternative implementation, the vulnerability information in the preset vulnerability database may be vulnerability information obtained from a vulnerability source of the patent, and each vulnerability information in the preset vulnerability database may be related to a software version of the cloud host.
In this optional implementation, processing the vulnerability information in the preset vulnerability database includes: and removing vulnerability information irrelevant to the software version in the preset vulnerability database, and correspondingly storing the obtained vulnerability information in the preset vulnerability database according to the software version information and the vulnerability information to obtain the version information of the preprocessed installation package of the vulnerability database.
In the optional implementation mode, invalid information can be removed by processing the vulnerability information of the preset vulnerability library, and the reliability of matching of the version information of the preprocessing installation package of the follow-up vulnerability library and the software installation package information is guaranteed.
In some optional implementation manners of this embodiment, the processing vulnerability information in a preset vulnerability library to obtain the version information of the pre-processing installation package of the vulnerability library includes: preprocessing vulnerability information in a preset vulnerability library to obtain vulnerability information corresponding to different software; and carrying out installation package version division on the vulnerability information corresponding to different software to obtain the vulnerability library preprocessing installation package version information.
In this optional implementation, the preprocessing may include: data cleaning, data formatting and the like, wherein the data cleaning may be to remove vulnerability information irrelevant to software in a preset vulnerability database, and the data formatting may be to store the vulnerability information in the preset vulnerability database according to a preset format, for example, the preset format is: software keywords, software names, software versions and vulnerability information; for another example, the preset format is: software name, software version and vulnerability information; by data formatting, vulnerability information of different types of software can be quickly and conveniently obtained.
In this embodiment, because the running of the software needs the support of different operating systems, and the software can also distinguish different versions, the aforementioned dividing the installation package version for the vulnerability information corresponding to different software, and obtaining the vulnerability library preprocessing installation package version information includes: determining all division types of the installation package version, and dividing and storing the vulnerability information corresponding to different software according to the division types based on the determined division types.
For example, the predetermined installation package version of the at least one cloud host may include: and if the division type can be the software installation package name and the software installation package version, dividing vulnerability information corresponding to different software once according to the software installation package name and the software installation package version so as to obtain vulnerability information meeting the software installation package name and the software installation package version.
In the optional implementation mode, the vulnerability information corresponding to different software is divided according to the package version, so that different types of vulnerability information of different software can be divided, and the reliability of software vulnerability information division is improved.
In some optional implementation manners of this embodiment, the performing the version division on the installation package on the vulnerability information corresponding to different software to obtain the version information of the pre-processed installation package of the vulnerability library includes: dividing vulnerability information corresponding to different software according to a preset operating system type, an operating system version, a software installation package name and a software installation package version; and arranging the type of the operating system, the version of the operating system, the name of the software installation package and the version of the software installation package in sequence in one-to-one correspondence with the corresponding vulnerability information to obtain the version information of the preprocessed installation package of the vulnerability library.
In this optional implementation, the installation package version is: when the operating system type, the operating system version, the software installation package name and the software installation package version are used, vulnerability information of different software is divided according to the installation package version, so that preprocessing installation package version information of the vulnerability library can be conveniently matched with the software installation package information, and the matching reliability of the vulnerability library and the software installation package information is ensured.
In some optional implementations of this embodiment, the software installation package information includes: the matching of the version information of the preprocessing installation package of the vulnerability library and the information of the software installation package comprises the following steps: determining software with the same version as the operating system in the version information of the preprocessing installation package of the vulnerability library; matching the determined software installation package name of the software with the software package name; in response to that the determined software installation package name is successfully matched with the software package name and that the software package version is smaller than or equal to the software installation package version corresponding to the determined software installation package name, determining that the cloud host with the software package name and the software package version is the cloud host with the holes; and determining vulnerability information of the cloud host with the vulnerability in the pre-processing installation package version information of the vulnerability library.
In this optional implementation manner, the preprocessing the version information of the installation package in the vulnerability library may include: the version of the operating system, the name of the software installation package, the version of the software installation package and the vulnerability information.
For example, the vulnerability library preprocessing installation package version information includes: linux, 7 (operating system version), python (software installation package name), 2.7.5 (software installation package version), presence of vulnerabilities a1, B1, C1.
The software installation package information includes: the operating system of the cloud host a is Linux, the version of the operating system is 7, the name of the software package is python, the version of the software package is 2.7.5, and by matching with the version information of the vulnerability preprocessing installation package, it can be known that matching is successful, and the cloud host with holes in the matching result is: the vulnerability information of the cloud host a is as follows: a1, B1 and C1.
In this optional implementation manner, the software installation package information includes: when the version of the operating system, the name of the software package and the version of the software package are operated, the version of the operating system, the name of the software package and the version of the software package are sequentially matched in the version information of the preprocessed installation package of the vulnerability library, so that the cloud host with the vulnerability and the vulnerability information of the cloud host can be effectively determined, and the efficiency of cloud host matching is improved.
Optionally, the software installation package information includes: the matching of the version information of the preprocessed installation package of the vulnerability library and the information of the software installation package comprises the following steps: matching the software installation package name in the version information of the preprocessing installation package of the vulnerability library with the software package name; matching the software package version with the software installation package version in response to the successful matching of the software installation package name and the software package name; and in response to the fact that the software package version is smaller than the software package version corresponding to the software installation package name, determining that the cloud host with the software package name and the software package version is the cloud host with the holes, and determining the hole information of the cloud host with the holes in the pre-processing installation package version information of the hole library.
For example, the vulnerability library preprocessing installation package version information includes: python (software installation package name), 3.10.0 (software installation package version), vulnerability a2, B2.
The software installation package information includes: python, version 3.11.0, cloud host Q installed; installed python, version 3.09.0 of cloud host W.
Through matching, the installed python version of the cloud host Q is higher than 3.10.0 of the leaky library, and no leak information exists. The cloud host W installs python, a version lower than 3.10.0 processed ahead of time, so there are vulnerabilities a2, B2.
Thus, the matching result is obtained as: finally, the cloud host with the holes is the holes A2 and B2 existing in the cloud host W, and the matched results can be stored in the distributed data storage.
In an embodiment of the present disclosure, as shown in fig. 3, a flowchart 300 of another embodiment of a vulnerability scanning method according to the present disclosure is shown, the vulnerability scanning method comprising the steps of:
In this embodiment, the execution main body on which the vulnerability scanning direction runs may be a cloud host, the installation package version information task is an installation package version information task sent to the execution main body on which the vulnerability scanning direction runs, the installation package version information task may be a task directly sent to the execution main body by a user, and when the execution main body on which the vulnerability scanning direction runs receives the installation package version information task, the information of all software installed thereon is scanned, and the software installation package information of all software is determined.
The installation package version information task may include: the task name, the ID of the cloud host to be collected, the name of software on the cloud host, the version of the software on the cloud host and the like.
An execution subject (such as the terminals 101 and 102 shown in fig. 1) on which the vulnerability scanning method operates may obtain a cloud vulnerability scanning task in various ways, for example, obtain an installation package version information task directly sent by the user 110 in real time; if so, acquiring an installation package version information task prestored in the data server; for another example, for a cloud host cluster, an installation package version information task issued by a task scheduling center in the cloud host cluster can be received in real time. The frequency of the installation package version information task issued by the task scheduling center can be controlled by a user.
In this embodiment, after the execution main body on which the vulnerability scanning direction runs receives the installation package version information task in step 301, the installation package information of the software installed on the system is collected.
Optionally, an execution main body on which the vulnerability scanning method operates in this embodiment may be any one of at least one cloud host, a user may temporarily store the installation package version information task in redis, and a task scheduling center of the server receives the cloud host installation package version information task in redis and distributes the task to each cloud host.
The redis is a data structure server for key-value memory storage, compensates the deficiency of key value storage such as memory caching, and can play a good supplementary role in a relational database in some occasions.
And the cloud host receives the installation package version information task, executes the relevant function of collecting the installation package version information, processes the installation package version information on the cloud host and finally stores the installation package version information in the distributed data storage.
In this embodiment, the server may determine the cloud host having the holes and the vulnerability information of the cloud host by using the vulnerability scanning method shown in fig. 2 based on the software installation package information collected from the distributed data storage.
In this embodiment, the distributed data storage may be a storage cluster composed of a plurality of data storages, where each data storage may correspond to one cloud host, or may correspond to a plurality of cloud hosts. The distributed data storage is used for storing data, and the data is divided into a plurality of nodes for storage, so that the data is easy to query and highly concurrent.
The vulnerability scanning system provided by the embodiment of the disclosure comprises: the system comprises a server, a data memory and at least one cloud host, wherein each cloud host uploads respective software installation package information to the data memory so that the server collects the software installation package information from the data memory, the collected software installation package information is matched with the version information of the pre-processed installation package of the vulnerability library, vulnerability information of the cloud host with the vulnerability and vulnerability information of the cloud host are determined, vulnerability scanning is not needed to be carried out at the cloud host, and only version matching is carried out at the server, so that the vulnerability information of the cloud host can be determined, and vulnerability scanning efficiency is improved.
With further reference to fig. 4, as an implementation of the method shown in the above figures, the present disclosure provides an embodiment of a vulnerability scanning apparatus, where the apparatus embodiment corresponds to the method embodiment shown in fig. 2, and the apparatus may be specifically applied to various electronic devices.
As shown in fig. 4, an embodiment of the present disclosure provides a vulnerability scanning apparatus 400, where the apparatus 400 includes: a receiving unit 401, an acquisition unit 402, a matching unit 403, and a determination unit 404. Wherein, the receiving unit 401 may be configured to receive a cloud vulnerability scanning task. The acquisition unit 402 may be configured to acquire software installation package information on at least one cloud host based on the cloud vulnerability scanning task. The matching unit 403 may be configured to match the version information of the vulnerability library preprocessing installation package with the software installation package information, where the version information of the vulnerability library preprocessing installation package is version information of software corresponding to different vulnerabilities in the vulnerability library. The determining unit 404 may be configured to determine a cloud host having a leak and vulnerability information of the cloud host based on a matching result of the vulnerability library preprocessing installation package version information and the software installation package information.
In this embodiment, in the vulnerability scanning apparatus 400, the specific processing of the receiving unit 401, the collecting unit 402, the matching unit 403, and the determining unit 404 and the technical effects thereof may refer to step 201, step 202, step 203, and step 204 in the corresponding embodiment of fig. 2, respectively.
In some embodiments, the software installation package information is collected from a distributed data storage, and the vulnerability scanning apparatus 500 further includes: a storage unit (not shown in the figure). The storage unit may be configured to store the identifier of the cloud host and the vulnerability information of the cloud host into the distributed data storage.
In some embodiments, the vulnerability scanning apparatus 500 further includes: a processing unit (not shown in the figure). The processing unit may be configured to process vulnerability information in a preset vulnerability library to obtain vulnerability library preprocessing installation package version information.
In some embodiments, the processing unit comprises: a obtaining module (not shown in the figure) and a dividing module (not shown in the figure). The obtaining module can be configured to preprocess vulnerability information in a preset vulnerability database to obtain vulnerability information corresponding to different software. The division module can be configured to divide versions of installation packages of vulnerability information corresponding to different software to obtain version information of preprocessed installation packages of the vulnerability library.
In some embodiments, the dividing module includes: dividing sub-modules (not shown in the figure), and arranging sub-modules (not shown in the figure). The partitioning submodule can be configured to partition vulnerability information corresponding to different software according to a preset operating system type, an operating system version, a software installation package name and a software installation package version. The arrangement submodule can be configured to arrange the operating system type, the operating system version, the software installation package name and the software installation package version in sequence in one-to-one correspondence with the corresponding vulnerability information to obtain the vulnerability library preprocessing installation package version information.
In some embodiments, the software installation package information includes: the os version, the software package name, and the software package version, the matching unit 403 includes: a determining module (not shown), a matching module (not shown), a comparing module (not shown), and an outputting module (not shown). The determining module can be configured to determine that the version information of the vulnerability library preprocessing installation package contains the software with the same version as the version of the operating system. A matching module may be configured to match the determined software installation package name of the software with the software package name. The comparison module can be configured to determine that the cloud host with the software package name and the software package version is a leaky cloud host in response to the software installation package name being successfully matched with the software package name and the software package version being less than or equal to the software installation package version corresponding to the software installation package name. The output module can be configured to determine vulnerability information of the cloud host with the vulnerability in the vulnerability library preprocessing installation package version information.
In the vulnerability scanning device provided by the embodiment of the disclosure, firstly, a receiving unit 401 receives a cloud vulnerability scanning task; secondly, the acquisition unit 402 acquires software installation package information on at least one cloud host based on the cloud vulnerability scanning task; thirdly, the matching unit 403 matches the version information of the pre-processing installation package of the vulnerability library with the version information of the software installation package, wherein the version information of the pre-processing installation package of the vulnerability library is the version information of the software corresponding to different vulnerabilities in the vulnerability library; finally, the determining unit 404 determines the cloud host with the holes and the hole information of the cloud host based on the matching result of the version information of the preprocessed installation package of the hole library and the software installation package information. Therefore, the cloud host with the holes is determined by collecting the software installation package information of the cloud host, and the cloud host does not need to be subjected to hole scanning at the equipment end of the cloud host, so that the hole scanning efficiency is improved, and the hole scanning accuracy is ensured.
With further reference to fig. 5, as an implementation of the method shown in fig. 5, the present application provides an embodiment of a vulnerability scanning system, where the embodiment of the system corresponds to the embodiment of the method shown in fig. 3, and the apparatus is specifically applicable to various electronic devices.
As shown in fig. 5, the vulnerability scanning system 500 provided by the present embodiment includes: a server 501, a distributed data storage 502, and at least one cloud host 503. The at least one cloud host 503 is configured to receive the installation package version information task, and collect and send software installation package information to the distributed data storage 502 based on the installation package version information task.
The server determines a cloud host with a leak and vulnerability information of the cloud host by executing the vulnerability scanning method according to the embodiment based on the software installation package information collected from the distributed data storage 502.
In this embodiment, in the vulnerability scanning system 500: the specific processing steps of the cloud host 503 and the technical effects thereof can refer to the related descriptions of step 301, step 302, and step 303 in the corresponding embodiment of fig. 3, which are not described herein again. The specific processing steps of the server 501 and the technical effects thereof can refer to the related descriptions of step 201, step 202, step 203, and step 204 in the corresponding embodiment of fig. 2, which are not repeated herein.
The vulnerability scanning system provided by the embodiment comprises: the system comprises a server 501, a data memory 502 and at least one cloud host 503, wherein each cloud host 503 uploads respective software installation package information to the data memory 502, so that the server 501 collects the software installation package information from the data memory 502, the collected software installation package information is matched with the version information of the pre-processed installation package of the vulnerability library, vulnerability information of the cloud host with the vulnerability and vulnerability information of the cloud host are determined, vulnerability scanning at the cloud host is not needed, and vulnerability information of the cloud host can be determined only by performing version matching at the server, and vulnerability scanning efficiency is improved.
Referring now to FIG. 6, shown is a schematic diagram of an electronic device 600 suitable for use in implementing embodiments of the present disclosure.
As shown in fig. 6, electronic device 600 may include a processing means (e.g., central processing unit, graphics processor, etc.) 601 that may perform various appropriate actions and processes in accordance with a program stored in a Read Only Memory (ROM)602 or a program loaded from a storage means 608 into a Random Access Memory (RAM) 603. In the RAM603, various programs and data necessary for the operation of the electronic apparatus 600 are also stored. The processing device 601, the ROM 602, and the RAM603 are connected to each other via a bus 604. An input/output (I/O) interface 605 is also connected to bus 604.
Generally, the following devices may be connected to the I/O interface 605: an input device 606 including, for example, a touch screen, touch pad, keyboard, mouse, etc.; an output device 607 including, for example, a Liquid Crystal Display (LCD), a speaker, a vibrator, and the like; storage 608 including, for example, tape, hard disk, etc.; and a communication device 609. The communication means 609 may allow the electronic device 600 to communicate with other devices wirelessly or by wire to exchange data. While fig. 6 illustrates an electronic device 600 having various means, it is to be understood that not all illustrated means are required to be implemented or provided. More or fewer devices may alternatively be implemented or provided. Each block shown in fig. 6 may represent one device or may represent multiple devices as desired.
In particular, according to an embodiment of the present disclosure, the processes described above with reference to the flowcharts may be implemented as computer software programs. For example, embodiments of the present disclosure include a computer program product comprising a computer program embodied on a computer readable medium, the computer program comprising program code for performing the method illustrated in the flow chart. In such an embodiment, the computer program may be downloaded and installed from a network via the communication means 609, or may be installed from the storage means 608, or may be installed from the ROM 602. The computer program, when executed by the processing device 601, performs the above-described functions defined in the methods of embodiments of the present disclosure.
It should be noted that the computer readable medium of the embodiments of the present disclosure may be a computer readable signal medium or a computer readable storage medium or any combination of the two. A computer readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination of the foregoing. More specific examples of the computer readable storage medium may include, but are not limited to: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In embodiments of the disclosure, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. In embodiments of the present disclosure, however, a computer readable signal medium may comprise a propagated data signal with computer readable program code embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated data signal may take many forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A computer readable signal medium may also be any computer readable medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device. Program code embodied on a computer readable medium may be transmitted using any appropriate medium, including but not limited to: electrical wires, optical cables, RF (Radio Frequency), etc., or any suitable combination of the foregoing.
The computer readable medium may be embodied in the server; or may exist separately and not be assembled into the server. The computer readable medium carries one or more programs which, when executed by the server, cause the server to: receiving a cloud vulnerability scanning task; acquiring software installation package information on at least one cloud host based on a cloud vulnerability scanning task; matching the version information of the preprocessing installation package of the vulnerability library with the version information of the software installation package, wherein the version information of the preprocessing installation package of the vulnerability library is the version information of the software corresponding to different vulnerabilities in the vulnerability library; and determining the cloud host with the holes and the hole information of the cloud host based on the matching result of the version information of the preprocessed installation package and the software installation package information of the hole library.
Computer program code for carrying out operations for embodiments of the present disclosure may be written in any combination of one or more programming languages, including an object oriented programming language such as Java, Smalltalk, C + +, and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The program code may execute entirely on the user's computer, partly on the user's computer, as a stand-alone software package, partly on the user's computer and partly on a remote computer or entirely on the remote computer or server. In the case of a remote computer, the remote computer may be connected to the user's computer through any type of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or the connection may be made to an external computer (for example, through the Internet using an Internet service provider).
The flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present disclosure. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
The units described in the embodiments of the present disclosure may be implemented by software or hardware. The described units may also be provided in a processor, and may be described as: a processor comprises a receiving unit, an acquisition unit, a matching unit and a determination unit. Where the names of these units do not in some cases constitute a limitation on the unit itself, for example, a receiving unit may also be described as a unit "configured to receive a cloud vulnerability scanning task".
The foregoing description is only exemplary of the preferred embodiments of the disclosure and is illustrative of the principles of the technology employed. It will be appreciated by those skilled in the art that the scope of the invention in the embodiments of the present disclosure is not limited to the specific combination of the above-mentioned features, but also encompasses other embodiments in which any combination of the above-mentioned features or their equivalents is made without departing from the inventive concept as defined above. For example, the above features and (but not limited to) technical features with similar functions disclosed in the embodiments of the present disclosure are mutually replaced to form the technical solution.
Claims (13)
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110926107.9A CN113569256A (en) | 2021-08-12 | 2021-08-12 | Vulnerability scanning method and apparatus, system, electronic device, computer readable medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110926107.9A CN113569256A (en) | 2021-08-12 | 2021-08-12 | Vulnerability scanning method and apparatus, system, electronic device, computer readable medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN113569256A true CN113569256A (en) | 2021-10-29 |
Family
ID=78171371
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110926107.9A Pending CN113569256A (en) | 2021-08-12 | 2021-08-12 | Vulnerability scanning method and apparatus, system, electronic device, computer readable medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113569256A (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114154170A (en) * | 2021-12-09 | 2022-03-08 | 中科计算技术西部研究院 | General Vulnerability Scanning System and Method Based on Redis Cache |
| CN114579974A (en) * | 2022-01-17 | 2022-06-03 | 北京中科微澜科技有限公司 | Vulnerability repairing method and system based on current user task |
| CN114884699A (en) * | 2022-04-13 | 2022-08-09 | 中国银行股份有限公司 | Vulnerability detection method, device, equipment and storage medium |
Citations (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20070168495A1 (en) * | 2005-01-11 | 2007-07-19 | Rothstein Richard S | Systems and methods for network data storage |
| KR101309657B1 (en) * | 2013-03-13 | 2013-09-17 | 엘에스웨어(주) | Host based vulnerability analysis system and method in cloud computing environment |
| CN103473505A (en) * | 2012-06-06 | 2013-12-25 | 腾讯科技(深圳)有限公司 | Scanning prompt method and device for software vulnerabilities |
| US8839234B1 (en) * | 2012-12-25 | 2014-09-16 | Kaspersky Lab Zao | System and method for automated configuration of software installation package |
| CN104537309A (en) * | 2015-01-23 | 2015-04-22 | 北京奇虎科技有限公司 | Application program bug detection method, application program bug detection device and server |
| US20160366233A1 (en) * | 2015-06-10 | 2016-12-15 | Platform9, Inc. | Private Cloud as a service |
| CN106897622A (en) * | 2015-12-21 | 2017-06-27 | 北京奇虎科技有限公司 | The method and apparatus of checking application leak |
| CN107395593A (en) * | 2017-07-19 | 2017-11-24 | 深信服科技股份有限公司 | A kind of leak automation means of defence, fire wall and storage medium |
| CN108989299A (en) * | 2018-07-03 | 2018-12-11 | 杭州安恒信息技术股份有限公司 | A kind of monitoring method and system of internet of things equipment loophole |
| CN110210228A (en) * | 2019-04-26 | 2019-09-06 | 国家电网有限公司 | A kind of host equipment vulnerability scanning method and system |
| US10579803B1 (en) * | 2016-11-17 | 2020-03-03 | Jpmorgan Chase Bank, N.A. | System and method for management of application vulnerabilities |
| US10762214B1 (en) * | 2018-11-05 | 2020-09-01 | Harbor Labs Llc | System and method for extracting information from binary files for vulnerability database queries |
-
2021
- 2021-08-12 CN CN202110926107.9A patent/CN113569256A/en active Pending
Patent Citations (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20070168495A1 (en) * | 2005-01-11 | 2007-07-19 | Rothstein Richard S | Systems and methods for network data storage |
| CN103473505A (en) * | 2012-06-06 | 2013-12-25 | 腾讯科技(深圳)有限公司 | Scanning prompt method and device for software vulnerabilities |
| US8839234B1 (en) * | 2012-12-25 | 2014-09-16 | Kaspersky Lab Zao | System and method for automated configuration of software installation package |
| KR101309657B1 (en) * | 2013-03-13 | 2013-09-17 | 엘에스웨어(주) | Host based vulnerability analysis system and method in cloud computing environment |
| CN104537309A (en) * | 2015-01-23 | 2015-04-22 | 北京奇虎科技有限公司 | Application program bug detection method, application program bug detection device and server |
| US20160366233A1 (en) * | 2015-06-10 | 2016-12-15 | Platform9, Inc. | Private Cloud as a service |
| CN106897622A (en) * | 2015-12-21 | 2017-06-27 | 北京奇虎科技有限公司 | The method and apparatus of checking application leak |
| US10579803B1 (en) * | 2016-11-17 | 2020-03-03 | Jpmorgan Chase Bank, N.A. | System and method for management of application vulnerabilities |
| CN107395593A (en) * | 2017-07-19 | 2017-11-24 | 深信服科技股份有限公司 | A kind of leak automation means of defence, fire wall and storage medium |
| CN108989299A (en) * | 2018-07-03 | 2018-12-11 | 杭州安恒信息技术股份有限公司 | A kind of monitoring method and system of internet of things equipment loophole |
| US10762214B1 (en) * | 2018-11-05 | 2020-09-01 | Harbor Labs Llc | System and method for extracting information from binary files for vulnerability database queries |
| CN110210228A (en) * | 2019-04-26 | 2019-09-06 | 国家电网有限公司 | A kind of host equipment vulnerability scanning method and system |
Non-Patent Citations (2)
| Title |
|---|
| 吴乃星 等: "《基于移动通信大数据的城市计算》", 31 January 2020, 华中科技大学出版社, pages: 33 * |
| 吴晓平 等: "《信息安全风险评估教程》", 31 July 2011, 武汉大学出版社, pages: 86 * |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114154170A (en) * | 2021-12-09 | 2022-03-08 | 中科计算技术西部研究院 | General Vulnerability Scanning System and Method Based on Redis Cache |
| CN114579974A (en) * | 2022-01-17 | 2022-06-03 | 北京中科微澜科技有限公司 | Vulnerability repairing method and system based on current user task |
| CN114884699A (en) * | 2022-04-13 | 2022-08-09 | 中国银行股份有限公司 | Vulnerability detection method, device, equipment and storage medium |
| CN114884699B (en) * | 2022-04-13 | 2024-03-19 | 中国银行股份有限公司 | Vulnerability detection method, device, equipment and storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN107330522A (en) | Method, apparatus and system for updating deep learning model | |
| US12216629B2 (en) | Data processing method and apparatus, computerreadable medium, and electronic device | |
| CN108829518B (en) | Method and device for pushing information | |
| CN113569256A (en) | Vulnerability scanning method and apparatus, system, electronic device, computer readable medium | |
| US11934287B2 (en) | Method, electronic device and computer program product for processing data | |
| CN110851471B (en) | Distributed log data processing method, device and system | |
| CN112825525B (en) | Method and apparatus for processing transactions | |
| CN109672722B (en) | Data deployment method and device, computer storage medium and electronic equipment | |
| CN110868324A (en) | Service configuration method, device, equipment and storage medium | |
| CN115167822A (en) | Branch code merging method, device, equipment and storage medium | |
| CN115328627A (en) | Data processing method and device | |
| CN111680799A (en) | Method and apparatus for processing model parameters | |
| CN111125503B (en) | Method and apparatus for generating information | |
| CN109218338B (en) | Information processing system, method and device | |
| CN111324470A (en) | Method and apparatus for generating information | |
| CN112084114B (en) | Method and apparatus for testing interfaces | |
| CN110069691B (en) | Method and device for processing click behavior data | |
| CN111382058B (en) | Service testing method and device, server and storage medium | |
| CN108683531B (en) | Method and apparatus for handling log information | |
| CN114443126B (en) | Multi-version image processing method, device and electronic device | |
| CN113792201B (en) | Method and device for pushing information | |
| CN111382057A (en) | Test case generation method, test method and device, server and storage medium | |
| CN111930761B (en) | Information interaction method and device and model-view-renderer architecture | |
| CN111400623B (en) | Method and device for searching information | |
| CN113918525A (en) | Data exchange scheduling method, system, electronic device, medium and program product |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20211029 |
|
| RJ01 | Rejection of invention patent application after publication |