Leak detection method and device

A vulnerability detection and vulnerability technology, applied in the network field, can solve the problems of small scope of use and low accuracy of vulnerability detection results, and achieve the effects of improving completeness, improving detection accuracy, and expanding application scope.

Active Publication Date: 2011-02-02
深圳市安盾椒图科技有限公司
View PDF5 Cites 26 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0006] In view of this, the present invention provides a loophole detection method and device to solve the problems in the prior art that the accuracy of loophole detection results is low and the scope of use is small

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Leak detection method and device
  • Leak detection method and device
  • Leak detection method and device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0048] The following will clearly and completely describe the technical solutions in the embodiments of the present invention with reference to the accompanying drawings in the embodiments of the present invention. Obviously, the described embodiments are only some, not all, embodiments of the present invention. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without making creative efforts belong to the protection scope of the present invention.

[0049] The invention discloses a loophole detection method, which uses a virtual environment to detect whether the received data has a code shellcode that utilizes a specific loophole, and simulates the detected shellcode to see whether it has a preset memory rule in the running process. Matching memory operations to determine whether there is a vulnerability method, and its specific implementation is as follows:

[0050] The flow of a vulnerability detection ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses lead detection method and device. The method comprises the steps of: selecting input file data; detecting whether the file data has a shellcode or not; when the data has the shellcode, executing a command in the shellcode in a virtual CPU environment; when a memory is subjected to read and write operation in a process of executing the command in the shellcode, judging whether the read memory meets a preset memory rule or not; and when the read memory meets the memory rule, judging that a leak exists. Through adopting the method of detecting whether the received data has the shellcode using special leak under the virtual environment, and simulating the detected shellcode to judge whether the memory operation matched with the preset memory rule exists in the operation process or not so as to judge whether the leak exists, the integrity of the leak detection is improved, the detection accuracy is enhanced and the application range is further enlarged.

Description

technical field [0001] The invention relates to the field of network technology, in particular to a method and device for detecting a vulnerability. Background technique [0002] Existing detection and solutions for document vulnerabilities mainly use anti-virus software for scanning and killing. Usually, anti-virus software mainly uses the technology of virus sample feature comparison, and improves the coverage of the virus feature database by obtaining virus samples. Static The analysis technology matches virus files against virus signature rules. [0003] First of all, this solution has a certain lag, and samples must be obtained after the virus has spread widely. For small-scale spread, variants, and undisclosed vulnerabilities (0DAY), the conditions for rapid collection are not available, so that malicious documents with the above-mentioned vulnerabilities cannot be checked and killed. [0004] In addition, static analysis technology mainly relies on experienced analy...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/00G06F21/56
Inventor 李科
Owner 深圳市安盾椒图科技有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap