Vulnerability disclosure system and method aiming at network protocol
A vulnerability mining and network protocol technology, applied in transmission systems, electrical components, etc., can solve the problems of inability to capture network communication data, inability to automate vulnerability mining of unknown network protocols, inability to apply a wide range of network protocol applications, etc., to improve efficiency. Effect
Active Publication Date: 2014-01-29
NSFOCUS INFORMATION TECHNOLOGY CO LTD +1
View PDF3 Cites 0 Cited by
- Summary
- Abstract
- Description
- Claims
- Application Information
AI Technical Summary
Problems solved by technology
However, using TCP and UDP port forwarding technology cannot capture the network communication data of applications communicating with fixed IP addresses, so it cannot be applied to a wide range of network protocol applications
[0008] Therefore, it can be seen that the existing network protocol vulnerability mining technology cannot perform fast and automatic vulnerability mining on unknown network protocols, and there is a need in this field for a fully automated vulnerability mining that can be performed without analyzing unknown network protocols, and Vulnerability mining technology suitable for most network applications
Method used
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View moreImage
Smart Image Click on the blue labels to locate them in the text.
Smart ImageViewing Examples
Examples
Experimental program
Comparison scheme
Effect test
Embodiment Construction
[0025] The present invention will be further described below in conjunction with the accompanying drawings and specific embodiments.
[0026] figure 1 A block diagram of a vulnerability mining system 100 for network protocols according to an embodiment of the present invention is schematically shown. Such as figure 1As shown, the vulnerability mining system 100 includes a client 112 and a server 132 that communicate through a network protocol for vulnerability mining. According to the characteristics of network protocols, devices using network protocols for communication can be logically divided into clients and servers, and even P2P protocols can be divided according to this logic. Generally speaking, the client 112 first initiates a communication request to the server 132 , and then the server 132 returns communication data to the client 112 in response to the request of the client 112 .
[0027] The vulnerability mining system 100 also includes a middleman controller 1...
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More PUM
Login to View More Abstract
The invention discloses a vulnerability disclosure system aiming at the network protocol, which comprises a client, a service end, an intermediator controller, a client controller and / or a service end controller, wherein the client and the service end are used for communication according to the network protocol, the intermediator controller is used for monitoring the communication between the client and the service end and capturing and modifying communication data to carry out vulnerability disclosure on the client or the service end, the client controller is used for controlling the client and monitoring the operation state of the client, and the service end controller is used for controlling the service end and monitoring the operation state of the service end, wherein when the abnormal operation state of the client is caused by that the client processes the communication data modified by the intermediator controller, the client end is restarted, and when the abnormal operation state of the service end is caused by that the service end processes the communication data modified by the intermediator controller, the service end is restarted. The invention also discloses a vulnerability disclosure method suitable for operating in the vulnerability disclosure system.
Description
technical field [0001] The invention relates to the field of computer network security, in particular to a loophole mining system and method for mining loopholes in network protocols. Background technique [0002] Vulnerability mining technology for network protocols is a basic technology in the field of computer network security. Vulnerability mining for network protocols usually refers to vulnerability mining for applications used to parse and process network protocols. At present, fuzzing (Fuzzing) testing technology is mainly used for vulnerability mining. Specifically, the fuzz test constructs a large amount of malformed input data and inputs the constructed malformed input data into the application as the test target to detect whether the test target can correctly process the malformed input data, thereby triggering and discovering the An unknown vulnerability exists. [0003] At present, the vulnerability mining technology based on fuzz testing technology mainly ha...
Claims
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More Application Information
Patent Timeline
Login to View More Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06
Inventor 刘业欣
Owner NSFOCUS INFORMATION TECHNOLOGY CO LTD