Unlock instant, AI-driven research and patent intelligence for your innovation.

Method and system for carrying out accurate risk detection in application security system

A technology for risk detection and application security, applied in transmission systems, digital transmission systems, electrical components, etc., can solve problems such as lack of manpower, and achieve the effect of accurate risk detection

Active Publication Date: 2014-12-31
HANGZHOU ANHENG INFORMATION TECH CO LTD
View PDF4 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Due to various attacks and abnormal access, these application security devices will generate a large number of security incidents. How to find out the real threats from these security incidents, organizations generally do not have manpower to deal with them one by one and find out the real threats

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and system for carrying out accurate risk detection in application security system
  • Method and system for carrying out accurate risk detection in application security system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0024] First of all, it should be explained that the present invention relates to database technology, which is an application of computer technology in the field of information security technology. During the implementation of the present invention, the application of multiple software function modules will be involved. The applicant believes that, after carefully reading the application documents and accurately understanding the realization principle and purpose of the present invention, combined with existing known technologies, those skilled in the art can fully implement the present invention by using their software programming skills. The aforementioned software functional modules include but are not limited to: application security devices, collectors, risk detection engines, threat identification modules and target identification modules in risk detection engines, threat standardization processing modules, risk detection modules, vulnerability exposure retrieval process...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to the technology of application security management of computers and aims at providing a method and system for carrying out accurate risk detection in an application security system. The method comprises the following steps of: distinguishing threat characteristics from events, carrying out threat standardization processing according to the threat characteristics, and obtaining a weakness list used by threats by retrieving; distinguishing event application targets from the events, and obtaining a weakness list exposed by the event application targets by retrieving; and comparing a vulnerability list used by the threats with a vulnerability list exposed by the targets, and judging whether the events are security risks according to the condition that whether identical items or relevant items exist in the two vulnerability lists. The method can be used for carrying out more accurate risk detection; and when the weakness list used by the threats and the weakness list exposed by the application target only have the relevant items, the credibility estimation of the risk can be carried out.

Description

technical field [0001] The invention relates to the technical field of computer application security management, in particular to a method and system for risk detection in a computer application security system. technical background [0002] With the development of computer technology, various security issues have risen from the previous network and host level to the application level. More and more security problems occur in WEB applications and database applications, and cause more and more harm. [0003] In order to cope with these new security threats, various organizations and individuals are strengthening the protection level of application security, and various manufacturers have proposed detection and protection products and solutions for application security. Application security products include WEB application firewall, database audit, WEB application scanner, terminal security products, online behavior monitoring, etc. [0004] Depending on the application scal...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06H04L12/24
Inventor 范渊杨永清谈修竹
Owner HANGZHOU ANHENG INFORMATION TECH CO LTD