Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

System vulnerability assessment method, device and system based on open vulnerability assessment language

A technology for evaluating devices and vulnerabilities, applied in the field of network security, can solve problems such as long update cycle, poor real-time performance, confusion, etc., and achieve the effect of realizing security situation, improving security and ensuring real-time performance

Active Publication Date: 2017-11-07
CHINA STANDARD SOFTWARE
View PDF3 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0007] However, the vulnerability information in the existing technical knowledge base is not real-time, and the update cycle is long, and the vulnerability information is defined by the knowledge base itself, which is too chaotic to realize the sharing of community vulnerability information, resulting in low accuracy of vulnerability assessment, which cannot meet the requirements of the system. Frequent updates and high real-time vulnerability assessment requirements

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • System vulnerability assessment method, device and system based on open vulnerability assessment language
  • System vulnerability assessment method, device and system based on open vulnerability assessment language
  • System vulnerability assessment method, device and system based on open vulnerability assessment language

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0030] figure 2 It is an architecture diagram of a system vulnerability assessment system based on an open vulnerability assessment language according to an embodiment of the present invention. The operating system vulnerability assessment system may generally include: a system vulnerability assessment device 100 based on an open vulnerability assessment language and a vulnerability verification client 200, and performs vulnerability analysis on a device 300 to be checked installed with an operating system to be assessed.

[0031] An open community vulnerability knowledge base that provides the latest security information is stored in the system vulnerability assessment device 100 based on the open vulnerability assessment language, and a program update listener is used to check the update components of the vulnerability knowledge base and the internal version database. When there is new vulnerability information Or when there is a new version, capture the vulnerability infor...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides an open vulnerability assessment language based system vulnerability assessment method, device and system. The open vulnerability assessment language based system vulnerability assessment method comprises collecting the vulnerability information and the version information of an operating system updated in a vulnerability knowledge base; updating a configuration database of the operating system according to open vulnerability assessment language rules and the vulnerability information and the version updating information; performing vulnerability scanning on a device to be detected and with the operating system through the configuration database and saving a vulnerability scanning result. According to the open vulnerability assessment language based system vulnerability assessment method, device and system, the latest vulnerability information and system version information can be timely collected and accordingly the real-time performance of the utilized knowledge base in the vulnerability assessment is ensured, the harm of vulnerabilities can be timely analyzed, the safety of the device is improved, and the standardization and the normalization of the vulnerability description, the vulnerability monitoring process and the vulnerability assessment are implemented through the inherent vulnerability description language of the OVAL (Open Vulnerability Assessment Language).

Description

technical field [0001] The invention relates to the field of network security, in particular to a system vulnerability assessment method, device and system based on an open vulnerability assessment language. Background technique [0002] System vulnerabilities refer to flaws in the logical design of operating system software or errors in writing. These flaws or errors can be exploited by criminals or computer hackers to attack or control the operation of the above operations by implanting Trojan horses, viruses, etc. system equipment, bringing information security risks to users. [0003] Android system (Android) is a semi-open source operating system based on Linux. Due to its open source and free features, it is more and more widely used. On the other hand, it has also become the target of many malicious attacks. Although Android itself has its own security mechanisms such as permission management, application signatures, and sandboxes, there are still various problems an...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): G06F21/57
CPCG06F21/577G06F2221/034
Inventor 郭荣春刘思华李子延黄仕伟吕雪澄于蓉
Owner CHINA STANDARD SOFTWARE
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products