Unlock instant, AI-driven research and patent intelligence for your innovation.

Detecting method and device of loophole triggering threats in PDF

A detection device and vulnerability technology, applied in the field of information security, can solve the problems of untimely updates, false positives and false negatives, and reduced detection efficiency, and achieve the effects of improving efficiency, avoiding false positives and false negatives, and improving accuracy.

Active Publication Date: 2015-03-25
三六零数字安全科技集团有限公司
View PDF1 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

At present, the commonly used detection method is to achieve the purpose of detection by analyzing the source code according to certain rules. Therefore, this method needs to establish a feature library and a rule library of the source code. However, as the number of vulnerabilities increases, the feature library will also continue to expand. The detection efficiency is continuously reduced. At the same time, because the content of the signature database needs to be continuously updated, false positives and missed negatives often occur due to untimely updates.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Detecting method and device of loophole triggering threats in PDF
  • Detecting method and device of loophole triggering threats in PDF
  • Detecting method and device of loophole triggering threats in PDF

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0024] Exemplary embodiments of the present invention will be described in more detail below with reference to the accompanying drawings. Although exemplary embodiments of the present invention are shown in the drawings, it should be understood that the invention may be embodied in various forms and should not be limited to the embodiments set forth herein. Rather, these embodiments are provided for more thorough understanding of the present invention and to fully convey the scope of the present invention to those skilled in the art.

[0025] An embodiment of the present invention provides a detection method for triggering vulnerability threats in PDF, such as figure 1 As shown, the method includes:

[0026] 101. Parse the PDF file and identify a dictionary object whose entry is the first characteristic value.

[0027] Portable Document Format (PDF), a structured document format, was first proposed by Adobe, an American typesetting and image processing software company, in 1...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a detecting method and device of loophole triggering threats in PDF and relates to the field of information safety. By analysis and detection on PDF files, the threats by which loopholes are possibly triggered are found in time, and alarm reminding is carried out on the files. According to the main technical scheme, a dictionary object with a PDF file identification entry as a first feature value is analyzed; the dictionary object is analyzed, and whether a second feature value exists in the dictionary object is checked; if yes, whether a stack-based buffer overflows is determined according to the second feature value; and if yes, warning information is given out, and a user is warned about the fact that the loophole triggering threats exist in the PDF files. The detecting method and device are mainly used for detecting loopholes in PDF.

Description

technical field [0001] The invention relates to the field of information security, in particular to a detection method and device for triggering vulnerability threats in PDF. Background technique [0002] With the development of information technology and the powerful software functions, the resulting huge amount of source code makes it more and more difficult to eliminate the design loopholes in the source code or implement loopholes, so that hackers can use the loopholes to damage the system or even Hack the system. [0003] Vulnerabilities are weaknesses or defects that exist in a system, and these weaknesses or defects make the system sensitive to a specific threat attack or dangerous event, or have the possibility of attack threat. Vulnerabilities are generally divided into functional logic loopholes and security logic loopholes. Functional logic loopholes affect the normal functions of the software, such as execution result errors, execution process errors, etc., whil...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/56G06F21/57
CPCG06F21/577
Inventor 邢超陈卓杨康唐海
Owner 三六零数字安全科技集团有限公司