Sequence pattern software security vulnerability-based detection method

A software security, sequential mode technology, applied in the field of information security, can solve the problems of single detection method, inability to balance detection speed and detection accuracy, and achieve the effect of ensuring detection accuracy, improving speed, and improving accuracy.

Inactive Publication Date: 2015-07-15
JIANGSU NANDASOFT TECHNOLOGY COMPANY LIMITED
View PDF3 Cites 7 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Existing software vulnerability detection methods generally have a single detection method, and the detection speed and detection accuracy cannot be balanced.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Sequence pattern software security vulnerability-based detection method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0021] A detection method based on sequence pattern software security loopholes is characterized in that comprising the following steps:

[0022] A. Store the known security vulnerability records in the database, classify the security vulnerability records in the database, and form several security vulnerability sequences;

[0023] B. Extract the feature vector of each security vulnerability sequence as the mark of each security vulnerability sequence;

[0024] C. Set up an online monitoring module and an offline scanning module in the software system. The online monitoring module compares the running program statement with the feature vector in step B, and the offline scanning module compares the source code of the software system with the security hole sequence in step A For comparison; while the online monitoring module compares the running program statements, it monitors the number of program statements running per unit time. When the number exceeds the set threshold, the ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a sequence pattern software security vulnerability-based detection method. The method comprises the following steps: A, storing known security vulnerability records in a database, and classifying the security vulnerability records in the database to form a plurality of security vulnerability sequences; B, extracting a characteristic vector of each security vulnerability sequence to serve as a mark of each security vulnerability sequence; C, comparing an operated program statement with the characteristic vectors in the step B by an on-line monitoring module, and comparing a source code of a software system with the security vulnerability sequences in the step A by an off-line scanning module; D, de-noising a security vulnerability comparison result obtained in the step C and then storing a comparison result of the identified security vulnerability in the security vulnerability sequence nearest to the security vulnerability, and outputting the comparison result of the non-identified security vulnerability through a human-computer interaction module. The defects of the prior art can be improved, and meanwhile the speed and accuracy of detection are improved.

Description

technical field [0001] The invention relates to the technical field of information security, in particular to a detection method for software security loopholes based on sequence patterns. Background technique [0002] With the development of computer technology, all kinds of software are more and more widely used in various fields of production and life. Since software is written with the idea of ​​first considering the functions it can realize, and then considering the functions it cannot realize, software loopholes are inevitable in practice. A software vulnerability is the passage from an area that can be implemented to an area that cannot be implemented. In order to improve the security of software, it is necessary to conduct a long-term detection of a piece of software to discover hidden security holes. Existing software vulnerability detection methods generally have the problem of a single detection method, and the detection speed and detection accuracy cannot be ba...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/56
Inventor 傅涛蔡圣闻石进潘健翔
Owner JIANGSU NANDASOFT TECHNOLOGY COMPANY LIMITED
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products