System bug attack detection method and apparatus

The technology of a detection method and a detection device, which is applied in the field of vulnerability detection, can solve the problems of low detection accuracy of privilege escalation vulnerability attacks, achieve accurate detection of system vulnerability attack events, and solve the effects of low detection accuracy and accurate detection

Active Publication Date: 2016-01-06
TENCENT TECH (SHENZHEN) CO LTD
View PDF4 Cites 11 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0007] Embodiments of the present invention provide a method and device for detecting system vulnerability attacks, so as to at least solve the problem of low detection accuracy in detecting privilege escalation vulnerability attacks

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • System bug attack detection method and apparatus
  • System bug attack detection method and apparatus
  • System bug attack detection method and apparatus

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0022] According to an embodiment of the present invention, an embodiment of a method for detecting a system vulnerability attack is provided. It should be noted that the steps shown in the flow chart of the accompanying drawings can be executed in a computer system such as a set of computer-executable instructions, Also, although a logical order is shown in the flowcharts, in some cases the steps shown or described may be performed in an order different from that shown or described herein.

[0023] According to an embodiment of the present invention, a method for detecting a system vulnerability attack is provided, such as figure 1 As shown, the detection method can be realized through the following steps:

[0024] Step S102: Obtain the operation information of the operations currently performed in the system by accounts with non-system highest authority.

[0025] Step S104: Determine whether the operation indicated by the operation information is to modify the authority of ...

Embodiment 2

[0098] According to the embodiment of the present invention, there is also provided a detection device for implementing the system vulnerability attack of the above embodiment, which can be realized by the testing method involved in the embodiment, and the implementation process of the present application will be described in detail below.

[0099] Figure 5 is a schematic diagram of a system vulnerability attack detection device according to an embodiment of the present invention. Such as Figure 5 As shown, the detection device may include: a first acquiring module 21 , a first judging module 23 and a first determining module 25 .

[0100] Wherein, the first obtaining module is used to obtain the operation information of the operation currently performed by the account with non-system highest authority in the system.

[0101] The first judging module is used for judging whether the operation indicated by the operation information is to modify the authority of the account f...

Embodiment 3

[0129] The embodiment of the present invention also provides a terminal. Optionally, in this embodiment, the above-mentioned terminal may execute the method for detecting a system vulnerability attack, and the device for detecting a system vulnerability attack in the above-mentioned embodiment may be set on the terminal.

[0130] Figure 7 is a structural block diagram of a terminal according to an embodiment of the present invention. Such as Figure 7 As shown, the terminal 30 may include: one or more (only one is shown in the figure) processors 31 , a memory 33 , and a transmission device 35 .

[0131] Wherein, the memory 33 can be used to store software programs and modules, such as the program instructions / modules corresponding to the security hole detection method and device in the embodiment of the present invention, and the processor 31 runs the software programs and modules stored in the memory 33 to execute Various functional applications and data processing, that ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a system bug attack detection method and apparatus. The system bug attack detection method is provided according to one aspect of embodiments of the invention. The system bug attack detection method comprises: obtaining operation information of an operation currently performed by an account with a non highest system privilege in a system; and determining whether the operation indicated by the operation information is used for modifying a privilege of the account to a highest system privilege from the non highest system privilege or not, and if the operation indicated by the operation information is used for modifying the privilege of the account to the highest system privilege from the non highest system privilege, determining that a bug attack event exists in the system. With the adoption of the method and the apparatus, the problem of low detection accuracy of detecting a privilege escalation bug attack in the prior art is solved and the effect of detecting the system bug attack event timely and accurately is achieved.

Description

technical field [0001] The invention relates to the field of vulnerability detection, in particular to a method and device for detecting system vulnerability attacks. Background technique [0002] The privilege escalation vulnerability allows hackers to obtain the highest authority of the system when invading the system, thereby gaining control over the server. Hackers can easily break through commonly used driver firewalls by using this privilege escalation vulnerability, and bypass most active defense software, directly threatening the information security of computer users. [0003] To put it simply, a privilege escalation vulnerability means that a user with very low privileges and many restrictions is elevated to the supreme privilege in the system (such as administrator privileges). Permission control is the cornerstone of system security and the cornerstone of all security software. Once this threshold is breached, any defensive measures are ineffective. Privilege e...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/56G06F21/57
Inventor 江虎甘祥刘宁肖矜
Owner TENCENT TECH (SHENZHEN) CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap