Loophole scanning method, device and system

A vulnerability scanning and vulnerability technology, which is applied in the field of system security, can solve problems such as long scanning time, unrecognizable verification codes, and insufficient transparency of mining, so as to improve the efficiency of vulnerability scanning, shorten the time of vulnerability scanning, and shorten the time of vulnerability scanning.

Active Publication Date: 2017-05-31
国网新疆电力有限公司信息通信公司 +1
View PDF5 Cites 10 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] Existing vulnerability scanning tools, such as awvs (network vulnerability scanner, short for Acunetix Web VulnerabilityScanner), appscan (penetration testing tool) present to people mostly a direct scanning, stand-alone scanning method, and at the same time for cookies (small Text file) webpage mining is not transparent enough, there are certain technical problems in the process of obtaining cookies, such as the inability to recognize complex verification codes
[0005] Aiming at the problem that the vulnerability scanning method in the prior art is a stand-alone scanning method and the scanning time is long, no effective solution has been proposed yet

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Loophole scanning method, device and system
  • Loophole scanning method, device and system
  • Loophole scanning method, device and system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0032] According to an embodiment of the present invention, an embodiment of a vulnerability scanning method is provided. It should be noted that the steps shown in the flowcharts of the accompanying drawings can be executed in a computer system such as a set of computer-executable instructions, and, although A logical order is shown in the flowcharts, but in some cases the steps shown or described may be performed in an order different from that shown or described herein.

[0033] figure 1 is a flow chart of a vulnerability scanning method according to an embodiment of the present invention, such as figure 1 As shown, the method includes the following steps:

[0034] Step S102, multiple vulnerability scanning nodes acquire multiple user requests, wherein each vulnerability scanning node acquires at least one user request, and the multiple user requests are requests generated by users accessing webpages.

[0035] Specifically, multiple vulnerability scanning nodes can be dep...

Embodiment 2

[0083] According to an embodiment of the present invention, an embodiment of a vulnerability scanning device is provided.

[0084] image 3 is a schematic diagram of a vulnerability scanning device according to an embodiment of the present invention, such as image 3 As shown, the device includes:

[0085] The acquiring module 31 is used for multiple vulnerability scanning nodes to acquire multiple user requests, wherein each vulnerability scanning node acquires at least one user request, and the multiple user requests are requests generated by users accessing webpages.

[0086] Specifically, multiple vulnerability scanning nodes can be deployed in a distributed manner, and the number of vulnerability scanning nodes can be set according to needs. For example, five vulnerability scanning nodes can be deployed, and each vulnerability scanning node has the ability to scan vulnerabilities. Vulnerability scanning can be performed automatically; the above-mentioned user request ca...

Embodiment 3

[0095] According to an embodiment of the present invention, an embodiment of a vulnerability scanning system is provided.

[0096] Figure 4 is a schematic diagram of a vulnerability scanning system according to an embodiment of the present invention, such as Figure 4 As shown, the system includes:

[0097] A plurality of vulnerability scanning nodes 41 are used to obtain multiple user requests, and perform vulnerability scanning on multiple user requests at the same time to obtain the scanning results of each user request, wherein each vulnerability scanning node obtains at least one user request, and multiple A user request is a request generated by a user accessing a webpage, and the scanning result includes: whether there is a vulnerability in the system corresponding to each user request and the type of the vulnerability.

[0098] Specifically, multiple vulnerability scanning nodes can be deployed in a distributed manner, and the number of vulnerability scanning nodes ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a loophole scanning method, device and system. The method comprises the following steps: obtaining a plurality of user requests by a plurality of loophole scanning nodes, wherein each loophole scanning node obtains at least one user request, and the plurality of user requests are generated by users when accessing web pages; performing loophole scanning on the plurality of user requests by the plurality of loophole scanning nodes at the same time to obtain a scanning result of each user request, wherein the scanning result comprises whether a system corresponding to each user request has a loophole and the type of the loophole; and sending the scanning result of each user request to a data collection server by the plurality of loophole scanning nodes, wherein the data collection server summarizes the scanning result of each user request to a loophole scanning result. By adoption of the loophole scanning method, device and system disclosed by the invention, the technical problem that the loophole scanning method in the prior art is a single scanning mode, resulting in a long scanning time, is solved.

Description

technical field [0001] The present invention relates to the field of system security, in particular to a vulnerability scanning method, device and system. Background technique [0002] While the computer system brings convenience to people, it also brings troubles to people. Due to the complexity of computer system categories, each component is developed by different manufacturers and different organizations. Each system needs to be fully considered in order to build a set without Any system with any problem, all computer systems introduce many security problems due to various incomplete considerations in the design and development process, we call these security problems vulnerabilities. [0003] In the computer world, the web pages that people can see are just the tip of the iceberg compared to the web pages that people cannot see. These web pages that people cannot see are called dark web. The reason why the dark web cannot be seen is roughly as follows. Specific cookies...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L29/08G06F21/57
CPCG06F21/577H04L63/1433H04L67/02
Inventor 孔振高阳李浩升杨恒翔王晓磊何伟李德高尹蕊
Owner 国网新疆电力有限公司信息通信公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap