Vulnerability detection method, system, storage medium and electronic equipment of information system

A vulnerability detection and information system technology, applied in the Internet field, can solve problems such as time-consuming and labor-intensive, and the inability to locate risks in the first place, and achieve the effect of shortening emergency response time and improving resource utilization efficiency

Active Publication Date: 2020-05-05
携程旅游信息技术(上海)有限公司
View PDF4 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The most obvious defect of this approach is that external vulnerabilities are reported, and internal temporary full-network scans are required, which is time-consuming and labor-intensive, and it is necessary to wait for the policy update of the vulnerability scanner to locate risks in the first place.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Vulnerability detection method, system, storage medium and electronic equipment of information system
  • Vulnerability detection method, system, storage medium and electronic equipment of information system
  • Vulnerability detection method, system, storage medium and electronic equipment of information system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0023] Example embodiments will now be described more fully with reference to the accompanying drawings. Example embodiments may, however, be embodied in many forms and should not be construed as limited to the examples set forth herein; rather, these embodiments are provided so that this disclosure will be thorough and complete and fully convey the concept of example embodiments to those skilled in the art. The described features, structures, or characteristics may be combined in any suitable manner in one or more embodiments.

[0024] Furthermore, the drawings are merely schematic illustrations of the invention and are not necessarily drawn to scale. The same reference numerals in the drawings denote the same or similar parts, and thus repeated descriptions thereof will be omitted. Some of the block diagrams shown in the drawings are functional entities and do not necessarily correspond to physically or logically separate entities. These functional entities may be impleme...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a vulnerability detection method and system for an information system, a storage medium and electronic equipment. The method comprises the steps that all hosts in the information system and ports open in all the hosts are acquired; application programs corresponding to the ports open in all the hosts are acquired; all the hosts and all the application programs are used as information assets to establish an information asset library; the information asset library is traversed according to a key code of an external vulnerability, and information assets matched with the keycode are screened out to serve as a suspected risk library; an attempt attack code is sent to the information assets in the suspected risk library according to an attack code of the external vulnerability; whether execution results returned by all the information assets after the attempt attack code is executed are consistent with a pre-stored result is judged; and if yes, alarm information is sent to the hosts where the information assets are located. When a high-risk vulnerability is reported externally, by use of the vulnerability detection method and system, the position with a risk can be found at the first time in an intranet environment, the vulnerability is automatically verified, and the influenced hosts or applications are output.

Description

technical field [0001] The invention relates to the technical field of the Internet, in particular to a method, system, storage medium and electronic equipment for detecting a vulnerability of an information system. Background technique [0002] With the continuous development of Internet technology, more and more services or applications are provided to users, but the corresponding security risks are faced. In security management, a variety of application services will inevitably bring technical management problems, and new loopholes will appear every day. So how much impact the new loopholes have on their own information system assets (including hosts and applications) is currently unknown. In some cases, you can only obtain information from the corresponding development or operation and maintenance, and then wait for the vulnerability scanner to be updated, and scan these systems for vulnerabilities. However, when the scale of information assets exceeds hundreds of thousa...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): G06F21/57G06F21/56
Inventor 凌霄王润辉
Owner 携程旅游信息技术(上海)有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap