System vulnerability detection method, device, terminal equipment and medium

A detection method and vulnerability technology, which is applied in the security field, can solve the problems of low vulnerability detection efficiency and detection accuracy, reduce the verification of repeated vulnerabilities, improve detection efficiency and detection accuracy, and ensure stable operation.

Pending Publication Date: 2019-11-19
CHINA PING AN LIFE INSURANCE CO LTD
View PDF4 Cites 25 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] In view of this, the embodiments of the present invention provide a system vulnerability detection method, device, terminal equipment, and computer-readable storage medium to solve the problem of relatively low detection efficiency and detection accuracy of existing WEB system vulnerabilities

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • System vulnerability detection method, device, terminal equipment and medium
  • System vulnerability detection method, device, terminal equipment and medium
  • System vulnerability detection method, device, terminal equipment and medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0028] In the following description, specific details such as specific system structures and technologies are presented for the purpose of illustration rather than limitation, so as to thoroughly understand the embodiments of the present invention. It will be apparent, however, to one skilled in the art that the invention may be practiced in other embodiments without these specific details. In other instances, detailed descriptions of well-known systems, devices, circuits, and methods are omitted so as not to obscure the description of the present invention with unnecessary detail.

[0029] It should be understood that although the terms "first", "second", etc. are used in the text to describe various elements in some embodiments of the present invention, these elements should not be limited by these terms. These terms are only used to distinguish one element from another.

[0030] In order to illustrate the technical solutions of the present invention, specific examples are ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a system vulnerability detection method, a system vulnerability detection device and terminal equipment, and belongs to the technical field of signal processing. The method comprises the steps of obtaining an interception log collected by an application firewall; analyzing the interception log, and extracting attack parameters associated with the attack event in the interception log; determining a simulation object corresponding to the to-be-attacked object in the test environment according to the address information; replaying the attack parameters in the test environment, and receiving response information returned by the simulation object based on the attack parameters; and determining an attack result generated by the attack parameter to the to-be-attacked objectaccording to the response information, and identifying system vulnerability information of the to-be-attacked object based on the attack result. According to the method, the simulation operation about the historical attack event of the production environment is executed in the test environment, and the attack result of the to-be-attacked object about the attack parameter is indirectly determined,so that whether the historical attack event succeeds or not is automatically verified, and the detection efficiency and the detection accuracy of the system vulnerability are improved.

Description

technical field [0001] The invention belongs to the field of security technology, and in particular relates to a system vulnerability detection method, device, terminal equipment and computer-readable storage medium. Background technique [0002] WEB application firewall is an overall WEB security protection device integrating WEB protection, web page protection, load balancing, and application delivery. Generally speaking, the WEB application firewall will monitor all network data flowing through the WEB application firewall based on predetermined attack characteristics. If a large amount of network data matching attack characteristics is found during daily monitoring, the WEB application firewall will intercept or record the network data. Since the WEB application firewall only has the above data interception and recording functions, it cannot automatically determine whether the currently intercepted network data will affect the business system, and whether the system sti...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/55
CPCG06F21/552
Inventor 陈先亮
Owner CHINA PING AN LIFE INSURANCE CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap