Automatic monitoring method and system for open source component vulnerabilities

An automatic monitoring and vulnerability technology, applied in the direction of instruments, electrical digital data processing, platform integrity maintenance, etc., can solve the problems of inability to respond to vulnerabilities in a timely manner, low analysis efficiency, inconsistent timing of vulnerability explosion and repair, etc., to improve security and vulnerability response timeliness, improve security response timeliness, and save huge workload

Inactive Publication Date: 2019-12-06
SUZHOU LANGCHAO INTELLIGENT TECH CO LTD
View PDF5 Cites 15 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] At this stage, there are mainly the following problems in dealing with open source component vulnerabilities: 1. As the scale of open source components is increasing day by day, resulting in a wide variety of vulnerabilities and a huge number, and vulnerability patching requires manual discovery, confirmation and research of each component, and the analysis efficiency is low
2. Due to the fact that the time for each component to burst out and repair the vulnerability is inconsistent, and there are too many types of components, it is impossible to find and repair the vulnerability in time
If it is necessary to statistically track the vulnerabilities of each type of open source component and each version of the component, it is necessary to manually perform tens of thousands of redundant and repeated operations, which consumes a lot of time and labor costs
3. At present, all automated vulnerability scanning and management are discovered based on scanning and detection services. It is difficult to find the vulnerabilities of open source components that do not communicate with the outside world, and it is easy to cause false positives and bring risks to enterprises and products.
4. The current vulnerability scan needs to regularly update the vulnerability database, and cannot respond to 0-day vulnerabilities within 24 hours in a timely manner. The time lag makes the vulnerability have a greater and far-reaching impact

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Automatic monitoring method and system for open source component vulnerabilities
  • Automatic monitoring method and system for open source component vulnerabilities

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0052] Such asfigure 1 As shown, the embodiment of the present invention provides a method for automatic monitoring of open source component vulnerabilities, including the following steps:

[0053] S1: Schedule crawlers to crawl and search for the latest data released by domestic and foreign vulnerability disclosure platforms;

[0054] What needs to be explained is that in this step, the crawler is set to be automatically dispatched at zero o'clock every day to capture data from domestic and foreign vulnerability disclosure platforms such as CVE, cnnvd, and cnvd;

[0055] S2: Record and update the captured data to the local open source component vulnerability library;

[0056] Extract effective key information from the captured data, integrate and filter the captured data, and save it to the local vulnerability database in a standard format; effective key information includes CVE-ID, vulnerability name, vulnerability details, vulnerable components, affected component versions,...

Embodiment 2

[0063] Such as figure 2 As shown, the embodiment of the present invention provides an automatic monitoring system for open source component vulnerabilities, including a vulnerability capture module 11, a vulnerability data storage display module 22, a component detection and identification module 33, a processing module 44, and an early warning module 55;

[0064] The vulnerability capture module 11 is used to schedule crawlers to capture and search the latest data released by domestic and foreign vulnerability disclosure platforms;

[0065] The vulnerability data storage and display module 22 is used to record and update the captured data to the local open source component vulnerability library and provide a quick display query function;

[0066] The vulnerability data storage display module 22 includes a key information extraction unit and a processing storage unit;

[0067] The key information extraction unit is used to extract effective key information from the captured ...

Embodiment 3

[0078] An embodiment of the present invention provides an automatic monitoring system for open source component vulnerabilities, including a vulnerability capture module 11, a vulnerability data storage and display module 22, a component detection and identification module 33, a processing module 44, and an early warning module 55;

[0079] The vulnerability capture module 11 is used to schedule crawlers to capture and search the latest data released by domestic and foreign vulnerability disclosure platforms;

[0080] The vulnerability data storage and display module 22 is used to record and update the captured data to the local open source component vulnerability library and provide a quick display query function;

[0081] The vulnerability data storage display module 22 includes a key information extraction unit and a processing storage unit;

[0082] The key information extraction unit is used to extract effective key information from the captured data; effective key inform...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides an automatic monitoring method and system for open source component vulnerabilities. The automatic monitoring method comprises the following steps: scheduling crawlers to searchand capture data newly published by bug disclosure platforms at home and abroad; recording the grabbed data and updating the grabbed data to a local open source component vulnerability library; scheduling an open source component used by the fingerprint scanner detection system and service, recording a scanning result and updating the scanning result to an open source component database; matchingthe grabbed data with information in an open source component database to screen components with risks at present; and performing early warning on related responsible persons by a scheduling component vulnerability feedback recording mechanism. The automatic monitoring method can realize Automatic vulnerability early warning tracking and security construction, so that security personnel only needto pay attention to screened vulnerabilities related to products and companies. Therefore, the extra-large workload is saved, and the security vulnerability discovery and tracking efficiency is improved; the vulnerability tracking range is expanded; and the latest burst vulnerability can be responded within 24 hours, so that the company network security response timeliness is improved.

Description

technical field [0001] The invention relates to the technical field of system development, in particular to an automatic monitoring method and system for open source component vulnerabilities. Background technique [0002] In the process of software and hardware system development, various open source components are usually used to implement different functions and avoid repeated wheel creation. However, different open source components will have various known or newly discovered security vulnerabilities. Some important open source components and serious security vulnerabilities may lead to fatal security risks in all products, and are easy to be exploited to cause economic losses and product impacts. . Therefore, it is very important to repair and upgrade the vulnerabilities of open source components in a timely manner. [0003] At this stage, there are mainly the following problems in dealing with open source component vulnerabilities: 1. As the scale of open source comp...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/57
CPCG06F21/577G06F2221/033
Inventor 赵学鹏
Owner SUZHOU LANGCHAO INTELLIGENT TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap