Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Out-of-authority vulnerability detection method, apparatus and device, and storage medium

A detection method and vulnerability technology, applied in the computer field, can solve problems such as the inability to accurately judge unauthorized loopholes, and achieve the effect of reducing human resource investment and improving accuracy

Pending Publication Date: 2020-05-08
BEIJING SANKUAI ONLINE TECH CO LTD
View PDF5 Cites 10 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] The embodiment of the present application provides a detection method, device, equipment and storage medium for an unauthorized loophole, which can solve the detection method for an unauthorized loophole in the related art. It is manually judged whether there is an unauthorized loophole for each request, which has subjective factors and cannot be accurate. Judging the issue of unauthorized access

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Out-of-authority vulnerability detection method, apparatus and device, and storage medium
  • Out-of-authority vulnerability detection method, apparatus and device, and storage medium
  • Out-of-authority vulnerability detection method, apparatus and device, and storage medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0032] In order to make the purpose, technical solution and advantages of the present application clearer, the implementation manners of the present application will be further described in detail below in conjunction with the accompanying drawings.

[0033] figure 1 A structural block diagram of a computer system provided by an exemplary embodiment of the present application is shown. The computer system 100 includes: a terminal 110 and a server 120 .

[0034] The terminal 110 installs and runs a proxy server 111 or a browser plug-in 112 that supports forwarding sample requests and sample responses. The proxy server 111 or browser plug-in 112 has the function of collecting requests and responses between the terminal and the server. The device type of the terminal includes: at least one of a smart phone, a tablet computer, an e-book reader, an MP3 player, an MP4 player, a laptop computer, and a desktop computer. figure 1 Only one terminal is shown in , but there are multiple...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses an unauthorized vulnerability detection method, apparatus and device, and a storage medium. The method is applied to the field of computers, and comprises the steps of acquiring a sample request and a sample response wherein the sample response is a response result corresponding to the sample request, authentication information in the sample request is first authenticationinformation, and the first authentication information is authentication information with the right to acquire the sample response; editing the first authentication information in the sample request togenerate a test request; obtaining a test response corresponding to the test request; and calculating an unauthorized risk value of the sample request through the similarity between the sample response and the test response. The problems that the work is too complicated when the unauthorized bugs are manually detected, and the unauthorized bugs cannot be accurately judged due to subjective factors existing in the manually judged result can be solved.

Description

technical field [0001] The present application relates to the field of computers, and in particular to a detection method, device, equipment and storage medium for unauthorized leaks. Background technique [0002] Privilege violation vulnerability is a common logical security vulnerability. To exceed one's authority is to exceed one's authority or authority. Most applications have permission division and control, but if there are flaws in the design of permission control functions, users can use these flaws to access unauthorized functions or data, which is a privilege violation vulnerability. After the user exceeds the authority, he can perform some operations, such as viewing sensitive information, performing some operations such as adding, deleting, modifying, and checking. [0003] In related technologies, security engineers need to manually detect unauthorized vulnerabilities. Manual detection of unauthorized access vulnerabilities is to replace the authentication in...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/57
CPCG06F21/577
Inventor 曲逸飞
Owner BEIJING SANKUAI ONLINE TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com