HTTP vulnerability scanning host confirmation method and device, equipment and medium

A vulnerability scanning and host technology, applied in the field of system management, can solve problems such as difficulty in accurate identification, low efficiency, and waste of human resources, and achieve the effect of improving the efficiency of confirmation

Active Publication Date: 2020-06-19
SANGFOR TECH INC
View PDF13 Cites 1 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] The main purpose of the present invention is to propose a confirmation method, device, terminal equipment and computer-readable storage medium for an HTTP vulnerability scanning host, aiming at solving the problem

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • HTTP vulnerability scanning host confirmation method and device, equipment and medium
  • HTTP vulnerability scanning host confirmation method and device, equipment and medium
  • HTTP vulnerability scanning host confirmation method and device, equipment and medium

Examples

Experimental program
Comparison scheme
Effect test

Example Embodiment

[0054] It should be understood that the specific embodiments described here are only used to explain the present invention, but not to limit the present invention.

[0055] The main solution of the embodiment of the present invention is: invoking a preset mirroring device to continuously audit HTTP traffic data initiated by the host to obtain each HTTP log; from each HTTP log, extracting HTTP sensitive logs that meet preset conditions; Analyze the HTTP sensitive log to confirm whether the host uses HTTP for vulnerability scanning.

[0056] At present, scanning dictionary matching can only identify known scanning tools, and it takes a lot of manpower to analyze and extract the scanning dictionaries used by each tool, which has poor generalization ability. In addition, matching based on sensitive paths can only identify known vulnerabilities. Or backdoor-related access paths, and even normal access may trigger sensitive paths, which are prone to false positives. Therefore, the existi...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses an HTTP vulnerability scanning host confirmation method and device, terminal equipment and a computer readable storage medium. The method comprises the steps: calling a presetmirror device to continuously audit HTTP traffic data initiated by a host to obtain HTTP logs; in each HTTP log, extracting an HTTP sensitive log meeting a preset condition; and analyzing the HTTP sensitive log to confirm whether the host performs vulnerability scanning by using HTTP. According to the method and the device, the problems that human resources need to be consumed and the recognitionaccuracy is low in a traditional mode of discovering a host for vulnerability scanning by utilizing an HTTP protocol are avoided, and the confirmation efficiency of the HTTP vulnerability scanning host is improved.

Description

technical field [0001] The present invention relates to the technical field of system management, in particular to a confirmation method, device, terminal equipment and computer-readable storage medium for an HTTP vulnerability scanning host. Background technique [0002] At present, in common network attack scenarios, in order to attack a host running a network service (such as a website server), the attacker needs to use the HTTP (Hyper Text Transfer Protocol: Hypertext Transfer Protocol) protocol to scan the destination host in advance to identify potential Vulnerabilities for malicious attacks. Therefore, for the above-mentioned attack method, by detecting the host machine (that is, the device used by the attacker) that is performing HTTP scanning, this kind of network attack from the intranet or the Internet can be well defended. [0003] However, the current way to identify hosts that use the HTTP protocol for vulnerability scanning is mainly through scanning dictiona...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06H04L29/08G06F16/18G06F21/57
CPCH04L63/1425H04L63/1433H04L63/1441H04L67/02H04L67/1095G06F21/577G06F16/1815
Inventor 罗竞霄
Owner SANGFOR TECH INC
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap