System vulnerability detection method and device

A detection method and vulnerability technology, which is applied in the field of information security, can solve problems such as poor versatility, low efficiency of authority vulnerability detection, and difficulty in covering business processes, and achieve the effects of strong versatility, automatic detection, and improved detection efficiency

Pending Publication Date: 2021-06-25
北京安全共识科技有限公司
View PDF0 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] The detection of unauthorized vulnerabilities is usually highly correlated with business scenarios. Usually, the data packets of a single business node are marked and the authority is detected, which is difficult to cover the complete business process, which not only makes the detection efficiency of authority vulnerabilities low , and poor versatility

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • System vulnerability detection method and device
  • System vulnerability detection method and device
  • System vulnerability detection method and device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0063] The following will clearly and completely describe the technical solutions in the embodiments of the present invention with reference to the accompanying drawings in the embodiments of the present invention. Obviously, the described embodiments are only some, not all, embodiments of the present invention. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without making creative efforts belong to the protection scope of the present invention.

[0064] refer to figure 1 , which shows a schematic flowchart of a method for detecting authority vulnerabilities provided by an embodiment of the present invention. In this embodiment, the method includes:

[0065] S101: Obtain a data packet to be detected, and extract an effective authentication mode of the system from the data packet to be detected;

[0066] In this embodiment, the data packets to be detected may be data packets generated during system oper...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a permission vulnerability detection method, which comprises the following steps: after a to-be-detected data packet is obtained, extracting an effective authentication mode of a system from the to-be-detected data packet, and further aggregating the to-be-detected data packet through the effective authentication mode to obtain at least one user data set; therefore, the purpose of automatically classifying the data packets is achieved; connecting data packets in each user data set in series according to an uplink and downlink relationship; complementing missing data packets in the service chain of each user data set; and generating different permission test cases through the relationship among the data packets in each user data set and the relationship among the different user data sets, and performing permission vulnerability detection through the permission test cases. Therefore, in the embodiment of the invention, the full-service processes are connected in series, so that the automatic detection of the full-service nodes of the system is realized, the detection efficiency is improved, and the universality is high.

Description

technical field [0001] The invention relates to the field of information security, in particular to a system vulnerability detection method and device. Background technique [0002] In the field of computer applications, user rights refer to the ability to access resources. For example, in an application software, corresponding permission control mechanisms can be set based on different roles, and users of a role can access and only access resources authorized by the role. In order to protect the user's information security, when users access the business system, they need to access it strictly according to the user's authority, but there will also be some criminals who use the possible unauthorized loopholes in the business system to gain unauthorized access. In order to ensure the security of user information as much as possible and avoid the occurrence of unauthorized access, it is necessary to reduce the unauthorized loopholes in the business system as much as possible,...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/57
CPCG06F21/577
Inventor 董志勇邬迪卢中阳
Owner 北京安全共识科技有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap