Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Vulnerability detection method and device, computer equipment and storage medium

A vulnerability detection and vulnerability technology, applied in computer security devices, calculations, instruments, etc., can solve the problems of high processing complexity, affecting the stability of the operating system, and low efficiency of vulnerability detection, achieving the effect of improving efficiency and accuracy

Pending Publication Date: 2021-10-29
TENCENT TECH (SHENZHEN) CO LTD
View PDF0 Cites 6 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] However, the current hook identification method based on the driver layer is easily detected by common tools, and the global interception method needs to intercept the system calls of all processes. The system runs slowly, resulting in less efficient vulnerability detection

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Vulnerability detection method and device, computer equipment and storage medium
  • Vulnerability detection method and device, computer equipment and storage medium
  • Vulnerability detection method and device, computer equipment and storage medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0039] In order to make the purpose, technical solution and advantages of the present application clearer, the present application will be further described in detail below in conjunction with the accompanying drawings and embodiments. It should be understood that the specific embodiments described here are only used to explain the present application, and are not intended to limit the present application.

[0040] The vulnerability detection method provided by this application can be applied to such as figure 1 shown in the application environment. Wherein, the terminal 102 communicates with the server 104 through the network. When the terminal 102 runs the target program, it interacts with the server 104, and the server 104 returns to the terminal 102 the corresponding return address, request data, and corresponding functions of the target process. The terminal 102 identifies a target process running in the operating system, injects a preset library file into the target pr...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to a vulnerability detection method and device, computer equipment and a storage medium. The method comprises the following steps: identifying a target process running in an operating system, and injecting a preset library file into the target process; wherein the preset library file is used for performing explicit calling on a running target process; obtaining system attribute information and a target detection code, and constructing a callback function corresponding to the target process by utilizing a preset callback function according to the system attribute information and the target detection code; performing callback configuration on the target process by utilizing a preset process function and a callback function; returning the system call of the target process from the operating system through the callback function, obtaining the returned system call, and analyzing a return address corresponding to the system call by utilizing the callback function; and when the return address is not matched with the offset address of the target process, determining that the system call corresponding to the return address has security vulnerabilities. By adopting the method, the vulnerability detection efficiency and accuracy can be effectively improved.

Description

technical field [0001] The present application relates to the technical field of computer security, in particular to a vulnerability detection method, device, computer equipment and storage medium. Background technique [0002] With the rapid development of Internet technology, information networks are widely involved in various fields, which also leads to the risks of network information networks being attacked and data stolen. Network information security has become a concern. Therefore, some vulnerability detection methods based on network information security have emerged. Usually, the global hook set in the driver layer is used to intercept the calls of all processes in the operating system, and then based on the system call identification of the function hook, the call address is screened and judged, thereby identifying unsafe system calls. [0003] However, the current hook identification method based on the driver layer is easily detected by common tools, and the gl...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F21/57
CPCG06F21/577
Inventor 盛子骁殷赵辉曹飞宋青原卢正军李文豪朱泽瑾
Owner TENCENT TECH (SHENZHEN) CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com