Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Known vulnerability positioning method and device for network equipment

A technology of network equipment and positioning method, which is applied in the direction of computer security devices, instruments, and electrical digital data processing, etc., which can solve the problems of false positives, high cost, and incorrect function matching in vulnerability positioning, so as to reduce workload, improve efficiency, The effect of improving accuracy

Active Publication Date: 2021-11-09
INST OF INFORMATION ENG CHINESE ACAD OF SCI
View PDF9 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] (1) Vulnerability location based on the patch comparison method has false positives, that is, the comparison results contain a large number of non-secure patches. Due to the inherent differences to be confirmed and the low degree of screening automation, it takes a lot of manpower to confirm the results one by one in actual work
[0006] (2) There are false negatives in vulnerability location based on the patch comparison method. For example, in the absence of debugging symbols, the comparison heuristic algorithm may incorrectly match two irrelevant functions, resulting in the lack of correct security patches.
[0007] The complexity of the network device itself makes it difficult to quickly reverse the details of the vulnerability and understand the mechanism of the vulnerability through simple command comparison. Therefore, using the existing patch comparison tool to locate known vulnerabilities on the network device will easily produce a large number of false negatives and false positives. The situation hinders the researcher's vulnerability analysis and mining process, and brings hidden dangers to the security of network equipment.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Known vulnerability positioning method and device for network equipment
  • Known vulnerability positioning method and device for network equipment
  • Known vulnerability positioning method and device for network equipment

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0047]In order to make the technical solution of the present invention more obvious and easy to understand, the technical solution in the embodiment of the present invention is clearly and completely described with specific examples and in conjunction with the accompanying drawings.

[0048] Network equipment usually encapsulates main functions such as network protocol service code and public operation support code into an executable file, which is called a single executable file in the present invention. The network protocol services usually include SNMP, HTTP, IKE, OSPF, BGP, etc. These single executable files cover all the contents of the management plane, control plane, and data plane. Monolithic executable files are binary files of the main network protocols of some large-scale network devices. Using binary patch comparison technology to locate vulnerabilities in them is an important auxiliary means to analyze the detailed information of vulnerabilities. By locating known ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a known vulnerability positioning method and device for network equipment. Known vulnerabilities are positioned through two stages of module-level coarse-grained positioning and function-level fine-grained identification, and finally security repair codes are identified according to screening of difference functions and sorting from high to low according to determination degrees. The method and device serve vulnerability positioning, the positioning precision is effectively improved, the patch comparison efficiency is improved, the misinformation of subsequent safety repair is avoided, and the misinformation and misinformation problems of an existing patch analysis framework can be corrected.

Description

technical field [0001] The present invention relates to a patch comparison technology for known vulnerabilities, and mainly relates to a method and device for locating known vulnerabilities in network equipment. Based on the revolutionary binary comparison technology, the semantic similarity measurement method is used to screen and sort the comparison results, improve the patch analysis efficiency of network devices, and support researchers to discover more details of known vulnerabilities. Background technique [0002] Patch comparison technology is an auxiliary technology for vulnerability mining. By comparing and analyzing the difference between the original program and the updated program after vulnerability repair, it can use the limited vulnerability report description and patch program to accurately locate known vulnerabilities, so as to further explore potential vulnerabilities. loophole. Usually there is a long time window between the release of patches and the dep...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/57
CPCG06F21/577Y02D30/50
Inventor 钟楠宇王琛邹燕燕许家欢霍玮邹维
Owner INST OF INFORMATION ENG CHINESE ACAD OF SCI
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products