Vulnerability detection method and device

A vulnerability detection and vulnerability technology, applied in the field of network security, can solve the problems of low accuracy, detection failure, and low detection efficiency, and achieve the effects of high accuracy, avoiding detection failure, and high detection efficiency

Inactive Publication Date: 2021-12-28
湖北天融信网络安全技术有限公司 +3
View PDF3 Cites 3 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, in actual use, specific packets may be intercepted by firewall devices in the network topology and cannot reach the target host, resulting in detection failures. At the same time, sending specific packets will occupy network bandwidth and affect the operating efficiency of the target host
It can be seen that the existing vulnerability detection methods have low detection efficiency and low accuracy, and there are detection failures. At the same time, they also occupy network bandwidth and affect the operating efficiency of the target host.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Vulnerability detection method and device
  • Vulnerability detection method and device
  • Vulnerability detection method and device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0047] Please see figure 1 , figure 1 A schematic flowchart of a vulnerability detection method is provided for the embodiment of the present application. Among them, the vulnerability detection method includes:

[0048] S101. Capture traffic information of a target host.

[0049] In the embodiment of the present application, to capture the traffic information of the target host, there is no need to establish an additional connection with the target host, and there is no data packet interaction, so there is no impact on the network bandwidth and the target host.

[0050] In the embodiment of the present application, the execution subject of the method may be a vulnerability detection device, and the vulnerability detection device may run on the target host, which is not limited in the embodiment of the present application.

[0051] In the embodiment of the present application, the target host may specifically be a computing device such as a computer or a server, which is no...

Embodiment 2

[0069] Please see figure 2 , figure 2 It is a schematic flowchart of a vulnerability detection method provided in the embodiment of the present application. Such as figure 2 As shown, wherein, the vulnerability detection method includes:

[0070] S201. Pre-deploy a mirrored port between the target host and an upper-layer router or switch.

[0071] S202. Forward the data traffic on one or more source ports corresponding to the target host to the mirror port.

[0072] In the embodiment of the present application, when the vulnerability detection method based on passive traffic is adopted, in the network topology, it is usually deployed between the target host and the upper-layer router and switch, and the port mirroring function is used to transfer the data traffic on one or more source ports to Forward to the mirror port directly connected to the system, and monitor and analyze the user traffic of the target host through the mirror port, so as to obtain the message data ...

Embodiment 3

[0099] Please see image 3 , image 3 It is a schematic structural diagram of a vulnerability detection device provided in an embodiment of the present application. Such as image 3 As shown, the vulnerability detection device includes:

[0100] A traffic capture unit 310, configured to capture the traffic information of the target host;

[0101] An analysis unit 320, configured to analyze and process the flow information by using an analysis algorithm based on network protocol specifications to obtain analysis data;

[0102] An acquisition unit 330, configured to acquire the network asset information of the target host according to the analysis data;

[0103] The vulnerability detection unit 340 is configured to perform vulnerability detection on network asset information according to a preset vulnerability rule base, and obtain a vulnerability detection result of the target host.

[0104] In the embodiment of the present application, for the explanation of the vulnerabi...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a vulnerability detection method and device, and relates to the technical field of network security. The method comprises: firstly, capturing flow information of a target host; then analyzing and processing the flow information by adopting an analysis algorithm based on a network protocol specification to obtain analysis data; obtaining network asset information of the target host according to the analysis data; and finally, performing vulnerability detection on the network asset information according to the preset vulnerability rule base to obtain a vulnerability detection result of the target host, so that vulnerability detection of the target host can be realized without sending a specific message, the detection efficiency is high, the accuracy is high, the condition of detection failure is effectively avoided, the network bandwidth is not occupied, and the operation efficiency of the target host is not influenced.

Description

technical field [0001] The present application relates to the technical field of network security, in particular, to a vulnerability detection method and device. Background technique [0002] With the rapid development of computer network and communication technology, using an open network environment for global communication has become the trend of the times, but at the same time, convenient network resources also bring network security risks. Hackers and viruses usually use security holes to infiltrate target hosts and systems, all security holes need to be found and fixed. Existing vulnerability detection methods usually send a specific message by actively sending packets to detect, and use the system vulnerability fingerprint to compare and analyze the information of the reply message to complete the vulnerability identification. However, in actual use, specific packets may be intercepted by firewall devices in the network topology and cannot reach the target host, resu...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/57
CPCG06F21/577
Inventor 余进奎袁旭王振洋
Owner 湖北天融信网络安全技术有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap