Supercharge Your Innovation With Domain-Expert AI Agents!

Java third-party dependency vulnerability detection method and system and storage medium

A vulnerability detection and dependency technology, applied in the direction of platform integrity maintenance, etc., to achieve the effect of improving security

Pending Publication Date: 2022-08-09
ARMY ENG UNIV OF PLA
View PDF0 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] The purpose of the present invention is to overcome the deficiencies in the prior art, provide a Java third-party dependency vulnerability detection method, system and storage medium, and solve the problem that the Java project may quote a defective third-party dependency

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Java third-party dependency vulnerability detection method and system and storage medium
  • Java third-party dependency vulnerability detection method and system and storage medium
  • Java third-party dependency vulnerability detection method and system and storage medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0038] like figure 1 As shown, it is an overall flow chart of a Java third-party dependency vulnerability detection method provided by an embodiment of the present invention, and the specific steps are as follows:

[0039] To query the dependency graph of the third-party dependencies to be detected, you need to obtain the dependencies of the third-party dependencies in MavenRepository, build the corresponding dependency database, and store the third-party dependencies in the database.

[0040] The specific process is as figure 2 As shown, when querying the third-party dependencies that need to be detected, all related third-party dependencies are found from the database. First, the direct dependencies are obtained from the dependency database, and then the first-level dependencies are obtained in turn. For their directly related dependencies, repeat this operation until the dependencies have no direct related dependencies, so as to obtain the third-party dependency graph to ...

Embodiment 2

[0062] The present invention also provides a Java third-party dependency vulnerability detection system and a computer-readable storage medium. The detection system includes a processor and a storage medium, wherein the storage medium is used to store instructions, and the processor is used to operate according to the instructions to execute a Java first-order storage medium. The steps of the third-party-dependent vulnerability detection method.

Embodiment 3

[0064] A computer program is stored on the computer-readable storage medium, and when the program is executed by the processor, implements the steps of a Java third-party dependency vulnerability detection method.

[0065] As will be appreciated by those skilled in the art, the embodiments of the present application may be provided as a method, a system, or a computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment, or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, etc.) having computer-usable program code embodied therein.

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a Java third-party dependency vulnerability detection method and system and a storage medium, and the detection method comprises the following steps: obtaining dependency data of a third-party dependency packet, and constructing a dependency relationship graph of the third-party dependency packet according to the dependency data; analyzing the third-party dependency packets in the dependency relationship graph by using a Java analysis tool to obtain a complete function call relationship graph of all the third-party dependency packets; and third-party vulnerability detection is performed on the complete function call relation graph, so that the problem of third-party dependency which may be referenced by Java items and has defects is effectively solved.

Description

technical field [0001] The invention specifically relates to a Java third-party dependency vulnerability detection method, system and storage medium, belonging to the technical field of static analysis. Background technique [0002] In the current Internet era, software is flooded in all corners of society. As one of the more widely used programming languages, Java is used by IT workers to program various projects. Since third-party dependency packages are often used in Java programming, for loopholes in other third-party dependencies referenced in the project, programmers often do not pay attention to the problems of loopholes in third-party dependency packages after completing a project. Therefore, It may lead to citing a vulnerable third-party dependency package, or during use, the referenced third-party dependency package is exposed to have vulnerabilities, and the third-party dependency package cited by the software developer refers to the third-party that exposed the v...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F21/57
CPCG06F21/577
Inventor 黄松王梅娟胡津昌史涯晴郑长友洪宇王丹王宇
Owner ARMY ENG UNIV OF PLA
Features
  • R&D
  • Intellectual Property
  • Life Sciences
  • Materials
  • Tech Scout
Why Patsnap Eureka
  • Unparalleled Data Quality
  • Higher Quality Content
  • 60% Fewer Hallucinations
Social media
Patsnap Eureka Blog
Learn More

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2025 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com