Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Method and system for detecting vulnerability

A vulnerability detection and vulnerability technology, which is applied in the field of information security, can solve problems such as the inability to identify web page Trojan horses, the loss of web page functions and effects, etc., and achieve the effects of improving user experience, improving security, and effectively identifying

Active Publication Date: 2012-08-29
三六零数字安全科技集团有限公司
View PDF4 Cites 52 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, disabling scripts and ActiveX controls will disable the functions and effects of some web pages
[0012] Apparently, the above-mentioned prior art is restricted by various conditions, and it is completely impossible to fully and effectively identify webpage Trojan horses.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and system for detecting vulnerability
  • Method and system for detecting vulnerability
  • Method and system for detecting vulnerability

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0071] In order to make the above objects, features and advantages of the present application more obvious and comprehensible, the present application will be further described in detail below in conjunction with the accompanying drawings and specific implementation methods.

[0072] Active defense against security vulnerabilities is one of the main ways to cut off the spread of Trojan viruses and infect computer terminals. Active defense against security vulnerabilities can greatly enhance the security features of the terminal system and make it more difficult for hackers to attack. For example, when a vulnerability on the Windows platform executes an overflow attack, the Shellcode of the overflow vulnerability is prevented from being intercepted by the active defense technology of the security software during execution, and the attack will completely fail.

[0073] Among them, Shellcode is actually a piece of code (it can also be filled data), which is used to send to the ser...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a method and a system for detecting a vulnerability. The method comprises the following steps of: hooking a function called by a machine code for code execution, acquiring the return address of the function, detecting whether the entry instruction of the function is a normal call instruction or not according to the return address, and if not, determining that a vulnerability is detected. According to the invention, the vulnerability causing a security problem, such as a Web Trojan, can be identified comprehensively and effectively, and the Internet security is improved for a user.

Description

technical field [0001] The present application relates to the technical field of information security, in particular to a vulnerability detection method, a vulnerability detection system, a client for vulnerability detection, and a cloud server for vulnerability detection. Background technique [0002] It is well known that the biggest problem caused by vulnerabilities is Trojan horses, which usually exploit computer program vulnerabilities to invade and steal files and user information. A Trojan horse is a hidden and spontaneous program that can be used to perform malicious acts. A computer Trojan has historically been defined as a type of infiltration that attempts to disguise itself as a useful program to trick users into allowing it to run. Note that this was true of Trojans in the past, but now they don't need to disguise themselves. Their sole purpose is to infiltrate and accomplish their malicious goals as easily as possible. "Trojan horse" has become a generic ter...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/22G06F21/57
Inventor 张聪宋申雷肖鹏刘起
Owner 三六零数字安全科技集团有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com