Vulnerability detection method and device

A vulnerability detection and vulnerability technology, applied in the computer field, can solve problems such as low vulnerability detection accuracy

Active Publication Date: 2020-07-07
ALIBABA GRP HLDG LTD
View PDF5 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] The embodiment of the present application provides a vulnerability detection method and device to at least solve the technical problem of low accuracy of vulnerability detection in the prior art

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Vulnerability detection method and device
  • Vulnerability detection method and device
  • Vulnerability detection method and device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0032] According to the embodiment of the present application, an embodiment of a vulnerability detection method is provided. It should be noted that the steps shown in the flow chart of the accompanying drawings can be executed in a computer system such as a set of computer-executable instructions, and, although A logical order is shown in the flowcharts, but in some cases the steps shown or described may be performed in an order different from that shown or described herein.

[0033] The method embodiment provided in Embodiment 1 of the present application may be executed in a mobile terminal, a computer terminal, or a similar computing device. Take running on a computer terminal as an example, figure 1 It is a block diagram of the hardware structure of a computer terminal of a vulnerability detection method in the embodiment of the present application. Such as figure 1 As shown, the computer terminal 10 may include one or more (only one is shown in the figure) processors ...

Embodiment 2

[0104] According to an embodiment of the present application, a vulnerability detection device for implementing the above vulnerability detection method is also provided, such as Figure 7 As shown, the apparatus may include: a scanning unit 701 , a first acquiring unit 703 , a searching unit 705 and a determining unit 707 .

[0105] Among them, the scanning unit 701 is used to scan the decompiled statement of the detected program by using the pre-set vulnerability detection condition; initial condition, then obtain the vulnerability information of the program vulnerability to which the initial condition belongs, wherein, the vulnerability characteristics of the program vulnerability are recorded in the vulnerability information; the search unit 705 is used to perform feature extraction in the decompiled statement according to the vulnerability characteristics recorded in the vulnerability information Searching to obtain a search result that matches the vulnerability feature; ...

Embodiment 3

[0125] Embodiments of the present application may provide a computer terminal, and the computer terminal may be any computer terminal device in a group of computer terminals. Optionally, in this embodiment, the foregoing computer terminal may also be replaced with a terminal device such as a mobile terminal.

[0126] Optionally, in this embodiment, the foregoing computer terminal may be located in at least one network device among multiple network devices of the computer network.

[0127] In this embodiment, the above-mentioned computer terminal can execute the program code of the following steps in the vulnerability detection method of the application program: use the pre-set vulnerability detection conditions to scan the decompiled statement of the detected program; in the process of scanning the decompiled statement, If the initial condition of the vulnerability detection condition is matched, the vulnerability information of the program vulnerability to which the initial c...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a vulnerability detection method and device. The method comprises the steps that a preset vulnerability detection condition is utilized to scan a decompiled statement of a detected program; in the process of scanning the decompiled statement, if a starting condition matched with the vulnerability detection condition is obtained, vulnerability information of a program vulnerability which the starting condition belongs to is acquired, wherein vulnerability features of the program vulnerability are recorded in the vulnerability information; feature search is performed in the decompiled statement according to the vulnerability features recorded in the vulnerability information to obtain a search result matched with the vulnerability features; and whether the program vulnerability exists in the detected program or not is determined according to the search result. Through the vulnerability detection method and device, the technical problem that in the prior art, vulnerability detection accuracy is low is solved.

Description

technical field [0001] The present application relates to the field of computers, in particular, to a vulnerability detection method and device. Background technique [0002] Vulnerability scanning refers to a security detection (penetration attack) behavior that detects the security vulnerabilities of a specified remote or local computer system through scanning and other means based on the vulnerability database, and finds exploitable vulnerabilities. Usually, the vulnerability scanning system formulates corresponding vulnerability detection rules according to the vulnerabilities to be detected. The stronger the capability of the scanning engine in the vulnerability scanning system, the more complex the vulnerability detection rules it can formulate. At present, if the vulnerability detection rules are formulated through the more commonly used vulnerability detection rule definition method (such as the text method), the vulnerability detection rules will have poor detection...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): G06F21/57G06F21/56
CPCG06F21/563G06F21/577G06F2221/033
Inventor 陈晋福
Owner ALIBABA GRP HLDG LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap