一种大规模网络下可扩展性增强的漏洞评估方法

本发明提供一种大规模网络下可扩展性增强的漏洞评估方法,属于信息安全技术领域。该漏洞评估方法的被动漏洞匹配系统通过用户输入的设备指纹信息、NVD漏洞库中抽取的CPE格式下的设备指纹信息与高精度漏洞匹配算法结合求出相似度的大小,将其保存到临时的相似度数组中;顺序遍历全部NVD中的CPE,针对每个CPE重复匹配计算;取出临时相似度数组中的最大值,得出对应的CPE,通过该CPE去NVD中查找是否存在包含该CPE的CVE;该方法在不提高资源占用率的基础上,使用最长公共子序列算法结合覆盖范围,大大提高了漏洞匹配的精度;通过该漏洞匹配算法,去除了人工筛选的步骤,但匹配的精确已经可以达到人工筛选的精确度。 T...

Full description

Saved in:
Bibliographic Details
Format Patent
LanguageChinese
Published 13.02.2024
Subjects
CALCULATING
COMPUTING
COUNTING
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRIC DIGITAL DATA PROCESSING
ELECTRICITY
PHYSICS
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online AccessGet full text

Cover

More Information
Summary:本发明提供一种大规模网络下可扩展性增强的漏洞评估方法,属于信息安全技术领域。该漏洞评估方法的被动漏洞匹配系统通过用户输入的设备指纹信息、NVD漏洞库中抽取的CPE格式下的设备指纹信息与高精度漏洞匹配算法结合求出相似度的大小,将其保存到临时的相似度数组中;顺序遍历全部NVD中的CPE,针对每个CPE重复匹配计算;取出临时相似度数组中的最大值,得出对应的CPE,通过该CPE去NVD中查找是否存在包含该CPE的CVE;该方法在不提高资源占用率的基础上,使用最长公共子序列算法结合覆盖范围,大大提高了漏洞匹配的精度;通过该漏洞匹配算法,去除了人工筛选的步骤,但匹配的精确已经可以达到人工筛选的精确度。 The invention provides an expandability-enhanced vulnerability assessment method under a large-scale network, and belongs to the technical field of information security. A passive vulnerability matching system of the vulnerability assessment method combines equipment fingerprint information input by a user, equipment fingerprint information in a CPE format extracted from an NVD vulnerability library and a high-precision vulnerability matching algorithm to solve the similarity, and stores the similarity in a temporary similarity array; sequentially traversing the CPEs in all the NVDs, and performing repeated matching calculation for each CPE; the maximum value in the temporary similarity array is taken out, the corre
Bibliography:Application Number: CN202010875523