CN104091116B - Monitor method, device and the terminal of website vulnerability information - Google Patents
Monitor method, device and the terminal of website vulnerability information Download PDFInfo
- Publication number
- CN104091116B CN104091116B CN201410309789.9A CN201410309789A CN104091116B CN 104091116 B CN104091116 B CN 104091116B CN 201410309789 A CN201410309789 A CN 201410309789A CN 104091116 B CN104091116 B CN 104091116B
- Authority
- CN
- China
- Prior art keywords
- information
- website
- webpage
- parsed
- newly
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
- 
        - G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
 
Landscapes
- Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Computing Systems (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Information Transfer Between Computers (AREA)
Abstract
Method, device and terminal the invention discloses a kind of monitoring website vulnerability information.Wherein, the method for monitoring website vulnerability information includes:Obtain the address information of website;Obtain the webpage of website automatically according to prefixed time interval according to address information;Webpage to obtaining is parsed, and obtains information structure;And whenever a new information structure is obtained, the information structure for being obtained with last time is contrasted, if there is newly-increased vulnerability information, judge whether newly-increased vulnerability information meets pre-conditioned, if meeting pre-conditioned, send early warning information.The whole monitoring and early warning process of the embodiment of the present invention is automatically performed, and overcomes that the manual monitoring response time is long, and cannot accomplish 24 hours defects of response, while the problems such as data for avoiding manual monitoring presence are omitted;Furthermore it is possible to Rapid transplant is to other leak platform websites, strong applicability and low cost.
    Description
Technical field
      The present invention relates to technical field of network security, more particularly to a kind of method of monitoring website vulnerability information, device and
Terminal.
    Background technology
      Leak refers to a system to be implemented or defect present on System Security Policy in hardware, software, agreement,
Such that it is able to enable attacker to be accessed in the case of unauthorized or destruction system.Leak may be from application software or operation
The mistake produced when defect during system design or coding, it is also possible to design defect from business in iterative process or
Unreasonable part in logic flow.These defects, mistake or unreasonable part may be utilized either intentionally or unintentionally, so that right
One assets organized or operation are adversely affected, and such as information system is attacked or controlled, and capsule information are stolen, number of users
According to being tampered, system is by as springboard for invading other host computer systems etc..
      Website as a carrier for providing service, it is necessary to carry out vulnerability monitoring to ensure the safety of website, at present, to net
The method that station carries out leak is manual monitoring.Manual monitoring refers to:Artificial regular visit leak website, when the leaky information of discovery
When, manually carry out early warning analysis.
      But, realize it is of the invention during inventor find prior art at least there is problems with:Manual monitoring
There is the response time long, it is impossible to accomplish 24 hours respond, concurrently there are data omission, monitor it is inaccurate the problems such as.
    The content of the invention
      It is contemplated that at least solving one of technical problem in correlation technique to a certain extent.Therefore, of the invention
One purpose be propose a kind of method of the monitoring website vulnerability information with fast and automatically monitoring and early warning function, device and
Terminal.
      The method that the embodiment of the present invention proposes a kind of monitoring website vulnerability information, the method includes:Obtain the ground of website
Location information;Obtain the webpage of website automatically according to prefixed time interval according to address information;Webpage to obtaining is parsed, and is obtained
Obtain information structure;And whenever a new information structure is obtained, it is right that the information structure for being obtained with last time is carried out
Than, if there is newly-increased vulnerability information, judge whether newly-increased vulnerability information meets pre-conditioned, if meeting pre-conditioned, send
Early warning information.
      The embodiment of the method for above-mentioned monitoring website vulnerability information, the webpage of website is obtained according to prefixed time interval automatically,
And the webpage to obtaining is parsed, information structure is obtained;Then whenever obtain a new information structure when, with it is upper
The information structure of secondary acquisition is contrasted, to find newly-increased vulnerability information, and when newly-increased vulnerability information meets pre-conditioned,
Send early warning information so that whole monitoring and early warning process is automatically performed, it is long to overcome the manual monitoring response time, and cannot accomplish
24 hours defects of response, while the problems such as data for avoiding manual monitoring presence are omitted;Furthermore it is possible to Rapid transplant arrives it
His leak platform website, strong applicability and low cost.
      The embodiment of the present invention proposes a kind of device of monitoring website vulnerability information, the device of the monitoring website vulnerability information
Including:First acquisition module, the address information for obtaining website;Second acquisition module, for according to address information according to pre-
If time interval obtains the webpage of website automatically;Parsing module, for being parsed to the webpage for obtaining, obtains message structure
Body;And warning module, for whenever a new information structure is obtained, the information structure for being obtained with last time to be carried out
Contrast, if there is newly-increased vulnerability information, judges whether newly-increased vulnerability information meets pre-conditioned, if meeting pre-conditioned, sends out
Send early warning information.
      Believe the device embodiment of above-mentioned monitoring website vulnerability information, the address that above-mentioned website is obtained by the first acquisition module
Breath, according to address above mentioned information is that interval obtains the webpage of above-mentioned website automatically with Preset Time by the second acquisition module, is led to
Cross parsing module to parse the above-mentioned webpage for obtaining, obtain information structure;By warning module whenever acquisition one
During new information structure, the information structure for being obtained with last time is contrasted, if there is newly-increased vulnerability information, judges above-mentioned
It is pre-conditioned whether newly-increased vulnerability information meets, if meeting above-mentioned pre-conditioned, sends early warning information so that whole monitoring is pre-
Alert process is automatically performed, and overcomes that the manual monitoring response time is long, and cannot accomplish 24 hours defects of response, while avoiding
The problems such as data that manual monitoring is present are omitted;Furthermore it is possible to Rapid transplant to other leak platform websites, strong applicability and into
This is low.
      The embodiment of the present invention proposes a kind of terminal, and the terminal includes housing, processor, memory, circuit board and power supply
Circuit, wherein, circuit board is placed in the interior volume that housing is surrounded, and processor and memory are set on circuit boards;Power supply electricity
Road, powers for each circuit or device for terminal;Memory is used to store executable program code;Processor is by reading
The executable program code stored in memory runs program corresponding with executable program code, for performing following step
Suddenly:
      Obtain the address information of website;Obtain the webpage of website automatically according to prefixed time interval according to address information;It is right
The webpage of acquisition is parsed, and obtains information structure;And whenever a new information structure is obtained, obtained with last time
The information structure for obtaining is contrasted, if there is newly-increased vulnerability information, judges whether newly-increased vulnerability information meets pre-conditioned, if
Meet pre-conditioned, then send early warning information.
      Above-mentioned terminal embodiment, obtains the webpage of website according to prefixed time interval automatically, and webpage to obtaining is carried out
Parsing, obtains information structure;Then whenever a new information structure is obtained, the information structure for being obtained with last time
Contrasted, to find newly-increased vulnerability information, and when newly-increased vulnerability information meets pre-conditioned, sent early warning information so that
Whole monitoring and early warning process is automatically performed, and overcomes that the manual monitoring response time is long, and cannot accomplish 24 hours defects of response,
The problems such as data for avoiding manual monitoring presence simultaneously are omitted;Furthermore it is possible to Rapid transplant is to other leak platform websites, fit
With property is strong and low cost.
    Brief description of the drawings
      Fig. 1 is the flow chart of the method that website vulnerability information is monitored according to one embodiment of the invention.
      Fig. 2 is the flow chart of the method for monitoring website vulnerability information according to a further embodiment of the invention.
      Fig. 3 is the structural representation of the device that website vulnerability information is monitored according to one embodiment of the invention.
    Specific embodiment
      Embodiments of the invention are described below in detail, the example of the embodiment is shown in the drawings, wherein from start to finish
Same or similar label represents same or similar element or the element with same or like function.Below with reference to attached
It is exemplary to scheme the embodiment of description, it is intended to for explaining the present invention, and be not considered as limiting the invention.
      Below with reference to the accompanying drawings method, device and the terminal of the monitoring website vulnerability information of the embodiment of the present invention described.
      Fig. 1 is the flow chart of the method that website vulnerability information is monitored according to one embodiment of the invention.
      As shown in figure 1, the method for the monitoring website vulnerability information includes:
      S101, obtains the address information of website.
      In this embodiment, website refers to that leak platform website, i.e. a class are supplied to Security Officer to issue other software leakage
The website of hole information, wherein, the address information of website can be URL (URL) information of website.
      In addition, when the address information of website is obtained, the page structure of website can also be obtained.
      Specifically, the page structure of acquisition website can be:Configuration file is obtained, and the page is parsed from configuration file
Face structure.
      S102, the webpage of website is obtained according to address information automatically according to prefixed time interval.
      Wherein, prefixed time interval can flexibly be set as needed, for example, can be 5 minutes, 7 minutes etc..
      For example, constantly obtaining the webpage of website automatically for time interval with 5 minutes.
      S103, the webpage to obtaining is parsed, and obtains information structure.
      In this embodiment, carrying out parsing to the webpage for obtaining can be:According to obtain page structure to obtain net
Page is parsed.But if the information structure of webpage cannot be parsed according to page structure, regain the configuration after updating
File, and the page structure after updating is parsed from the configuration file after renewal, then use the page structure pair after updating
The webpage of acquisition is parsed, i.e., the webpage for obtaining is parsed using the page structure of newest acquisition.
      Wherein, information structure can be vulnerability information list or other forms, wherein, can be wrapped in vulnerability information list
Include leak number, leak submission date and Vulnerability Description etc..
      Through the above way, web data can be automatically obtained according to prefixed time interval, in the absence of asking that data are omitted
Topic.
      S104, whenever a new information structure is obtained, the information structure for being obtained with last time is contrasted, if
There is newly-increased vulnerability information, then judge whether newly-increased vulnerability information meets pre-conditioned, if meeting pre-conditioned, send early warning letter
Breath.
      In this embodiment, whenever a new information structure is obtained, the information structure for obtaining this with
The information structure that last time obtains is contrasted, to find out newly-increased vulnerability information.
      Wherein, judging whether newly-increased vulnerability information meets pre-conditioned can be:Judge whether newly-increased vulnerability information meets
Comprising preset keyword such as " Kingsoft " etc., if comprising, it is determined that newly-increased leak is significant leak, that is, find concern product
Leak, then can send early warning information in the form of mail or short message, also, complete by the embodiment is only needed 5 minutes
Automatic early-warning, relative to the mode (needing 20 minutes) of manual monitoring, greatlys save the monitoring and early warning time.
      After early warning information is received, the leak that can be directed to product carries out subsequent treatment to early warning analysis personnel, for example, issue
Patch etc..
      The embodiment of the method for above-mentioned monitoring website vulnerability information, the webpage of website is obtained according to prefixed time interval automatically,
And the webpage to obtaining is parsed, information structure is obtained;Then whenever obtain a new information structure when, with it is upper
The information structure of secondary acquisition is contrasted, to find newly-increased vulnerability information, and when newly-increased vulnerability information meets pre-conditioned,
Send early warning information so that whole monitoring and early warning process is automatically performed, it is long to overcome the manual monitoring response time, and cannot accomplish
24 hours defects of response, while the problems such as data for avoiding manual monitoring presence are omitted;Furthermore it is possible to Rapid transplant arrives it
His leak platform website, strong applicability and low cost.
      Fig. 2 is the flow chart of the method for monitoring website vulnerability information according to a further embodiment of the invention.
      As shown in Fig. 2 the method for the monitoring website vulnerability information includes:
      S201, obtains the address information and page structure of black clouds net.
      Wherein, black clouds net be domestic one based on the safety problem feedback between computer vendors and security study person and
Distribution platform, user can online submit the black clouds net security breaches of discovery to, and enterprise customer also can know oneself by the platform
The leak of black clouds net, the address information of black clouds net can be the URL information of black clouds net.
      Specifically, the page structure of acquisition black clouds net can be:Configuration file is obtained, and this is parsed from configuration file
Page structure.
      S202, the webpage of black clouds net is obtained according to address information automatically according to prefixed time interval.
      Specifically, with 5 minutes can be that time interval obtains the webpage of black clouds net automatically according to the URL information of black clouds net.
      S203, parses according to page structure to the webpage for obtaining, and obtains vulnerability information list.
      Wherein, leak number, leak submission date and Vulnerability Description etc. can be included in vulnerability information list.
      S204, whenever a new vulnerability information list is obtained, it is right that the vulnerability information list for being obtained with last time is carried out
Than, if there is newly-increased vulnerability information, judge whether newly-increased vulnerability information meets pre-conditioned, if meeting pre-conditioned, send
Early warning information.
      In this embodiment, whenever a new vulnerability information list is obtained, the vulnerability information row for obtaining this
The vulnerability information list that table was obtained with last time is contrasted, to find out newly-increased vulnerability information.
      Wherein, judging whether newly-increased vulnerability information meets pre-conditioned can be:Judge whether newly-increased vulnerability information meets
Comprising preset keyword such as " Kingsoft " etc., if comprising, it is determined that newly-increased leak is significant leak, then can be with mail
Or the form of short message sends early warning information.
      The embodiment of the method for above-mentioned monitoring website vulnerability information, the webpage of website is obtained according to prefixed time interval automatically,
And the webpage to obtaining is parsed, information structure is obtained;Then whenever obtain a new information structure when, with it is upper
The information structure of secondary acquisition is contrasted, to find newly-increased vulnerability information, and when newly-increased vulnerability information meets pre-conditioned,
Send early warning information so that whole monitoring and early warning process is automatically performed, it is long to overcome the manual monitoring response time, and cannot accomplish
24 hours defects of response, while the problems such as data for avoiding manual monitoring presence are omitted;Furthermore it is possible to Rapid transplant arrives it
His leak platform website, strong applicability and low cost.
      In order to realize above-described embodiment, the present invention also proposes a kind of device of monitoring website vulnerability information.
      Fig. 3 is the structural representation of the device that website vulnerability information is monitored according to one embodiment of the invention.
      As shown in figure 3, the device of the monitoring website vulnerability information includes:First acquisition module 31, the second acquisition module 32,
Parsing module 33 and warning module 34, wherein:
      First acquisition module 31 is used to obtain the address information of above-mentioned website;Second acquisition module 32 is used for according to above-mentioned
Location information obtains the webpage of above-mentioned website according to prefixed time interval automatically;Parsing module 33 is used to enter the above-mentioned webpage for obtaining
Row parsing, obtains information structure;Warning module 34 is used to whenever a new information structure is obtained, be obtained with last time
Information structure contrasted, if there is newly-increased vulnerability information, judge whether above-mentioned newly-increased vulnerability information meets pre-conditioned,
If meeting above-mentioned pre-conditioned, early warning information is sent.
      In this embodiment, website refers to that leak platform website, i.e. a class are supplied to Security Officer to issue other software leakage
The website of hole information, wherein, the address information of website can be URL (URL) information of website.
      In addition, above-mentioned first acquisition module 31 is additionally operable to:In the address information of the above-mentioned website of above-mentioned acquisition, obtain above-mentioned
The page structure of website.Specifically, the first acquisition module 31 can obtain configuration file, and be parsed from above-mentioned configuration file
Above-mentioned page structure.
      Wherein, Preset Time can flexibly be set as needed, for example, can be 5 minutes, 7 minutes etc..For example, second obtains
Module 32 can automatically obtain the webpage of above-mentioned website according to address above mentioned information according to the time interval of 5 minutes.
      After the first acquisition module 31 parses page structure, above-mentioned parsing module 33 can be according to above-mentioned page structure
Above-mentioned webpage to obtaining is parsed, to obtain information structure.If but cannot be parsed according to above-mentioned page structure above-mentioned
The information structure of webpage, then regain the configuration file after updating, and renewal is parsed from the configuration file after renewal
Page structure afterwards, then parsing module 33 using the page structure after renewal to obtain above-mentioned webpage parse, even if
The above-mentioned webpage for obtaining is parsed with the page structure of newest acquisition.
      Wherein, above- mentioned information structure can be vulnerability information list or other forms, and above-mentioned vulnerability information list includes
Leak number, submission date and Vulnerability Description etc..
      In this embodiment, warning module 34 whenever obtain a new information structure when, the letter for obtaining this
The information structure that breath structure was obtained with last time is contrasted, to find out newly-increased vulnerability information.
      Wherein, judging whether above-mentioned newly-increased vulnerability information meets pre-conditioned can be:Judge above-mentioned newly-increased vulnerability information
Whether meet comprising preset keyword such as " Kingsoft " etc., if comprising, it is determined that newly-increased leak is significant leak, Ran Houke
With in the form of mail or short message send early warning information, also, the embodiment is only needed 5 minutes can completion automatic early-warning, relatively
In the mode (needing 20 minutes) of manual monitoring, the monitoring and early warning time is greatlyd save.
      Monitoring network comprising above-mentioned first acquisition module 31, the second acquisition module 32, parsing module 33 and warning module 34
The monitoring and early warning process of device of vulnerability information of standing can be found in Fig. 1 or Fig. 2, not repeat herein.
      Believe the device embodiment of above-mentioned monitoring website vulnerability information, the address that above-mentioned website is obtained by the first acquisition module
Breath, according to address above mentioned information is that interval obtains the webpage of above-mentioned website automatically with Preset Time by the second acquisition module, is led to
Cross parsing module to parse the above-mentioned webpage for obtaining, obtain information structure;By warning module whenever acquisition one
During new information structure, the information structure for being obtained with last time is contrasted, if there is newly-increased vulnerability information, judges above-mentioned
It is pre-conditioned whether newly-increased vulnerability information meets, if meeting above-mentioned pre-conditioned, sends early warning information so that whole monitoring is pre-
Alert process is automatically performed, and overcomes that the manual monitoring response time is long, and cannot accomplish 24 hours defects of response, while avoiding
The problems such as data that manual monitoring is present are omitted;Furthermore it is possible to Rapid transplant to other leak platform websites, strong applicability and into
This is low.
      In order to realize above-described embodiment, the present invention also proposes a kind of terminal, the terminal include housing, processor, memory,
Circuit board and power circuit, wherein, foregoing circuit plate is placed in the interior volume that above-mentioned housing is surrounded, above-mentioned processor and above-mentioned
Memory is arranged on foregoing circuit plate;Above-mentioned power circuit, powers for each circuit or device for above-mentioned terminal;It is above-mentioned
Memory is used to store executable program code;Above-mentioned processor is by reading the executable program generation stored in above-mentioned memory
Code runs program corresponding with above-mentioned executable program code, for performing following steps:
      S101 ', obtains the address information of website.
      In this embodiment, website refers to that leak platform website, i.e. a class are supplied to Security Officer to issue other software leakage
The website of hole information, wherein, the address information of website can be URL (URL) information of website.
      In addition, when the address information of website is obtained, the page structure of website can also be obtained.
      Specifically, the page structure of acquisition website can be:Configuration file is obtained, and the page is parsed from configuration file
Face structure.
      S102 ', the webpage of website is obtained according to address information automatically according to prefixed time interval.
      Wherein, prefixed time interval can flexibly be set as needed, for example, can be 5 minutes, 7 minutes etc..
      For example, the webpage to obtain website for 5 minutes automatically for time interval.
      S103 ', the webpage to obtaining is parsed, and obtains information structure.
      In this embodiment, carrying out parsing to the webpage for obtaining can be:According to obtain page structure to obtain net
Page is parsed.But if the information structure of webpage cannot be parsed according to page structure, regain the configuration after updating
File, and the page structure after updating is parsed from the configuration file after renewal, then use the page structure pair after updating
The webpage of acquisition is parsed, i.e., the webpage for obtaining is parsed using the page structure of newest acquisition.
      Wherein, information structure can be vulnerability information list or other forms, wherein, can be wrapped in vulnerability information list
Include leak number, leak submission date and Vulnerability Description etc..
      S104 ', whenever a new information structure is obtained, the information structure for being obtained with last time is contrasted,
If there is newly-increased vulnerability information, judge whether newly-increased vulnerability information meets pre-conditioned, if meeting pre-conditioned, send early warning
Information.
      In this embodiment, whenever a new information structure is obtained, the information structure for obtaining this with
The information structure that last time obtains is contrasted, to find out newly-increased vulnerability information.
      Wherein, judging whether newly-increased vulnerability information meets pre-conditioned can be:Judge whether newly-increased vulnerability information meets
Comprising preset keyword such as " Kingsoft " etc., if comprising, it is determined that newly-increased leak is significant leak, then can be with mail
Or short message form send early warning information, also, the embodiment is only needed 5 minutes can complete automatic early-warning, relative to manually supervise
The mode (needing 20 minutes) of control, greatlys save the monitoring and early warning time.
      Above-mentioned terminal embodiment, obtains the webpage of website according to prefixed time interval automatically, and webpage to obtaining is carried out
Parsing, obtains information structure;Then whenever a new information structure is obtained, the information structure for being obtained with last time
Contrasted, to find newly-increased vulnerability information, and when newly-increased vulnerability information meets pre-conditioned, sent early warning information so that
Whole monitoring and early warning process is automatically performed, and overcomes that the manual monitoring response time is long, and cannot accomplish 24 hours defects of response,
The problems such as data for avoiding manual monitoring presence simultaneously are omitted;Furthermore it is possible to Rapid transplant is to other leak platform websites, fit
With property is strong and low cost.
      In the description of this specification, reference term " one embodiment ", " some embodiments ", " example ", " specifically show
The description of example " or " some examples " etc. means to combine specific features, structure, material or spy that the embodiment or example are described
Point is contained at least one embodiment of the invention or example.In this manual, to the schematic representation of above-mentioned term not
Identical embodiment or example must be directed to.And, the specific features of description, structure, material or feature can be with office
Combined in an appropriate manner in one or more embodiments or example.Additionally, in the case of not conflicting, the skill of this area
Art personnel can be tied the feature of the different embodiments or example described in this specification and different embodiments or example
Close and combine.
      Additionally, term " first ", " second " are only used for describing purpose, and it is not intended that indicating or implying relative importance
Or the implicit quantity for indicating indicated technical characteristic.Thus, define " first ", the feature of " second " can express or
Implicitly include at least one this feature.In the description of the invention, " multiple " is meant that at least two, such as two, three
It is individual etc., unless otherwise expressly limited specifically.
      Any process described otherwise above or method description in flow chart or herein is construed as, and expression includes
It is one or more for realizing specific logical function or process the step of the module of code of executable instruction, fragment or portion
Point, and the scope of the preferred embodiment of the present invention includes other realization, wherein can not press shown or discussion suitable
Sequence, including function involved by basis by it is basic simultaneously in the way of or in the opposite order, carry out perform function, this should be of the invention
Embodiment person of ordinary skill in the field understood.
      Represent in flow charts or logic and/or step described otherwise above herein, for example, being considered use
In the order list of the executable instruction for realizing logic function, in may be embodied in any computer-readable medium, for
Instruction execution system, device or equipment (such as computer based system, including the system of processor or other can be held from instruction
The system of row system, device or equipment instruction fetch and execute instruction) use, or with reference to these instruction execution systems, device or set
It is standby and use.For the purpose of this specification, " computer-readable medium " can any can be included, store, communicate, propagate or pass
The dress that defeated program is used for instruction execution system, device or equipment or with reference to these instruction execution systems, device or equipment
Put.The more specifically example (non-exhaustive list) of computer-readable medium includes following:With the electricity that one or more are connected up
Connecting portion (electronic installation), portable computer diskette box (magnetic device), random access memory (RAM), read-only storage
(ROM), erasable edit read-only storage (EPROM or flash memory), fiber device, and portable optic disk is read-only deposits
Reservoir (CDROM).In addition, computer-readable medium can even is that the paper that can thereon print described program or other are suitable
Medium, because optical scanner for example can be carried out by paper or other media, then enters edlin, interpretation or if necessary with it
His suitable method is processed electronically to obtain described program, is then stored in computer storage.
      It should be appreciated that each several part of the invention can be realized with hardware, software, firmware or combinations thereof.Above-mentioned
In implementation method, the software that multiple steps or method can in memory and by suitable instruction execution system be performed with storage
Or firmware is realized.If for example, realized with hardware, and in another embodiment, can be with well known in the art
Any one of row technology or their combination are realized:With the logic gates for realizing logic function to data-signal
Discrete logic, the application specific integrated circuit with suitable combinational logic gate circuit, programmable gate array (PGA), scene
Programmable gate array (FPGA) etc..
      Those skilled in the art are appreciated that to realize all or part of step that above-described embodiment method is carried
The rapid hardware that can be by program to instruct correlation is completed, and described program can be stored in a kind of computer-readable storage medium
In matter, the program upon execution, including one or a combination set of the step of embodiment of the method.
      Additionally, during each functional unit in each embodiment of the invention can be integrated in a processing module, it is also possible to
It is that unit is individually physically present, it is also possible to which two or more units are integrated in a module.Above-mentioned integrated mould
Block can both be realized in the form of hardware, it would however also be possible to employ the form of software function module is realized.The integrated module is such as
Fruit is to realize in the form of software function module and as independent production marketing or when using, it is also possible to which storage is in a computer
In read/write memory medium.
      Storage medium mentioned above can be read-only storage, disk or CD etc..Although having been shown above and retouching
Embodiments of the invention are stated, it is to be understood that above-described embodiment is exemplary, it is impossible to be interpreted as to limit of the invention
System, one of ordinary skill in the art can be changed to above-described embodiment, change, replace and become within the scope of the invention
Type.
    Claims (19)
1. the method for a kind of monitoring website vulnerability information, it is characterised in that including:
      Obtain the address information of the website;
      Obtain the webpage of the website automatically according to prefixed time interval according to the address information;
      The webpage to obtaining is parsed, and obtains information structure;And
      Whenever a new information structure is obtained, the information structure for being obtained with last time is contrasted, if there is newly-increased leakage
Hole information, then judge whether the newly-increased vulnerability information meets pre-conditioned, if meeting described pre-conditioned, sends early warning letter
Breath, wherein, judge whether the newly-increased vulnerability information meets comprising preset keyword, if comprising the preset keyword,
Determine that the newly-increased leak, for significant leak, then sends the early warning information.
    2. method according to claim 1, it is characterised in that the address information includes URL information.
    3. method according to claim 1, it is characterised in that described information structure includes vulnerability information list, described
Vulnerability information list includes leak number, submission date and Vulnerability Description.
    4. method according to claim 1, it is characterised in that the transmission early warning information, including:
      Early warning information is sent in the form of mail or short message.
    5. the method according to claim 1-4 any claims, it is characterised in that on the ground for obtaining the website
During the information of location, also include:
      Obtain the page structure of the website.
    6. method according to claim 5, it is characterised in that the page structure of the acquisition website, including:
      Configuration file is obtained, the page structure is parsed from the configuration file.
    7. method according to claim 6, it is characterised in that the webpage of described pair of acquisition is parsed, including:
      The webpage for obtaining is parsed according to the page structure.
    8. method according to claim 7, it is characterised in that it is described according to the page structure to the net that obtains
After page is parsed, also include:
      If the information structure of the webpage cannot be parsed according to the page structure, the configuration text after updating is regained
Part, and the page structure after updating is parsed from the configuration file after renewal.
    9. method according to claim 8, it is characterised in that parse renewal in the configuration file after renewal
After page structure afterwards, the webpage of described pair of acquisition is parsed, including:
      The webpage for obtaining is parsed according to the page structure after the renewal.
    10. the device of a kind of monitoring website vulnerability information, it is characterised in that including:
      First acquisition module, the address information for obtaining the website;
      Second acquisition module, the webpage for obtaining the website automatically according to prefixed time interval according to the address information;
      Parsing module, for being parsed to the webpage for obtaining, obtains information structure;And
      Warning module, for whenever a new information structure is obtained, it is right that the information structure for being obtained with last time is carried out
Than if there is newly-increased vulnerability information, judging whether the newly-increased vulnerability information meets pre-conditioned, if meeting the default bar
Part, then send early warning information, and the warning module judges whether the newly-increased vulnerability information meets comprising preset keyword, if
Comprising the preset keyword, it is determined that the newly-increased leak is significant leak, then sends the early warning information.
    11. devices according to claim 10, it is characterised in that the address information is believed including URL
Breath.
    12. devices according to claim 10, it is characterised in that described information structure includes vulnerability information list, institute
Stating vulnerability information list includes leak number, submission date and Vulnerability Description.
    13. devices according to claim 10, it is characterised in that the warning module, specifically for:
      Early warning information is sent in the form of mail or short message.
    14. device according to claim 10-13 any claims, it is characterised in that first acquisition module, also
For:In the address information of the acquisition website, the page structure of the website is obtained.
    15. devices according to claim 14, it is characterised in that first acquisition module, specifically for:
      Configuration file is obtained, the page structure is parsed from the configuration file.
    16. devices according to claim 15, it is characterised in that the parsing module, specifically for:
      The webpage for obtaining is parsed according to the page structure.
    17. devices according to claim 16, it is characterised in that first acquisition module, are additionally operable to:
      After the parsing module is parsed according to the page structure to the webpage for obtaining, if according to the page
Structure cannot parse the information structure of the webpage, then regain the configuration file after updating, and matching somebody with somebody from after renewal
Put and the page structure after updating is parsed in file.
    18. devices according to claim 17, it is characterised in that the parsing module, specifically for:
      After the page structure that first acquisition module parses after updating from the configuration file after renewal, according to described
Page structure after renewal is parsed to the webpage for obtaining.
    A kind of 19. terminals, the terminal includes housing, processor, memory, circuit board and power circuit, wherein, the circuit board
The interior volume that the housing is surrounded is placed in, the processor and the memory are arranged on the circuit board;The electricity
Source circuit, powers for each circuit or device for the terminal;The memory is used to store executable program code;Institute
Processor is stated by reading the executable program code stored in the memory to run and the executable program code pair
The program answered, for performing following steps:
      Obtain the address information of website;
      Obtain the webpage of the website automatically according to prefixed time interval according to the address information;
      The webpage to obtaining is parsed, and obtains information structure;And
      Whenever a new information structure is obtained, the information structure for being obtained with last time is contrasted, if there is newly-increased leakage
Hole information, then judge whether the newly-increased vulnerability information meets pre-conditioned, if meeting described pre-conditioned, sends early warning letter
Breath, wherein, judge whether the newly-increased vulnerability information meets comprising preset keyword, if comprising the preset keyword,
Determine that the newly-increased leak, for significant leak, then sends the early warning information.
    Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title | 
|---|---|---|---|
| CN201410309789.9A CN104091116B (en) | 2014-06-30 | 2014-06-30 | Monitor method, device and the terminal of website vulnerability information | 
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title | 
|---|---|---|---|
| CN201410309789.9A CN104091116B (en) | 2014-06-30 | 2014-06-30 | Monitor method, device and the terminal of website vulnerability information | 
Publications (2)
| Publication Number | Publication Date | 
|---|---|
| CN104091116A CN104091116A (en) | 2014-10-08 | 
| CN104091116B true CN104091116B (en) | 2017-06-27 | 
Family
ID=51638831
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date | 
|---|---|---|---|
| CN201410309789.9A Active CN104091116B (en) | 2014-06-30 | 2014-06-30 | Monitor method, device and the terminal of website vulnerability information | 
Country Status (1)
| Country | Link | 
|---|---|
| CN (1) | CN104091116B (en) | 
Families Citing this family (6)
| Publication number | Priority date | Publication date | Assignee | Title | 
|---|---|---|---|---|
| CN107426191A (en) * | 2017-06-29 | 2017-12-01 | 上海凯岸信息科技有限公司 | A kind of leak early warning and emergency response automatic warning system | 
| CN107579983A (en) * | 2017-09-13 | 2018-01-12 | 杭州安恒信息技术有限公司 | Code security auditing method and device based on web log file | 
| CN116137703A (en) * | 2021-11-16 | 2023-05-19 | 华为技术有限公司 | Information analysis method and device | 
| CN114218579A (en) * | 2021-11-25 | 2022-03-22 | 中邮信息科技(北京)有限公司 | Vulnerability advanced early warning method and device, electronic equipment and storage medium | 
| CN114996718A (en) * | 2022-06-30 | 2022-09-02 | 浙江网商银行股份有限公司 | Data processing method and device | 
| CN115758031A (en) * | 2022-12-04 | 2023-03-07 | 江苏研码科技有限公司 | Monitoring and early warning method and system for website update | 
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title | 
|---|---|---|---|---|
| CN1694411A (en) * | 2004-07-16 | 2005-11-09 | 北京航空航天大学 | Network intrusion detection system with two-level decision-making kernel and its alarm optimization method | 
| CN101039179A (en) * | 2007-04-13 | 2007-09-19 | 北京启明星辰信息技术有限公司 | Method and system for warning accurately intrusion detection | 
Family Cites Families (6)
| Publication number | Priority date | Publication date | Assignee | Title | 
|---|---|---|---|---|
| US6996845B1 (en) * | 2000-11-28 | 2006-02-07 | S.P.I. Dynamics Incorporated | Internet security analysis system and process | 
| US7475427B2 (en) * | 2003-12-12 | 2009-01-06 | International Business Machines Corporation | Apparatus, methods and computer programs for identifying or managing vulnerabilities within a data processing network | 
| CN103297394B (en) * | 2012-02-24 | 2016-12-14 | 阿里巴巴集团控股有限公司 | Website security detection method and device | 
| CN102855418A (en) * | 2012-08-08 | 2013-01-02 | 周耕辉 | Method for discovering Web intranet agent bugs | 
| CN103095681B (en) * | 2012-12-03 | 2016-08-03 | 微梦创科网络科技(中国)有限公司 | A kind of method and device detecting leak | 
| CN103685258B (en) * | 2013-12-06 | 2018-09-04 | 北京奇安信科技有限公司 | A kind of method and apparatus of quick scans web sites loophole | 
- 
        2014
        - 2014-06-30 CN CN201410309789.9A patent/CN104091116B/en active Active
 
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title | 
|---|---|---|---|---|
| CN1694411A (en) * | 2004-07-16 | 2005-11-09 | 北京航空航天大学 | Network intrusion detection system with two-level decision-making kernel and its alarm optimization method | 
| CN101039179A (en) * | 2007-04-13 | 2007-09-19 | 北京启明星辰信息技术有限公司 | Method and system for warning accurately intrusion detection | 
Non-Patent Citations (1)
| Title | 
|---|
| "Web应用程序漏洞主动扫描器的研究与实现";尹虹;《中国优秀博硕士学位论文全文数据库(硕士) 信息科技辑》;20061115(第11期);文献第18页第2.6.3节第1段、第22页第2.7.2节第3-5段、第28页第3.1节、第30页第3.2节、第31页第3.4节,图3.2 * | 
Also Published As
| Publication number | Publication date | 
|---|---|
| CN104091116A (en) | 2014-10-08 | 
Similar Documents
| Publication | Publication Date | Title | 
|---|---|---|
| CN104091116B (en) | Monitor method, device and the terminal of website vulnerability information | |
| US12235968B2 (en) | Automated software vulnerability determination | |
| CN107943949B (en) | Method and server for determining web crawler | |
| CN109409096A (en) | Kernel vulnerability repairing method, device, server and system | |
| CN106131698A (en) | Information display method and device and electronic equipment | |
| CN106953874B (en) | Website falsification-proof method and device | |
| CN113326375B (en) | Method, device, electronic device and storage medium for processing public opinion | |
| Ozanne et al. | Transformative consumer research | |
| CN108667818A (en) | The method of cloud device and cloud net end Collaborative Control access rights | |
| CN106034126A (en) | Verification method of identifying code and apparatus thereof | |
| CN113704638A (en) | Method and equipment for identifying presentation information in social group chat | |
| CN104486301B (en) | Login validation method and device | |
| KR101639869B1 (en) | Program for detecting malignant code distributing network | |
| US11093619B2 (en) | Automated fixups based on partial goal satisfaction | |
| CN103294834B (en) | The method scanned for by Quick Response Code and search engine | |
| CN109598531B (en) | Monitoring code generation method and verification method | |
| CN103853980A (en) | Safety prompting method and device | |
| CN106790160A (en) | Security level identification and method of calibration and device | |
| KR20140105380A (en) | Method for providing print advertisements | |
| Ozyurek et al. | Distal biceps brachii tendon rupture resulting in acute compartment syndrome | |
| CN118449684B (en) | Method and system for constructing data element identification system | |
| CN108596715A (en) | A kind of method of network payment, device, electronic equipment and readable storage medium storing program for executing | |
| Ramon et al. | Acute And Chronic Learning Impairment Following Seizures In Larval Zebrafish | |
| Busin | Small" Big Bubble" Technique to optimize DALK results | |
| CN104052807B (en) | A kind of information processing method and device based on high in the clouds | 
Legal Events
| Date | Code | Title | Description | 
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right | ||
| TR01 | Transfer of patent right | Effective date of registration: 20181212 Address after: 519030 Room 105-53811, No. 6 Baohua Road, Hengqin New District, Zhuhai City, Guangdong Province Patentee after: Zhuhai Seal Interest Technology Co., Ltd. Address before: 519070, six level 601F, 10 main building, science and technology road, Tangjia Bay Town, Zhuhai, Guangdong. Patentee before: Zhuhai Juntian Electronic Technology Co.,Ltd. |