NSFOCUS INFORMATION TECHNOLOGY CO., LTD. Patent applications |
Patent application number | Title | Published |
20150249589 | METHOD AND APPARATUS FOR DETERMINING AUTOMATIC SCANNING ACTION - Disclosed are a method and an apparatus for determining an automatic scanning action. The method comprises: in a set period, collecting access request messages sent from a selected send end to a selected network server and access response messages returned from the selected network server to the selected sending end; equally dividing the set period into at least two set sub-periods, successively counting the number of the access request messages in each set sub-periods and determining a request credible value of the selected sending end; counting the number of response success messages and the number of response failure messages in the collected access response messages, and determining a request credible value of the selected sending end; calculating a general accessed value of the selected send end in the set period according to the determined request credible value, the response credible value, first weight, and second weight; and comparing the general accessed value with a first set threshold, and determining whether is the selected sending end performs automatic scanning This solution is more applicable and more accurate than the prior art. | 09-03-2015 |
20130326627 | APPARATUS AND METHOD FOR DETECTING VULNERABILITY - The invention discloses a vulnerability monitoring method for performing a vulnerability monitoring on a system in which data execution protection (DEP) is enabled, which method comprises the steps of: monitoring an operation with respect to the DEP; and considering that an action exploiting the vulnerability has occurred in the system when an operation to close the DEP is detected. The invention also discloses a corresponding vulnerability monitoring apparatus. | 12-05-2013 |
20130276126 | WEBSITE SCANNING DEVICE AND METHOD - The invention discloses a website scanning apparatus for performing a security vulnerability scanning on a target website, which apparatus comprises: a web page obtaining component obtaining current content and/or features of a web page corresponding to a link to be processed; a link processing component including a change judgment device for judging whether the web page corresponding to the link to be processed has been changed based on stored web page content and/or features corresponding to the link to be processed as well as the current web page content and/or features of the link to be processed; and a vulnerability detecting component for performing a security vulnerability detection on a web page corresponding to a link to be processed for which the web page has been changed. The invention also discloses a website scanning method corresponding thereto. | 10-17-2013 |
20130227640 | METHOD AND APPARATUS FOR WEBSITE SCANNING - Described is a website scanning apparatus comprising a policy analysis device for determining whether a link in a target website belongs to a known web application used by the target website. If the link belongs to the identified web application, then a vulnerability scanning is not performed on the link; a crawler device for obtaining the link content that the link points to; a web application identification device for determining whether the link belongs to a known web application; a full scan device for performing a full vulnerability scanning on a link determined as not belonging to the known web application; and a known web application vulnerability detection device for performing vulnerability detection for the identified web application according to known vulnerabilities to determine whether the known vulnerabilities exist in the website. A website scanning method employed by the website scanning apparatus is also described. | 08-29-2013 |
20130219496 | SECURITY CONFIGURATION VERFICIATION DEVICE AND METHOD AND NETWORK SYSTEM EMPLOYING THE SAME - The invention discloses a security configuration verification device for performing a security configuration verification on a network device, which comprises: one or more preconfigured scanning policies; a scanning policy generator, which selects a scanning policy from the one or more preconfigured scanning policies to generate a new scanning policy corresponding to the network device; and a scanner, which performs the security scanning on the network device with the generated new scanning policy and thereby performs the security configuration verification. The invention also discloses a corresponding security configuration verification method and a network system employing the verification device. | 08-22-2013 |
20130191916 | DEVICE AND METHOD FOR DATA MATCHING AND DEVICE AND METHOD FOR NETWORK INTRUSION DETECTION - The present invention discloses a device and method for data matching and a device and method for network intrusion detection. The method for data matching includes: searching in a regular expression set one or more complex regular expressions causing a sharp increase in number of states generated based on a regular expression during interaction; constructing a corresponding simplified expression for each complex regular expression; compiling a simplified state machine; compiling one or more substate machines, wherein each of the one or more substate machines is compiled based on a corresponding one of the one or more complex regular expressions; and matching data based on the simplified state machine and the one or more substate machines. The present invention further discloses a device for data matching employing the method for data matching and a device and method for intrusion detection employing the device and method for data matching. | 07-25-2013 |
20120198558 | XSS DETECTION METHOD AND DEVICE - The present invention discloses a XSS detection method for detecting the XSS vulnerabilities in a web page, comprising for each parameter-value pair in a set of parameter-value pairs that can be accepted by the web page: constructing a parameter-value pair in which a dedicated script is inserted; assembling a URL corresponding to the web page based on the parameter-value pair in which a dedicated script is inserted; acquiring the dynamic web page content corresponding to the assembled URL; and simulating the execution of the acquired dynamic web page content, if the dedicated script is executed, it is determined that the processing of the parameter in the web page contains XSS vulnerabilities. The present invention further discloses a corresponding XSS detection device and a web site security scanning system and a web scanning system using such a device. | 08-02-2012 |
20120096565 | DEVICE, METHOD AND SYSTEM TO PREVENT TAMPERING WITH NETWORK CONTENT - The present invention discloses a system for preventing network content of one or more network servers from being tampered with. The system comprises a content caching and providing device to cache network content of the one or more network servers; and a content monitoring sub-system with one or more content monitoring client incorporated in the network servers respectively and a content monitoring server part incorporated in the content caching and providing device. The present invention further discloses a content caching and providing device, a network content providing system and a corresponding method. With the system, device and method according to the present invention, we can improve the speed and security of accessing network content while effectively preventing the network content from being tampered with. | 04-19-2012 |