CN113395235B - IoT system remote testing method, system and equipment - Google Patents
IoT system remote testing method, system and equipment Download PDFInfo
- Publication number
- CN113395235B CN113395235B CN202010170442.6A CN202010170442A CN113395235B CN 113395235 B CN113395235 B CN 113395235B CN 202010170442 A CN202010170442 A CN 202010170442A CN 113395235 B CN113395235 B CN 113395235B
- Authority
- CN
- China
- Prior art keywords
- iot system
- equipment
- test server
- information
- security test
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
Abstract
The invention discloses a remote test method, a remote test system and remote test equipment for an IoT system. The method comprises the following steps: the security test server and the springboard machine establish a communication connection channel, and confirm the network information accessed by the IoT system through the springboard machine; the security test server acquires fingerprint information of equipment in an IoT system; and the security test server receives abnormal communication traffic among the devices in the IoT system captured by the trigger, analyzes the abnormal communication traffic according to the fingerprint information of the devices, determines the reason of the abnormality and outputs the reason. The security test server, the springboard machine and the IoT system are in communication connection to realize automatic security test, manual code examination and identification are not needed, response is fast, identification accuracy is high, and the security test server and the springboard machine can be suitable for security test and protection of a large IoT system.
Description
Technical Field
The invention relates to the technical field of internet of things, in particular to an IoT system remote testing method, system and device.
Background
With the deep development of the Internet of Things (IoT), there are more and more large IoT systems and more complex architectures, for example, for an intelligent camera system, the system may include a cloud server, a management device side, a device side (i.e., a camera device), a gateway and the like (which may be referred to as a cloud, a pipe, a side, or an edge for short). Because no unified standard exists, the security problem in all aspects of the system is more prominent, and a plurality of IoT devices belong to three-party collection type devices, so that the difficulty of security test and prevention control of the IoT devices is further increased.
In conventional IoT system defense, ioT devices in a large IoT system lack integrity security testing capabilities, and generally are guarded by multiplexing existing security safeguards of cloud, pipe, end, and edge, and lack active defense and effective defense schemes for IoT system characteristics.
With the concern on the security of the IoT system, some security tests and prevention and control aiming at the IoT system also appear, for example, security protection and tests aiming at the existing IoT devices and three-party acquisition type IoT devices, but all adopt a manual mode to perform code auditing and problem identification, the time consumption is long, the requirements on the test devices are high, and even research and infiltration on security problems may need to be performed after the devices are disassembled.
Disclosure of Invention
In view of the above, the present invention is proposed in order to provide an IoT system remote testing method, system and device that overcome or at least partially solve the above problems.
The embodiment of the invention provides an IoT system remote testing method, which comprises the following steps:
the security test server and the springboard machine establish a communication connection channel, and confirm the network information accessed by the IoT system through the springboard machine;
the security test server acquires fingerprint information of equipment in an IoT system;
and the security test server receives abnormal communication traffic among the devices in the IoT system captured by the board-jumping machine, analyzes the abnormal communication traffic according to the fingerprint information of the devices, determines the reason of the abnormality and outputs the reason.
In some optional embodiments, the establishing, by the security test server, a communication connection channel with the jumper, and confirming, by the jumper, network information accessed by the IoT system includes:
the safety test server sends a channel access request to the springboard machine, receives a channel access response returned by the springboard machine, and establishes a wireless communication connection channel with the springboard machine;
and the safety test server sends the network information accessed by each device in the IoT system to the board jumper, and receives a confirmation result returned by the board jumper after confirming the accessed network information to each device in the IoT system.
In some optional embodiments, the security test server obtains fingerprint information of devices in the IoT system, including:
the method comprises the steps that a security testing server obtains input fingerprint information of equipment in an IoT system, or the security testing server obtains the fingerprint information of the equipment in the IoT system obtained by grabbing communication traffic among the equipment in the IoT system from a springboard machine; or the security test server randomly generates fingerprint information of the equipment in the IoT system;
the fingerprint information comprises at least one of a hardware MAC address, a WIFI MAC address, a device ID, a device serial number and a system version number of the device.
In some optional embodiments, the receiving, by the security test server, abnormal communication traffic between devices in the IoT system captured by the board jumper, analyzing the abnormal communication traffic according to fingerprint information of the devices, determining a cause of the abnormality, and outputting the cause of the abnormality includes:
when the trigger monitors that the equipment in the IoT system is abnormal or receives abnormal information reported by the equipment in the IoT system, capturing abnormal communication traffic between the abnormal equipment and the connected equipment, and sending the abnormal communication traffic to a safety test server;
the safety test server sends the received abnormal communication traffic to a traffic processing pool;
the flow processing pool analyzes the device fingerprint and abnormal communication data included in the abnormal communication flow, matches the abnormal communication data with the device abnormal behavior record data stored in the flow pool, determines the reason of the device generating abnormality and provides the reason to the safety test server;
and the safety test server outputs the device fingerprint and the corresponding abnormal reason.
In some optional embodiments, the method further comprises:
the security test server acquires the application software version information of the equipment in the IoT system through the board jumper, judges the application software bug fixing condition of the equipment in the IoT system according to the application software version information, and provides the judgment result to the corresponding equipment in the IoT system.
In some optional embodiments, the method for determining the vulnerability repair condition of the application software of the device in the IoT system by the security test server includes:
the security test server acquires application software version information of equipment in the IoT system through the springboard machine and sends the application software version information to the vulnerability library;
and the vulnerability database judges the vulnerability repair condition of the application software of the equipment in the IoT system according to the version information of the application software and the recorded vulnerability information and vulnerability repair information of each version of the application software and provides the vulnerability repair condition to the security test server.
An embodiment of the present invention provides an IoT system remote test system, including: the safety test system comprises a safety test server and a board jumping machine;
the security test server is used for confirming the network information accessed by the IoT system through the springboard after establishing a communication connection channel with the springboard and acquiring the fingerprint information of the equipment in the IoT system; analyzing abnormal communication traffic among the devices in the IoT system captured by the trigger to determine the reason for generating the abnormality and outputting the reason;
the system comprises a trigger for jumping, which is used for confirming the network information accessed by the IoT system and providing the network information to a security test server after establishing a communication connection channel with the security test server; and capturing abnormal communication traffic among the devices in the IoT system and forwarding the abnormal communication traffic to the security test server.
In some optional embodiments, the security test server is further configured to:
acquiring application software version information of equipment in an IoT system through a springboard machine; and judging the vulnerability repair condition of the application software of the equipment in the IoT system according to the version information of the application software and the vulnerability repair information of each version of the application software recorded in the vulnerability library, and providing the judgment result to corresponding equipment in the IoT system.
In some optional embodiments, the system further comprises: the flow processing pool and/or the leak library are independently arranged or arranged in the safety test server; wherein:
the flow processing pool is used for storing the abnormal behavior record data of the equipment, analyzing the equipment fingerprint and the abnormal communication data included in the abnormal communication flow when the abnormal communication flow sent by the safety test server is received, matching according to the abnormal communication data and the abnormal behavior record data of the equipment stored in the flow pool, determining the reason for the abnormal condition of the equipment, and providing the reason for the safety test server;
and the vulnerability library is used for storing vulnerability information and vulnerability repair information existing in each version of the application software, judging the vulnerability repair condition of the application software of the equipment in the IoT system according to the version information of the application software of the equipment in the IoT system forwarded by the security test server and the recorded vulnerability information and vulnerability repair information of each version of the application software, and providing the vulnerability repair condition to the security test server.
An embodiment of the present invention further provides a security testing server, including:
the first communication module is used for establishing a communication connection channel with the springboard machine;
the network information acquisition module is used for confirming the network information accessed by the IoT system through the jumper;
the fingerprint collection module is used for acquiring fingerprint information of equipment in the IoT system;
and the safety testing module is used for analyzing abnormal communication flow among the devices in the IoT system captured by the springboard machine, determining the reason of the abnormality and outputting the reason.
In some optional embodiments, the security test server further includes:
the vulnerability protection module is used for acquiring the application software version information of the equipment in the IoT system through the springboard machine; and judging the vulnerability repair condition of the application software of the equipment in the IoT system according to the version information of the application software and the vulnerability repair information of each version of the application software recorded in the vulnerability library, and providing the judgment result to corresponding equipment in the IoT system.
In some optional embodiments, the security testing server further includes: a flow treatment pool and/or a leak reservoir; wherein:
the flow processing pool is used for storing the abnormal behavior record data of the equipment, analyzing the equipment fingerprint and the abnormal communication data included in the abnormal communication flow when the abnormal communication flow sent by the safety test server is received, matching according to the abnormal communication data and the abnormal behavior record data of the equipment stored in the flow pool, determining the reason for the abnormal condition of the equipment, and providing the reason for the safety test server;
and the vulnerability library is used for storing vulnerability information and vulnerability repair information existing in each version of the application software, judging the vulnerability repair condition of the application software of the equipment in the IoT system according to the version information of the application software of the equipment in the IoT system forwarded by the security test server and the recorded vulnerability information and vulnerability repair information of each version of the application software, and providing the vulnerability repair condition to the security test server.
An embodiment of the present invention further provides a springboard machine, including:
the second communication module is used for establishing a communication connection channel with the security test server;
the network information confirmation module is used for confirming the network information accessed by the IoT system and providing the network information to the security test server;
and the traffic grabbing module is used for grabbing abnormal communication traffic among the devices in the IoT system and forwarding the abnormal communication traffic to the security test server.
In some optional embodiments, the trigger tripping device further includes:
and the version information acquisition module is used for acquiring the application software version information of the equipment in the IoT system.
The embodiment of the invention also provides a system remote testing method, which comprises the following steps:
the safety test server and the springboard machine establish a communication connection channel, and confirm the network information accessed by the tested system through the springboard machine;
the security test server acquires fingerprint information of equipment in a tested system;
and the safety test server receives abnormal communication traffic between the devices in the tested system captured by the board jump machine, analyzes the abnormal communication traffic according to the fingerprint information of the devices, determines the reason of the abnormality and outputs the reason.
The technical scheme provided by the embodiment of the invention has the beneficial effects that at least:
the IoT system remote testing method provided by the embodiment of the invention is characterized in that a security testing server and a springboard machine are used for building a testing system of the IoT system in a network communication mode, and after a communication connection channel is built between the security testing server and the springboard machine, the springboard machine is used for confirming the network fine and smooth system accessed by equipment in the IoT system and the fingerprint information of the equipment; when the IoT system equipment is abnormal, capturing abnormal communication traffic among the equipment in the IoT system through the jumper, analyzing the abnormal communication traffic according to the fingerprint information of the equipment, determining the reason of the abnormal communication traffic and outputting the abnormal communication traffic. Therefore, the automatic safety test of all the devices of the IoT system is realized, manual code audit and identification are not needed, the response is fast, the identification accuracy is high, and the method and the device can be suitable for the safety test and protection of large IoT systems.
Additional features and advantages of the invention will be set forth in the description which follows, and in part will be obvious from the description, or may be learned by the practice of the invention. The objectives and other advantages of the invention will be realized and attained by the structure particularly pointed out in the written description and claims hereof as well as the appended drawings.
The technical solution of the present invention is further described in detail by the accompanying drawings and embodiments.
Drawings
The accompanying drawings, which are included to provide a further understanding of the invention and are incorporated in and constitute a part of this specification, illustrate embodiments of the invention and together with the description serve to explain the principles of the invention and not to limit the invention. In the drawings:
fig. 1 is a flowchart of a remote test method for IoT systems according to an embodiment of the present invention;
fig. 2 is a schematic structural diagram of an IoT system remote test system according to an embodiment of the present invention;
fig. 3 is a diagram illustrating an example of an IoT system remote test system according to a second embodiment of the present invention;
fig. 4 is a flowchart illustrating an implementation of a method for remotely testing an IoT system according to a second embodiment of the present invention;
FIG. 5 is a schematic structural diagram of a security test server according to an embodiment of the present invention;
fig. 6 is a schematic structural diagram of a trigger tripping device according to an embodiment of the present invention.
Detailed Description
Exemplary embodiments of the present disclosure will be described in more detail below with reference to the accompanying drawings. While exemplary embodiments of the present disclosure are shown in the drawings, it should be understood that the present disclosure may be embodied in various forms and should not be limited to the embodiments set forth herein. Rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the scope of the disclosure to those skilled in the art.
In order to solve the problem of security testing and protection of the IoT system, embodiments of the present invention provide a method for remotely testing the IoT system, which can implement remote automatic security testing of the IoT system, and is applicable to security testing and protection of a large IoT system, with fast response and high reliability.
Example one
An embodiment of the present invention provides a method for remotely testing an IoT system, where a flow of the method is shown in fig. 1, and the method includes the following steps:
step S101: and the safety test server and the springboard machine establish a communication connection channel.
In the invention, the flow bridge between the tested IoT system and the safety test server is built through the trigger jump machine, so that the communication connection and the data transmission between the tested IoT system and the safety test server are realized. The security test server, the board hop machine, and the IoT system under test may be connected through a private encrypted channel.
Establishing a communication connection channel between the security test server and the springboard may include: and the safety test server sends a channel connection request to the board jumper, receives a channel connection response returned by the board jumper and establishes a wireless communication connection channel with the board jumper. Preferably, a wireless communication connection using a 4G network can be established.
Step S102: and the security test server confirms the network information accessed by the IoT system through the board jumper.
After a communication connection channel is established between the security test server and the springboard, the security test server and the springboard need to confirm and share the local area network information accessed by each IoT device in the IoT system for subsequent use.
At this time, the security test server sends the network information accessed by each device in the IoT system to the board jumper, and receives a confirmation result returned by the board jumper after confirming the accessed network information to each device in the IoT system. The board-jumping machine receives the security test server and sends IoT when the network information accessed by each device in the system, the network information scanning function may be initiated and confirmed with the IoT system.
Step S103: the security test server acquires fingerprint information of the devices in the IoT system.
After the communication connection is completed, the security test server performs entry of device fingerprints so as to establish identification information for the IoT device, wherein the identification information is different from other devices. The security test server can perform equipment fingerprint input in a mode of user interface input or a mode of obtaining from a springboard machine or a mode of randomly generating character strings.
Specifically, the security test server acquires input fingerprint information of the devices in the IoT system, or the security test server acquires fingerprint information of the devices in the IoT system from the springboard machine, wherein the fingerprint information of the devices in the IoT system is acquired by the springboard machine by capturing communication traffic between the devices in the IoT system; or the security test server randomly generates fingerprint information of the equipment in the IoT system; the fingerprint information comprises at least one item of hardware MAC address, WIFI MAC address, equipment ID, equipment serial number and system version number of the equipment.
Step S104: and the security test server receives abnormal communication traffic among the devices in the IoT system captured by the trigger, analyzes the abnormal communication traffic according to the fingerprint information of the devices, determines the reason of the abnormality and outputs the reason.
The security test server and the springboard machine complete communication connection, network information confirmation and fingerprint collection, and can perform security test on IoT devices in an IoT system based on the information, and the security test server starts a security test process when the monitoring IoT devices of the springboard machine are abnormal, the IoT devices actively report the abnormality, or the security test server receives a security test instruction input by a user.
Optionally, the abnormal traffic may be analyzed and processed through a pre-established traffic processing pool.
When the trigger monitors that the equipment in the IoT system is abnormal or receives abnormal information reported by the equipment in the IoT system, capturing abnormal communication traffic between the abnormal equipment and the connected equipment, and sending the abnormal communication traffic to the safety test server; the security test server sends the received abnormal communication traffic to a traffic processing pool; the flow processing pool analyzes the device fingerprint and abnormal communication data included in the abnormal communication flow, matches the abnormal communication data with the device abnormal behavior record data stored in the flow pool, determines the reason of the device generating abnormality and provides the reason to the safety test server; and the safety test server outputs the device fingerprint and the corresponding abnormal reason.
The security test server can provide a human-computer interaction interface for a tester, when an instruction that a user wants to start a security test is acquired through the human-computer interaction interface, the springboard machine can also capture traffic among devices in the IoT system for analysis processing, the captured traffic may be abnormal traffic or normal traffic, and the analysis result may be that the reason for the abnormality or no abnormality occurs.
Optionally, the method further includes a procedure of vulnerability protection. The procedure of vulnerability protection and the procedure of security test can be started independently, and the execution sequence is not in sequence.
The security test server acquires the application software version information of the equipment in the IoT system through the jumper, judges the vulnerability fixing condition of the application software of the equipment in the IoT system according to the application software version information, and provides the judgment result for the corresponding equipment in the IoT system.
Specifically, vulnerability protection can be realized through a pre-established vulnerability library. The security test server acquires the application software version information of the equipment in the IoT system through the springboard machine and sends the application software version information to the vulnerability library; and the vulnerability database judges the vulnerability repair condition of the application software of the equipment in the IoT system according to the version information of the application software and the recorded vulnerability information and vulnerability repair information of each version of the application software and provides the vulnerability repair condition to the security test server.
Based on the same inventive concept, an embodiment of the present invention further provides an IoT remote test system, including: a security test server 1 and a springboard machine 2.
The security testing server 1 is used for confirming the network information accessed by the IoT system 3 through the board jumper 2 after establishing a communication connection channel with the board jumper 2 and acquiring the fingerprint information of the equipment in the IoT system 3; analyzing abnormal communication flow among the devices in the IoT system captured by the trigger (2), determining the reason of the abnormality and outputting the abnormal communication flow;
the trigger 2 is used for confirming the network information accessed by the IoT system 3 and providing the network information to the security test server 1 after establishing a communication connection channel with the security test server 1; and forwarding communication traffic for catching anomalies among the devices in the IoT system 3 to the security test server 1.
The security test server 1 is configured to establish a communication connection channel with the springboard 2, and confirm network information accessed by the IoT system through the springboard, and includes: the safety test server sends a channel access request to the springboard machine, receives a channel access response returned by the springboard machine, and establishes a wireless communication connection channel with the springboard machine; the security test server sends the network information accessed by each device in the IoT system to the board jumper, and receives a confirmation result returned after the board jumper confirms the accessed network information to each device in the IoT system.
The full test server is used for acquiring fingerprint information of the devices in the IoT system, and comprises the following steps: the method comprises the steps that a security testing server obtains input fingerprint information of equipment in an IoT system, or the security testing server obtains the fingerprint information of the equipment in the IoT system, which is obtained by a board jumper machine through capturing communication traffic between the equipment in the IoT system, from the board jumper machine; or the security test server randomly generates fingerprint information of the devices in the IoT system.
The specific implementation process of the security test server and the springboard machine for implementing the security test may include:
when the trigger monitors that the equipment in the IoT system is abnormal or receives abnormal information reported by the equipment in the IoT system, capturing abnormal communication traffic between the abnormal equipment and the connected equipment, and sending the abnormal communication traffic to a safety test server; the safety test server sends the received abnormal communication traffic to a traffic processing pool;
the flow processing pool analyzes the device fingerprint and abnormal communication data included in the abnormal communication flow, matches the abnormal communication data with the device abnormal behavior record data stored in the flow pool, determines the reason of the device generating abnormality and provides the reason to the safety test server;
and the safety test server outputs the device fingerprint and the corresponding abnormal reason.
Optionally, the security test server is further configured to obtain version information of application software of the device in the IoT system through the jumper; and judging the vulnerability repair condition of the application software of the equipment in the IoT system according to the version information of the application software and the vulnerability repair information of each version of the application software recorded in the vulnerability library, and providing the judgment result to corresponding equipment in the IoT system.
The specific implementation process of realizing vulnerability protection by the security test server and the springboard machine comprises the following steps:
the security test server acquires application software version information of equipment in the IoT system through the springboard machine and sends the application software version information to the vulnerability library;
and the vulnerability database judges the vulnerability repair condition of the application software of the equipment in the IoT system according to the version information of the application software and the recorded vulnerability information and vulnerability repair information of each version of the application software and provides the vulnerability repair condition to the security test server.
In the method and the system of the embodiment, the security test server and the springboard machine are used for building the test system of the IoT system in a network communication mode, and after the security test server and the springboard machine establish a communication connection channel, the springboard machine is used for confirming the network fine and smooth system accessed by the equipment in the IoT system and the fingerprint information of the equipment; when the IoT system equipment is abnormal, capturing abnormal communication traffic among the equipment in the IoT system through the springboard machine, analyzing the abnormal communication traffic according to the fingerprint information of the equipment, determining the reason of the abnormal communication traffic, and outputting the reason. Therefore, the automatic safety test of each device of the IoT system is realized, manual code review and identification are not needed, the response is fast, the identification accuracy is high, and the method and the device are suitable for the safety test and protection of the large IoT system.
Example two
The second embodiment of the present invention provides a specific implementation manner of the IoT remote testing method and system, wherein a specific architecture of the system is shown in fig. 3, and a flow of the method is shown in fig. 4.
As shown in fig. 3, the system includes a security testing server 1, a jumper 2, and an IoT system 3. A communication connection channel can be established between the security test server 1 and the board jumper 2, the board jumper 2 can establish communication connection with an IoT system 3, device control and 4G communication can be achieved through a mobile communication base station, the IoT system can be large-scale IoT devices and solutions, and the board jumper can be accessed to a local area network of the IoT system and can also scan device network information.
Optionally, the system further comprises: the flow processing pool 4 and/or the leak library 5 are/is independently arranged or arranged in the safety test server 1; the safety test server 1, the flow processing pool 4 and the leak library 5 may be individually arranged on a device, may also be arranged in the cloud, or may be implemented by a distributed server cluster. Wherein:
the functions implemented by the security test server 1 and the springboard 2 are described in relation to the first embodiment.
The flow processing pool is used for storing the abnormal behavior record data of the equipment, analyzing the equipment fingerprint and the abnormal communication data included in the abnormal communication flow when receiving the abnormal communication flow sent by the safety test server, matching according to the abnormal communication data and the abnormal behavior record data of the equipment stored in the flow pool, determining the reason for the abnormal condition of the equipment and providing the reason for the safety test server;
and the vulnerability library is used for storing vulnerability information and vulnerability repair information existing in each version of the application software, judging the vulnerability repair condition of the application software of the equipment in the IoT system according to the version information of the application software of the equipment in the IoT system forwarded by the security test server and the recorded vulnerability information and vulnerability repair information of each version of the application software, and providing the vulnerability repair condition to the security test server.
According to the method and the system, a security test and vulnerability protection strategy of the IoT system is established through the trigger, a hardware MAC address, a WIFI MAC address, an equipment production ID and equipment serial number information of the IoT equipment are extracted and taken as fingerprint information of the equipment to be identified and recorded, when the information is not completely acquired, the system can also automatically generate random numbers, the completeness of the unique fingerprint information is ensured, the fingerprint information is taken as an identified virtual identifier, and the system can collect the equipment condition under the virtual identifier. Such as: when basic information such as abnormal use of the current equipment is received, equipment flow analysis process abnormal data can be accessed, so that a safety problem is positioned;
the method and the system of the embodiment of the invention also comprise a security strategy for preventing the vulnerability, the application software and the information in the large-scale equipment are updated in time, the system acquires the application software information of the IoT large-scale equipment or the IoT system in a flow mode, the basic information of the application software is synchronized into the vulnerability pool, and the vulnerability pool is used as a communication vulnerability management platform and is responsible for unified collection and early warning of the vulnerability.
The IoT remote testing system builds a flow bridge between a tested system and testing equipment through the springboard, solves many problems in testing of large IoT equipment and solutions due to the particularity of the IoT equipment and the solutions, and realizes complete safety testing of cloud, pipes, terminals and sides in all directions for equipment, services and the like. Here, cloud, pipe, end, and edge refer to different devices or functional ends of the happy IoT system, and taking the smart camera system as an example, cloud refers to a cloud end, such as a cloud server; the management refers to a management end, such as a camera APP management equipment end; end refers to a device end, such as a camera; the edge refers to an edge end, such as a gateway for locally controlling the smart camera, and the like. Specifically, referring to fig. 4, the system can implement the following security testing and protection processes:
1. and establishing a communication connection.
The safety test server can provide a human-computer interaction interface for a test user, the user initiates a channel access request through the human-computer interaction interface, the safety test server initiates the channel access request to the springboard machine, the springboard machine performs network scanning after receiving the request, performs network access connection of a wireless communication network, such as a 4G network, and returns a response message of successful connection to the safety test server after successful connection. Equipment control and 4G communication can be realized between the safety test server and the springboard machine through equipment such as a mobile communication base station.
2. And acquiring network information.
After the network connection is successful, the security test server can also acquire the equipment local area network information of the IoT system or acquire the stored equipment local area network information of the IoT system through the human-computer interaction interface and provide the information to the board jump machine. The board jumper carries out network scanning based on the equipment local area network information of the IoT system, carries out network information confirmation on the equipment in the IoT system, returns a confirmation result to the safety test server if the confirmation is correct, and returns an error prompt if the confirmation is wrong, and the safety test server corrects the equipment local area network information of the IoT system. And after the network information is confirmed, the network access is finished.
The private encryption channel can be connected with the board jumper, so that the IoT system is connected, and 4G and IoT system equipment local area network configuration is carried out on the board jumper. Such as: the VPN technology is used for building connection of the IoT system equipment, the springboard machine and the security test server, and other modes can be used for opening a link, such as SSH (secure Shell) tunnels and the like.
3. And (5) fingerprint information acquisition.
And after the connection is finished, the security test server and the springboard machine interact to realize the equipment fingerprint collection of each equipment in the IoT system. The security test server can send the existing equipment fingerprint information to the board jumper machine, the board jumper machine can scan the internal information of the local area network of each equipment of the IoT system, and the basic information of each equipment is acquired by capturing the network communication flow of each equipment of the IoT system, so that the fingerprint information of the equipment is acquired. When the fingerprint information of the equipment is not complete, the completion can be carried out in a mode of automatically generating a random code.
The fingerprint information of the device may be a hardware MAC address, a WIFI MAC address, a device production ID, a device serial number, a system version number, and the like of the IoT device, and the fingerprint information of the device may be used as an IoT end identifier to perform mutual communication with a cloud, a pipe, and an edge.
4. IoT system security testing.
After network connection construction, equipment network information confirmation and fingerprint information collection are completed, safety testing can be performed, communication traffic in a local area network in an IoT system is collected and forwarded through a trigger, a safety testing server forwards the communication traffic to a traffic processing pool, the traffic processing pool analyzes communication traffic data, and the communication traffic of mutual communication among clouds, pipes, terminals and sides is scanned and analyzed through the fingerprint information of the equipment. For example, the SQL injection vulnerability exists in the cloud, and can be obtained through the mutual communication result of the edge and the cloud; such as the risk of sensitive information leakage, may also be identified and obtained from data interactions, and so forth. Therefore, errors and vulnerabilities in network service and equipment configuration can be identified remotely.
The triggering of the safety test can be the active triggering of a test user, such as the initiation of a safety test request through a human-computer interaction interface; or triggered by the abnormal information reporting behavior of the IoT equipment, and when the IoT equipment reports the abnormal information, the security test flow is started; the IoT device may be connected to the local area network through a jumper, and the security test process may be triggered when the IoT device is monitored to be abnormal.
When the security test is carried out, the difference of communication traffic and the establishment of information relevance are carried out through the fingerprint information of the equipment. Take denial of service vulnerabilities as an example: when the communication between the equipment end and the management end in the IoT system has no response to the service and the response service is not timely reported in error, the springboard can capture and forward the communication traffic with the error to the safety test server; analyzing an Http feedback status code in the communication traffic through a traffic processing pool, analyzing an error reason, determining that the service is rejected as an error when 404 (an error code) occurs, analyzing access information in the communication traffic, and further determining the reason of the error occurrence; and outputting error conditions and causes of the loopholes.
5. IoT system vulnerability defense.
The vulnerability protection can be actively triggered by a test user, such as initiating a vulnerability protection request through a human-computer interaction interface; or may be initiated periodically; it may also be triggered when a set trigger condition is met.
The trigger-to-trigger device may obtain software version information of devices in the IoT system, extract the software version information from the captured network traffic, or extract the software version information from the traffic processing pool according to analysis of traffic data, and then obtain application software version information extracted by the traffic processing pool.
The trigger of the jump sends the version information of the application software to a vulnerability database after being sorted, the vulnerability database scans the application software, for example, which version the current version of the device is, whether the version repairs the known vulnerabilities, for example, version 1 is the initial version, version 2 repairs vulnerability 1, version 3 repairs vulnerabilities 2 and 3, … …, and if the extracted version information is version 2, it is determined that vulnerability 1 is repaired, and vulnerabilities 3 are not repaired. After the known bug repairing condition is known, the result is fed back to the security test server for recording, and the recording can be carried out by combining the fingerprint information of the equipment and can also be displayed to a test user; the vulnerability repair condition can be reported to the corresponding equipment according to the fingerprint information of the equipment, and is displayed to a user using the equipment, and the auditing can be carried out by the corresponding equipment or the user.
In this embodiment, the forwarding of the device traffic is realized through the remote springboard, and the security scanning is performed on the local area network environment of the internet of things device in different link modes such as WIFI, zigbee, bluetooth, near field remote, infrared and the like. A private remote connection channel can be established, and the safety of data transmission is ensured. Therefore, safety audit is carried out on large IoT system equipment under the condition that the equipment is not disassembled, fingerprint establishment is carried out according to equipment information, and risk identification is carried out through flow analysis; automatic vulnerability identification and protection of applications of the IoT system devices may also be implemented. The solution can be used as a party export to integrally control the safety of the equipment and the system, can carry out remote safety comprehensive test on the equipment of three parties, is particularly suitable for remote test of large IoT system equipment, and can provide a safety system architecture for safety audit operation and maintenance tunnels and integral test. The scheme comprehensively utilizes the communication flow accessed by the IoT equipment to the outside and combines the characteristics of the IoT product of the equipment to carry out safety protection, the IoT equipment is not required to be modified, the equipment is not required to be intervened, the safety of the whole equipment can be audited and tested, and the problem that a large IoT system cannot carry out field safety test and protection is solved. The method can be realized through open source codes, the flow forwarding uses the springboard machine as a communication intermediate bridge, code modification on equipment software is not involved, and the method is simple and convenient to realize and high in feasibility.
Optionally, for the fingerprint information and the security information of the IoT system device, if the tester finds that the fingerprint information and the security information are obtained, the fingerprint information and the security information may also be manually input into the security testing server through the human-computer interaction interface for recording.
Based on the same inventive concept, an embodiment of the present invention further provides a security test server, the structure of which is shown in fig. 5, and the security test server includes:
the first communication module 51 is used for establishing a communication connection channel with the springboard machine;
a network information collecting module 52, configured to confirm network information accessed by the IoT system through the springboard;
a fingerprint collection module 53, configured to obtain fingerprint information of devices in the IoT system;
the safety testing module 54 is configured to analyze abnormal communication traffic between devices in the IoT system captured by the springboard machine, determine a cause of the abnormality, and output the cause;
optionally, the security test server further includes:
the vulnerability defense module 55 is used for acquiring the application software version information of the equipment in the IoT system through the springboard; and judging the vulnerability repair condition of the application software of the equipment in the IoT system according to the version information of the application software and the vulnerability repair information of each version of the application software recorded in the vulnerability library, and providing the judgment result to corresponding equipment in the IoT system.
Optionally, the security test server further includes: a flow treatment pool and/or a leak reservoir; wherein:
the flow processing pool is used for storing the abnormal behavior record data of the equipment, analyzing the equipment fingerprint and the abnormal communication data included in the abnormal communication flow when the abnormal communication flow sent by the safety test server is received, matching according to the abnormal communication data and the abnormal behavior record data of the equipment stored in the flow pool, determining the reason for the abnormal condition of the equipment, and providing the reason for the safety test server;
and the vulnerability library is used for storing vulnerability information and vulnerability repair information existing in each version of the application software, judging the vulnerability repair condition of the application software of the equipment in the IoT system according to the version information of the application software of the equipment in the IoT system forwarded by the security test server and the recorded vulnerability information and vulnerability repair information of each version of the application software, and providing the vulnerability repair condition to the security test server.
The flow treatment pool may be provided in the safety test module 54 or may be provided separately. The leak library may be provided in the leak protection module 55, or may be provided separately
An embodiment of the present invention further provides a trigger jump machine, a structure of which is shown in fig. 6, including:
the second communication module 61 is used for establishing a communication connection channel with the security test server;
a network information confirmation module 62, configured to confirm network information accessed by the IoT system and provide the network information to the security test server;
and the traffic grabbing module 63 is configured to grab abnormal communication traffic between the devices in the IoT system and forward the abnormal communication traffic to the security testing server.
Optionally, the trigger jumping machine further includes:
and a version information obtaining module 64, configured to obtain the application software version information of the devices in the IoT system.
With regard to the apparatus in the above embodiment, the specific manner in which each module performs the operation has been described in detail in the embodiment related to the method, and will not be described in detail here.
The IoT system remote testing method provided in the embodiments of the present invention may also be applied to remote testing of other systems, such as an internet system, a local area network system, and other systems that include multiple devices connected via a network, and accordingly, the embodiments of the present invention provide a system remote testing method, which includes:
the safety test server and the springboard machine establish a communication connection channel, and confirm the network information accessed by the tested system through the springboard machine;
the security test server acquires fingerprint information of equipment in a tested system;
and the safety test server receives abnormal communication traffic between the devices in the tested system captured by the board jump machine, analyzes the abnormal communication traffic according to the fingerprint information of the devices, determines the reason of the abnormality and outputs the reason.
The specific implementation process of each step of the system remote test, and the related remote test system and device refer to the above related description of the IoT remote test system and device, which is not described herein again.
Unless specifically stated otherwise, terms such as processing, computing, calculating, determining, displaying, or the like, may refer to an action and/or process of one or more processing or computing systems or similar devices that manipulates and transforms data represented as physical (e.g., electronic) quantities within the processing system's registers and memories into other data similarly represented as physical quantities within the processing system's memories, registers or other such information storage, transmission or display devices. Information and signals may be represented using any of a variety of different technologies and techniques. For example, data, instructions, commands, information, signals, bits, symbols, and chips that may be referenced throughout the above description may be represented by voltages, currents, electromagnetic waves, magnetic fields or particles, optical fields or particles, or any combination thereof.
It should be understood that the specific order or hierarchy of steps in the processes disclosed is an example of exemplary approaches. Based upon design preferences, it is understood that the specific order or hierarchy of steps in the processes may be rearranged without departing from the scope of the present disclosure. The accompanying method claims present elements of the various steps in a sample order, and are not intended to be limited to the specific order or hierarchy presented.
In the foregoing detailed description, various features are grouped together in a single embodiment for the purpose of streamlining the disclosure. This method of disclosure is not to be interpreted as reflecting an intention that the claimed embodiments of the subject matter require more features than are expressly recited in each claim. Rather, as the following claims reflect, invention lies in less than all features of a single disclosed embodiment. Thus, the following claims are hereby expressly incorporated into the detailed description, with each claim standing on its own as a separate preferred embodiment of the invention.
Those of skill would further appreciate that the various illustrative logical blocks, modules, circuits, and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware, computer software, or combinations of both. To clearly illustrate this interchangeability of hardware and software, various illustrative components, blocks, modules, circuits, and steps have been described above generally in terms of their functionality. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the overall system. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present disclosure.
The steps of a method or algorithm described in connection with the embodiments disclosed herein may be embodied directly in hardware, in a software module executed by a processor, or in a combination of the two. A software module may reside in RAM memory, flash memory, ROM memory, EPROM memory, EEPROM memory, registers, hard disk, a removable disk, a CD-ROM, or any other form of storage medium known in the art. An exemplary storage medium is coupled to the processor such the processor can read information from, and write information to, the storage medium. Of course, the storage medium may also be integral to the processor. The processor and the storage medium may reside in an ASIC. The ASIC may reside in a user terminal. Of course, the processor and the storage medium may reside as discrete components in a user terminal.
For a software implementation, the techniques described herein may be implemented with modules (e.g., procedures, functions, and so on) that perform the functions described herein. The software codes may be stored in memory units and executed by processors. The memory unit may be implemented within the processor or external to the processor, in which case it can be communicatively coupled to the processor via various means as is known in the art.
What has been described above includes examples of one or more embodiments. It is, of course, not possible to describe every conceivable combination of components or methodologies for purposes of describing the aforementioned embodiments, but one of ordinary skill in the art may recognize that many further combinations and permutations of various embodiments are possible. Accordingly, the embodiments described herein are intended to embrace all such alterations, modifications and variations that fall within the scope of the appended claims. Furthermore, to the extent that the term "includes" is used in either the detailed description or the claims, such term is intended to be inclusive in a manner similar to the term "comprising" as "comprising" is interpreted when employed as a transitional word in a claim. Furthermore, any use of the term "or" in the specification of the claims is intended to mean a "non-exclusive or".
Claims (14)
1. An IoT system remote testing method, comprising:
the security test server and the springboard machine establish a communication connection channel, and confirm the network information accessed by the IoT system through the springboard machine;
the security testing server acquires fingerprint information of equipment in the IoT system;
the security test server receives abnormal communication traffic among the devices in the IoT system captured by the trigger, analyzes the abnormal communication traffic according to the fingerprint information of the devices, determines the reason for generating the abnormality and outputs the reason;
the method includes the following steps that a communication connection channel is established between the security test server and the springboard, and network information accessed by an IoT system is confirmed through the springboard, and the method includes the following steps:
the safety test server sends a channel connection request to the board jumper, receives a channel connection response returned by the board jumper and establishes a wireless communication connection channel with the board jumper;
and the safety test server sends the network information accessed by each device in the IoT system to the board jumper, and receives a confirmation result returned by the board jumper after confirming the accessed network information to each device in the IoT system.
2. The method of claim 1, wherein the security test server obtaining fingerprint information for devices in an IoT system comprises:
the method comprises the steps that a security testing server obtains input fingerprint information of equipment in an IoT system, or the security testing server obtains the fingerprint information of the equipment in the IoT system obtained by grabbing communication traffic among the equipment in the IoT system from a springboard machine; or the security test server randomly generates fingerprint information of the equipment in the IoT system;
the fingerprint information comprises at least one item of hardware MAC address, WIFI MAC address, equipment ID, equipment serial number and system version number of the equipment.
3. The method of claim 1, wherein the step of receiving abnormal communication traffic among the devices in the IoT system captured by the trigger for security test by the security test server, analyzing the abnormal communication traffic according to the fingerprint information of the devices, determining a cause of the abnormality and outputting the cause comprises:
when the trigger monitors that the equipment in the IoT system is abnormal or receives abnormal information reported by the equipment in the IoT system, capturing abnormal communication traffic between the abnormal equipment and the connected equipment, and sending the abnormal communication traffic to a safety test server;
the security test server sends the received abnormal communication traffic to a traffic processing pool;
the flow processing pool analyzes the device fingerprint and abnormal communication data included in the abnormal communication flow, matches the abnormal communication data with the device abnormal behavior record data stored in the flow pool, determines the reason of the device generating abnormality and provides the reason to the safety test server;
and the security test server outputs the device fingerprint and the corresponding abnormal reason.
4. The method of any of claims 1-3, further comprising:
the security test server acquires the application software version information of the equipment in the IoT system through the jumper, judges the vulnerability fixing condition of the application software of the equipment in the IoT system according to the application software version information, and provides the judgment result for the corresponding equipment in the IoT system.
5. The method of claim 4, wherein the step of the security test server obtaining the application software version information of the devices in the IoT system through the jumper, and the step of determining the vulnerability fixing condition of the devices in the IoT system according to the application software version information comprises:
the security test server acquires application software version information of equipment in the IoT system through the springboard machine and sends the application software version information to the vulnerability library;
and the vulnerability database judges the vulnerability repair condition of the application software of the equipment in the IoT system according to the version information of the application software and the recorded vulnerability information and vulnerability repair information of each version of the application software and provides the vulnerability repair condition to the security test server.
6. An IoT remote test system, comprising: the safety test system comprises a safety test server and a board jumping machine;
the security test server is used for confirming the network information accessed by the IoT system through the springboard machine after establishing a communication connection channel with the springboard machine and acquiring the fingerprint information of the equipment in the IoT system; analyzing abnormal communication traffic among the devices in the IoT system captured by the trigger to determine the reason for generating the abnormality and outputting the reason; after establishing a communication connection channel with the springboard machine, confirming network information accessed by an IoT system through the springboard machine, wherein the network information comprises a channel connection request sent to the springboard machine, a channel connection response returned by the springboard machine and a wireless communication connection channel established with the springboard machine; sending network information accessed by each device in the IoT system to the board jumper, and receiving a confirmation result returned by the board jumper after confirming the accessed network information to each device in the IoT system;
the system comprises a trigger for jumping, which is used for confirming the network information accessed by the IoT system and providing the network information to a security test server after establishing a communication connection channel with the security test server; capturing abnormal communication traffic among the devices in the IoT system and forwarding the abnormal communication traffic to the security test server; after establishing a communication connection channel with the security test server, confirming network information accessed by the IoT system and providing the network information to the security test server, comprising: receiving a channel access request sent by a security test server, returning a channel access response, and establishing a wireless communication connection channel with the security test server; and receiving network information which is sent by the security test server and accessed by each device in the IoT system, and returning a confirmation result after confirming the accessed network information to each device in the IoT system.
7. The system of claim 6, wherein the security test server is further configured to:
acquiring application software version information of equipment in an IoT system through a jumper; and judging the vulnerability repair condition of the application software of the equipment in the IoT system according to the version information of the application software and the vulnerability repair information of each version of the application software recorded in the vulnerability library, and providing the judgment result to corresponding equipment in the IoT system.
8. The system of claim 6 or 7, further comprising: the flow processing pool and/or the leak library are independently arranged or arranged in the safety test server; wherein:
the flow processing pool is used for storing the abnormal behavior record data of the equipment, analyzing the equipment fingerprint and the abnormal communication data included in the abnormal communication flow when the abnormal communication flow sent by the safety test server is received, matching according to the abnormal communication data and the abnormal behavior record data of the equipment stored in the flow pool, determining the reason for the abnormal condition of the equipment, and providing the reason for the safety test server;
and the vulnerability library is used for storing vulnerability information and vulnerability repair information existing in each version of the application software, judging the vulnerability repair condition of the application software of the equipment in the IoT system according to the version information of the application software of the equipment in the IoT system forwarded by the security test server and the recorded vulnerability information and vulnerability repair information of each version of the application software, and providing the vulnerability repair condition to the security test server.
9. A security test server, comprising:
the first communication module is used for establishing a communication connection channel with the springboard machine and comprises: sending a channel connection request to the springboard machine, receiving a channel connection response returned by the springboard machine, and establishing a wireless communication connection channel with the springboard machine;
the network information acquisition module is used for confirming the network information accessed by the IoT system through the jumper, and comprises: sending network information accessed by each device in the IoT system to the board jumper, and receiving a confirmation result returned by the board jumper after confirming the accessed network information to each device in the IoT system;
the fingerprint collection module is used for acquiring fingerprint information of equipment in the IoT system;
and the safety testing module is used for analyzing abnormal communication flow among the devices in the IoT system captured by the springboard machine, determining the reason of the abnormality and outputting the abnormal communication flow.
10. The security test server of claim 9, further comprising:
the vulnerability protection module is used for acquiring the application software version information of the equipment in the IoT system through the springboard machine; and judging the vulnerability repair condition of the application software of the equipment in the IoT system according to the version information of the application software and the vulnerability repair information of each version of the application software recorded in the vulnerability library, and providing the judgment result to corresponding equipment in the IoT system.
11. The security test server of claim 9 or 10, further comprising: a flow treatment pool and/or a leak reservoir; wherein:
the flow processing pool is used for storing the abnormal behavior record data of the equipment, analyzing the equipment fingerprint and the abnormal communication data included in the abnormal communication flow when the abnormal communication flow sent by the safety test server is received, matching according to the abnormal communication data and the abnormal behavior record data of the equipment stored in the flow pool, determining the reason for the abnormal condition of the equipment, and providing the reason for the safety test server;
and the vulnerability library is used for storing vulnerability information and vulnerability repair information existing in each version of the application software, judging the vulnerability repair condition of the application software of the equipment in the IoT system according to the version information of the application software of the equipment in the IoT system forwarded by the security test server and the recorded vulnerability information and vulnerability repair information of each version of the application software, and providing the vulnerability repair condition to the security test server.
12. A gangboard machine comprising:
the second communication module is used for establishing a communication connection channel with the security test server, and comprises: receiving a channel connection request sent by a security test server, returning a channel connection response, and establishing a wireless communication connection channel with the security test server;
the network information confirmation module is used for confirming the network information accessed by the IoT system and providing the network information to the security test server, and comprises: receiving network information which is sent by a security test server and accessed by each device in an IoT system, and returning a confirmation result after confirming the accessed network information to each device in the IoT system;
and the traffic grabbing module is used for grabbing abnormal communication traffic among the devices in the IoT system and forwarding the abnormal communication traffic to the security test server.
13. The diving board machine of claim 12, further comprising:
and the version information acquisition module is used for acquiring the application software version information of the equipment in the IoT system.
14. A method for remote testing of a system, comprising:
the safety test server and the springboard machine establish a communication connection channel, and confirm the network information accessed by the tested system through the springboard machine;
the security test server acquires fingerprint information of equipment in a tested system;
the safety test server receives abnormal communication traffic between devices in a tested system captured by the board jumper, analyzes the abnormal communication traffic according to fingerprint information of the devices, determines and outputs reasons for generating the abnormality;
the method includes the steps that a communication connection channel is established between the security test server and the springboard, and network information accessed by an IoT system is confirmed through the springboard, and the method includes the following steps: the safety test server sends a channel connection request to the board jumper, receives a channel connection response returned by the board jumper and establishes a wireless communication connection channel with the board jumper; and the safety test server sends the network information accessed by each device in the IoT system to the board jumper, and receives a confirmation result returned by the board jumper after confirming the accessed network information to each device in the IoT system.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010170442.6A CN113395235B (en) | 2020-03-12 | 2020-03-12 | IoT system remote testing method, system and equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010170442.6A CN113395235B (en) | 2020-03-12 | 2020-03-12 | IoT system remote testing method, system and equipment |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN113395235A CN113395235A (en) | 2021-09-14 |
| CN113395235B true CN113395235B (en) | 2023-04-04 |
Family
ID=77615605
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010170442.6A Active CN113395235B (en) | 2020-03-12 | 2020-03-12 | IoT system remote testing method, system and equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113395235B (en) |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107678969A (en) * | 2017-10-18 | 2018-02-09 | 广东神马搜索科技有限公司 | Beta version dissemination method, device, Version Control equipment and test machine |
| CN109063486A (en) * | 2018-08-01 | 2018-12-21 | 杭州安恒信息技术股份有限公司 | A kind of safe penetration test method and system based on PLC device fingerprint recognition |
| CN109150918A (en) * | 2018-10-31 | 2019-01-04 | 云南电网有限责任公司 | A kind of information security hierarchical protection assessment method and system based on fort machine |
| CN110659481A (en) * | 2019-09-27 | 2020-01-07 | 上海赛可出行科技服务有限公司 | Vulnerability scanning method based on agent |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2018084808A1 (en) * | 2016-11-04 | 2018-05-11 | Singapore University Of Technology And Design | Computer-implemented method and data processing system for testing device security |
-
2020
- 2020-03-12 CN CN202010170442.6A patent/CN113395235B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107678969A (en) * | 2017-10-18 | 2018-02-09 | 广东神马搜索科技有限公司 | Beta version dissemination method, device, Version Control equipment and test machine |
| CN109063486A (en) * | 2018-08-01 | 2018-12-21 | 杭州安恒信息技术股份有限公司 | A kind of safe penetration test method and system based on PLC device fingerprint recognition |
| CN109150918A (en) * | 2018-10-31 | 2019-01-04 | 云南电网有限责任公司 | A kind of information security hierarchical protection assessment method and system based on fort machine |
| CN110659481A (en) * | 2019-09-27 | 2020-01-07 | 上海赛可出行科技服务有限公司 | Vulnerability scanning method based on agent |
Non-Patent Citations (2)
| Title |
|---|
| 一种用于电力监控系统测试的远程系统设计实现;江泽鑫;《微型机与应用》;20161231(第20期);第9-12+16页 * |
| 基于设备型号分类和BP神经网络的物联网流量异常检测;杨威超 等;《信息网络安全》;20191210;第59-69页 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN113395235A (en) | 2021-09-14 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110955899B (en) | Safety test method, device, test equipment and medium | |
| CN111311777A (en) | Dynamic inspection method, server, terminal, storage medium and equipment | |
| CN107294808A (en) | The methods, devices and systems of interface testing | |
| CN110740077B (en) | Simulation system heterogeneity testing system, method and device based on network packet capturing | |
| CN105391729A (en) | Web loophole automatic mining method based on fuzzy test | |
| CN112367680B (en) | External communication test method and device based on intelligent ammeter and computer equipment | |
| CN103678124B (en) | Video surveillance platform auto-test method and device based on continuous integrated environment | |
| CN112906011B (en) | Vulnerability discovery method, testing method, security testing method, related device and platform | |
| CN111555920B (en) | Intelligent operation and maintenance method, system, equipment and user side | |
| CN113778879B (en) | Interface fuzzy test method and device | |
| CN111884989B (en) | Vulnerability detection method and system for electric power web system | |
| CN107315952A (en) | Method and apparatus for determining application program suspicious actions | |
| CN112953971A (en) | Network security traffic intrusion detection method and system | |
| CN108540491B (en) | Semi-automatic penetration testing system and method based on passive scanning | |
| CN105245489A (en) | Verification method and verification device | |
| CN111147521A (en) | Enterprise private network security event management system | |
| CN112565244B (en) | Active risk monitoring method, system and equipment for website projects | |
| CN113395235B (en) | IoT system remote testing method, system and equipment | |
| CN112615848A (en) | Vulnerability repair state detection method and system | |
| CN116166536A (en) | Test method, test device, electronic equipment and storage medium | |
| CN115604037A (en) | Communication safety testing method of fault monitoring system | |
| CN113037526B (en) | Security detection method, terminal, system and storage medium | |
| CN113836539A (en) | Power engineering control system leak full-flow disposal system and method based on precise test | |
| CN105574460A (en) | Method and device for monitoring working state of code-scanning device | |
| CN113221111A (en) | Penetration testing system for network security |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| REG | Reference to a national code |
Ref country code: HK Ref legal event code: DE Ref document number: 40058125 Country of ref document: HK |
|
| GR01 | Patent grant | ||
| GR01 | Patent grant |