CN117494148B - Security detection method, security detection device, terminal equipment and computer readable storage medium - Google Patents

Security detection method, security detection device, terminal equipment and computer readable storage medium Download PDF

Info

Publication number
CN117494148B
CN117494148B CN202410004052.XA CN202410004052A CN117494148B CN 117494148 B CN117494148 B CN 117494148B CN 202410004052 A CN202410004052 A CN 202410004052A CN 117494148 B CN117494148 B CN 117494148B
Authority
CN
China
Prior art keywords
data
detection
information
sensitive information
target equipment
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202410004052.XA
Other languages
Chinese (zh)
Other versions
CN117494148A (en
Inventor
万彬彬
巩潇
李梦玮
王磊
崔登祺
赵郑斌
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Software Evaluation Center
Original Assignee
China Software Evaluation Center
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Software Evaluation Center filed Critical China Software Evaluation Center
Priority to CN202410004052.XA priority Critical patent/CN117494148B/en
Publication of CN117494148A publication Critical patent/CN117494148A/en
Application granted granted Critical
Publication of CN117494148B publication Critical patent/CN117494148B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/577Assessing vulnerabilities and evaluating computer system security
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/03Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
    • G06F2221/034Test or assess a computer or a system

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Computing Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)
  • Debugging And Monitoring (AREA)

Abstract

The application is applicable to the technical field of security detection methods, and provides a security detection method, a device, a terminal device and a computer readable storage medium, comprising: acquiring first data, wherein the first data is detection data of target equipment obtained through a communication serial port; acquiring second data, wherein the second data is detection data of target equipment obtained through a universal serial bus; detecting sensitive information from the first data and the second data; obtaining vulnerability database information, wherein the vulnerability database information comprises standard data corresponding to the sensitive information; and performing vulnerability verification on the target equipment according to the sensitive information and the corresponding standard data thereof to obtain a verification result. By the method, part of tedious and repeated work can be automatically completed, and the efficiency of safety detection work is improved.

Description

Security detection method, security detection device, terminal equipment and computer readable storage medium
Technical Field
The application belongs to the technical field of security detection methods, and particularly relates to a security detection method, a security detection device, terminal equipment and a computer readable storage medium.
Background
The global service robot breeds new development opportunities, forms an emerging growing point of the industry with a new scale, and promotes the rapid growth of the market scale. However, the service robots of various forms of manufacturers are faced with different functional structures, and safety detection needs to be carried out on the robots, so that stable and reliable services can be continuously provided.
At present, the method mainly adopted for safety evaluation of the service robot is a penetration type method, but because of complex interfaces and various protocols of the robot, the penetration type method needs to manually carry out a plurality of trivial and repeated works when the safety evaluation is carried out on the robot, so that the safety detection working efficiency is low.
Disclosure of Invention
The embodiment of the application provides a safety detection method, a safety detection device, terminal equipment and a computer readable storage medium, which can automatically complete part of tedious and repeated work and improve the efficiency of safety detection work.
In a first aspect, an embodiment of the present application provides a security detection method, including:
acquiring first data, wherein the first data is detection data of target equipment obtained through a communication serial port;
acquiring second data, wherein the second data is detection data of target equipment obtained through a universal serial bus;
detecting sensitive information from the first data and the second data;
obtaining vulnerability database information, wherein the vulnerability database information comprises standard data corresponding to the sensitive information;
and performing vulnerability verification on the target equipment according to the sensitive information and the corresponding standard data thereof to obtain a verification result.
In the embodiment of the application, the serial port module and the USB detection module are used for respectively collecting data information, namely detection data, of the target equipment, the collected detection data are matched according to a sensitive information base built in the system to obtain sensitive information, the sensitive information is the data of the target equipment, the vulnerability possibly exists, and finally the vulnerability is determined through a vulnerability verification method. By the method, partial tedious and repeated work of safety evaluation can be effectively and fully automatically completed, and the efficiency of safety detection work is improved.
In a possible implementation manner of the first aspect, the acquiring the first data includes:
establishing a serial communication interface between the target equipment and the target equipment;
configuring serial port parameters according to the serial port communication interface, wherein the serial port parameters comprise at least one of the following: baud rate, data bits, and flow control parameters;
and when the serial communication interface is started, performing function detection on the target equipment according to the serial parameters to acquire the first data.
In a possible implementation manner of the first aspect, the acquiring the second data includes:
establishing a debug bridge, wherein the debug bridge is a command line tool for establishing communication with the target equipment;
and acquiring the second data according to the debug bridge.
In a possible implementation manner of the first aspect, the detecting sensitive information according to the first data and the second data includes:
acquiring an operating system of a target device, wherein the operating system comprises any one of the following components: ubuntu, android and ROS;
obtaining matching library information, wherein the matching library information comprises standard parameters corresponding to various types of operating systems;
and determining sensitive information from the first data and the second data according to the matching library information and the operating system of the target device.
In a possible implementation manner of the first aspect, the determining, according to the matching library information and the operating system of the target device, sensitive information from the first data and the second data includes:
searching standard parameters corresponding to an operating system of the target equipment in the matching library information;
and respectively carrying out matching processing on the first data and the second data and the standard parameters to obtain the sensitive information.
In a possible implementation manner of the first aspect, after performing vulnerability verification according to the matching information to obtain a verification result, the method further includes:
and generating a security detection report according to the verification result.
In a second aspect, embodiments of the present application provide a security detection device, including:
the first acquisition module is used for acquiring first data, wherein the first data is detection data of target equipment obtained through a communication serial port;
the second acquisition module is used for acquiring second data, wherein the second data is detection data of target equipment obtained through a universal serial bus;
the detection module is used for detecting sensitive information according to the first data and the second data;
the third acquisition module is used for acquiring vulnerability database information, wherein the vulnerability database information comprises standard data corresponding to the sensitive information;
and the verification module is used for performing vulnerability verification on the target equipment according to the sensitive information and the corresponding standard data thereof to obtain a verification result.
In a second aspect, an embodiment of the present application provides a terminal device, including a memory, a processor, and a computer program stored in the memory and executable on the processor, where the processor implements the security detection method according to any one of the first aspects when the processor executes the computer program.
In a third aspect, embodiments of the present application provide a computer readable storage medium storing a computer program which, when executed by a processor, implements a security detection method as in any one of the first aspects above.
In a fourth aspect, embodiments of the present application provide a computer program product for, when run on a terminal device, causing the terminal device to perform the security detection method according to any one of the first aspects.
It will be appreciated that the advantages of the second to fourth aspects may be found in the relevant description of the first aspect and are not repeated here.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings that are required for the embodiments or the description of the prior art will be briefly described below, it being obvious that the drawings in the following description are only some embodiments of the present application, and that other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
Fig. 1 is a system flow diagram of a security detection method according to an embodiment of the present application;
FIG. 2 is a schematic diagram of acquiring first data according to an embodiment of the present application;
FIG. 3 is a schematic diagram of acquiring second data according to an embodiment of the present application;
FIG. 4 is a schematic diagram of detecting sensitive information provided by an embodiment of the present application;
FIG. 5 is a schematic diagram of a security detection method according to an embodiment of the present disclosure;
FIG. 6 is a schematic structural diagram of a security detection device according to an embodiment of the present disclosure;
fig. 7 is a schematic structural diagram of a terminal device provided in an embodiment of the present application.
Detailed Description
In the following description, for purposes of explanation and not limitation, specific details are set forth, such as particular system configurations, techniques, etc. in order to provide a thorough understanding of the embodiments of the present application. It will be apparent, however, to one skilled in the art that the present application may be practiced in other embodiments that depart from these specific details. In other instances, detailed descriptions of well-known systems, devices, circuits, and methods are omitted so as not to obscure the description of the present application with unnecessary detail.
It should be understood that the terms "comprises" and/or "comprising," when used in this specification and the appended claims, specify the presence of stated features, integers, steps, operations, elements, and/or components, but do not preclude the presence or addition of one or more other features, integers, steps, operations, elements, components, and/or groups thereof.
It should also be understood that the term "and/or" as used in this specification and the appended claims refers to any and all possible combinations of one or more of the associated listed items, and includes such combinations.
As used in this specification and the appended claims, the term "if" may be interpreted as "when..once" or "in response to a determination" or "in response to detection" depending on the context. Similarly, the phrase "if a determination" or "if a [ described condition or event ] is detected" may be interpreted in the context of meaning "upon determination" or "in response to determination" or "upon detection of a [ described condition or event ]" or "in response to detection of a [ described condition or event ]".
In addition, in the description of the present application and the appended claims, the terms "first," "second," "third," and the like are used merely to distinguish between descriptions and are not to be construed as indicating or implying relative importance.
Reference in the specification to "one embodiment" or "some embodiments" or the like means that a particular feature, structure, or characteristic described in connection with the embodiment is included in one or more embodiments of the application. Thus, appearances of the phrases "in one embodiment," "in some embodiments," "in other embodiments," and the like in the specification are not necessarily all referring to the same embodiment, but mean "one or more but not all embodiments" unless expressly specified otherwise.
With the rapid development of intelligent technology, intelligent robots have been widely used in high and new industries such as equipment manufacturing, new materials, biological medicine, intelligent new energy, etc. The development of the integration of robots with artificial intelligence technology, advanced manufacturing technology and internet technology has driven the revolution of human lifestyles. Especially to serve robots, has great potential. Service robots are widely used in various industries. However, the functional structure of service robots is different from each other in various forms for each manufacturer. Therefore, comprehensive safety detection is required for the service robot, and stable and reliable service can be continuously provided.
The security assessment aiming at the service robot mainly adopts a traditional penetration type test method, and the penetration type test method generally takes an operating system, a database, an application program and network equipment as objects, so that a series of mature and complete processes and methods of information collection, vulnerability scanning, vulnerability exploitation, authority improvement and the like are formed, and the security risk existing in a target system can be effectively detected. However, compared with the traditional IT system, the service robot serving as intelligent equipment integrating software and hardware has the structure and characteristics of the service robot, and the traditional penetration test means cannot be fully applied.
At present, the safety assessment aiming at the service robot is mainly based on manual testing, and the module of the robot, which possibly has safety risk, is tested by using various software and hardware tools and instruments in combination with the characteristics of the robot by referring to the thought of the traditional penetration test. Because of the complex robot interface and various protocols, the method can require a lot of manual and repeated work, and the efficiency and the result are not ideal.
In order to solve the problems in the prior art, the embodiment of the application provides a security detection method. According to the method, data information, namely detection data, of target equipment is collected through a serial port module and a USB detection module respectively, the collected detection data are subjected to matching processing according to a sensitive information base arranged in a system to obtain sensitive information, the sensitive information is data bits or other information which possibly has harm and is likely to have loopholes of the target equipment, and finally the existence of the loopholes is determined through a loophole verification determination method. By the method, partial tedious and repeated work of safety evaluation can be effectively and fully automatically completed, and the efficiency of safety detection work is improved.
Referring to fig. 1, a system flow diagram of a security detection method according to an embodiment of the present application is shown. By way of example, and not limitation, the method includes the steps of:
step S101, first data is acquired, wherein the first data is detection data of target equipment obtained through a communication serial port.
In the embodiment of the present application, the target device may be a device including a self-mobile auxiliary function, or may be a semi-autonomous or fully autonomous service robot device, for example, a service type device such as a meal delivery robot, a sweeping robot, or the like. The target devices of the present application are collectively referred to as service robots.
Because the service robots have different forms and functional structures, the service robots need to be comprehensively and safely detected, so that the service robots can continuously provide stable and reliable services. First, the service robot needs to collect information of the service robot before safety evaluation.
According to the service robot data, the data of the service robot are collected in two data collection modes. The first data such as serial port starting and port sensitive information are acquired by adopting a communication serial port.
The communication serial port is a serial port, which is simply called a "serial port", also called a "serial communication interface" or a "serial communication interface" (generally referred to as a COM port), and is an expansion interface adopting a serial communication method. The serial interface is a bit-by-bit sequential transfer of data. The communication line is simple, and two-way communication can be realized by only one pair of transmission lines.
In one embodiment, referring to fig. 2, a schematic diagram of acquiring first data according to an embodiment of the present application is provided. As shown in fig. 2, one implementation of step S101 includes:
step S201, a serial communication interface between the target device and the target device is established.
In the embodiment of the application, a serial communication interface for communicating with the service robot needs to be configured before the first data is collected, and the communication interface refers to an interface between the central processing unit and the standard communication subsystem.
Since data transfer between computers or between computers and terminal devices can be performed in both serial communication and parallel communication. Because the serial communication mode has the advantages of less used lines and low cost, the method avoids inconsistent characteristics of a plurality of lines and is widely adopted particularly in remote transmission. In serial communication, two parties of communication are required to adopt a standard interface so that different devices can be conveniently connected for communication. For example, an RS-232-C interface is the most commonly used serial communication interface, which is a standard serial interface with simple communication lines, and can perform point-to-point bidirectional communication with a host computer by only using one cross wire. The communication interface is mostly in an industrial personal computer and part of communication equipment.
Step S202, configuring serial port parameters according to the serial port communication interface, wherein the serial port parameters comprise at least one of the following: baud rate, data bits, and flow control parameters.
In the embodiment of the present application, serial ports are used for transmission of ASCLL code characters, and three first-completed, i.e., ground, transmitting and receiving, are typically used. Because serial communication is asynchronous, a port is able to send data on one line while receiving data on another line. In order to properly realize communication between serial ports, parameters of the serial ports must be set. Common serial parameters include baud rate, data bits, stop bits, check bits, and the like. Illustratively, the baud rate is a parameter that measures the rate of transmission, and represents the number of symbols transmitted per second, e.g., 300 baud rate represents 300 symbols transmitted per second. When we refer to the clock period, we refer to the baud rate, and if the protocol requires 4800 baud rate, then the clock is 4800HZ, meaning that the serial communication is at a sampling rate of 4800HZ on the data.
Step S203, when the serial communication interface is enabled, performing function detection on the target device according to the serial parameter, and obtaining first data.
In this embodiment of the present application, after the connection of the serial port is established, it is required to determine whether the serial port is enabled. If the serial port is enabled, the service robot risks the debug interface not being closed. At this time, the control system automatically performs functional detection such as enabling detection, sensitive information detection, identity verification, etc., and exemplary sensitive information detection, the sensitive information refers to important information such as technical data, customer data, database, etc. The data obtained through the function detection can be displayed on the monitoring page. The detected data is the first data.
In the method, the sensitive information such as the service robot port, serial port starting and the like can be acquired through the management of the communication serial port and the detection of the sensitive information.
Step S102, second data is acquired, wherein the second data is detection data of the target device obtained through the universal serial bus.
In the embodiment of the application, a universal serial bus (Universal Serial Bus, USB) is a data communication mode, which is used for standardizing the connection and communication between a computer and an external device. The data acquisition mode of this application falls into two kinds, and the sensitive information of service robot that above-mentioned first data of gathering obtained mainly through communication serial ports. After that, second data, which is data of an operating system such as a service robot system version, is required to be acquired. The second data is acquired mainly by a USB detection module, and after USB detection is performed from a USB port connected to the robot to the notebook computer, the module can automatically extract system information of the service robot and the like.
In one embodiment, referring to fig. 3, a schematic diagram of acquiring second data according to an embodiment of the present application is provided. As shown in fig. 3, one implementation of step S102 includes:
step S301, a debug bridge is established, where the debug bridge is a command line tool that establishes communication with the target device.
In an embodiment of the present application, the debug bridge (Android Debug Bridge, ADB) is a versatile command line tool that can communicate with devices. The ADB commands may be used to perform various device operations, such as installing and debugging applications. The ADB is firstly required to be established and the ADB is required to be debugged before the ADB command is adopted to access the service robot, the ADB command can be used to access the service robot after the debugging is successful,
step S302, obtaining the second data according to the debug bridge.
In the embodiment of the application, after the ADB connection is established, the Android system version of the service robot, the corresponding application program version, the hardware related information and the like can be acquired through the ADB command, and the acquired information is the second data.
Step S103, detecting sensitive information according to the first data and the second data.
In the embodiment of the application, detection of sensitive information is performed on the acquired data to determine information that may be at risk of data leakage. The detection method includes that the first data and the second data are matched with standard sensitive information respectively, or the first data and the second data are combined into third data, the third data are matched with standard parameters of a sensitive information database, and if the matching is successful, the risk of data leakage possibly exists in the data.
In one embodiment, referring to fig. 4, a schematic diagram of detecting sensitive information provided in an embodiment of the present application is shown. As shown in fig. 4, one implementation of step S103 includes:
step S401, acquiring an operating system of the target device, where the operating system includes any one of the following: ubuntu, android and ROS.
In the embodiment of the application, the operating system refers to the hardware and software resources of the whole computer system, and reasonably organizes and schedules the work of the computer and the allocation of the resources so as to provide a convenient interface and environment for users and other software, and is the most basic system software in the computer system.
For the robot field, since the robot is a multi-expertise intersecting discipline, it generally involves sensors, drivers, multi-machine communication, mechanical structures, algorithms, and the like, and thus an operation system of the robot is complicated. The operating system for the mainstream service robot includes Ubuntu, android and ROS. Illustratively, ROS (Robot Opetating System) is an open source system (strictly speaking, an operating system middleware) that operates the robot on a computer. It provides functionality similar to that provided by operating systems, including hardware abstraction, underlying driver management, execution of common functions, messaging between program components, program distribution package management, and it also provides tools and libraries for retrieving, building, writing, and running multi-machine integrated programs.
In the application, when detecting the sensitive information, it is first required to acquire which of the above operating systems of the service robot is and to detect the sensitive information in a targeted manner according to the characteristics of the system.
Step S402, obtaining matching library information, wherein the matching library information comprises standard parameters corresponding to various types of operating systems.
In the embodiment of the application, a matching library is arranged in the detection system, and the content in the matching library is standard data corresponding to all sensitive information of all the service robot systems, namely standard parameters. Its matching library is also called a database.
The database in which the data is typically stored is a relational database, and MySQL is an exemplary relational database management system, where the relational database stores data in different tables, instead of placing all data in one large repository, all standard contents of the database, i.e., the matching database, can be obtained by accessing the database through the SQL language. Further, if the database is a non-relational database, other script modes may be adopted to obtain the database.
Step S403, determining sensitive information from the first data and the second data according to the matching library information and the operating system of the target device.
In the embodiment of the application, the first data and the second data which are data detected and output from the serial port and the USB are collected and matched with the obtained operating system, the matching library information and the like of the service robot to determine the data possibly having information leakage risk. The sensitive information comprises information such as web service, port, hardware version, control instruction of robot, account number and the like.
In one embodiment, one implementation of step S403 includes:
searching standard parameters corresponding to an operating system of the target equipment in the matching library information;
and respectively carrying out matching processing on the first data and the second data and the standard parameters to obtain the sensitive information.
In this embodiment of the present application, after determining the operating system of the service robot, standard parameter information corresponding to the operating system may be determined from the matching library through a command statement.
For example, if the collected sensitive information in the first data is port information and the system version of the service robot collected by the second data is an Android system, all parameter information of the operating system, which is the Android system, needs to be selected from the matching database through command sentences. And the port data standard parameters are matched with the port data in the first data according to a certain rule, wherein the rule can be character matching and the like. Thereby determining sensitive information.
In the method, the data of the service robot can be initially screened out by comparing the data with the standard sensitive data, so that a foundation is further laid for judging the loopholes.
Step S104, obtaining vulnerability database information, wherein the vulnerability database information comprises standard data corresponding to the sensitive information.
In the embodiment of the application, the vulnerability database is a platform for collecting, maintaining and sharing information about discovered vulnerabilities.
The security vulnerability database is mainly designed and realized, and research, assignment and implementation of relevant national standards of the vulnerability are carried out, so that sharing of security vulnerability data information is realized, and related information of the security vulnerability can be quickly, even and accurately transmitted to various organizations and individuals. Therefore, the loophole library information can be acquired through the security loophole database, and the information in the security loophole database comprises the standard parameters corresponding to the sensitive information.
Step 105, performing vulnerability verification on the target device according to the sensitive information and the standard data corresponding to the sensitive information to obtain verification results,
sensitive information of the service robot, which possibly has vulnerability risk, obtained through vulnerability scanning is matched with standard parameter remembering in the vulnerability library information, and if the matching is successful, a corresponding POC module, namely a script module is further used for vulnerability verification, so that the existence of the vulnerability is determined.
In one embodiment, after performing vulnerability verification according to the matching information to obtain a verification result, the method further includes:
and generating a security detection report according to the verification result.
In the embodiment of the application, the software security test report is a detection document which can be generated after the security assessment work is finished, and the document finds out the defects and the loopholes of the software by carrying out integral assessment on the security quality of the software, so that a solid foundation is laid for a developer to repair the loopholes and improve the quality of the software.
Referring to fig. 5, which is a schematic structural diagram of a security detection method provided in an embodiment of the present application, as shown in fig. 5, the present application obtains basic data such as a port of a service robot, a system version hardware and the like through a communication serial port management module and a USB detection module, matches the data with sensitive information built in a system and determines sensitive information that may have a vulnerability, and finally matches and verifies the sensitive information that may have a vulnerability with vulnerability library data to determine the presence of the vulnerability. By the aid of the safety detection method adopting hardware access, data support, detection analysis and data verification, partial tedious and repeated work can be effectively and fully automatically completed, and efficiency of safety detection work is improved.
It should be understood that the sequence number of each step in the foregoing embodiment does not mean that the execution sequence of each process should be determined by the function and the internal logic of each process, and should not limit the implementation process of the embodiment of the present application in any way.
Fig. 6 is a block diagram of a security detection device according to an embodiment of the present application, corresponding to the security assessment method described in the above embodiment, and only a portion related to the embodiment of the present application is shown for convenience of explanation.
Referring to fig. 6, the apparatus includes:
the first obtaining module 61 is configured to obtain first data, where the first data is detection data of a target device obtained through a communication serial port;
a second acquiring module 62, configured to acquire second data, where the second data is detection data of the target device obtained through the universal serial bus;
a detection module 63 for detecting sensitive information from the first data and the second data;
a third obtaining module 64, configured to obtain vulnerability database information, where the vulnerability database information includes standard data corresponding to the sensitive information;
and the verification module 65 is configured to perform vulnerability verification on the target device according to the sensitive information and the corresponding standard data thereof, so as to obtain a verification result.
Optionally, the first obtaining module 61 is further configured to:
establishing a serial communication interface between the target equipment and the target equipment;
configuring serial port parameters according to the serial port communication interface, wherein the serial port parameters comprise at least one of the following: baud rate, data bits, and flow control parameters;
and when the serial communication interface is started, performing function detection on the target equipment according to the serial parameters to acquire the first data.
Optionally, the second obtaining module 62 is further configured to:
establishing a debug bridge, wherein the debug bridge is a command line tool for establishing communication with the target equipment;
and acquiring the second data according to the debug bridge.
Optionally, the detection module 63 is further configured to:
acquiring an operating system of a target device, wherein the operating system comprises any one of the following components: ubuntu, android and ROS;
obtaining matching library information, wherein the matching library information comprises standard parameters corresponding to various types of operating systems;
and determining sensitive information from the first data and the second data according to the matching library information and the operating system of the target device.
Optionally, the detection module 63 is further configured to:
searching standard parameters corresponding to an operating system of the target equipment in the matching library information;
and respectively carrying out matching processing on the first data and the second data and the standard parameters to obtain the sensitive information.
Optionally, the verification module 65 is further configured to:
and generating a security detection report according to the verification result.
It should be noted that, because the content of information interaction and execution process between the above devices/units is based on the same concept as the method embodiment of the present application, specific functions and technical effects thereof may be referred to in the method embodiment section, and will not be described herein again.
In addition, the security detection device shown in fig. 6 may be a software unit, a hardware unit, or a unit combining both of them, which are built in an existing terminal device, or may be integrated into the terminal device as an independent pendant, or may exist as an independent terminal device.
It will be apparent to those skilled in the art that, for convenience and brevity of description, only the above-described division of the functional units and modules is illustrated, and in practical application, the above-described functional distribution may be performed by different functional units and modules according to needs, i.e. the internal structure of the apparatus is divided into different functional units or modules to perform all or part of the above-described functions. The functional units and modules in the embodiment may be integrated in one processing unit, or each unit may exist alone physically, or two or more units may be integrated in one unit, where the integrated units may be implemented in a form of hardware or a form of a software functional unit. In addition, specific names of the functional units and modules are only for convenience of distinguishing from each other, and are not used for limiting the protection scope of the present application. The specific working process of the units and modules in the above system may refer to the corresponding process in the foregoing method embodiment, which is not described herein again.
Fig. 7 is a schematic structural diagram of a terminal device provided in an embodiment of the present application. As shown in fig. 7, the terminal device 7 of this embodiment includes: at least one processor 70 (only one shown in fig. 7), a memory 71, and a computer program 72 stored in the memory 71 and executable on the at least one processor 70, the processor 70 implementing the steps in any of the various security assessment method embodiments described above when executing the computer program 72.
The terminal equipment can be computing equipment such as a desktop computer, a notebook computer, a palm computer, a cloud server and the like. The terminal device may include, but is not limited to, a processor, a memory. It will be appreciated by those skilled in the art that fig. 7 is merely an example of the terminal device 7 and is not limiting of the terminal device 7, and may include more or fewer components than shown, or may combine certain components, or different components, such as may also include input-output devices, network access devices, etc.
The processor 70 may be a central processing unit (Central Processing Unit, CPU) and the processor 70 may be other general purpose processors, a digital signal processor (Digital Signal Processor, DSP), an application specific integrated circuit (Application Specific Integrated Circuit, ASIC), an off-the-shelf programmable gate array (Field-Programmable Gate Array, FPGA) or other programmable logic device, discrete gate or transistor logic, discrete hardware components, or the like. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like.
The memory 71 may in some embodiments be an internal storage unit of the terminal device 7, such as a hard disk or a memory of the terminal device 7. The memory 71 may in other embodiments also be an external storage device of the terminal device 7, such as a plug-in hard disk, a Smart Media Card (SMC), a Secure Digital (SD) Card, a Flash memory Card (Flash Card) or the like, which are provided on the terminal device 7. Further, the memory 71 may also include both an internal storage unit and an external storage device of the terminal device 7. The memory 71 is used for storing an operating system, application programs, boot Loader (Boot Loader), data, other programs, etc., such as program codes of the computer program. The memory 71 may also be used for temporarily storing data that has been output or is to be output
Embodiments of the present application also provide a computer readable storage medium storing a computer program, which when executed by a processor, may implement the steps in the above-described method embodiments.
The present embodiments provide a computer program product which, when run on a terminal device, causes the terminal device to perform steps that enable the respective method embodiments described above to be implemented.
The integrated units, if implemented in the form of software functional units and sold or used as stand-alone products, may be stored in a computer readable storage medium. Based on such understanding, the present application implements all or part of the flow of the method of the above embodiments, and may be implemented by a computer program to instruct related hardware, where the computer program may be stored in a computer readable storage medium, where the computer program, when executed by a processor, may implement the steps of each of the method embodiments described above. Wherein the computer program comprises computer program code which may be in source code form, object code form, executable file or some intermediate form etc. The computer readable medium may include at least: any entity or device capable of carrying computer program code to an apparatus/terminal device, recording medium, computer Memory, read-Only Memory (ROM), random access Memory (RAM, random Access Memory), electrical carrier signals, telecommunications signals, and software distribution media. Such as a U-disk, removable hard disk, magnetic or optical disk, etc. In some jurisdictions, computer readable media may not be electrical carrier signals and telecommunications signals in accordance with legislation and patent practice.
In the foregoing embodiments, the descriptions of the embodiments are emphasized, and in part, not described or illustrated in any particular embodiment, reference is made to the related descriptions of other embodiments.
Those of ordinary skill in the art will appreciate that the various illustrative elements and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware, or combinations of computer software and electronic hardware. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the solution. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present application.
In the embodiments provided in the present application, it should be understood that the disclosed apparatus/terminal device and method may be implemented in other manners. For example, the apparatus/terminal device embodiments described above are merely illustrative, e.g., the division of the modules or units is merely a logical function division, and there may be additional divisions in actual implementation, e.g., multiple units or components may be combined or integrated into another system, or some features may be omitted or not performed. Alternatively, the coupling or direct coupling or communication connection shown or discussed may be an indirect coupling or communication connection via interfaces, devices or units, which may be in electrical, mechanical or other forms.
The units described as separate units may or may not be physically separate, and units shown as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units may be selected according to actual needs to achieve the purpose of the solution of this embodiment.
The above embodiments are only for illustrating the technical solution of the present application, and are not limiting; although the present application has been described in detail with reference to the foregoing embodiments, it should be understood by those of ordinary skill in the art that: the technical scheme described in the foregoing embodiments can be modified or some technical features thereof can be replaced by equivalents; such modifications and substitutions do not depart from the spirit and scope of the technical solutions of the embodiments of the present application, and are intended to be included in the scope of the present application.

Claims (9)

1. A security detection method, comprising:
acquiring first data, wherein the first data is detection data of target equipment obtained through a communication serial port;
acquiring second data, wherein the second data is detection data of target equipment obtained through a universal serial bus;
detecting sensitive information from the first data and the second data;
obtaining vulnerability database information, wherein the vulnerability database information comprises standard data corresponding to the sensitive information;
performing vulnerability verification on the target equipment according to the sensitive information and the corresponding standard data thereof to obtain a verification result;
the acquiring the first data includes:
after the serial port connection is established, judging whether the serial port is started or not;
if the serial port is started, if the target equipment has the risk of being not closed in debugging, the control system automatically performs starting detection, sensitive information detection and identity verification detection;
the acquiring the second data includes:
after the debug connection is established, the system version of the target device and the corresponding application program and hardware information are acquired through a debug command.
2. The security detection method of claim 1, wherein the acquiring the first data comprises:
establishing a serial communication interface between the target equipment and the target equipment;
configuring serial port parameters according to the serial port communication interface, wherein the serial port parameters comprise at least one of the following: baud rate, data bits, and flow control parameters;
and when the serial communication interface is started, performing function detection on the target equipment according to the serial parameters to acquire first data.
3. The security detection method of claim 1, wherein the acquiring the second data comprises:
establishing a debug bridge, wherein the debug bridge is a command line tool for establishing communication with the target equipment;
and acquiring the second data according to the debug bridge.
4. The security detection method of claim 1, wherein detecting sensitive information from the first data and the second data comprises:
acquiring an operating system of a target device, wherein the operating system comprises any one of the following components: ubuntu, android and ROS;
obtaining matching library information, wherein the matching library information comprises standard parameters corresponding to various types of operating systems;
and determining sensitive information from the first data and the second data according to the matching library information and the operating system of the target device.
5. The security detection method of claim 4, wherein said determining sensitive information from said first data and said second data based on said match library information and an operating system of said target device comprises:
searching standard parameters corresponding to an operating system of the target equipment in the matching library information;
and respectively carrying out matching processing on the first data and the second data and the standard parameters to obtain the sensitive information.
6. The security detection method of claim 1, further comprising, after performing vulnerability verification to obtain a verification result:
and generating a security detection report according to the verification result.
7. A data processing apparatus, comprising:
the first acquisition module is used for acquiring first data, wherein the first data is detection data of target equipment obtained through a communication serial port;
the second acquisition module is used for acquiring second data, wherein the second data is detection data of target equipment obtained through a universal serial bus;
the detection module is used for detecting sensitive information according to the first data and the second data;
the third acquisition module is used for acquiring vulnerability database information, wherein the vulnerability database information comprises standard data corresponding to the sensitive information;
the verification module is used for performing vulnerability verification on the target equipment according to the sensitive information and the corresponding standard data thereof to obtain a verification result;
the first acquisition module is further configured to:
after the serial port connection is established, judging whether the serial port is started or not;
if the serial port is started, if the target equipment has the risk of being not closed in debugging, the control system automatically performs starting detection, sensitive information detection and identity verification detection;
the second acquisition module is further configured to:
after the debug connection is established, the system version of the target device and the corresponding application program and hardware information are acquired through a debug command.
8. A terminal device comprising a memory, a processor and a computer program stored in the memory and executable on the processor, characterized in that the processor implements the method according to any of claims 1 to 6 when executing the computer program.
9. A computer readable storage medium storing a computer program, characterized in that the computer program when executed by a processor implements the method according to any one of claims 1 to 6.
CN202410004052.XA 2024-01-03 2024-01-03 Security detection method, security detection device, terminal equipment and computer readable storage medium Active CN117494148B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202410004052.XA CN117494148B (en) 2024-01-03 2024-01-03 Security detection method, security detection device, terminal equipment and computer readable storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202410004052.XA CN117494148B (en) 2024-01-03 2024-01-03 Security detection method, security detection device, terminal equipment and computer readable storage medium

Publications (2)

Publication Number Publication Date
CN117494148A CN117494148A (en) 2024-02-02
CN117494148B true CN117494148B (en) 2024-03-26

Family

ID=89680487

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202410004052.XA Active CN117494148B (en) 2024-01-03 2024-01-03 Security detection method, security detection device, terminal equipment and computer readable storage medium

Country Status (1)

Country Link
CN (1) CN117494148B (en)

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107577939A (en) * 2017-09-12 2018-01-12 中国石油集团川庆钻探工程有限公司 A kind of data leakage prevention method based on key technology
CN110147675A (en) * 2019-05-22 2019-08-20 杭州安恒信息技术股份有限公司 A kind of safety detection method and equipment of intelligent terminal
CN114021142A (en) * 2021-11-03 2022-02-08 广州链安科技有限公司 Android application program vulnerability detection method
CN115062309A (en) * 2022-06-10 2022-09-16 国网江苏省电力有限公司电力科学研究院 Vulnerability mining method based on equipment firmware simulation under novel power system and storage medium
CN115640572A (en) * 2022-10-12 2023-01-24 南京联创信息科技有限公司 Safety detection and reinforcement method for iPhone end sandbox application
CN115828251A (en) * 2022-09-27 2023-03-21 太保科技有限公司 Method and device for evaluating data risk

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10424222B2 (en) * 2015-10-27 2019-09-24 Hartford Fire Insurance Company Dynamic interface virtualization in a networked computing environment
US11363039B2 (en) * 2019-10-25 2022-06-14 Paypal, Inc. Detection of data leaks using targeted scanning

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107577939A (en) * 2017-09-12 2018-01-12 中国石油集团川庆钻探工程有限公司 A kind of data leakage prevention method based on key technology
CN110147675A (en) * 2019-05-22 2019-08-20 杭州安恒信息技术股份有限公司 A kind of safety detection method and equipment of intelligent terminal
CN114021142A (en) * 2021-11-03 2022-02-08 广州链安科技有限公司 Android application program vulnerability detection method
CN115062309A (en) * 2022-06-10 2022-09-16 国网江苏省电力有限公司电力科学研究院 Vulnerability mining method based on equipment firmware simulation under novel power system and storage medium
CN115828251A (en) * 2022-09-27 2023-03-21 太保科技有限公司 Method and device for evaluating data risk
CN115640572A (en) * 2022-10-12 2023-01-24 南京联创信息科技有限公司 Safety detection and reinforcement method for iPhone end sandbox application

Also Published As

Publication number Publication date
CN117494148A (en) 2024-02-02

Similar Documents

Publication Publication Date Title
CN110502374A (en) The traffic capture debugging tool of the basic reason of equipment fault when identification is tested automatically
CN103793326A (en) Assembly test method and device
CN104506522A (en) Method and device for scanning vulnerability
CN111211929A (en) Fault positioning method, fault positioning device, control equipment and intelligent equipment
CN109871368B (en) Database detection method, database detection device, computer device and storage medium
US20210173010A1 (en) Diagnostic tool for traffic capture with known signature database
CN112039900A (en) Network security risk detection method, system, computer device and storage medium
CN105550529A (en) Medical equipment state monitoring method and device
CN110851352A (en) Fuzzy test system and terminal equipment
CN112445490A (en) File sequence processing method and device, terminal equipment and storage medium
CN114238980B (en) Industrial control equipment vulnerability mining method, system, equipment and storage medium
CN115827610A (en) Method and device for detecting effective load
CN111693294A (en) Vehicle detection method and device, terminal equipment and storage medium
CN111062040A (en) Method for determining unknown vulnerability, server and computer readable storage medium
CN108090352A (en) Detection system and detection method
CN117494148B (en) Security detection method, security detection device, terminal equipment and computer readable storage medium
CN112216340A (en) Hard disk test method and device, storage medium and electronic equipment
CN109344050B (en) Interface parameter analysis method and device based on structure tree
CN103095714A (en) Trojan horse detection method based on Trojan horse virus type classification modeling
KR102472523B1 (en) Method and apparatus for determining document action based on reversing engine
CN115495363A (en) Software testing method, electronic equipment and readable storage medium
CN112612663B (en) Method for reversely solving 1553B bus ICD
CN115391230A (en) Test script generation method, test script penetration method, test script generation device, test penetration device, test equipment and test medium
CN113886302A (en) Serial port number obtaining method and device of application equipment, terminal equipment and storage medium
CN111932862A (en) Communication method with lower computer, upper computer, computer system and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant