CN101901183A - Method and device of test case for filtering - Google Patents
Method and device of test case for filtering Download PDFInfo
- Publication number
- CN101901183A CN101901183A CN2009101438239A CN200910143823A CN101901183A CN 101901183 A CN101901183 A CN 101901183A CN 2009101438239 A CN2009101438239 A CN 2009101438239A CN 200910143823 A CN200910143823 A CN 200910143823A CN 101901183 A CN101901183 A CN 101901183A
- Authority
- CN
- China
- Prior art keywords
- test case
- component
- security feature
- time response
- test
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Landscapes
- Storage Device Security (AREA)
Abstract
The invention discloses a method of a test case for filtering. The method comprises: firstly, determining the security features of each test case; according to the determined security features of each test case, filtering the test case; and only reserving one test case with the same security features. The invention also discloses a device of a test case for filtering. The invention can greatly improve the efficiency of fuzz testing.
Description
Technical field
The present invention relates to the software security technical field of measurement and test, particularly a kind of method of test case for filtering and device.
Background technology
The security test of software (comprising: application program, agreement etc.) is actually a kind of detection in the software input space.The input space of software is by all possible input of this software or constituting of all possible input.Exhaustive is the most extreme a kind of method of verifying software behavior correctness, yet exhaustive do not possess operability concerning most of case, because generally, the input space of software program is very huge, even may be infinitely great.Than exhaustive method, fuzz testing (Fuzz Testing) is a kind of more feasible Black-box Testing method as a kind of random sample method.
Fuzz testing is a kind of software testing technology, this technical construction some at random or semirandom data (being called fuzz) as the input of tested software program, and observe the working condition of tested software program.As a kind of Black-box Testing instrument, fuzz testing is generally used for the large-scale software development project.Fuzz testing is believed to improve the security of software, this be because: fuzz testing always can detect the not detectable defective of some testers, and these defectives tend to be ignored by the software engineer.
At present, the most frequently used fuzz testing is based on character, fuzz testing based on character provides random data stream (to provide from file or other data stream, for example: from socket, provide), just be widely used in the security test of the agreement or the webserver based on the fuzz testing of character as the input of tested software program.
The advantage of fuzz testing is: the cost of testing is relatively low and can realize automatically fully; And fuzz testing often can be found out the defective (bug) that comparison is serious and can be utilized, but these bug victims are used.
In essence, fuzz testing is that employing a large amount of test case of stochastic distribution in the input space of tested software program is tested.The test case that participates in test is many more, and test is just thorough more.But, adopt the substantive test use-case that the tested software program is tested and will be expended the long period; And,, cause existing fuzz testing relatively to be lost time and inefficiency because the existence of test case close or of equal value makes that most of security breaches of being found out are repetitions in a large number.
Summary of the invention
In view of this, fundamental purpose of the present invention is to provide a kind of method of test case for filtering, to improve the efficient of fuzz testing.
Another object of the present invention is to provide a kind of device of test case for filtering, to improve the efficient of fuzz testing.
For achieving the above object, the invention provides a kind of method of test case for filtering, this method comprises:
Determine the security feature of each test case;
Security feature according to described definite each test case filters test case, and the test case that security feature is identical only keeps one.
Preferably, the security feature of described test case can adopt the security feature vector representation, and described security feature vector can comprise: length characteristic component and content character component;
Describedly determine that the security feature of each test case can comprise: determine the length characteristic component of each test case according to the length of each test case, determine the content character component of each test case according to the content of each test case.
Further, can comprise in the content character component of described security feature vector: time response component and special character component;
Described content according to each test case determines that the content character component of each test case can comprise: determine the time response component of each test case according to periodicity, repeatability or the statistical property of the content of each test case, the special character that is comprised in the content according to each test case is determined the special character component of each test case.
Preferably, described length according to each test case determines that the length characteristic component of each test case can be the value of the length characteristic component that the bit number or the byte number of test case is defined as described test case.
Preferably, periodicity, repeatability or the statistical property of described content according to each test case determine each test case the time response component can for: with test case as discrete series, calculate the frequency characteristic of described discrete series, described frequency characteristic is defined as the value of the time response component of described test case; Or the time response that special character repeats in the statistical test use-case, described time response is defined as the value of the time response component of described test case.
Preferably, the special character that is comprised in the described content according to each test case determines that the special character component of each test case can be the value that the special character that comprised in the test case and corresponding substring is defined as the special character component of described test case.
Preferably, judge that whether identical the security feature of two test cases mode can whether the value of length characteristic component equates, the value of time response component equates and the value of special character component equates for: the security feature vector of judging described two test cases, if judge that then the security feature of described two test cases is identical.
The present invention also provides a kind of device of test case for filtering, and this device comprises:
Security feature computing module 210 is used for determining the security feature of each test case;
Preferably, the security feature of described test case can adopt the security feature vector representation, and described security feature vector can comprise: length characteristic component and content character component;
May further include in the described security feature computing module 210: length property calculation submodule 211 and content character calculating sub module 212;
Described length property calculation submodule 211 can be used for determining according to the length of each test case the length characteristic component of each test case;
Described content character calculating sub module 212 can be used for determining according to the content of each test case the content character component of each test case.
Further, can comprise in the content character component of described security feature vector: time response component and special character component;
May further include in the described content character calculating sub module 212: time response computing unit 213 and special character computing unit 214;
Described time response computing unit 213 can be used for determining according to periodicity, repeatability or the statistical property of the content of each test case the time response component of each test case;
Described special character computing unit 214 can be used for determining according to the special character that content comprised of each test case the special character component of each test case.
Preferably, described length property calculation submodule 211 can be used for the value of the length characteristic component that bit number or byte number with test case be defined as described test case.
Preferably, described time response computing unit 213 can be used for test case calculating the frequency characteristic of described discrete series as discrete series, described frequency characteristic is defined as the value of the time response component of described test case; Or be used for the time response that statistical test use-case special character repeats, described time response is defined as the value of the time response component of described test case.
Preferably, described special character computing unit 214 can be used for the value that special character that test case is comprised and corresponding substring are defined as the special character component of described test case.
Preferably, described filtering module 220, can be in test case is compared in twos, when the value of the value of the value of the length characteristic component of the security feature vector of two test cases, time response component and special character component all equates, judge that the security feature of described two test cases is identical.
As seen from the above technical solution, the present invention is by calculating the security feature of each test case, and test case is filtered according to the security feature of each test case, the test case that security feature is identical only keeps one, thereby avoided a large amount of close or test case of equal value are tested, save the time of testing, improved the efficient of fuzz testing greatly.
Description of drawings
To make the clearer above-mentioned and other feature and advantage of the present invention of those of ordinary skill in the art by describe exemplary embodiment of the present invention in detail with reference to accompanying drawing below, in the accompanying drawing:
Fig. 1 is the schematic flow sheet of the method for test case for filtering of the present invention;
Fig. 2 is the composition structural representation of the device of test case for filtering of the present invention.
Embodiment
For making purpose of the present invention, technical scheme and advantage clearer, below with reference to the accompanying drawing embodiment that develops simultaneously, the present invention is described in more detail.
Difference between the test case that participates in testing is big more, and the security breaches that can find out are many more, and therefore, the similarity of how assessing between the test case becomes the key that improves fuzz testing efficient.
Main thought of the present invention is: propose the notion of security feature, by the security feature of calculating test case, and in view of the above test case is divided into different safe equivalence classes; Because it is of equal value belonging to the test case of same safe equivalence class, therefore, when carrying out fuzz testing, from each safe equivalence class, only select a test case to test, thereby avoided each test case in each safe equivalence class is tested, reached the purpose that improves fuzz testing efficient greatly.
Fig. 1 is the schematic flow sheet of the method for test case for filtering of the present invention.Referring to Fig. 1, this method comprises:
Step 101: the security feature of determining each test case.
Here, at first need to define the security feature of test case, this security feature can be used for test case is divided into different safe equivalence classes.The test case that belongs to same safe equivalence class is tested the measured target system, will cause identical result, and therefore, whether a certain test case belongs to a certain safe equivalence class and depend on how security feature defines and calculate.
Although fuzz testing is a kind of black box safety test, it not the ghost of a chance gets access to the design documentation of tested software program or execute file (source code) to be used for safety test, but, really still very useful when which security feature of decision need be included into the assorting process of safe equivalence class about knowledge how to excavate security breaches.
At present, mainly contain following four class security breaches attack methods, these security breaches are attacked the safety that may jeopardize system from different approach:
1, buffer overflow attack: this is to attempt a kind of abnormal conditions of taking place when certain process when exceeding the area stores data on fixed length buffer memory border, and consequently extra data cover the data in the contiguous region of memory.The data that are capped may be data, variable or the program flow data in other buffer memory, and therefore, this covers possibility initiator abnormal behavior, internal memory denied access, program termination (collapse) or erroneous results etc.If especially this covering is implemented by malicious user malice, may destroy the security of system.Specially the input that is used to carry out the input of malicious code or make software program unconsciously carry out of She Zhiing all can cause buffer zone and overflows.Therefore, buffer zone overflows and causes many software vulnerabilities, and becomes the basis of many leak abuse instruments.
2, code injection attacks: it is a kind of detection to computing machine bug, and this causes by handling invalid data.But code injection attacks victim is in order to introducing in software program (or injection) code, thereby the implementation of change software program.The possibility of result of code injection attacks is very serious, and for example: the code injection attacks once was used for transmitted virus by some computer worms, and the SQL injection attacks is that another kind of notorious code injects, and its target of attack is a database.
3, the format character string is attacked: the format character string is attacked and can be caused the software program collapse or carry out harmful code.In some C function of carrying out format manipulation, for example: in printf () function, user's input of filtering can be caused the format character string as the format string argument attack.Malicious user may utilize %s and %x format mark, print data from other position of storehouse or internal memory.Malicious user also may adopt %n format mark to write data arbitrarily to position arbitrarily, so just can utilize function that printf () function or other possess similar functions that the format byte of some is write certain address in the storehouse.
4, the privilege upgrading is attacked: it is bug or the design mistake of utilizing in the software program that the privilege upgrading is attacked, and obtains access rights protected, that do not allow the resource of common applications or user capture.The higher franchise implementation and operation of software program consequently to be intended to give than software program development personnel or system manager.In some cases, the every input that offers it of highly privileged software program supposition all is the input that meets its interface standard, and its input is not verified.At this moment, the assailant just may survey whether there is this defective, makes uncommitted code utilize the Run Elevated of this software program.
Based on in-depth analysis to above-mentioned four kinds of security breaches mechanism, these security breaches of four types can be divided into two groups, these two groups two kinds of different characteristics with the input of software program are relevant respectively.
1) security breaches relevant with length, for example: the buffer area flooding.
2) security breaches relevant with content comprise: code injection attacks, format character string are attacked and the privilege upgrading is attacked.
Based on above-mentioned classification, the security feature vector V of the present invention's introducing shown in (1) formula represents the security feature of test case.This security feature vector V is used to characterize and calculate the length and the content character of the input data (that is: test case) of measured target system.
V=(L,C) (1)
(1) in the formula, L represents the length characteristic component of test case.When concrete calculating, can determine the value of this length characteristic component according to the length of test case, for example: with the bit number of test case or byte number value as the length characteristic component of this test case.
C represents the content character component of test case.Different with length characteristic component is that the content character component statement of test case gets up very complicated.The present inventor is by analyzing and the relevant security breaches of content character of importing data, for example: code injection attacks, format character string are attacked and franchise upgrading is attacked, and find: the general character of these attacks is that they all comprise special character (that is: the character except that letter and numeral).For example: input string " cat/etc/password " once was used as input in the code injection attacks, in order to obtain the user profile in the systems such as Unix, Linux.Here, the input of injection comprises special character '/'.For other the security breaches relevant with content, the input data that are used to attack may comprise other special character, for example: and ' % ', ' ' etc.Reason is: nearly all system all gives certain semanteme to some special character, in order to trigger certain operations, therefore, injects input by these special characters and is easier to the security breaches of finding out and utilize goal systems potential.
In addition, adopt at random method, can regard the time series of forming by character as based on the test case that method produces of predefine or type, so, reflect that the time response of periodicity, repeatability or the statistical property of these test cases also can be used to describe its content character.Here, time response can be: frequency, auto-correlation parameter etc.
Based on above-mentioned analysis, the present invention is expressed as 2 tuples shown in (2) formula with the content character parameters C:
C=(f,s) (2)
(2) in the formula, f represents the time response component of the content of test case.Its computing method can be: regard test case as a discrete series that is made of character, and adopt discrete Fourier transform (DFT) (DFT:Discrete FourierTransform) to calculate its frequency characteristic, with the value of this frequency characteristic as the time response component; Perhaps add up the time response that special character repeats, for example: special character '/' how many times occurred, has occurred how long waiting, and this time response is defined as the value of the time response component of this test case.If the f of two test cases equates that so, their time response component is identical.
S is the special character component, is used for describing test case which comprises/which special character and corresponding substring.If the s of two test cases equates (it is identical to comprise identical special character and/or corresponding each other substring), so, their s characteristic is identical.
Step 102: the security feature according to determined each test case filters test case, and the test case that security feature is identical only keeps one.
By step 101, the security feature of each test case is determined, if the security feature of two test cases is identical, show that these two test cases are test cases of equal value, select one and carry out fuzz testing and get final product, therefore, in this step, to test case be filtered according to the security feature of each test case, only keep one for the identical test case of security feature.When specific implementation, can carry out according to following steps:
The 1st step: effective test set S is set, this Validity Test collection S is used to store all the treated test cases test case of different safe equivalence classes (that is: belong to), and the security feature vector of these test cases, under the original state, Validity Test collection S is empty.
The 2nd step:, the vectorial V ' of security feature of each test case among the security feature of this test case vector V and the Validity Test collection S is compared for each test case T:
If there is V '=V, that is: the value of the value of the value of length characteristic component L, time response component f and special character component s all equates, so, the test case T ' that the test case T of expression V correspondence and V ' are corresponding belongs to identical safe equivalence class, and for example: they are equivalent for the security breaches of detection of a target system.Because T ' has been among the Validity Test collection S, so, T is redundant for fuzz testing, should be got rid of.
If there is no V '=V so, represents that test case T belongs to a new safe equivalence class, needs this test case T is added Validity Test collection S.
Finished a safe equivalence class classification processing after carrying out aforesaid operations, at this moment, each test case among the Validity Test collection S belongs to different safe equivalence classes respectively, have in the same safe equivalence class of identical security feature and only select a test case, those redundancies or test case of equal value are filtered, therefore, Validity Test collection S can be used for carrying out effective fuzz testing.
So far, finish the method for test case for filtering of the present invention.
The present invention proposes a kind of method of test case for filtering, this method is by calculating the security feature of test case, and eliminating redundancy in view of the above or test case of equal value, thereby guaranteed only to have in each safe equivalence class a test case to be used to carry out fuzz testing, and avoided adopting a plurality of test cases in the identical safe equivalence class to test, thereby improved the efficient of fuzz testing greatly.
Corresponding to the method for above-mentioned test case for filtering, the invention allows for a kind of device of test case for filtering, as shown in Figure 2.The device of the test case for filtering among Fig. 2 comprises:
Security feature computing module 210 is used for determining the security feature of each test case;
Preferably, the security feature of test case can adopt the security feature vector representation, and this security feature vector comprises: length characteristic component and content character component; At this moment, further comprise in the security feature computing module 210 in the device shown in Figure 2: length property calculation submodule 211 and content character calculating sub module 212; Wherein:
Length property calculation submodule 211 is used for determining according to the length of each test case the length characteristic component of each test case;
Content character calculating sub module 212 is used for determining according to the content of each test case the content character component of each test case.
Preferably, may further include in the content character component of security feature vector: time response component and special character component; At this moment, may further include in the content character calculating sub module 212 in the device shown in Figure 2: time response computing unit 213 and special character computing unit 214; Wherein:
Time response computing unit 213 is used for determining according to periodicity, repeatability or the statistical property of the content of each test case the time response component of each test case;
Special character computing unit 214 is used for determining according to the special character that content comprised of each test case the special character component of each test case.
Preferably, the length property calculation submodule 211 in the device shown in Figure 2 is used for the value of the length characteristic component that bit number or byte number with test case be defined as this test case.
Preferably, the time response computing unit 213 in the device shown in Figure 2 is used for test case calculating the frequency characteristic of this discrete series as discrete series, this frequency characteristic is defined as the value of the time response component of this test case; Or be used for the time response that statistical test use-case special character repeats, this time response is defined as the value of the time response component of this test case.
Preferably, the special character computing unit 214 in the device shown in Figure 2 is used for the value that special character that test case is comprised and corresponding substring are defined as the special character component of this test case.
Preferably, filtering module 220 in the device shown in Figure 2, be used for test case is compared in twos, when the value of the value of the value of the length characteristic component of the security feature vector of two test cases, time response component and special character component all equates, judge that the security feature of these two test cases is identical.
Below the present invention is described in detail by a specific embodiment:
Test case with character string type in the present embodiment is an example, introduces the method for test case for filtering of the present invention in detail.Frequency is taken as the time response component of test case.The method of test case for filtering is carried out according to following steps in the present embodiment:
The 1st step: use a list storage Validity Test collection S, comprise in this tabulation: the security feature vector that belongs to test case and these test cases of different safe equivalence classes.Under the original state, Validity Test collection S is empty.
The 2nd step: in fuzz testing, will adopt at random method, produce the substantive test use-case based on predefined method or based on the method for type.For each test case T, present embodiment will calculate its security feature vector V according to following (a)~(d):
(a) determine the length of test case T according to the number of characters that comprises in the test case, with this length as the length characteristic component L among the security feature vector V of this test case.
(b) in the time response of frequency-domain calculations test case.Present embodiment is example with the frequency domain, in actual applications, also can adopt characteristic At All Other Times, perhaps the time domain specification of special character.
T is expressed as:
T=T[0]T[1]…T[l]…T[L-1]
Wherein: T[l] l character among the expression test case T, 0≤l≤L-1.
Utilize the frequency domain characteristic of discrete Fourier transform (DFT) calculating character sequence T then, shown in (3) formula:
(3) in the formula,
Adopt fast fourier transform can quicken the enforcement of aforementioned calculation.
After carrying out frequency domain transform calculating, comprise the f[k of the frequency domain characteristic of test case T] be exactly the time response component f of the content character component C of test case T.
Because the equal in length of f and T may need a large amount of storage spaces to store the f of all test cases among effective test set S.In order to save storage space, can adopt the method for compression or sampling to handle.Below describe for two examples:
First example:
At first with every m f[k] add up, shown in (4) formula:
(4) in the formula,
M is the value that is provided with by the user according to the needs of practical application.
Make f '=f ' [j] (5)
F ' is preserved as the time parameter f of test case T.
Second example:
The HFS that only adopts f is as sample, shown in (6) formula:
f’=f[m],f[m+1],…,f[L-1] (6)
Similarly, the m in (6) formula also is that needs according to practical application are provided with by the user.
(c) calculate the content character component s relevant with special character.According to frequency characteristic f, can obtain the substring that in T, repeats, be s with the location records of special character in this substring.Another kind method is the special character that exists among the direct use test use-case T, and the position that it occurs is as s.
(d) by calculating L, f, s, determine current test case T security feature vector V=(L, C) and C=(f, s).Then each the test case characteristic of correspondence vector V ' among V and the Validity Test collection S is compared.If there is a V '=V, so, T is redundant for fuzz testing, should be got rid of.If there is no V '=V so, represents that test case T belongs to a new safe equivalence class, needs this test case T is added Validity Test collection S.
Repeat above-mentioned the 2nd the step in operation until having filtered all test cases.
As seen from the above-described embodiment, the present invention is by calculating the security feature of each test case, and test case is filtered according to the security feature of each test case, the test case that security feature is identical only keeps one, thereby avoided a large amount of close or test case of equal value are tested, save the time of testing, improved the efficient of fuzz testing greatly.
The above is preferred embodiment of the present invention only, is not to be used to limit protection scope of the present invention.All any modifications of being done within the spirit and principles in the present invention, be equal to replacement, improvement etc., all should be included within protection scope of the present invention.
Claims (14)
1. the method for a test case for filtering is characterized in that, comprising:
Determine the security feature of each test case;
Security feature according to described definite each test case filters test case, and the test case that security feature is identical only keeps one.
2. method according to claim 1 is characterized in that:
The security feature of described test case adopts the security feature vector representation, and described security feature vector comprises: length characteristic component and content character component;
Describedly determine that the security feature of each test case comprises: determine the length characteristic component of each test case according to the length of each test case, determine the content character component of each test case according to the content of each test case.
3. method according to claim 2 is characterized in that:
Further comprise in the content character component of described security feature vector: time response component and special character component;
Described content according to each test case determines that the content character component of each test case comprises: determine the time response component of each test case according to periodicity, repeatability or the statistical property of the content of each test case, the special character that is comprised in the content according to each test case is determined the special character component of each test case.
4. method according to claim 3 is characterized in that:
Described length according to each test case determines that the length characteristic component of each test case is: the value of the length characteristic component that the bit number or the byte number of test case is defined as described test case.
5. method according to claim 3 is characterized in that:
Periodicity, repeatability or the statistical property of described content according to each test case determine that the time response component of each test case is: with test case as discrete series, calculate the frequency characteristic of described discrete series, described frequency characteristic is defined as the value of the time response component of described test case; Or the time response that special character repeats in the statistical test use-case, described time response is defined as the value of the time response component of described test case.
6. method according to claim 3 is characterized in that:
The special character that is comprised in the described content according to each test case determines that the special character component of each test case is: the value that the special character that comprised in the test case and corresponding substring is defined as the special character component of described test case.
7. according to each described method of claim 3 to 6, it is characterized in that judge whether identical mode is for the security feature of two test cases:
The value of length characteristic component equates the security feature vector of judging described two test cases, the value of time response component equates and the value of special character component equates, if judge that then the security feature of described two test cases is identical.
8. the device of a test case for filtering is characterized in that, comprising:
Security feature computing module (210) is used for determining the security feature of each test case;
Filtering module (220) is used for according to the security feature of determined each test case of security feature computing module (210) test case being filtered, and the test case that security feature is identical only keeps one.
9. device according to claim 8 is characterized in that:
The security feature of described test case adopts the security feature vector representation, and described security feature vector comprises: length characteristic component and content character component;
Further comprise in the described security feature computing module (210): length property calculation submodule (211) and content character calculating sub module (212);
Described length property calculation submodule (211) is used for determining according to the length of each test case the length characteristic component of each test case;
Described content character calculating sub module (212) is used for determining according to the content of each test case the content character component of each test case.
10. device according to claim 9 is characterized in that:
Further comprise in the content character component of described security feature vector: time response component and special character component;
Further comprise in the described content character calculating sub module (212): time response computing unit (213) and special character computing unit (214);
Described time response computing unit (213) is used for determining according to periodicity, repeatability or the statistical property of the content of each test case the time response component of each test case;
Described special character computing unit (214) is used for determining according to the special character that content comprised of each test case the special character component of each test case.
11. device according to claim 10 is characterized in that:
Described length property calculation submodule (211) is used for the value of the length characteristic component that bit number or byte number with test case be defined as described test case.
12. device according to claim 10 is characterized in that:
Described time response computing unit (213) is used for test case calculating the frequency characteristic of described discrete series as discrete series, described frequency characteristic is defined as the value of the time response component of described test case; Or be used for the time response that statistical test use-case special character repeats, described time response is defined as the value of the time response component of described test case.
13. device according to claim 10 is characterized in that:
Described special character computing unit (214) is used for the value that special character that test case is comprised and corresponding substring are defined as the special character component of described test case.
14., it is characterized in that according to each described device of claim 10 to 13:
Described filtering module (220), be used for test case is compared in twos, when the value of the value of the value of the length characteristic component of the security feature vector of two test cases, time response component and special character component all equates, judge that the security feature of described two test cases is identical.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN200910143823A CN101901183B (en) | 2009-05-31 | 2009-05-31 | Method and device of test case for filtering |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN200910143823A CN101901183B (en) | 2009-05-31 | 2009-05-31 | Method and device of test case for filtering |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101901183A true CN101901183A (en) | 2010-12-01 |
| CN101901183B CN101901183B (en) | 2012-09-19 |
Family
ID=43226732
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN200910143823A Active CN101901183B (en) | 2009-05-31 | 2009-05-31 | Method and device of test case for filtering |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101901183B (en) |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103136098A (en) * | 2011-11-30 | 2013-06-05 | 西门子公司 | Method, device and system for fuzzing test |
| CN103853650A (en) * | 2012-11-28 | 2014-06-11 | 西门子公司 | Test case generating method and device for fuzz testing |
| CN104168161A (en) * | 2014-08-18 | 2014-11-26 | 国家电网公司 | Data construction variation algorithm based on node clone |
| US10489557B2 (en) | 2016-08-19 | 2019-11-26 | International Business Machines Corporation | Synthesis of security exploits via self-amplifying deep learning |
| CN116541854A (en) * | 2023-07-06 | 2023-08-04 | 北京华云安信息技术有限公司 | Vulnerability testing method and device, electronic equipment and storage medium |
Family Cites Families (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1920791B (en) * | 2005-08-22 | 2010-04-28 | 王彤 | Program testing system |
| CN101046763A (en) * | 2006-03-29 | 2007-10-03 | 盛趣信息技术(上海)有限公司 | Implementing method of automatic test system based on scenario |
| CN101075208B (en) * | 2007-07-19 | 2011-04-06 | 中兴通讯股份有限公司 | Method for generating examples of white-box path test |
| CN101196817A (en) * | 2008-01-04 | 2008-06-11 | 福建星网锐捷网络有限公司 | Test case generating method and system |
| CN101833508B (en) * | 2010-05-07 | 2012-06-13 | 北京大学 | JUnit test case simplification method based on execute sequences |
-
2009
- 2009-05-31 CN CN200910143823A patent/CN101901183B/en active Active
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103136098A (en) * | 2011-11-30 | 2013-06-05 | 西门子公司 | Method, device and system for fuzzing test |
| CN103136098B (en) * | 2011-11-30 | 2016-03-23 | 西门子公司 | The methods, devices and systems of fuzz testing |
| CN103853650A (en) * | 2012-11-28 | 2014-06-11 | 西门子公司 | Test case generating method and device for fuzz testing |
| CN103853650B (en) * | 2012-11-28 | 2017-03-01 | 西门子公司 | A kind of method for generating test case of fuzz testing and device |
| CN104168161A (en) * | 2014-08-18 | 2014-11-26 | 国家电网公司 | Data construction variation algorithm based on node clone |
| US10489557B2 (en) | 2016-08-19 | 2019-11-26 | International Business Machines Corporation | Synthesis of security exploits via self-amplifying deep learning |
| US11048777B2 (en) | 2016-08-19 | 2021-06-29 | International Business Machines Corporation | Synthesis of security exploits via self-amplifying deep learning |
| CN116541854A (en) * | 2023-07-06 | 2023-08-04 | 北京华云安信息技术有限公司 | Vulnerability testing method and device, electronic equipment and storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN101901183B (en) | 2012-09-19 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Noor et al. | A machine learning framework for investigating data breaches based on semantic analysis of adversary’s attack patterns in threat intelligence repositories | |
| KR101724307B1 (en) | Method and system for detecting a malicious code | |
| CN112866023B (en) | Network detection method, model training method, device, equipment and storage medium | |
| CN107659570A (en) | Webshell detection methods and system based on machine learning and static and dynamic analysis | |
| KR100894331B1 (en) | Anomaly Detection System and Method of Web Application Attacks using Web Log Correlation | |
| Mao et al. | Security importance assessment for system objects and malware detection | |
| CN110650117B (en) | Cross-site attack protection method, device, equipment and storage medium | |
| CN101901183B (en) | Method and device of test case for filtering | |
| CN111460445A (en) | Method and device for automatically identifying malicious degree of sample program | |
| CN106656924A (en) | Method and device for processing security vulnerabilities of device | |
| CN114598504A (en) | Risk assessment method and device, electronic equipment and readable storage medium | |
| CN113961930A (en) | SQL injection vulnerability detection method and device and electronic equipment | |
| Najari et al. | Malware detection using data mining techniques | |
| CN110598959A (en) | Asset risk assessment method and device, electronic equipment and storage medium | |
| US11423099B2 (en) | Classification apparatus, classification method, and classification program | |
| CN107392027A (en) | A kind of website vulnerability method of testing, test system, electronic equipment and storage medium | |
| Shi et al. | A new approach for SQL-injection detection | |
| Munson et al. | Watcher: The missing piece of the security puzzle | |
| CN115809204A (en) | SQL injection detection test method, device and medium for cloud platform WAF | |
| Duan et al. | Security Risk Assessment for Trusted Chain Optimizing Based on Grey Fixed Weight Clustering. | |
| Fathurrahmad et al. | Automatic Scanner Tools Analysis As A Website Penetration Testing: Automatic Scanner Tools Analysis As A Website Penetration Testing | |
| Suthaharan et al. | An approach for automatic selection of relevance features in intrusion detection systems | |
| WO2020194449A1 (en) | Warning device, control method, and program | |
| Dubin | Content Disarm and Reconstruction of Microsoft Office OLE files | |
| CN117290823B (en) | APP intelligent detection and safety protection method, computer equipment and medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant |