CN103268433A - Mobile terminal system security automatic evaluation system and method based on attack - Google Patents

Mobile terminal system security automatic evaluation system and method based on attack Download PDF

Info

Publication number
CN103268433A
CN103268433A CN2013102223387A CN201310222338A CN103268433A CN 103268433 A CN103268433 A CN 103268433A CN 2013102223387 A CN2013102223387 A CN 2013102223387A CN 201310222338 A CN201310222338 A CN 201310222338A CN 103268433 A CN103268433 A CN 103268433A
Authority
CN
China
Prior art keywords
attack
module
safe condition
vector
terminal
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN2013102223387A
Other languages
Chinese (zh)
Other versions
CN103268433B (en
Inventor
唐杰
文红
禄全芳
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Sichuan Hengjinyi Science & Technology Co Ltd
Original Assignee
Sichuan Hengjinyi Science & Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Sichuan Hengjinyi Science & Technology Co Ltd filed Critical Sichuan Hengjinyi Science & Technology Co Ltd
Priority to CN201310222338.7A priority Critical patent/CN103268433B/en
Publication of CN103268433A publication Critical patent/CN103268433A/en
Application granted granted Critical
Publication of CN103268433B publication Critical patent/CN103268433B/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Landscapes

  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses a mobile terminal system security automatic evaluation system and method based on attack. The evaluation system comprises a computer terminal and a plurality of mobile terminals. The computer terminal comprises a safe state space module, a safe state generating module, a centralized attack base, an attack vector generating module, an attack driving module and a result analysis module. Each mobile terminal comprises a module safe state setting module and an attack testing module. The mobile terminal system security automatic evaluation system and method based on the attack can conduct test analysis of a mobile terminal system in different safe states, can objectively and accurately conduct safety evaluation on the mobile terminal system, is free of limitation caused by mobile terminal platform resources, and enables the safety evaluation of a mobile terminal to be easily achieved. In addition, the mobile terminal system security automatic evaluation system and method based on the attack has the advantages of being simple in testing process and low in repetition rate of operation.

Description

Based on the automatic evaluation system of mobile terminal system safety and the method for attacking
Technical field
The invention belongs to the mobile message security fields, relate to safely test automatically, design a kind of based on the automatic evaluation system of mobile terminal system safety and the method for attacking especially.
Background technology
Mobile intelligent terminal safety has become the focus of industry common concern, and it is the basis that guarantees mobile message safety that the mobile intelligent terminal security of system is tested and assessed.Existing security evaluation method and instrument mainly are based on the security function test of standard, lack objective anti-attack performance test.In practice, since system different constantly with scene under safety that intensity is set is different, system is in a constant safe condition always, and conventional test methodologies lacks at system and is in test analysis under the different safe conditions, and testing process is loaded down with trivial details, and test operation repetition rate height, subjectivity are strong.And because the restriction of mobile-terminal platform resource, feasible security evaluation system based on the security function method of testing is difficult to realize.
Summary of the invention
The objective of the invention is to overcome the deficiencies in the prior art, provide a kind of based on the automatic evaluation system of mobile terminal system safety and the method for attacking, can be in system and carry out test analysis under the different safe conditions, can be objective, accurately mobile terminal system is carried out security evaluation safely, and be not subjected to the restriction of mobile-terminal platform resource.
The objective of the invention is to be achieved through the following technical solutions: based on the automatic evaluation system of attacking of mobile terminal system safety, it comprises computer terminal and a plurality of portable terminal, and described computer terminal comprises with lower module:
Safe condition space module: according to needs to be measured, design and customize out each required safe condition space to be measured and storage;
Safe condition generation module: from the state space module, take out space to be measured, generate the vectorial safe condition that also sends to each portable terminal respectively of safe condition module is set, accept the feedback information of each terminal simultaneously, and responsible concerted attack vector generates;
Integrated attack storehouse: require the existing attacker of each plateform system of centralized stores and instrument according to what attack classification and mapping;
Vector of attack generation module: generate the vector of attack of attacking the space correspondence respectively;
Attack driver module: according to test dispatching, be injected into each corresponding terminal to be measured respectively by from attack the corresponding classification in storehouse, extracting attack code from the vector of attack of attacking the space generation respectively;
Results analyses module: analyze the test result, best safety performance point of each terminal and the size of corresponding security of system expense, the validity of the anti-attack performance of the system that draws and system security function;
Described portable terminal comprises with lower module:
Safe condition arranges module: each terminal receives the safe condition generation module that safe condition is set behind the safe condition vector and feeds back to computer terminal;
The attack test module: each terminal is carried out attack test respectively, draws the corresponding performance of each state.
Based on the automatic assessment method of attacking of mobile terminal system safety, it may further comprise the steps:
S1: according to needs to be measured, design and customize out each required safe condition space A to be measured 1, A 2..., A n, and storage;
S2: the safe condition generation module takes out safe condition space A from the state space module 1, A 2..., A n, generate the safe condition vector, and the safe condition that the safe condition vector that generates sends to each portable terminal respectively arranged module;
S3: the safe condition of each portable terminal arranges and after module receives the safe condition vector secure status of mobile terminal is set, and feeds back to the safe condition generation module;
S4: the vector of attack generation module generates test space T respectively under the assistance of safe condition generation module 1, T 2..., T nCorresponding test vector;
S5: attack driver module according to test dispatching, respectively by test space T 1, T 2..., T nThe test vector that generates extracts attack code G from the corresponding classification in integrated attack storehouse 1, G 2..., G n, and be injected into each corresponding terminal to be measured respectively;
S6: each terminal is carried out attack test respectively, draws the corresponding performance of each state, and test result is analyzed.
The present invention proposes a kind of system and method that can cross-platformly carry out the automatic test and appraisal of portable terminal safety, can be at system and carry out test analysis under the different safe conditions, can be objective, accurately mobile terminal system is carried out security evaluation safely, and be not subjected to the restriction of mobile-terminal platform resource, the security evaluation of easier realization portable terminal has that testing process is simple, the low advantage of operation repetition rate.
Description of drawings
Fig. 1 is system architecture synoptic diagram of the present invention;
Fig. 2 is assessment method schematic diagram of the present invention.
Embodiment
Further specify technical scheme of the present invention below in conjunction with accompanying drawing, but the content that the present invention protects is not limited to the following stated.
As shown in Figure 1, based on the automatic evaluation system of attacking of mobile terminal system safety, it comprises computer terminal and a plurality of portable terminal, and described computer terminal comprises with lower module:
Safe condition space module: according to needs to be measured, design and customize out each required safe condition space to be measured and storage;
Safe condition generation module: from the state space module, take out space to be measured, generate the vectorial safe condition that also sends to each portable terminal respectively of safe condition module is set, accept the feedback information of each terminal simultaneously, and responsible concerted attack vector generates;
Integrated attack storehouse: require the existing attacker of each plateform system of centralized stores and instrument according to what attack classification and mapping;
Vector of attack generation module: generate the vector of attack of attacking the space correspondence respectively;
Attack driver module: according to test dispatching, be injected into each corresponding terminal to be measured respectively by from attack the corresponding classification in storehouse, extracting attack code from the vector of attack of attacking the space generation respectively;
Results analyses module: analyze the test result, best safety performance point of each terminal and the size of corresponding security of system expense, the validity of the anti-attack performance of the system that draws and system security function;
Described portable terminal comprises with lower module:
Safe condition arranges module: each terminal receives the safe condition generation module that safe condition is set behind the safe condition vector and feeds back to computer terminal;
The attack test module: each terminal is carried out attack test respectively, draws the corresponding performance of each state.
As shown in Figure 2, based on the automatic assessment method of attacking of mobile terminal system safety, it may further comprise the steps:
S1: according to needs to be measured, design and customize out each required safe condition space A to be measured 1, A 2..., A n, and storage;
S2: the safe condition generation module takes out safe condition space A from the state space module 1, A 2..., A n, generate the safe condition vector, and the safe condition that the safe condition vector that generates sends to each portable terminal respectively arranged module;
S3: the safe condition of each portable terminal arranges and after module receives the safe condition vector secure status of mobile terminal is set, and feeds back to the safe condition generation module;
S4: the vector of attack generation module generates test space T respectively under the assistance of safe condition generation module 1, T 2..., T nCorresponding test vector;
S5: attack driver module according to test dispatching, respectively by test space T 1, T 2..., T nThe test vector that generates extracts attack code G from the corresponding classification in integrated attack storehouse 1, G 2..., G n, and be injected into each corresponding terminal to be measured respectively;
S6: each terminal is carried out attack test respectively, draws the corresponding performance of each state, and test result is analyzed.
Related definition of the present invention and test and appraisal are analyzed:
Definition 1: security function vector F: the vectorial F={f that the various security functions of system constitute in certain sequence 1, f 2, f 3, f n, f iRepresent the independently security function classification of a system.For example to terminal data safety test demand F d={ authentication, control of authority are encrypted storage, completeness check }.
Definition 2: safe condition vector S: different strong and weak uniqueness index S={ s that constitute characterization system current safe state power of system security function 1, s 2, s 3, s n| s i∈ (2,1,0) }; S wherein iValue { 2,1,0 } is represented the classification f of corresponding corresponding F iIntensity is set is { stronger, general, as not have setting }.For example to above-mentioned F dGenerate a S at random dSymbol is used in={ 2,1,0,1 }
Figure BDA00003309962900031
The expression system is in a safe condition S d, its implication is as shown in the table.
The vectorial S of table 1 safety dImplication
Function f i Value Implication
Password is differentiated 2 The strong password identity is set to be differentiated
Control of authority 1 Common authority access control is set
Encrypt storage 0 Do not adopt and encrypt storage
Complete checks 1 Adopt the verification of common intensity
Definition 3: safe condition space A: the space that all safe condition vector S that a certain security function vector F is generated constitute.
Definition 4: security of system expense o(S i): to any one safe condition vector S i, have
o ( S i ) = Σ i = 1 n s i - - - ( 1 )
Definition 5: safe thresholding S k: in theory in the safe condition space, the strongest value S of safe condition Max=2,2,2 ..., 2 }, the most weak value S Min=0,0,0 ..., 0 }, obviously, strength S MaxS 1={ 1,1,1 ..., 1}〉and S MinIn fact can to take any safety practice be S to any safe terminal system MinSystem tends to set into unprofessional user the safe minimum threshold state of an acquiescence
Figure BDA00003309962900044
Guarantee the safety that system is basic.If safety setting is lower than S k, the anti-attack ability of system can't satisfy the demand for security of domestic consumer.Test to seek the S an of security performance and security overhead the best by anti-attack ability kAll be highly significant to portable terminal manufacturer and user.
Definition 6: atomic strike classification G iAnd attack effect classification: the atomic strike classification refer to have clear and definite attack effect, typically, the type of attack means independently, common comprise read class, revise class, destroy class, invade class, walk around class, crack class, deciphering class, privilege-escalation class etc.Each former subclassification is at system's security function independently
Figure BDA00003309962900045
Should have clear and definite attack effect, for example decipher class and attack the lost data confidentiality, revise class and attack and damaged integrality etc., this pass of definition is to attack mapping in the literary composition, uses symbol G i∽ f jExpression.Common classification and mapping relations are as shown in the table.
Table 2 is attacked classification and mapping implication
Atomic strike Mapping The attack effect implication
Revise class Complete checks The corrupt data integrality
Destroy class Availability Damaged system availability
The invasion class Control of authority Illegally obtain corresponding authority
Walk around class The audit monitoring Walk around system audit mechanism
Promote class Control of authority The higher authority of illegal acquisition
Crack class Authentication Crack user password
The deciphering class Encrypt storage The decrypted user confidential data
Definition 7: attack space G: the set G={G that all atomic strike classification constitute 1, G 2, G 3, G k| G i∽ f j, i=0,1 ... k; J=0,1 ..., n}, G iRepresent an atomic strike classification, G i={ g I1, g I2, g I3, g Ij, g IjRepresentative classification G iExisting any one attacked and realized, as attacker, step or virus, wooden horse etc., and defined function sum(G i) expression G iThe number of middle element.
Define 8 vector of attack t`: each classification G from attack space G iIn choose a daughter element g arbitrarily Ij, constitute a k dimensional vector t`={ t 1, t 2..., t kBe called test vector.Obviously, any component t among the t` i∽ f jThe t` that might constitute formed test space T, test vector quantity:
sum ( T ) = Π i = 1 k sum ( G i ) - - - ( 2 )
If sum(F)=n, then total test volume E(F of F) be:
E ( F ) = 3 n · Π i = 1 k sum ( G i ) - - - ( 3 )
Definition 9: test output vector R.The definition trial function:
R ij = { r ij 1 , r ij 2 . . . , r ij k } ,
I=1,2 ..., sum (A) is illustrated in safe condition S iCarry out test vector down,
Figure BDA00003309962900056
The test output that obtains
Figure BDA00003309962900057
R IjThe element value be that (2,1,0) is represented respectively
Figure BDA00003309962900058
In the attack effect of each element be (effectively, undetermined, invalid).
Output vector abbreviation: because the attack classification is many to few mapping to being mapped as of security function classification, so need definition to k dimensional vector R IjAbbreviation for the security function function simple(R of n-dimensional vector one to one that classifies Ij), its simplifying method is as follows:
If R IjIn have element
Figure BDA000033099629000510
Then get
Figure BDA000033099629000511
Expression R IjIn corresponding f cUnique component, wherein max represents to get maximal value.
Definition 10: security performance d and security performance space D:
Sys ⋐ S i , S i ⋐ A , Security performance d ij ( S i , R ij ) = Σ k = 1 n ( s k - r ij k ) - - - ( 5 )
Each S iCorresponding a plurality of d Ij, need transfer mapping one by one to.Make h=sum(T), get S iCorresponding d i=min(d I1, d I2, d Ih), be called S iIn the security performance of attacking under the T of space.
Get decide F and T after, can realize the test, its algorithm is as follows:
Testing algorithm: S i ⋐ A , t j ⋐ T , F
Figure BDA000033099629000517
Above-mentioned simple is output abbreviation function, and plot is the picture function, and mind represents to ask S iCorresponding d iFunction, horizontal ordinate i represents S i, ordinate is represented the d under this state i

Claims (2)

1. based on the automatic evaluation system of attacking of mobile terminal system safety, it comprises computer terminal and a plurality of portable terminal, it is characterized in that: described computer terminal comprises with lower module:
Safe condition space module: according to needs to be measured, design and customize out each required safe condition space to be measured and storage;
Safe condition generation module: from the state space module, take out space to be measured, generate the vectorial safe condition that also sends to each portable terminal respectively of safe condition module is set, accept the feedback information of each terminal simultaneously, and responsible concerted attack vector generates;
Integrated attack storehouse: require the existing attacker of each plateform system of centralized stores and instrument according to what attack classification and mapping;
Vector of attack generation module: generate the vector of attack of attacking the space correspondence respectively;
Attack driver module: according to test dispatching, be injected into each corresponding terminal to be measured respectively by from attack the corresponding classification in storehouse, extracting attack code from the vector of attack of attacking the space generation respectively;
Results analyses module: analyze the test result, best safety performance point of each terminal and the size of corresponding security of system expense, the validity of the anti-attack performance of the system that draws and system security function;
Described portable terminal comprises with lower module:
Safe condition arranges module: each terminal receives the safe condition generation module that safe condition is set behind the safe condition vector and feeds back to computer terminal;
The attack test module: each terminal is carried out attack test respectively, draws the corresponding performance of each state.
2. based on the automatic assessment method of attacking of mobile terminal system safety, it is characterized in that: it may further comprise the steps:
S1: according to needs to be measured, design and customize out each required safe condition space A to be measured 1, A 2..., A n, and storage;
S2: the safe condition generation module takes out safe condition space A from the state space module 1, A 2..., A n, generate the safe condition vector, and the safe condition that the safe condition vector that generates sends to each portable terminal respectively arranged module;
S3: the safe condition of each portable terminal arranges and after module receives the safe condition vector secure status of mobile terminal is set, and feeds back to the safe condition generation module;
S4: the vector of attack generation module generates test space T respectively under the assistance of safe condition generation module 1, T 2..., T nCorresponding test vector;
S5: attack driver module according to test dispatching, respectively by test space T 1, T 2..., T nThe test vector that generates extracts attack code G from the corresponding classification in integrated attack storehouse 1, G 2..., G n, and be injected into each corresponding terminal to be measured respectively;
S6: each terminal is carried out attack test respectively, draws the corresponding performance of each state, and test result is analyzed.
CN201310222338.7A 2013-06-06 2013-06-06 Based on the mobile terminal system safety automation evaluation system attacked and method Expired - Fee Related CN103268433B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201310222338.7A CN103268433B (en) 2013-06-06 2013-06-06 Based on the mobile terminal system safety automation evaluation system attacked and method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201310222338.7A CN103268433B (en) 2013-06-06 2013-06-06 Based on the mobile terminal system safety automation evaluation system attacked and method

Publications (2)

Publication Number Publication Date
CN103268433A true CN103268433A (en) 2013-08-28
CN103268433B CN103268433B (en) 2015-08-05

Family

ID=49012061

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201310222338.7A Expired - Fee Related CN103268433B (en) 2013-06-06 2013-06-06 Based on the mobile terminal system safety automation evaluation system attacked and method

Country Status (1)

Country Link
CN (1) CN103268433B (en)

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101447898A (en) * 2008-11-19 2009-06-03 中国人民解放军信息安全测评认证中心 Test system used for network safety product and test method thereof
US20120060222A1 (en) * 2008-10-21 2012-03-08 Lookout, Inc. Security status and information display system
CN102739652A (en) * 2012-06-07 2012-10-17 中国电子科技集团公司第三十研究所 Network anti-attack performance assessment index system establishing method and device

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20120060222A1 (en) * 2008-10-21 2012-03-08 Lookout, Inc. Security status and information display system
CN101447898A (en) * 2008-11-19 2009-06-03 中国人民解放军信息安全测评认证中心 Test system used for network safety product and test method thereof
CN102739652A (en) * 2012-06-07 2012-10-17 中国电子科技集团公司第三十研究所 Network anti-attack performance assessment index system establishing method and device

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
唐杰,等: "基于图的移动终端系统安全评估", 《信息安全与通信保密》 *
唐杰,等: "移动终端操作系统安全测评工具实现", 《信息安全与通信保密》 *
梁伟: "抗攻击测试攻击方案生成技术研究", 《中国优秀硕士学位论文全文数据库信息科技辑》 *

Also Published As

Publication number Publication date
CN103268433B (en) 2015-08-05

Similar Documents

Publication Publication Date Title
CN103839005B (en) The malware detection method of Mobile operating system and malware detection system
CN107169499B (en) Risk identification method and device
WO2018111601A1 (en) Tamper detection system
CN106576047B (en) Make Password Operations from the method and apparatus of malicious modification
CN103929425A (en) Identity registration and identity authentication method, device and system
CN103577835A (en) Method using multi-dimensional feature vectors to detect IP ID covert channel
CN107871080A (en) The hybrid Android malicious code detecting methods of big data and device
Cuzzocrea et al. A novel structural-entropy-based classification technique for supporting android ransomware detection and analysis
CN109525399A (en) A method of the system authentication of power grid intelligent mobile terminal is realized based on PUF
Kang et al. Performance evaluation of the first commercial PUF-embedded RFID
Shrivastava et al. Data leakage detection in Wi-Fi networks
CN107294981B (en) Authentication method and equipment
CN205015906U (en) Anti -fake verification system of electron certificate
Cobb Exploitation of unintentional information leakage from integrated circuits
CN110061973B (en) Authorization method and device
Barabanov et al. Russian it security certification scheme: Steps toward common criteria approach
CN102571810B (en) Dynamic password authentication method based on hardware digital certificate carrier and dynamic password authentication system thereof
CN108616533B (en) Sensitive data encryption method and device
CN104102858A (en) Application program encryption processing method, application program encryption processing device and terminal
CN103268433A (en) Mobile terminal system security automatic evaluation system and method based on attack
Burrows et al. A mobile forensic investigation into steganography
CN105138894B (en) A kind of identifying code safety defense method, system and device
Mohamed et al. Protecting wireless data transmission in mobile application systems using digital watermarking technique
De et al. Trusted cloud-and femtocell-based biometric authentication for mobile networks
CN106156591A (en) A kind of smart phone user Transparent Authentication method under cloud environment

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20150805

CF01 Termination of patent right due to non-payment of annual fee