CN103268433B - Based on the mobile terminal system safety automation evaluation system attacked and method - Google Patents

Based on the mobile terminal system safety automation evaluation system attacked and method Download PDF

Info

Publication number
CN103268433B
CN103268433B CN201310222338.7A CN201310222338A CN103268433B CN 103268433 B CN103268433 B CN 103268433B CN 201310222338 A CN201310222338 A CN 201310222338A CN 103268433 B CN103268433 B CN 103268433B
Authority
CN
China
Prior art keywords
attack
safe condition
module
vector
mobile terminal
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
CN201310222338.7A
Other languages
Chinese (zh)
Other versions
CN103268433A (en
Inventor
唐杰
文红
禄全芳
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Sichuan Hengjinyi Science & Technology Co Ltd
Original Assignee
Sichuan Hengjinyi Science & Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Sichuan Hengjinyi Science & Technology Co Ltd filed Critical Sichuan Hengjinyi Science & Technology Co Ltd
Priority to CN201310222338.7A priority Critical patent/CN103268433B/en
Publication of CN103268433A publication Critical patent/CN103268433A/en
Application granted granted Critical
Publication of CN103268433B publication Critical patent/CN103268433B/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Landscapes

  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses a kind of mobile terminal system safety automation evaluation system based on attack and method, described evaluation system comprises computer terminal and multiple mobile terminal, and computer terminal comprises safe condition space module, safe condition generation module, integrated attack storehouse, vector of attack generation module, attacks driver module and results analyses module; Mobile terminal comprises module safety state setting module and attack test module.The present invention carries out test analysis under can being in different safe condition to system, can objective, accurately safely security evaluation is carried out to mobile terminal system, and not by the restriction of mobile-terminal platform resource, more easily realize the security evaluation of mobile terminal, there is the advantage that testing process is simple, operation repetition rate is low.

Description

Based on the mobile terminal system safety automation evaluation system attacked and method
Technical field
The invention belongs to mobile message security fields, relate to safety automation test, a kind of mobile terminal system safety automation evaluation system based on attack of special design and method.
Background technology
Mobile intelligent terminal safety has become the focus of industry common concern, and testing and assessing to mobile intelligent terminal security of system is the basis ensureing mobile message safety.Existing security evaluation method and instrument mainly measured security functional testing, lacks objective attack resistance performance test.In practice, because system is not different with the security setting intensity under scene in the same time, system is not in a constant safe condition always, and conventional test methodologies shortage is in the test analysis under different safe condition for system, and testing process is loaded down with trivial details, test operation repetition rate is high, subjectivity is strong.And due to the restriction of mobile-terminal platform resource, make the security evaluation system based on security functional testing method be difficult to realize.
Summary of the invention
The object of the invention is to overcome the deficiencies in the prior art, a kind of mobile terminal system safety automation evaluation system based on attack and method are provided, this system carries out test analysis under can being in different safe condition to system, can objective, accurately safely security evaluation is carried out to mobile terminal system, and not by the restriction of mobile-terminal platform resource.
The object of the invention is to be achieved through the following technical solutions: based on the mobile terminal system safety automation evaluation system attacked, it comprises computer terminal and multiple mobile terminal, and described computer terminal comprises with lower module:
Safe condition space module: according to needs to be measured, designs and customizes out safe condition space needed for each to be measured and store;
Safe condition generation module: take out space to be measured from safe condition space module, generate safe condition vector and send to the safe condition of each mobile terminal that module is set respectively, receive the feedback information of each terminal simultaneously, and be responsible for concerted attack vector generation module generation vector of attack;
Integrated attack storehouse: according to the existing attacker of each plateform system of requirement centralized stores and the instrument of Attack Classification and mapping;
Vector of attack generation module: generate respectively and attack vector of attack corresponding to space;
Attack driver module: according to test dispatching, be injected into corresponding terminal each to be measured respectively by from the vector of attack extracting attack code from the corresponding classification in integrated attack storehouse attacking space generation respectively;
Results analyses module: the size analyzing the test result of each terminal, best safety performance point and correspondence system security overhead, draws the validity of system attack resistance performance and system security function;
Described mobile terminal comprises with lower module:
Safe condition arranges module: each terminal arranges safe condition after receiving safe condition vector and feeds back to the safe condition generation module of computer terminal;
Attack test module: each terminal performs attack test respectively, draws the corresponding performance of each state.
Based on the mobile terminal system safety automation assessment method attacked, it comprises the following steps:
S1: according to needs to be measured, designs and customizes out the safe condition space A needed for each to be measured 1, A 2..., A n, and store;
S2: safe condition generation module takes out safe condition space A from safe condition space module 1, A 2..., A n, generate safe condition vector, and send to the safe condition of each mobile terminal that module is set respectively the safe condition of generation vector;
S3: the safe condition of each mobile terminal arranges after module receives safe condition vector and arranges secure status of mobile terminal, and feeds back to safe condition generation module;
S4: vector of attack generation module generates test space T respectively under the assistance of safe condition generation module 1, T 2..., T ncorresponding test vector;
S5: attack driver module according to test dispatching, respectively by test space T 1, T 2..., T nthe test vector extracting attack code G from the corresponding classification in integrated attack storehouse generated 1, G 2..., G n, and be injected into corresponding terminal each to be measured respectively;
S6: each terminal performs attack test respectively, draws the corresponding performance of each state, and analyzes test result.
The present invention proposes a kind of system and method that can cross-platformly carry out mobile terminal safety and automatically test and assess, test analysis is carried out under can being in different safe condition for system, can objective, accurately safely security evaluation is carried out to mobile terminal system, and not by the restriction of mobile-terminal platform resource, more easily realize the security evaluation of mobile terminal, there is the advantage that testing process is simple, operation repetition rate is low.
Accompanying drawing explanation
Fig. 1 is system architecture schematic diagram of the present invention;
Fig. 2 is assessment method schematic diagram of the present invention.
Embodiment
Further illustrate technical scheme of the present invention below in conjunction with accompanying drawing, but the content that the present invention protects is not limited to the following stated.
As shown in Figure 1, based on the mobile terminal system safety automation evaluation system attacked, it comprises computer terminal and multiple mobile terminal, and described computer terminal comprises with lower module:
Safe condition space module: according to needs to be measured, designs and customizes out safe condition space needed for each to be measured and store;
Safe condition generation module: take out space to be measured from safe condition space module, generate safe condition vector and send to the safe condition of each mobile terminal that module is set respectively, receive the feedback information of each terminal simultaneously, and be responsible for concerted attack vector generation module generation vector of attack;
Integrated attack storehouse: according to the existing attacker of each plateform system of requirement centralized stores and the instrument of Attack Classification and mapping;
Vector of attack generation module: generate respectively and attack vector of attack corresponding to space;
Attack driver module: according to test dispatching, be injected into corresponding terminal each to be measured respectively by from the vector of attack extracting attack code from the corresponding classification in integrated attack storehouse attacking space generation respectively;
Results analyses module: the size analyzing the test result of each terminal, best safety performance point and correspondence system security overhead, draws the validity of system attack resistance performance and system security function;
Described mobile terminal comprises with lower module:
Safe condition arranges module: each terminal arranges safe condition after receiving safe condition vector and feeds back to the safe condition generation module of computer terminal;
Attack test module: each terminal performs attack test respectively, draws the corresponding performance of each state.
As shown in Figure 2, based on the mobile terminal system safety automation assessment method attacked, it comprises the following steps:
S1: according to needs to be measured, designs and customizes out the safe condition space A needed for each to be measured 1, A 2..., A n, and store;
S2: safe condition generation module takes out safe condition space A from safe condition space module 1, A 2..., A n, generate safe condition vector, and send to the safe condition of each mobile terminal that module is set respectively the safe condition of generation vector;
S3: the safe condition of each mobile terminal arranges after module receives safe condition vector and arranges secure status of mobile terminal, and feeds back to safe condition generation module;
S4: vector of attack generation module generates test space T respectively under the assistance of safe condition generation module 1, T 2..., T ncorresponding test vector;
S5: attack driver module according to test dispatching, respectively by test space T 1, T 2..., T nthe test vector extracting attack code G from the corresponding classification in integrated attack storehouse generated 1, G 2..., G n, and be injected into corresponding terminal each to be measured respectively;
S6: each terminal performs attack test respectively, draws the corresponding performance of each state, and analyzes test result.
Related definition of the present invention and Test and analysis:
Definition 1: security function vector F: the vectorial F={f that the various security function of system is formed in certain sequence 1, f 2, f 3, f n, f irepresent the independently security function classification of a system.Such as to terminal data safety test demand F d={ authentication, control of authority, cryptographic storage, completeness check }.
Definition 2: safe condition vector S: the combination of the difference power of system security function forms a uniqueness index S={ s of characterization system current safe state power 1, s 2, s 3, s n| s i∈ (2,1,0) }; Wherein s i{ 2,1,0} represents the classification f of corresponding corresponding F to value iintensity is set for { comparatively strong, generally, without arranging }.Such as to above-mentioned F dstochastic generation S d={ 2,1,0,1} uses symbol expression system S in a safe condition d, its implication is as shown in the table.
Table 1 Safety Vectors S dimplication
Definition 3: safe condition space A: the space that all safe conditions vector S of a certain security function vector F generation are formed.
Definition 4: security of system expense o (S i): to any one safe condition vector S i, have
o ( S i ) = Σ i = 1 n s i - - - ( 1 )
Definition 5: Secure Threshold S k: in theory in safe condition space, the most intensity values S of safe condition max=2,2,2 ..., 2}, the most weak value S min=0,0,0 ..., 0}, obviously, strength S max>S 1={ 1,1,1 ..., 1}>S min.In fact any safe terminal system can take any safety practice and S min.System is often for unprofessional user sets the safe minimum threshold state of an acquiescence guarantee the safety that system is basic.If security setting is lower than S k, the anti-attack ability of system cannot meet the demand for security of domestic consumer.The S finding a security performance and security overhead the best is tested by anti-attack ability kall highly significant to mobile terminal manufacturer and user.
Definition 6: atomic strike classification G iand attack effect classification: atomic strike classification refer to have clear and definite attack effect, typically, the type of independently attack means, common comprise read class, revise class, destroy class, invade class, walk around class, crack class, deciphering class, privilege-escalation class etc.Each atom classification is for system independently security function should have clear and definite attack effect, such as deciphering class attacks lost data confidentiality, amendment class is attacked and compromised integrality etc., and defining this pass in literary composition is attack mapping, uses symbol G i∽ f jrepresent.Common classification and mapping relations as shown in the table.
Table 2 Attack Classification and mapping implication
Definition 7: attack space G: the set G={G that all atomic strike classification are formed 1, G 2, G 3, G k| G i∽ f j, i=0,1 ... k; J=0,1 ..., n}, G irepresent an atomic strike classification, G i={ g i1, g i2, g i3, g ij, g ijrepresentative classification G iexisting any one is attacked and is realized, as attacker, step or virus, wooden horse etc., and defined function sum (G i) represent G ithe number of middle element.
Define 8 vector of attack t`: each classification G from attack space G iin choose arbitrarily a daughter element g ij, form a k dimensional vector t`={t 1, t 2..., t kbe called test vector.Obviously, any component t in t` i∽ f j.The t` likely formed constitutes test space T, test vector quantity:
sum ( T ) = Π i = 1 k sum ( G i ) - - - ( 2 )
If sum (F)=n, then total test volume E (F) of F is:
E ( F ) = 3 n · Π i = 1 k sum ( G i ) - - - ( 3 )
Definition 9: test output vector R.Definition trial function:
test(S i,t` j)=R ij(4)
i=1,2 ..., sum (A), represents at safe condition S iunder, perform test vector the test obtained exports R ij={ r ij 1, r ij 2.。。, r ij k, R ijelement value be that (2,1,0) represents t` respectively jin the attack effect of each element be (effectively, undetermined, invalid).
Output vector abbreviation: that classifies to security function due to Attack Classification is mapped as multipair few mapping, so need definition to k dimensional vector R ijabbreviation is the function simple (R of n-dimensional vector one to one of classifying with security function ij), its simplifying method is as follows:
If R ijin there is element r ij a∽ f c, r ij b∽ f c, then r is got ij c=max (r ij a, r ij b) represent R ijmiddle corresponding f cunique component, wherein max represents and gets maximal value.
Definition 10: security performance d and security performance space D:
security performance
d ij ( S i , R ij ) = Σ k = 1 n ( s k - r ij k ) - - - ( 5 )
Each S icorresponding multiple d ij, need transfer to and mapping one by one.Make h=sum (T), get S icorresponding d i=min (d i1, d i2, d ih), be called S iattacking the security performance under the T of space.
Get after determining F and T, can realize test, its algorithm is as follows:
Testing algorithm: f
Above-mentioned simple is for exporting abbreviation function, and plot is Picture function, and mind represents and asks S icorresponding d ifunction, horizontal ordinate i represents S i, ordinate represents the d under this state i.

Claims (2)

1., based on the mobile terminal system safety automation evaluation system attacked, it comprises computer terminal and multiple mobile terminal, it is characterized in that: described computer terminal comprises with lower module:
Safe condition space module: according to needs to be measured, designs and customizes out safe condition space needed for each to be measured and store;
Safe condition generation module: take out space to be measured from safe condition space module, generate safe condition vector and send to the safe condition of each mobile terminal that module is set respectively, receive the feedback information of each terminal simultaneously, and be responsible for concerted attack vector generation module generation vector of attack;
Integrated attack storehouse: according to the existing attacker of each plateform system of requirement centralized stores and the instrument of Attack Classification and mapping;
Vector of attack generation module: generate respectively and attack vector of attack corresponding to space;
Attack driver module: according to test dispatching, be injected into corresponding terminal each to be measured respectively by from the vector of attack extracting attack code from the corresponding classification in integrated attack storehouse attacking space generation respectively;
Results analyses module: the size analyzing the test result of each terminal, best safety performance point and correspondence system security overhead, draws the validity of system attack resistance performance and system security function;
Described mobile terminal comprises with lower module:
Safe condition arranges module: each terminal arranges safe condition after receiving safe condition vector and feeds back to the safe condition generation module of computer terminal;
Attack test module: each terminal performs attack test respectively, draws the corresponding performance of each state.
2., based on the mobile terminal system safety automation assessment method attacked, it is characterized in that: it comprises the following steps:
S1: according to needs to be measured, designs and customizes out the safe condition space A needed for each to be measured 1, A 2..., A n, and store;
S2: safe condition generation module takes out safe condition space A from safe condition space module 1, A 2..., A n, generate safe condition vector, and send to the safe condition of each mobile terminal that module is set respectively the safe condition of generation vector;
S3: the safe condition of each mobile terminal arranges after module receives safe condition vector and arranges secure status of mobile terminal, and feeds back to safe condition generation module;
S4: vector of attack generation module generates test space T respectively under the assistance of safe condition generation module 1, T 2..., T ncorresponding test vector;
S5: attack driver module according to test dispatching, respectively by test space T 1, T 2..., T nthe test vector extracting attack code G from the corresponding classification in integrated attack storehouse generated 1, G 2..., G n, and be injected into corresponding terminal each to be measured respectively;
S6: each terminal performs attack test respectively, draws the corresponding performance of each state, and analyzes test result.
CN201310222338.7A 2013-06-06 2013-06-06 Based on the mobile terminal system safety automation evaluation system attacked and method Expired - Fee Related CN103268433B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201310222338.7A CN103268433B (en) 2013-06-06 2013-06-06 Based on the mobile terminal system safety automation evaluation system attacked and method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201310222338.7A CN103268433B (en) 2013-06-06 2013-06-06 Based on the mobile terminal system safety automation evaluation system attacked and method

Publications (2)

Publication Number Publication Date
CN103268433A CN103268433A (en) 2013-08-28
CN103268433B true CN103268433B (en) 2015-08-05

Family

ID=49012061

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201310222338.7A Expired - Fee Related CN103268433B (en) 2013-06-06 2013-06-06 Based on the mobile terminal system safety automation evaluation system attacked and method

Country Status (1)

Country Link
CN (1) CN103268433B (en)

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101447898A (en) * 2008-11-19 2009-06-03 中国人民解放军信息安全测评认证中心 Test system used for network safety product and test method thereof
CN102739652A (en) * 2012-06-07 2012-10-17 中国电子科技集团公司第三十研究所 Network anti-attack performance assessment index system establishing method and device

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8060936B2 (en) * 2008-10-21 2011-11-15 Lookout, Inc. Security status and information display system

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101447898A (en) * 2008-11-19 2009-06-03 中国人民解放军信息安全测评认证中心 Test system used for network safety product and test method thereof
CN102739652A (en) * 2012-06-07 2012-10-17 中国电子科技集团公司第三十研究所 Network anti-attack performance assessment index system establishing method and device

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
基于图的移动终端系统安全评估;唐杰,等;《信息安全与通信保密》;20130531;全文 *
抗攻击测试攻击方案生成技术研究;梁伟;《中国优秀硕士学位论文全文数据库信息科技辑》;20080731;全文 *
移动终端操作系统安全测评工具实现;唐杰,等;《信息安全与通信保密》;20130331;全文 *

Also Published As

Publication number Publication date
CN103268433A (en) 2013-08-28

Similar Documents

Publication Publication Date Title
CN110177108B (en) Abnormal behavior detection method, device and verification system
Yi et al. Web phishing detection using a deep learning framework
US20220232040A1 (en) Advanced cybersecurity threat mitigation using software supply chain analysis
Pajic et al. Attack-resilient state estimation for noisy dynamical systems
Pajic et al. Attack-resilient state estimation in the presence of noise
Liu et al. Optimal protection strategy against false data injection attacks in power systems
Hao et al. Sparse malicious false data injection attacks and defense mechanisms in smart grids
CN104838385A (en) Device authentication using physically unclonable function based key generation system
Ustun et al. Artificial intelligence based intrusion detection system for IEC 61850 sampled values under symmetric and asymmetric faults
CN103516511A (en) Method and device for detecting encryption algorithm and secret key
Anwar et al. A data-driven approach to distinguish cyber-attacks from physical faults in a smart grid
WO2009047113A1 (en) Apparatus for reconfiguration of a technical system based on security analysis and a corresponding technical decision support system and computer program product
CN103560877B (en) Attack the method and device of key
CN106469282A (en) data access authority control method and device
US11706017B2 (en) Integration of blockchain-enabled readers with blockchain network using machine-to-machine communication protocol
Babun et al. A system-level behavioral detection framework for compromised CPS devices: Smart-grid case
CN109389181A (en) The correlation rule generation method and device of power grid anomalous event
Tian et al. Data‐Driven and Low‐Sparsity False Data Injection Attacks in Smart Grid
CN108055228A (en) A kind of intelligent grid intruding detection system and method
CN116366374B (en) Security assessment method, system and medium for power grid network management based on big data
Puri et al. Application of ensemble Machine Learning models for phishing detection on web networks
Waghmare et al. Data driven approach to attack detection in a cyber-physical smart grid system
CN104618175A (en) Network abnormity detection method
Kim et al. A novel vulnerability analysis approach to generate fuzzing test case in industrial control systems
CN103268433B (en) Based on the mobile terminal system safety automation evaluation system attacked and method

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
CF01 Termination of patent right due to non-payment of annual fee
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20150805