CN107305529A - The method and apparatus for detecting target software - Google Patents
The method and apparatus for detecting target software Download PDFInfo
- Publication number
- CN107305529A CN107305529A CN201610263971.4A CN201610263971A CN107305529A CN 107305529 A CN107305529 A CN 107305529A CN 201610263971 A CN201610263971 A CN 201610263971A CN 107305529 A CN107305529 A CN 107305529A
- Authority
- CN
- China
- Prior art keywords
- case
- test
- test elements
- target detection
- target
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/36—Preventing errors by testing or debugging software
- G06F11/3668—Software testing
- G06F11/3672—Test management
- G06F11/3684—Test management for test design, e.g. generating new test cases
Abstract
The invention discloses a kind of method and apparatus for detecting target software.Wherein, this method includes:Target detection use-case is obtained, wherein, target detection use-case includes the test file after variation;Monitoring operational objective test case in target software;If monitoring exception, it is determined that target software has security breaches.The present invention solves existing fuzz testing method and only focuses on parsing and encoding and decoding processing procedure of the target software to file format, causes the technical problem that testing efficiency is low.
Description
Technical field
The present invention relates to internet security field, in particular to a kind of method and apparatus for detecting target software.
Background technology
Existing software test scheme can use analog detection method, for example, new code is added in browser software
Afterwards, for bug excavation engineer, this is a new attack face of browser, has also there is engineer couple
This partial code carries out fuzz testing and attempts to look for the safety defect and leak of browser software, but current fuzzy survey
Method for testing is still using traditional method that fuzz testing is carried out for file:
First method is the fuzz testing method based on variation, implements step as follows:1) substantial amounts of sample is collected
File;2) row variation is entered to sample file;3) test file after variation is input to target software, seen whether
There is abnormal generation, report finds safety defect if exception is observed.
Another method is the fuzz testing method based on generation, and this method testing sample file is to understand file
Row variation generation is entered to the numerical value of each field of file on the basis of form, other steps become with being based in addition
Different fuzz testing method is similar.Therefore, fuzz testing method based on variation and the fuzz testing method based on generation
Focus is simply all placed on target software in the parsing and encoding and decoding processing procedure of file format.
Parsing and encoding and decoding processing procedure of the target software to file format are only focused on for existing fuzz testing method,
Cause the technical problem that testing efficiency is low, effective solution is not yet proposed at present.
The content of the invention
The embodiments of the invention provide a kind of method and apparatus for detecting target software, at least to solve existing fuzzy survey
Method for testing only focuses on parsing and encoding and decoding processing procedure of the target software to file format, causes the technology that testing efficiency is low
Problem.
One side according to embodiments of the present invention there is provided it is a kind of detect target software method, including:Obtain mesh
Test case is marked, wherein, target detection use-case includes the test file after variation;Monitoring runs mesh in target software
Mark test case;If monitoring exception, it is determined that target software has security breaches.
Another aspect according to embodiments of the present invention, additionally provides a kind of device for detecting target software, including:First
Acquiring unit, for obtaining target detection use-case, wherein, the target detection use-case includes the test file after variation;
Monitoring unit, for monitoring the operational objective test case in target software;First determining unit, if for monitoring
To exception, it is determined that target software has security breaches.
In embodiments of the present invention, can obtain variation after test file, get variation after test file it
Afterwards, obtain and target survey is run in the target detection use-case for including the test file after variation, real-time monitoring objective software
Whether example on probation is abnormal, if monitoring exception, it is determined that the target software has security breaches.
It is easily noted that, above-mentioned detection target software of the invention whether there is in the method for security breaches, the mesh used
The test file after variation is contained in mark test case, i.e., for needing to add in the target detection use-case tested
Test file after corresponding variation, such as the video measurement use-case after making a variation, the video measurement use-case and target detection
Functional test use-case in use-case is associated.Based on such a test case, monitoring runs the target in the target software
The situation of test case, and then determine that the target software whether there is security breaches.Therefore, the embodiment of the present application is passed through
The scheme provided, it is possible to achieve on the basis of the existing fuzz testing method based on variation, focus is placed on
Target software is mainly put to the processing procedure of the event corresponding to the test file after variation, the i.e. focus of test process
In processing procedure of the target software to the test file after variation, more code flows of browser software can be tested,
The event handling logic leak and multiple threads of target software related safety defect and leak can be found.
Thus, the such scheme that the present invention is provided solves existing fuzz testing method and only focuses on target software to file
The parsing of form and encoding and decoding processing procedure, cause the technical problem that testing efficiency is low.
Brief description of the drawings
Accompanying drawing described herein is used for providing a further understanding of the present invention, constitutes the part of the application, this hair
Bright schematic description and description is used to explain the present invention, does not constitute inappropriate limitation of the present invention.In accompanying drawing
In:
Fig. 1 is a kind of hardware configuration frame of the terminal of the method for detection target software according to the embodiment of the present application
Figure;
Fig. 2 is a kind of flow chart of the method for according to embodiments of the present invention one detection target software;
Fig. 3 is a kind of flow chart of the method for according to embodiments of the present invention one optional detection target software;
Fig. 4 is a kind of flow chart of the method for according to embodiments of the present invention one optional generation HTML test cases;
Fig. 5 is a kind of schematic diagram of the device of according to embodiments of the present invention two detection target software;
Fig. 6 is a kind of schematic diagram of the device of according to embodiments of the present invention two optional detection target software;
Fig. 7 is a kind of schematic diagram of the device of according to embodiments of the present invention two optional detection target software;
Fig. 8 is a kind of schematic diagram of the device of according to embodiments of the present invention two optional detection target software;
Fig. 9 is a kind of schematic diagram of the device of according to embodiments of the present invention two optional detection target software;
Figure 10 is a kind of schematic diagram of the device of according to embodiments of the present invention two optional detection target software;And
Figure 11 is a kind of structured flowchart of terminal according to the embodiment of the present application.
Embodiment
In order that those skilled in the art more fully understand the present invention program, below in conjunction with the embodiment of the present invention
Accompanying drawing, the technical scheme in the embodiment of the present invention is clearly and completely described, it is clear that described embodiment
The only embodiment of a present invention part, rather than whole embodiments.Based on the embodiment in the present invention, ability
The every other embodiment that domain those of ordinary skill is obtained under the premise of creative work is not made, should all belong to
The scope of protection of the invention.
It should be noted that term " first " in description and claims of this specification and above-mentioned accompanying drawing, "
Two " etc. be for distinguishing similar object, without for describing specific order or precedence.It should be appreciated that this
The data that sample is used can be exchanged in the appropriate case, so as to embodiments of the invention described herein can with except
Here the order beyond those for illustrating or describing is implemented.In addition, term " comprising " and " having " and they
Any deformation, it is intended that covering is non-exclusive to be included, for example, containing process, the side of series of steps or unit
Method, system, product or equipment are not necessarily limited to those steps clearly listed or unit, but may include unclear
It is that ground is listed or for the intrinsic other steps of these processes, method, product or equipment or unit.
First, the part noun or term occurred during the embodiment of the present application is described is applied to following solution
Release:
Leak:Be hardware, software, agreement implement or System Security Policy present on defect, so as to
So that attacker can access or destroy system in the case of unauthorized.
Fuzz testing (Fuzzing):It is a kind of technological means of bug excavation, it to target software by providing unexpected
Input and find software defect and leak by monitoring abnormal results.
HTML5 standards:HTML5 is the newest revision versions of HTML, and in October, 2014 is complete by World Wide Web Consortium (W3C)
Into standard formulation.HTML5 target is HTML4.01 the and XHTML1.0 standards that substitution is formulated for 1999 so as to accord with
Be fated generation web application demand.
Video elementary, a kind of label that can be newly added in HTML5 standards so that webpage no longer needs similar flash
Control carry out the broadcasting of video, pause, the operation such as F.F..
Mutation operation:Some bytes including changing sample file, such as inserting at an arbitrary position or delete character.
Test file after variation:Carry out the test file after mutation operation.
Test case:It is one group of test input, execution condition and the expected results worked out for special objective, so as to
Whether test target software path or verification meet particular demands.
It is abnormal:Ask or software operation in it is any with expecting the result run counter to.
Embodiment 1
According to embodiments of the present invention, a kind of embodiment of the method for detecting target software is additionally provided, it is necessary to illustrate,
It can be performed the step of the flow of accompanying drawing is illustrated in the computer system of such as one group computer executable instructions,
And, although logical order is shown in flow charts, but in some cases, can be with suitable different from herein
Sequence performs shown or described step.
The embodiment of the method that the embodiment of the present application one is provided can be in mobile terminal, terminal or similar fortune
Calculate in device and perform.Exemplified by running on computer terminals, Fig. 1 is a kind of detection mesh according to the embodiment of the present application
Mark the hardware block diagram of the terminal of the method for software.As shown in figure 1, terminal 10 can include one
(processor 102 can include but is not limited to Micro-processor MCV to individual or multiple (one is only shown in figure) processor 102
Or PLD FPGA etc. processing unit), the memory 104 for data storage and for communicating
The transport module 106 of function.It will appreciated by the skilled person that the structure shown in Fig. 1 is only signal, its
The structure to above-mentioned electronic installation does not cause to limit.For example, terminal 10 may also include than shown in Fig. 1 more
Many either less components or with the configuration different from shown in Fig. 1.
The target that memory 104 can be used in the software program and module of storage application software, such as embodiment of the present invention
Corresponding programmed instruction/the module of method of software, processor 102 is stored in the software journey in memory 104 by operation
Sequence and module, so that perform various function application and data processing, that is, the method for realizing above-mentioned target software.
Memory 104 may include high speed random access memory, may also include nonvolatile memory, such as one or more magnetic
Storage device, flash memory or other non-volatile solid state memories.In some instances, memory 104 can enter one
Step includes the memory remotely located relative to processor 102, and these remote memories can pass through network connection to meter
Calculation machine terminal 10.The example of above-mentioned network includes but is not limited to internet, intranet, LAN, mobile communication
Net and combinations thereof.
Transmitting device 106 is used to data are received or sent via a network.Above-mentioned network instantiation may include
The wireless network that the communication providerses of terminal 10 are provided.In an example, transmitting device 106 includes one
Network adapter (Network Interface Controller, NIC), it can pass through base station and other network equipments
It is connected to be communicated with internet.In an example, transmitting device 106 can be radio frequency (Radio
Frequency, RF) module, it is used to wirelessly be communicated with internet.
Under above-mentioned running environment, this application provides the method for target software as shown in Figure 2.Fig. 2 is according to this
A kind of flow chart of the method for detection target software of inventive embodiments one, method as shown in Figure 2 can include as follows
Step:
Step S22, obtains target detection use-case, wherein, target detection use-case includes the test file after variation.
Optionally, the test file after above-mentioned variation can be that video measurement use-case, audio-frequency test use-case etc. are rendered
There is the object of specific identifier function, above-mentioned target detection use-case can be HTML test cases in target web.
The present invention passes through the new addition video elementary in HTML5 standards so that webpage no longer needs similar flash control
Part carries out the operation such as broadcasting, pause and F.F. of video.Introduce video elementary in HTML5 standards, it is corresponding the need for
The new code of addition in the target software (such as browser) for running the HTML, the present invention is by by the survey after variation
Examination file (such as video measurement use-case) is added in HTML test cases to carry out simulation test, for test run
The target software (such as browser) that with the addition of the HTML5 of the code of video elementary whether there is attack face.
In a kind of optional scheme with reference to shown in Fig. 3, can based on video file variation generate video measurement use-case,
It is traditional fuzz testing method for file format based on file variation, is all that field is done to original file of input
Conversion, for example, field increases, the operation such as field reduction.The HTML tests comprising video measurement use-case can be generated to use
Example, that is, generate the HTML test case associated with video measurement use-case, in HTML test cases, except can be with
Addition code enables browser to parse outside video measurement use-case, and following two operations can also be done at random:Addition
The event handling function operation of the scaling of video, the operation such as F.F., and addition video and in event handling function operation
Middle addition risky operation.
Herein it should be noted that any one behaviour in above two operation can be at random in HTML test cases
Make, i.e., the scaling of video added in HTML test cases, F.F. etc. is operated, or in HTML test cases
The event handling function operation of addition video simultaneously adds risky operation in event handling function operation;It can also do simultaneously
Above two is operated, i.e., the scaling of video is added in HTML test cases, F.F. etc. is operated, and adds the thing of video
Part handles function operation and adds risky operation in event handling function operation.
Step S24, monitoring operational objective test case in target software.
Step S26, if monitoring exception, it is determined that target software has security breaches.
Optionally, above-mentioned target software can be browser or the application software for opening HTML test cases.
In the above embodiments of the present application, browser or application software fortune can be monitored using python Winappbg modules
Abnormal information during row.
In a kind of optional scheme, operation HTML test cases in a browser can be monitored, with reference to shown in Fig. 3
Example understands that browser is surveyed according to the operation added in HTML test cases to the video included in HTML test cases
Example on probation is parsed, if browser process monitors exception, i.e. browser and pressed when parsing HTML test cases
Video measurement use-case is operated according to the operation in HTML test cases, occurred abnormal, it is determined that browser has peace
Full leak, can preserve the test case of correlation, including HTML test cases and related video file test case.
In scheme disclosed in the above embodiments of the present application one, the test file after variation can be obtained, variation is being got
After test file afterwards, the target detection use-case for including the test file after variation, real-time monitoring objective software are obtained
Whether middle operation target detection use-case is abnormal, if monitoring exception, it is determined that target software has security breaches.
It is easily noted that, above-mentioned detection target software of the invention whether there is in the method for security breaches, the mesh used
The test file after variation is contained in mark test case, i.e., for needing to add in the target detection use-case tested
Test file after corresponding variation, such as the video measurement use-case after making a variation, the video measurement use-case and target detection
Functional test use-case in use-case is associated.Based on such a test case, monitoring runs the target in the target software
The situation of test case, and then determine that the target software whether there is security breaches.Therefore, the embodiment of the present application is passed through
The scheme provided, it is possible to achieve on the basis of the existing fuzz testing method based on variation, focus is placed on
Target software is mainly put to the processing procedure of the event corresponding to the test file after variation, the i.e. focus of test process
In processing procedure of the target software to the test file after variation, the more of browser software can be tested.
Thus, the scheme of above-described embodiment one that the application is provided solves existing fuzz testing method and only focuses on target
Parsing and encoding and decoding processing procedure of the software to file format, cause the technical problem that testing efficiency is low.
In the above embodiments of the present application, in the case where target detection use-case is webpage test case, obtain comprising change
The target detection use-case of test file after different, step S22 obtains target detection use-case, may include steps of:
Step S242, creates test elements, and test elements are associated with the test file after variation.
Optionally, above-mentioned test elements can be video elementary.In the above embodiments of the present application, test elements can
Think that, added to the label in the code of target detection use-case, the label information of label can include:Test after variation
The file name of file, the essential information of use-case in the test file of file size.
In a kind of optional scheme, test elements can be added to the video measurement use-case in HTML test cases
Label, includes the file name of video measurement use-case, file size.
Step S244, by adding the data corresponding to test elements in target detection use-case, is obtained comprising after variation
Test file target detection use-case.
Optionally, the data corresponding to above-mentioned test elements can be operation or the event handling function institute of test elements
Corresponding data.
In a kind of optional scheme, a video elementary can be created, video elementary is related to video measurement use-case
Connection, and in HTML test cases add video elementary operation or event handling function corresponding to data, generation
HTML test cases comprising video measurement use-case.Above-mentioned video elementary can be surveyed as a label addition in HTML
In example on probation, during for running HTML test cases in target software, parsing module can be included according to the label
Label information calls and parses corresponding video measurement use-case, obtains test result.Such as browser is in parsing HTML
During test case, it can be called associated with video elementary according to the video elementary in the codes of HTML test cases
Video measurement use-case, realizes the parsing to video measurement use-case.
In the above embodiments of the present application, in step S242, test elements are created, and by after test elements and variation
After test file is associated, the above method can also comprise the following steps:
Step S2462, according to the mod result of calculations of random integers, it is determined that to be added to the number in target detection use-case
According to.
Optionally, above-mentioned random integers can be randomly generated during HTML test cases are generated.
Step S2464, in the case where mod result of calculations meet the first preparatory condition, is used to be added to target detection
Data in example at least include element parameter associated with test elements as follows:The attribute of test elements, test elements
Attribute type, at least one risky operation of the event of test elements and test elements.
Optionally, the first above-mentioned preparatory condition can be that mod result of calculations are not equal to 0.
Step S2466, in the case where mod result of calculations meet the second preparatory condition, is used to be added to target detection
Data in example at least include the following any one or more element parameters associated with test elements:Test elements
Forwarding operation, back operation, picture size zoom operations and full frame operation.
Optionally, the second above-mentioned preparatory condition can be that mod result of calculations are equal to 0.
In a kind of optional scheme, by calculating random integers mod 2 value, mod result of calculations, and root are obtained
Determined according to mod result of calculations to be added to the data in HTML test cases, such as case=(random integers mod
2) value is that when being not equal to 0, attribute, the category of test elements of video elementary can be added in HTML test cases
At least one risky operation of property type, the event of test elements and test elements;As case=(random integers mod 2)
Value be 0 when, the forwarding operation of video elementary, back operation, picture size can be added in HTML test cases
Zoom operations and full frame operation etc..
Herein it should be noted that the embodiment with reference to shown in Fig. 3 and Fig. 4 is understood, in the embodiment shown in Fig. 3,
Testing time is related to the corresponding operation content of element parameter for needing to be added in target detection use-case, and system can be all over
Go through the corresponding polytype test content of test elements and (such as forwarding operation, back operation, zoom in or out operation
Deng), the test content to every kind of the type is all tested at least one times, therefore, in a kind of alternative, is often completed
Once test, can add up current test total degree, used when cumulative current test total degree is more than or equal to default test
During number of times, system can determine that all test contents are all at least tested once, and this test can terminate.Wherein,
As the addition of each type of test content with monitoring process can be.
Understood in a kind of alternative by taking the embodiment shown in Fig. 4 as an example, because tester is expected to polytype
Test case individually tested respectively (such as forwarding operation, back operation, zoom in or out operation), therefore,
Need to complete each type of test content to be added in target detection use-case.The such scheme that the present invention is provided can be real
It is existing, the mod result of calculations of the random integers provided according to html language, to determine to be added in target detection use-case
Data, it is therefore intended that can travel through and obtain each type test content, and be added in corresponding HTML test cases,
So as to complete follow-up test job.
From the foregoing, it will be observed that in the scheme that Fig. 4 is provided, added in target detection use-case (such as HTML test cases)
Element parameter be successively order complete, that is, complete after once adding with regard to being tested, this test terminate after
The operation content of next element parameter is carried out again, so circulation, until all test contents are all completed, or survey
Examination number of times reaches that certain value just terminates testing process.During being somebody's turn to do, the order of addition is not limited.
, can be with except the addition scheme shown in above-mentioned Fig. 4 can be realized in the another embodiment of the application
There is provided one kind will be to be added in the operation of all elements parameter in target detection use-case (such as HTML test cases)
Hold disposable all additions to complete, sequential testing is then carried out again, testing sequence is not limited.It follows that in step S242,
Create test elements, and by test elements with make a variation after test file it is associated after, the above method can also include
Following steps:
Step S248, is obtained to be added to the following any one or more data in target detection use-case:Test elements
Attribute, the attribute type of test elements, the event of test elements, at least one risky operation of test elements, survey
Try forwarding operation, back operation, picture size zoom operations and the full frame operation of element.
It follows that in another optional scheme, above-mentioned whole numbers can be added in HTML test cases
According to the attribute of addition test elements, the attribute type of test elements, the thing of test elements that is, in HTML test cases
At least one risky operation, the forwarding operation of test elements, back operation, the picture size scaling of part, test elements
Operation and full frame operation.
In the above embodiments of the present application, step S244, by being added in target detection use-case corresponding to test elements
Data, obtain comprising variation after test file target detection use-case, may include steps of:
Step S2442, from the one or more element parameters associated with test elements of the position acquisition prestored.
Optionally, the position specified when the above-mentioned position prestored can be for initialization.
Step S2444, adds the data corresponding to one or more element parameters in target detection use-case.
Optionally, in the above embodiments of the present application, element parameter at least includes any one following multiple parameters:Survey
Try the risky operation of attribute of an element, the attribute type of test elements, the event of test elements and test elements.
Still in a kind of optional scheme with reference to shown in Fig. 4, can during initialization designated element
The position prestored of attribute and attribute type is array A, and the position prestored of the event of video elementary is array B, video
The position prestored of the risky operation of element is array C, and one or more video elements can be randomly choosed from array A
The attribute or attribute type of element association, add one or more attributes or attribute type institute in HTML test cases
Corresponding data;The event of one or more video elementary associations can be randomly choosed from array B, in HTML tests
The data corresponding to one or more events are added in use-case;One or more videos can be randomly choosed from array C
The risky operation of elements correlation, adds the data corresponding to one or more risky operation in HTML test cases.
In the above embodiments of the present application, one or more element ginsengs are added in step S2444, target detection use-case
The corresponding data of number, can include any one or more following addition operation:
Step S24442, survey is added according to the attribute and attribute type of the test elements got in target detection use-case
Try attribute of an element assignment operation.
Step S24444, the thing of test elements is added according to the event of the test elements got in target detection use-case
Part processing operation.
Step S24446, according to survey of at least one risky operation of the test elements got in target detection use-case
At least one risky operation is added in the event handling function for trying element.
In a kind of optional scheme, randomly choosed from array A the association of one or more video elementaries attribute or
After attribute type, the attribute assignment operations of video elementary can be added in HTML test cases;From array B with
Machine is selected after the event of one or more video elementary associations, and video elementary can be added in HTML test cases
Event handling is operated;, can be with after the risky operation that the association of one or more video elementaries is randomly choosed from array C
At least one risky operation is added in the event handling function of video elementary in HTML test cases.
In the above embodiments of the present application, step S2444 adds one or more element ginsengs in target detection use-case
The corresponding data of number, can include any one or more following addition operation:
Step S24448, the forwarding operation of addition test elements, back operation, picture size in target detection use-case
Zoom operations and full frame operation.
In a kind of optional scheme, when meeting first condition, video elementary can be added in HTML test cases
Forwarding operation;When meeting second condition, the back operation of video elementary is added in HTML test cases;When full
During sufficient third condition, the picture size zoom operations of video elementary are added in HTML test cases;When meeting Article 4
During part, the full frame operation of video elementary is added in HTML test cases.
In another optional scheme, the forwarding operation of video elementary can be added directly in HTML test cases,
Back operation, picture size zoom operations and full frame operation.
In the above embodiments of the present application, in step S26, monitor in target software before operational objective test case,
The above method can also comprise the following steps:
Step S28, starts automatized script and performs browser process or the application software process opened, parsing HTML tests
The operational order of use-case.
In a kind of optional scheme, it can be performed using python scripts and open browser process parsing HTML tests
The operational order of use-case.
In the above embodiments of the present application, the object code added in target detection use-case can also include:For making
Obtain the code of the test file after target software parsing variation.
Herein it should be noted that in the HTML test cases of generation in addition to comprising video measurement use-case, also including
The operation of video elementary or event handling function etc..
With reference to Fig. 3 and Fig. 4 to a kind of preferred embodiment of the application is discussed in detail.
As shown in Figure 3 there is provided a kind of method of optional detection target software, this method may include steps of
S31 to step S311:
Step S31, starts.
Optionally, start to start Hole Detection function.
Step S32, initialization test total degree and current testing time.
Optionally, can be using initialization test total degree as N after Hole Detection is started, and initialize current test
Number of times cur is 1.
Step S33, judges whether current testing time is less than or equal to test total degree.
Optionally, in the case where current testing time cur is less than or equal to test total degree N, into step S34;
In the case where cur is more than N, into step S311.
Step S34, video measurement use-case is generated using the variation based on file.
Optionally, traditional pattern method of testing based on variation can be used, field conversion, generation are carried out to video
Video measurement use-case.
Step S35, generation includes the HTML test cases of video measurement use-case.
Optionally, the HTML test case associated with video measurement use-case can be generated.
Step S36, browser resolves HTML test cases are manipulated using automatized script.
Step S37, monitors the running status of browser.
Step S38, judges whether to note abnormalities.
Optionally, if it find that abnormal, then into step S39;If do not noted abnormalities, into step S310.
Step S39, preserves video measurement use-case and HTML test cases.
Optionally, if it find that abnormal, it is determined that browser has security breaches, can preserve video measurement use-case and
HTML test cases.
Step S310, current testing time adds 1.
Optionally, if it find that exception, then after dependence test use-case is preserved, add 1 by current testing time cur;
If without exception, directly adding 1 by preceding testing time cur.
Herein it should be noted that after currently testing time adds 1, into step S33, proceeding Hole Detection.
Step S311, terminates.
Optionally, in the case where cur is more than N, Hole Detection is stopped.
As shown in Figure 4 there is provided a kind of method of optional generation HTML test cases, this method can include as follows
Step S41 to step S418:
Step S41, starts.
Optionally, generate after video measurement use-case, open performing variation of the use based on file as shown in Figure 3
Begin generation HTML test cases.
Step S42, initialization.
Optionally, the attribute and attribute type of video elementary can be enumerated from browser official document, array A is stored in
In;The event of video elementary is enumerated from browser official document, array B is stored in;Risky operation is enumerated (such as to empty
Video content, empties html dom tree operations), it is stored in array C.
Step S43, creates a video elementary, and the video elementary is associated with video measurement use-case.
Step S44, calculates case values.
Optionally, after video elementary is associated with video measurement, it can be calculated and obtained by random integers mod 2
Case values.
Step S45, judges whether case values are equal to 0.
Optionally, when case values are equal to 0, into step S46;When case values are not equal to 0, such as case values
For 1 when, into step S415.
Step S46, calculates operation-case values.
Optionally, when case values are 0, it can be calculated by random integers mod 4 and obtain operation-case
Value.
Step S47, judges whether operation-case values are equal to 0.
Optionally, when operation-case values are equal to 0, into step S48;When operation-case values
When being not equal to 0, into step S49.
Step S48, adds the forwarding operation of video elementary.
Optionally, when operation-case values are equal to 0, the fast of video elementary is added in HTML test cases
Enter operation.
Herein it should be noted that addition video elementary forwarding operation after, into step S418.
Step S49, judges whether operation-case values are equal to 1.
Optionally, when operation-case values are not equal to 0, judge whether operation-case values are equal to 1,
When operation-case values are equal to 1, into step S410;When operation-case values are not equal to 1,
Into step S411.
Step S410, adds the back operation of video elementary.
Optionally, when operation-case values are equal to 1, added in HTML test cases after video elementary
Move back operation.
Herein it should be noted that addition video elementary back operation after, into step S418.
Step S411, judges whether operation-case values are equal to 2.
Optionally, when operation-case values are not equal to 1, judge whether operation-case values are equal to 2,
When operation-case values are equal to 2, into step S412;When operation-case values are not equal to 2,
Into step S413.
Step S412, adds the picture size zoom operations of video elementary.
Optionally, when operation-case values are equal to 2, the picture of video elementary is added in HTML test cases
Face scaled operation.
Herein it should be noted that addition video elementary picture size zoom operations after, into step S418.
Step S413, judges whether operation-case values are equal to 3.
Optionally, when operation-case values are not equal to 2, judge whether operation-case values are equal to 3,
When operation-case values are equal to 3, into step S414;When operation-case values are not equal to 3,
Then enter step S418.
Step S414, adds the full frame operation of video elementary.
Optionally, when operation-case values are equal to 3, the complete of video elementary is added in HTML test cases
Screen operation.
Herein it should be noted that addition video elementary full frame operation after, into step S418.
Step S415, randomly chooses an attribute from array A, adds the attribute assignment operations of video elementary.
Step S416, randomly chooses an event, the event handling operation of addition video elementary from array B.
Step S417, a risky operation is randomly choosed from array C, is added in the event handling function of video elementary
Plus risky operation.
Optionally, when case is 1, an attribute can be randomly choosed from array A, in HTML test cases
The attribute assignment operations of middle addition video elementary;An event can be randomly choosed from array B, tests and uses in HTML
The event handling operation of addition video elementary in example;A risky operation is randomly choosed from array C, in HTML tests
In use-case risky operation is added in the event handling function of video elementary.
Step S418, terminates.
Optionally, the process of generation HTML test cases is completed, into the step S36 in method as shown in Figure 3.
The scheme provided by above-mentioned steps, can on the basis of traditional fuzzy detection method based on variation,
Focus is placed on processing procedure of the target software to Video Events, it is possible to find the detection logic leak of target software and many
The related security breaches of thread process.
It should be noted that for foregoing each method embodiment, in order to be briefly described, therefore it is all expressed as to one it is
The combination of actions of row, but those skilled in the art should know, the present invention is not limited by described sequence of movement
System, because according to the present invention, some steps can be carried out sequentially or simultaneously using other.Secondly, art technology
Personnel should also know that embodiment described in this description belongs to preferred embodiment, involved action and module
Not necessarily necessary to the present invention.
Through the above description of the embodiments, those skilled in the art can be understood that according to above-mentioned implementation
The multiplexed transport method based on point storehouse point table of example can add the mode of required general hardware platform to realize by software,
Can certainly the former be more preferably embodiment by hardware, but in many cases.Understood based on such, this hair
The part that bright technical scheme substantially contributes to prior art in other words can be embodied in the form of software product
Come, the computer software product is stored in a storage medium (such as ROM/RAM, magnetic disc, CD), if including
Dry instruction is to cause a station terminal equipment (can be mobile phone, computer, server, or network equipment etc.) to hold
Method described in each embodiment of the row present invention.
Embodiment 2
According to embodiments of the present invention, a kind of device for detecting target software is additionally provided, as shown in figure 5, the device bag
Include:First acquisition unit 51, the determining unit 55 of monitoring unit 53 and first.
Wherein, first acquisition unit 51 is used to obtain target detection use-case, wherein, target detection use-case is included after variation
Test file;Monitoring unit 53 is used to monitor the operational objective test case in target software;First determining unit
If 55 are used to monitor exception, it is determined that target software has security breaches.
Optionally, the test file after above-mentioned variation can be video measurement use-case, and above-mentioned target detection use-case can
To be HTML test cases, above-mentioned target software can be browser or the application for opening HTML test cases
Software.In the above embodiments of the present application, monitoring unit 55 is additionally operable to the Winappbg modules using python to supervise
Control the abnormal information in browser or application software running.
Herein it should be noted that any one behaviour in above two operation can be at random in HTML test cases
Make, i.e., the scaling of video added in HTML test cases, F.F. etc. is operated, or in HTML test cases
The event handling function operation of addition video simultaneously adds risky operation in event handling function operation;It can also do simultaneously
Above two is operated, i.e., the scaling of video is added in HTML test cases, F.F. etc. is operated, and adds the thing of video
Part handles function operation and adds risky operation in event handling function operation.
Herein it should also be noted that, above-mentioned first acquisition unit 51,55 pairs of 53 and first determining unit of monitoring unit
Step S22 to step S26 that should be in embodiment one, example and application that three modules are realized with corresponding step
Scene is identical, but is not limited to the disclosure of that of above-described embodiment one.It should be noted that above-mentioned module is used as device
A part may operate in embodiment one offer terminal 10 in.
In scheme disclosed in the above embodiments of the present application two, the test file after variation can be obtained, variation is being got
After test file afterwards, the target detection use-case for including the test file after variation, real-time monitoring objective software are obtained
Whether middle operation target detection use-case is abnormal, if monitoring exception, it is determined that target software has security breaches.
It is easily noted that, above-mentioned detection target software of the invention whether there is in the device of security breaches, the mesh used
The test file after variation is contained in mark test case, i.e., for needing to add in the target detection use-case tested
Test file after corresponding variation, such as the video measurement use-case after making a variation, the video measurement use-case and target detection
Functional test use-case in use-case is associated.Based on such a test case, monitoring runs the target in the target software
The situation of test case, and then determine that the target software whether there is security breaches.Therefore, the embodiment of the present application is passed through
The scheme provided, it is possible to achieve on the basis of the existing fuzz testing method based on variation, focus is placed on
Target software is mainly put to the processing procedure of the event corresponding to the test file after variation, the i.e. focus of test process
In processing procedure of the target software to the test file after variation, the more of browser software can be tested.
Thus, the scheme of above-described embodiment two that the application is provided solves existing fuzz testing method and only focuses on target
Parsing and encoding and decoding processing procedure of the software to file format, cause the technical problem that testing efficiency is low.
In the above embodiments of the present application, as shown in fig. 6, in the case where target detection use-case is webpage test case,
Above-mentioned first acquisition unit 51 can include:Creation module 61 and processing module 63.
Wherein, creation module 61 is used to create test elements, and test elements are associated with the test file after variation;
Processing module 63 is used to, by adding the data corresponding to test elements in target detection use-case, obtain comprising after variation
Test file target detection use-case.
Optionally, above-mentioned test elements can be video elementary, and the data corresponding to above-mentioned test elements can be surveyed
Data corresponding to the operation of examination element or event handling function.In the above embodiments of the present application, test elements can
Think that, added to the label in the code of target detection use-case, the label information of label includes:Test file after variation
File name, file size.
Herein it should be noted that the step that above-mentioned creation module 61 and processing module 63 correspond in embodiment one
S242 to step S244, two modules are identical with example and application scenarios that the step of correspondence is realized, but are not limited to
State the disclosure of that of embodiment one.It should be noted that above-mentioned module may operate in reality as a part for device
In the terminal 10 that the offer of example one is provided.
In the above embodiments of the present application, as shown in fig. 7, said apparatus can also include:Second determining unit 71,
First adding device 73 and the second adding device 75.
Wherein, the second determining unit 71 is used for the mod result of calculations according to random integers, it is determined that being surveyed to be added to target
Data in example on probation;First adding device 73 is used in the case where mod result of calculations meet the first preparatory condition,
At least include element parameter associated with test elements as follows to be added to the data in target detection use-case:Test member
Attribute, the attribute type of test elements, at least one risky operation of the event of test elements and test elements of element;
Second adding device 75 is used in the case where mod result of calculations meet the second preparatory condition, to be added to target detection
Data in use-case at least include the following any one or more element parameters associated with test elements:Test elements
Forwarding operation, back operation, picture size zoom operations and full frame operation.
Optionally, above-mentioned random integers can be randomly generated during HTML test cases are generated, and above-mentioned the
One preparatory condition can be 1, and the second above-mentioned preparatory condition can be 0.
Herein it should be noted that above-mentioned second determining unit 71, the first adding device 73 and the second adding device 75
The example realized corresponding to the step S2462 in embodiment one to step S2466, three modules with corresponding step
It is identical with application scenarios, but it is not limited to the disclosure of that of above-described embodiment one.It should be noted that above-mentioned module is made
It is may operate in for a part for device in the terminal 10 of the offer of embodiment one.
In the above embodiments of the present application, as shown in figure 8, said apparatus can also include:Second acquisition unit 81.
Wherein, second acquisition unit 81 is used to obtain to be added to following any one or more in target detection use-case
Data;The attribute of test elements, the attribute type of test elements, the event of test elements, at least the one of test elements
Individual risky operation, the forwarding operation of test elements, back operation, picture size zoom operations and full frame operation.
Herein it should be noted that the step S248 that above-mentioned second acquisition module 81 corresponds in embodiment one, the mould
Block is identical with example and application scenarios that the step of correspondence is realized, but is not limited to the disclosure of that of above-described embodiment one.
It should be noted that above-mentioned module may operate in the terminal 10 of the offer of embodiment one as a part for device
In.
In the above embodiments of the present application, as shown in figure 9, above-mentioned processing module 63 can include:Acquisition submodule
91 and addition submodule 93.
Wherein, acquisition submodule 91 is used for from the one or more element ginsengs associated with test elements of the position acquisition prestored
Number;Addition submodule 93 is used to add the data corresponding to one or more element parameters in target detection use-case.
Optionally, the position specified when the above-mentioned position prestored can be for initialization, in the above embodiments of the present application,
Element parameter at least includes any one following multiple parameters:The attribute of test elements, the attribute type of test elements,
The event of test elements and the risky operation of test elements.
Herein it should be noted that the step that above-mentioned acquisition submodule 91 and addition submodule 93 correspond in embodiment one
Rapid S2442 to step S2444, two modules are identical with example and application scenarios that the step of correspondence is realized, but not
It is limited to the disclosure of that of above-described embodiment one.It should be noted that above-mentioned module can be transported as a part of of device
Row is in the terminal 10 that embodiment one is provided.
In the above embodiments of the present application, as shown in Figure 10, above-mentioned addition submodule 93 can include following any one
Individual or multiple modules:First addition baryon module 101, the second addition baryon module 103 and the 3rd addition baryon module
105。
Wherein, the first addition baryon module 101 is used for attribute and attribute type according to the test elements got in mesh
Mark the attribute assignment operations that test elements are added in test case;Second addition baryon module 103 is used for basis and got
Test elements event added in target detection use-case test elements event handling operation;3rd addition baryon mould
Block 105 is used for the test elements in target detection use-case according at least one risky operation of the test elements got
Event handling function in add at least one risky operation.
Herein it should be noted that above-mentioned first addition baryon module 101, the second addition baryon module 103 and the 3rd
Add the step S24442 to step S24446 that baryon module 105 corresponds in embodiment one, three modules with it is corresponding
The step of the example realized it is identical with application scenarios, but be not limited to the disclosure of that of above-described embodiment one.Need
Bright, above-mentioned module is may operate in as a part for device in the terminal 10 of the offer of embodiment one.
In the above embodiments of the present application, above-mentioned addition submodule 93 can be also used for adding such as in target detection use-case
Any one or more lower addition operation:The forwarding operations of test elements, back operation, picture size zoom operations and
Full frame operation.
Herein it should be noted that the step S24448 that above-mentioned addition submodule 93 corresponds in embodiment one, the mould
Block is identical with example and application scenarios that the step of correspondence is realized, but is not limited to the disclosure of that of above-described embodiment one.
It should be noted that above-mentioned module may operate in the terminal 10 of the offer of embodiment one as a part for device
In.
In the above embodiments of the present application, said apparatus can also include:Parsing module.
Wherein, parsing module is used to start automatized script execution opening browser process or application software process, parsing
The operational order of HTML test cases.
Herein it should be noted that above-mentioned parsing module correspond to embodiment one in step S28, the module with it is corresponding
The step of the example realized it is identical with application scenarios, but be not limited to the disclosure of that of above-described embodiment one.Need
Bright, above-mentioned module is may operate in as a part for device in the terminal 10 of the offer of embodiment one.
In the above embodiments of the present application, above-mentioned processing module 63, which can be also used for adding in target detection use-case, to be used for
So that the code of the test file after target software parsing variation.
Herein it should be noted that in the HTML test cases of generation in addition to comprising video measurement use-case, also including
The operation of video elementary or event handling function etc..
Embodiment 3
Embodiments of the invention can provide a kind of terminal, the terminal can be terminal group in
Any one computer terminal.Alternatively, in the present embodiment, above computer terminal can also be replaced with
The terminal devices such as mobile terminal.
Alternatively, in the present embodiment, above computer terminal can be located in multiple network equipments of computer network
At least one network equipment.
In the present embodiment, above computer terminal can be with the program of following steps in the method for perform detection target software
Code:Target detection use-case is obtained, wherein, target detection use-case includes the test file after variation;Monitoring is in target
Operational objective test case in software;If monitoring exception, it is determined that target software has security breaches.
Alternatively, Figure 11 is a kind of structured flowchart of terminal according to the embodiment of the present application.As shown in figure 11,
Terminal A can include:One or more (one is only shown in figure) processors 111, memory 113,
And transmitting device 115.
Wherein, the detection target that memory 113 can be used in storage software program and module, such as embodiment of the present invention
Corresponding programmed instruction/the module of method and apparatus of software, processor 111 is stored in the software in memory by operation
Program and module, so as to perform various function application and data processing, that is, realize above-mentioned detection target software
Method.Memory 113 may include high speed random access memory, can also include nonvolatile memory, such as one or
Multiple magnetic storage devices, flash memory or other non-volatile solid state memories.In some instances, memory 113
The memory remotely located relative to processor can be further comprised, these remote memories can be by network connection extremely
Terminal A.The example of above-mentioned network include but is not limited to internet, intranet, LAN, mobile radio communication and
It is combined.
Processor 111 can call the information and application program of memory storage by transmitting device, to perform following steps
Suddenly:Target detection use-case is obtained, wherein, target detection use-case includes the test file after variation;Monitoring is soft in target
Operational objective test case in part;If monitoring exception, it is determined that target software has security breaches.
Optionally, above-mentioned processor 111 can also carry out the program code of following steps:It is net in target detection use-case
In the case of page test case, test elements are created, and test elements are associated with the test file after variation;It is logical
The data corresponding to addition test elements in target detection use-case are crossed, obtain including the target of the test file after variation
Test case.
Optionally, above-mentioned processor 111 can also carry out the program code of following steps:According to the mod of random integers
Result of calculation, it is determined that to be added to the data in target detection use-case;The first preparatory condition is met in mod result of calculations
In the case of, element ginseng associated with test elements as follows is at least included to be added to the data in target detection use-case
Number:At least one of the attribute of test elements, the attribute type of test elements, the event of test elements and test elements
Risky operation;In the case where mod result of calculations meet the second preparatory condition, to be added in target detection use-case
Data at least include the following any one or more element parameters associated with test elements:The F.F. behaviour of test elements
Work, back operation, picture size zoom operations and full frame operation.
Optionally, above-mentioned processor 111 can also carry out the program code of following steps:Obtain and surveyed to be added to target
Following any one or more data in example on probation;The attribute of test elements, the attribute type of test elements, test
The event of element, at least one risky operation of test elements, the forwarding operation of test elements, back operation, picture
Scaled is operated and full frame operation.
Optionally, above-mentioned processor 111 can also carry out the program code of following steps:From the position acquisition one prestored
Individual or multiple element parameters associated with test elements;One or more element parameter institutes are added in target detection use-case
Corresponding data.
Optionally, above-mentioned processor 111 can also carry out the program code of following steps:According to the test member got
The attribute and attribute type of element add the attribute assignment operations of test elements in target detection use-case;According to what is got
The event of test elements adds the event handling operation of test elements in target detection use-case;According to the test got
At least one is added in the event handling function of test elements of at least one risky operation of element in target detection use-case
Individual risky operation.
Optionally, above-mentioned processor 111 can also carry out the program code of following steps:Add in target detection use-case
Plus forwarding operation, back operation, picture size zoom operations and the full frame operation of test elements.
Optionally, above-mentioned processor 111 can also carry out the program code of following steps:Test file after variation is
Video measurement use-case, target detection use-case is HTML test cases, and target software is for browser or for opening HTML
The application software of test case.
Optionally, above-mentioned processor 111 can also carry out the program code of following steps:In monitoring in target software
Before operational objective test case, start automatized script and perform browser process or the application software process opened, parsing
The operational order of HTML test cases.
Optionally, above-mentioned processor 111 can also carry out the program code of following steps:Using python's
Winappbg modules monitor the abnormal information in browser or application software running.
Optionally, above-mentioned processor 111 can also carry out the program code of following steps:Add in target detection use-case
Plus object code also include:Code for causing the test file after target software parsing variation.
Optionally, above-mentioned processor 111 can also carry out the program code of following steps:Test elements are added to mesh
The label in the code of test case is marked, the label information of label includes:The file name of test file after variation,
File size.
Using the embodiment of the present invention, the test file after variation can be obtained, the test file after variation is got it
Afterwards, obtain and target survey is run in the target detection use-case for including the test file after variation, real-time monitoring objective software
Whether example on probation is abnormal, if monitoring exception, it is determined that target software has security breaches.
It is easily noted that, the present invention is above-mentioned for calculating of the perform detection target software with the presence or absence of the method for security breaches
In machine system, the test file after variation, the i.e. mesh for being tested are contained in the target detection use-case used
Need to add the test file after corresponding variation, such as the video measurement use-case after variation in mark test case, this is regarded
Frequency test case is associated with the functional test use-case in target detection use-case.Based on such a test case, monitor at this
The situation of the target detection use-case is run in target software, and then determines that the target software whether there is security breaches.Cause
This, the scheme provided by the embodiment of the present application, it is possible to achieve in the existing fuzz testing method based on variation
On the basis of, focus is placed on processing procedure of the target software to the event corresponding to the test file after variation, that is, surveyed
The focus of examination process focuses primarily on processing procedure of the target software to the test file after variation, can test browser
Software it is more.
Thus, the scheme of above-described embodiment that the present invention is provided solves existing fuzz testing method, and to only focus on target soft
Parsing and encoding and decoding processing procedure of the part to file format, cause the technical problem that testing efficiency is low.
It will appreciated by the skilled person that the structure shown in Figure 11 is only signal, terminal can also be
Smart mobile phone (such as Android phone, iOS mobile phones), tablet personal computer, applause computer and mobile internet device
The terminal device such as (Mobile Internet Devices, MID), PAD.Figure 11 its not to above-mentioned electronic installation
Structure cause limit.For example, terminal A may also include the component more or less than shown in Figure 11 (such as
Network interface, display device etc.), or with the configuration different from shown in Figure 11.
One of ordinary skill in the art will appreciate that all or part of step in the various methods of above-described embodiment is can be with
Completed by program come the device-dependent hardware of command terminal, the program can be stored in a computer-readable storage medium
In matter, storage medium can include:Flash disk, read-only storage (Read-Only Memory, ROM), deposit at random
Take device (Random Access Memory, RAM), disk or CD etc..
Embodiment 4
Embodiments of the invention additionally provide a kind of storage medium.Alternatively, in the present embodiment, above-mentioned storage medium
It can be used for preserving the program code performed by the multiplexed transport method based on point storehouse point table that above-described embodiment one is provided.
Alternatively, in the present embodiment, above-mentioned storage medium can be located in computer network Computer terminal group
In any one terminal, or in any one mobile terminal in mobile terminal group.
Alternatively, in the present embodiment, storage medium is arranged to the program code that storage is used to perform following steps:
Target detection use-case is obtained, wherein, target detection use-case includes the test file after variation;Monitoring is in target software
Operational objective test case;If monitoring exception, it is determined that target software has security breaches.
Alternatively, in the present embodiment, storage medium is arranged to the program code that storage is used to perform following steps:
In the case where target detection use-case is webpage test case, test elements are created, and by after test elements and variation
Test file is associated;By adding the data corresponding to test elements in target detection use-case, obtain comprising variation
The target detection use-case of test file afterwards.
Alternatively, in the present embodiment, storage medium is arranged to the program code that storage is used to perform following steps:
According to the mod result of calculations of random integers, it is determined that to be added to the data in target detection use-case;Calculate and tie in mod
Fruit meet the first preparatory condition in the case of, to be added to the data in target detection use-case at least include as follows with test
The associated element parameter of element:The attribute of test elements, the attribute type of test elements, the event of test elements and
At least one risky operation of test elements;It is to be added in the case where mod result of calculations meet the second preparatory condition
Data into target detection use-case at least include the following any one or more element parameters associated with test elements:
Forwarding operation, back operation, picture size zoom operations and the full frame operation of test elements.
Alternatively, in the present embodiment, storage medium is arranged to the program code that storage is used to perform following steps:
Obtain to be added to the following any one or more data in target detection use-case;The attribute of test elements, test member
The attribute type of element, the event of test elements, at least one risky operation of test elements, the F.F. behaviour of test elements
Work, back operation, picture size zoom operations and full frame operation.
Alternatively, in the present embodiment, storage medium is arranged to the program code that storage is used to perform following steps:
From the one or more element parameters associated with test elements of the position acquisition prestored;One is added in target detection use-case
Data corresponding to individual or multiple element parameters.
Alternatively, in the present embodiment, storage medium is arranged to the program code that storage is used to perform following steps:
The attribute assignment of test elements is added in target detection use-case according to the attribute and attribute type of the test elements got
Operation;The event handling operation of test elements is added in target detection use-case according to the event of the test elements got;
According to the event handling of test elements of at least one risky operation of the test elements got in target detection use-case
At least one risky operation is added in function.
Alternatively, in the present embodiment, storage medium is arranged to the program code that storage is used to perform following steps:
Forwarding operation, back operation, picture size zoom operations and the full frame behaviour of test elements are added in target detection use-case
Make.
Alternatively, in the present embodiment, storage medium is arranged to the program code that storage is used to perform following steps:
Test file after variation is video measurement use-case, and target detection use-case is HTML test cases, and target software is to browse
Device or the application software for opening HTML test cases.
Alternatively, in the present embodiment, storage medium is arranged to the program code that storage is used to perform following steps:
In monitoring in target software before operational objective test case, start automatized script perform open browser process or
Application software process, parses the operational order of HTML test cases.
Alternatively, in the present embodiment, storage medium is arranged to the program code that storage is used to perform following steps:
The abnormal information in browser or application software running is monitored using python Winappbg modules.
Alternatively, in the present embodiment, storage medium is arranged to the program code that storage is used to perform following steps:
The object code added in target detection use-case also includes:For causing the test file after target software parsing variation
Code.
Alternatively, in the present embodiment, storage medium is arranged to the program code that storage is used to perform following steps:
Test elements are that the label information of label includes added to the label in the code of target detection use-case:Survey after variation
Try file name, the file size of file.
The embodiments of the present invention are for illustration only, and the quality of embodiment is not represented.
In the above embodiment of the present invention, the description to each embodiment all emphasizes particularly on different fields, and does not have in some embodiment
The part of detailed description, may refer to the associated description of other embodiment.
, can be by other in several embodiments provided herein, it should be understood that disclosed technology contents
Mode realize.Wherein, device embodiment described above is only schematical, such as division of described unit,
It is only a kind of division of logic function, there can be other dividing mode when actually realizing, such as multiple units or component
Another system can be combined or be desirably integrated into, or some features can be ignored, or do not perform.It is another, institute
Display or the coupling each other discussed or direct-coupling or communication connection can be by some interfaces, unit or mould
The INDIRECT COUPLING of block or communication connection, can be electrical or other forms.
The unit illustrated as separating component can be or may not be it is physically separate, it is aobvious as unit
The part shown can be or may not be physical location, you can with positioned at a place, or can also be distributed to
On multiple NEs.Some or all of unit therein can be selected to realize the present embodiment according to the actual needs
The purpose of scheme.
In addition, each functional unit in each embodiment of the invention can be integrated in a processing unit, can also
That unit is individually physically present, can also two or more units it is integrated in a unit.It is above-mentioned integrated
Unit can both be realized in the form of hardware, it would however also be possible to employ the form of SFU software functional unit is realized.
If the integrated unit realized using in the form of SFU software functional unit and as independent production marketing or in use,
It can be stored in a computer read/write memory medium.Understood based on such, technical scheme essence
On all or part of the part that is contributed in other words to prior art or the technical scheme can be with software product
Form is embodied, and the computer software product is stored in a storage medium, including some instructions are to cause one
Platform computer equipment (can be personal computer, server or network equipment etc.) performs each embodiment institute of the invention
State all or part of step of method.And foregoing storage medium includes:USB flash disk, read-only storage (ROM, Read-Only
Memory), random access memory (RAM, Random Access Memory), mobile hard disk, magnetic disc or CD
Etc. it is various can be with the medium of store program codes.
Described above is only the preferred embodiment of the present invention, it is noted that for the ordinary skill people of the art
For member, under the premise without departing from the principles of the invention, some improvements and modifications can also be made, these improve and moistened
Decorations also should be regarded as protection scope of the present invention.
Claims (19)
1. a kind of method for detecting target software, it is characterised in that including:
Target detection use-case is obtained, wherein, the target detection use-case includes the test file after variation;
Monitoring runs the target detection use-case in target software;
If monitoring exception, it is determined that the target software has security breaches.
2. according to the method described in claim 1, it is characterised in that the target detection use-case be webpage test case
In the case of, target detection use-case is obtained, including:
Test elements are created, and the test elements are associated with the test file after the variation;
By adding the data corresponding to the test elements in the target detection use-case, obtain comprising described
The target detection use-case of test file after variation.
3. method according to claim 2, it is characterised in that creating test elements, and by the test elements
After associated with the test file after the variation, methods described also includes:
According to the mod result of calculations of random integers, it is determined that to be added to the data in the target detection use-case;
It is described to be surveyed to be added to the target in the case where the mod result of calculations meet the first preparatory condition
Data in example on probation at least include element parameter associated with the test elements as follows:The test elements
Attribute, the attribute type of the test elements, the event of the test elements and the test elements at least
One risky operation;
It is described to be surveyed to be added to the target in the case where the mod result of calculations meet the second preparatory condition
Data in example on probation at least include the following any one or more element ginsengs associated with the test elements
Number:Forwarding operation, back operation, picture size zoom operations and the full frame operation of the test elements.
4. method according to claim 2, it is characterised in that creating test elements, and by the test elements
After associated with the test file after the variation, methods described also includes:
Obtain to be added to the following any one or more data in the target detection use-case:The test member
Element attribute, the attribute type of the test elements, the event of the test elements, the test elements extremely
A few risky operation, the forwarding operation of the test elements, back operation, picture size zoom operations and complete
Screen operation.
5. method as claimed in any of claims 2 to 4, it is characterised in that by the target detection
The data corresponding to the test elements are added in use-case, obtain including the target of the test file after the variation
Test case, including:
From the one or more element parameters associated with the test elements of the position acquisition prestored;
The data corresponding to one or more element parameters are added in the target detection use-case.
6. method according to claim 5, it is characterised in that one or many is added in the target detection use-case
Data corresponding to the individual element parameter, including following addition operation:
Added according to the attribute and attribute type of the test elements got in the target detection use-case
The attribute assignment operations of the test elements;
The test member is added in the target detection use-case according to the event of the test elements got
The event handling operation of element;
According at least one risky operation of the test elements got in the target detection use-case
At least one described risky operation is added in the event handling function of the test elements.
7. method according to claim 5, it is characterised in that one or many is added in the target detection use-case
Data corresponding to the individual element parameter, including any one or more following addition operation:
The forwarding operations of the test elements, back operation, picture size are added in the target detection use-case
Zoom operations and full frame operation.
8. according to the method described in claim 1, it is characterised in that the test file after the variation is used for video measurement
Example, the target detection use-case is HTML test cases, and the target software is browser or described for opening
The application software of HTML test cases.
9. method according to claim 8, it is characterised in that the target is run in target software in monitoring and is surveyed
Before example on probation, methods described also includes:
Start automatized script and perform the browser process or the application software process opened, parsing is described
The operational order of HTML test cases.
10. method according to claim 8, it is characterised in that monitored using python Winappbg modules
Abnormal information in the browser or the application software running.
11. method according to claim 8, it is characterised in that the target generation added in the target detection use-case
Code also includes:For causing the target software to parse the code of the test file after the variation.
12. method as claimed in any of claims 2 to 4, it is characterised in that the test elements are addition
Label into the code of the target detection use-case, the label information of the label includes:After the variation
File name, the file size of test file.
13. a kind of device for detecting target software, it is characterised in that including:
First acquisition unit, for obtaining target detection use-case, wherein, the target detection use-case includes variation
Test file afterwards;
Monitoring unit, the target detection use-case is run for monitoring in target software;
First determining unit, if for monitoring exception, it is determined that the target software has security breaches.
14. device according to claim 13, it is characterised in that in the target detection use-case be webpage test case
In the case of, the first acquisition unit includes:
Creation module, for creating test elements, and by the test file after the test elements and the variation
It is associated;
Processing module, for by adding the data corresponding to the test elements in the target detection use-case,
Obtain including the target detection use-case of the test file after the variation.
15. device according to claim 14, it is characterised in that described device also includes:
Second determining unit, for the mod result of calculations according to random integers, it is determined that to be added to the target
Data in test case;
First adding device, it is described in the case of meeting the first preparatory condition in the mod result of calculations
At least include member associated with the test elements as follows to be added to the data in the target detection use-case
Plain parameter:The attribute of test elements, the attribute type of test elements, the event of test elements and test elements
At least one risky operation;
Second adding device, it is described in the case of meeting the second preparatory condition in the mod result of calculations
At least include the following any one or more and test to be added to the data in the target detection use-case
The associated element parameter of element:The forwarding operation of the test elements, back operation, picture size scaling behaviour
Make and full frame operation.
16. device according to claim 14, it is characterised in that described device also includes:
Second acquisition unit, for obtain to be added in the target detection use-case it is following any one or it is many
Individual data;The attribute of the test elements, the attribute type of test elements, the event of test elements, test member
At least one risky operation of element, the forwarding operation of the test elements, back operation, picture size scaling behaviour
Make and full frame operation.
17. the device according to any one in claim 14 to 16, it is characterised in that the processing module includes:
Acquisition submodule, for from the one or more elements associated with the test elements of the position acquisition prestored
Parameter;
Submodule is added, it is right for adding one or more element parameter institutes in the target detection use-case
The data answered.
18. device according to claim 17, it is characterised in that the addition submodule includes:
First addition baryon module, for the attribute and attribute type according to the test elements got in institute
State the attribute assignment operations that the test elements are added in target detection use-case;
Second addition baryon module, the event of the test elements got for basis is in the target detection
The event handling operation of the test elements is added in use-case;
3rd addition baryon module, for being existed according at least one risky operation of the test elements got
At least one described danger is added in the event handling function of the test elements in the target detection use-case
Operation.
19. device according to claim 17, it is characterised in that the addition submodule is additionally operable to survey in the target
Any one or more following addition operation is added in example on probation:The forwarding operation of the test elements, retrogressing behaviour
Work, picture size zoom operations and full frame operation.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610263971.4A CN107305529A (en) | 2016-04-25 | 2016-04-25 | The method and apparatus for detecting target software |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610263971.4A CN107305529A (en) | 2016-04-25 | 2016-04-25 | The method and apparatus for detecting target software |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN107305529A true CN107305529A (en) | 2017-10-31 |
Family
ID=60151031
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201610263971.4A Pending CN107305529A (en) | 2016-04-25 | 2016-04-25 | The method and apparatus for detecting target software |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN107305529A (en) |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109062782A (en) * | 2018-06-27 | 2018-12-21 | 阿里巴巴集团控股有限公司 | A kind of selection method of regression test case, device and equipment |
| CN110399300A (en) * | 2019-07-22 | 2019-11-01 | 南京大学 | A kind of Python software obfuscation test method based on regime type perception |
| CN111176972A (en) * | 2018-11-12 | 2020-05-19 | 阿里巴巴集团控股有限公司 | Test method and system |
| CN111432262A (en) * | 2020-02-24 | 2020-07-17 | 杭州海康威视数字技术股份有限公司 | Page video rendering method and device |
| CN112199282A (en) * | 2020-10-09 | 2021-01-08 | 杭州安恒信息技术股份有限公司 | Fuzzy test method, device and equipment for office software |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20080301647A1 (en) * | 2007-06-01 | 2008-12-04 | Microsoft Corporation | Delivering Malformed Data for Fuzz Testing to Software Applications |
| CN102087631A (en) * | 2011-03-09 | 2011-06-08 | 中国人民解放军国发科学技术大学 | Method for realizing fuzzing of software on the basis of state protocol |
| CN102541729A (en) * | 2010-12-31 | 2012-07-04 | 航空工业信息中心 | Detection device and method for security vulnerability of software |
| CN103973511A (en) * | 2014-04-28 | 2014-08-06 | 南京邮电大学 | Service vulnerability test method based on message combination variation |
| CN104573523A (en) * | 2013-10-24 | 2015-04-29 | 深圳市腾讯计算机系统有限公司 | File vulnerability mining realization method and device |
-
2016
- 2016-04-25 CN CN201610263971.4A patent/CN107305529A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20080301647A1 (en) * | 2007-06-01 | 2008-12-04 | Microsoft Corporation | Delivering Malformed Data for Fuzz Testing to Software Applications |
| CN102541729A (en) * | 2010-12-31 | 2012-07-04 | 航空工业信息中心 | Detection device and method for security vulnerability of software |
| CN102087631A (en) * | 2011-03-09 | 2011-06-08 | 中国人民解放军国发科学技术大学 | Method for realizing fuzzing of software on the basis of state protocol |
| CN104573523A (en) * | 2013-10-24 | 2015-04-29 | 深圳市腾讯计算机系统有限公司 | File vulnerability mining realization method and device |
| CN103973511A (en) * | 2014-04-28 | 2014-08-06 | 南京邮电大学 | Service vulnerability test method based on message combination variation |
Non-Patent Citations (1)
| Title |
|---|
| 徐云峰,史记,徐铎: "《弱点挖掘》", 31 January 2014, 武汉大学出版社 * |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109062782A (en) * | 2018-06-27 | 2018-12-21 | 阿里巴巴集团控股有限公司 | A kind of selection method of regression test case, device and equipment |
| CN111176972A (en) * | 2018-11-12 | 2020-05-19 | 阿里巴巴集团控股有限公司 | Test method and system |
| CN110399300A (en) * | 2019-07-22 | 2019-11-01 | 南京大学 | A kind of Python software obfuscation test method based on regime type perception |
| CN111432262A (en) * | 2020-02-24 | 2020-07-17 | 杭州海康威视数字技术股份有限公司 | Page video rendering method and device |
| CN112199282A (en) * | 2020-10-09 | 2021-01-08 | 杭州安恒信息技术股份有限公司 | Fuzzy test method, device and equipment for office software |
| CN112199282B (en) * | 2020-10-09 | 2023-01-31 | 杭州安恒信息技术股份有限公司 | Fuzzy test method, device and equipment for office software |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN107305529A (en) | The method and apparatus for detecting target software | |
| CN100512274C (en) | Device and method for simulating communication system capable of easily controlling protocol message | |
| CN109218139B (en) | Gateway test system | |
| CN105303112B (en) | The detection method and device of component call loophole | |
| CN110401581B (en) | Industrial control protocol fuzzy test case generation method based on flow tracing | |
| CN105787364B (en) | Automatic testing method, device and system for tasks | |
| CN107861862A (en) | UI automated testing methods, device and computer-readable recording medium | |
| CN107046526A (en) | Distributed heterogeneous network hole method for digging based on Fuzzing algorithms | |
| CN106886492A (en) | Method of testing and test device based on data readback | |
| CN104796240B (en) | A kind of fuzz testing system of stateful procotol | |
| CN105138924B (en) | The method and apparatus for being not logged in preserving application operating information under state | |
| CN106649063A (en) | Method and system used for monitoring time consuming data when program runs | |
| CN110401624A (en) | The detection method and system of source net G system mutual message exception | |
| CN103684581B (en) | A kind of automated testing method of optical network unit vlan function | |
| CN104778118B (en) | The improved method of automatization testing technique | |
| DE102008010290A1 (en) | Mobile radio device testing method, involves analyzing information over mobile radio network by analyzer, converting information to instruction sequence, and simulating mobile radio network by executing part of sequence by protocol tester | |
| CN105975396A (en) | Generating method and system for automated testing case | |
| CN106897217A (en) | Method of testing and test device | |
| CN105095753B (en) | Broadcast safe detection method, device | |
| CN107608291A (en) | A kind of intelligent substation application function linkage rule verification method and system | |
| CN107340954A (en) | A kind of information extracting method and device | |
| CN111782524A (en) | Application testing method and device, storage medium and electronic device | |
| CN110196800A (en) | Distributed transaction test method, apparatus and system | |
| CN107222569A (en) | X-ray machine breakdown maintenance methods, devices and systems | |
| CN106815137A (en) | Ui testing method and apparatus |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20171031 |
|
| RJ01 | Rejection of invention patent application after publication |