CN108173832A - Family's Internet of Things application system penetration testing method based on end cloud translocation - Google Patents

Family's Internet of Things application system penetration testing method based on end cloud translocation Download PDF

Info

Publication number
CN108173832A
CN108173832A CN201711420666.2A CN201711420666A CN108173832A CN 108173832 A CN108173832 A CN 108173832A CN 201711420666 A CN201711420666 A CN 201711420666A CN 108173832 A CN108173832 A CN 108173832A
Authority
CN
China
Prior art keywords
internet
family
loophole
translocation
application system
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201711420666.2A
Other languages
Chinese (zh)
Inventor
翟栋
袁杨
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Sichuan Changhong Electric Co Ltd
Original Assignee
Sichuan Changhong Electric Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Sichuan Changhong Electric Co Ltd filed Critical Sichuan Changhong Electric Co Ltd
Priority to CN201711420666.2A priority Critical patent/CN108173832A/en
Publication of CN108173832A publication Critical patent/CN108173832A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1433Vulnerability analysis
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1416Event detection, e.g. attack signature detection
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/1458Denial of Service
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/12Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks

Abstract

The present invention relates to family's technology of Internet of things.The present invention is to solve the problem of existing relevant programme without detection family Internet of Things application system security weak spot, a kind of family's Internet of Things application system penetration testing method based on end cloud translocation is provided, technical solution can be summarized as:Safety test is carried out to each service terminal first, is detected including at least compatibility test and decompiling;Then the data packet that service terminal sends to high in the clouds is captured by packet capturing mode, end cloud interaction data safety test is carried out to it, the analysis of data packet transfer parameter and vulnerability exploit at least are carried out to it;Finally background management system is investigated comprehensively, at least it is collected into row information, vulnerability scanning and vulnerability exploit.The invention has the advantages that shortening the testing time, bug excavation efficiency is improved, suitable for family's Internet of Things test.

Description

Family's Internet of Things application system penetration testing method based on end cloud translocation
Technical field
The present invention relates to family's technology of Internet of things, more particularly to family's Internet of Things application system penetration testing technology.
Background technology
Internet of Things is gradually dissolved into our life, from the intelligent thermostat and intelligent electric lamp applied to family Etc. equipment, to the relevant intelligent wearable device of health, the appearance of each smart machine all facilitates people's significantly Life.
Internet of Things has also brought various secret worries while offering convenience to people’s lives.2014, research Personnel demonstrate the thermostatic controller that family how is invaded within the time of 15 seconds, by the collection to thermostatic controller data, Invader can understand get home in when someone, their schedule is the information such as what.Many intelligence electricity at present Optic zone has camera, even if smart television is not opened, the attacker for invading smart television can also monitor use using camera Family, attacker is after obtaining for the access of the lighting system in wired home, other than it can control the light in family, also The electric power of family can be accessed, so as to increase the power consumption of family, leads to great electricity bill.Various safety problems Prompt people, enjoy that Internet of Things brings it is convenient and efficient while, also to pay close attention to the safety problem of Internet of Things.
The security architecture of Internet of Things can be divided into sensing layer safety, IP Security and application layer according to the framework of Internet of Things Safety.It needs to consider that computing capability, communication capacity and storage capacity of internet of things equipment etc. are limited in the design of sensing layer safety, Cannot be directly on the physical devices using complicated safe practice, IP Security for ensureing communication security, then close by application layer Note the safety of the support platform in all kinds of business and business.
The core of Internet of Things safety product is technology, since the safety of Internet of Things is the extension of internet security, then The existing safe practice in internet can be utilized, with reference to the actual needs of Internet of Things safety problem, prior art is improved, will improve Technology afterwards is applied in Internet of Things, so as to solve the safety problem of Internet of Things.Such as:Firewall technology in internet environment, Mainly ICP/IP protocol data packet is parsed, and in environment of internet of things, fire wall is also needed to the spy in Internet of Things Determine agreement to be parsed, such as Modbus, PROFIBUS agreement in industry control environment.In addition Internet of Things also has its uniqueness, such as Terminal device is numerous, and the problem of trusting is lacked between equipment, and the prior art is difficult to solve problems in internet, so also needing Some new technologies are explored to solve distinctive new problem in Internet of Things, but there are one should for family's Internet of Things at present With the analysis test method of system, for finding out the safe weak spot of family's Internet of Things application system, so as to allow technology people Member goes exploitation targetedly safe practice.
Invention content
The invention aims to solve the related side currently without detection family Internet of Things application system security weak spot The problem of case, provides a kind of family's Internet of Things application system penetration testing method based on end cloud translocation.
The present invention solves its technical problem, the technical solution adopted is that, the Internet of Things application system of family based on end cloud translocation System penetration testing method, which is characterized in that include the following steps:
Step 1 carries out safety test to each service terminal, is detected including at least compatibility test and decompiling;
Step 2 captures the data packet that service terminal is sent to high in the clouds by packet capturing mode, and end cloud interaction data is carried out to it Safety test at least carries out the analysis of data packet transfer parameter and vulnerability exploit to it;
Step 3 investigates background management system comprehensively, at least it is collected into row information, vulnerability scanning and loophole It utilizes.
Specifically, in step 1, the safety test further includes configuration file detection, component detection, URL detections, encryption and decryption Infomation detection, coding information detection and daily record and Debugging message detection.
Further, step 1 includes step in detail below:
Step 101 installs service terminal on multi-platform and records and analyzes installation situation, obtains compatibility test result;
Step 102 carries out decompiling using decompiling instrument to service terminal, checks whether that source code can be obtained, if 103 are then entered step, otherwise assert it for safety, decompiling detection is completed;
Step 103 analyzes the configuration file after decompiling by label, carries out configuration file detection;
Code file after step 104, analysis decompiling carries out component detection, URL detections, encryption and decryption infomation detection, compiles Code infomation detection and daily record and Debugging message detection.
Specifically, in step 102, the decompiling instrument is apktool.
Further, step 2 includes step in detail below:
Step 201 captures the data packet that service terminal is sent to high in the clouds by packet catcher;
Step 202, the parameter transmitted to data packet are analyzed, and are excavated and are judged wherein with the presence or absence of vulnerability exploit point, if In the presence of vulnerability exploit point is then recorded, the analysis of data packet transfer parameter is completed, enters step 203, otherwise hold cloud interaction data safety Test is completed;
Step 203, modification parameter information, analog service terminal carry out vulnerability exploit, record knot to high in the clouds transmission data packet Fruit.
Specifically, in step 201, the packet catcher is Fiddler or wireshark.
Further, step 3 includes step in detail below:
Step 301, the configuration information and site information that server is collected using tool, and according to the information being collected into point Analysis judges that it whether there is loophole and there are it is recorded during loophole;
Step 302 scans loophole using hole scanner in a manner that artificial permeation is combined, and obtains simultaneously writing scan The loophole gone out;
Step 303 utilizes the loophole scanned, thinks that system there are the loophole, is otherwise recognized if using success It is judged by accident for scanning, deletes the loophole scanned record.
Specifically, in step 301, it is described to be included using the configuration information and site information of tool collection server:Profit Subdomain name and Web essential informations are collected with Google Hack technologies;It is inquired using Whois and collects business function information, C sections, side It stands and server info;Open port information collection is carried out using Nmap port scans tool;It is carried out using DirBuster tools Web catalog structure informations are collected.
Further, in step 302, the hole scanner includes WVS, Appscan and BurpSuite.
Specifically, step 303 includes step in detail below:
If step 303A, there are login interfaces for system, password explosion is carried out for login page, if password explosion success Then system is carried out in a manner that artificial permeation is combined using hole scanner again configuration registry information comprehensive Scanning loophole, obtain and loophole that writing scan goes out, enter step 303B after the completion, be otherwise directly entered step 303B;
Step 303B, dos attack is carried out to system, tests the anti-attack ability of system server;
Step 303C, the loophole found in step 301, step 302 and step 303A is utilized one by one, if using into Work(then thinks system there are the loophole, otherwise it is assumed that scanning erroneous judgement, deletes the loophole scanned record.
The invention has the advantages that in the present invention program, it should by above-mentioned family's Internet of Things based on end cloud translocation With system penetration testing method, service terminal, end cloud interaction data and background management system are carried out with reference to system business complete Orientation penetration testing, all safe weak spots of active analysis system shorten the testing time, improve bug excavation efficiency.
Specific embodiment
With reference to embodiment, detailed description of the present invention technical solution.
In family's Internet of Things application system penetration testing method of the present invention based on end cloud translocation, first to each business Terminal carries out safety test, is detected including at least compatibility test and decompiling;Then service terminal is captured by packet capturing mode The data packet sent to high in the clouds, carries out it end cloud interaction data safety test, and data packet transfer parameter point is at least carried out to it Analysis and vulnerability exploit;Finally background management system is investigated comprehensively, at least it is collected into row information, vulnerability scanning and leakage Hole utilizes.
Embodiment
The embodiment of the present invention based on end cloud translocation family's Internet of Things application system penetration testing method, specifically include with Lower step:
Step 1 carries out safety test to each service terminal, is detected including at least compatibility test and decompiling.
In this step, safety test can also include configuration file detection, component detection, URL detections, the inspection of encryption and decryption information Survey, coding information detection and daily record and Debugging message detection etc., this step may include step in detail below:
Step 101 installs service terminal on multi-platform and records and analyzes installation situation, obtains compatibility test result;
Step 102 carries out decompiling using decompiling instrument to service terminal, checks whether that source code can be obtained, if 103 are then entered step, otherwise assert it for safety, decompiling detection is completed;Decompiling instrument can be apktool etc.;
Step 103 analyzes the configuration file after decompiling by label, carries out configuration file detection;
Code file after step 104, analysis decompiling carries out component detection, URL detections, encryption and decryption infomation detection, compiles Code infomation detection and daily record and Debugging message detection.
Step 2 captures the data packet that service terminal is sent to high in the clouds by packet capturing mode, and end cloud interaction data is carried out to it Safety test at least carries out the analysis of data packet transfer parameter and vulnerability exploit to it.
This step may include step in detail below:
Step 201 captures the data packet that service terminal is sent to high in the clouds by packet catcher, and packet catcher can be Fiddler or wireshark etc.;
Step 202, the parameter transmitted to data packet are analyzed, and are excavated and are judged wherein with the presence or absence of vulnerability exploit point, if In the presence of vulnerability exploit point is then recorded, the analysis of data packet transfer parameter is completed, enters step 203, otherwise hold cloud interaction data safety Test is completed;
Step 203, modification parameter information, analog service terminal carry out vulnerability exploit, record knot to high in the clouds transmission data packet Fruit.
Step 3 investigates background management system comprehensively, at least it is collected into row information, vulnerability scanning and loophole It utilizes.
This step can include step in detail below:
Step 301, the configuration information and site information that server is collected using tool, and according to the information being collected into point Analysis judges that it whether there is loophole and there are it is recorded during loophole;
Here, collecting the configuration information of server and site information using tool may include:Utilize Google Hack skills Art collects subdomain name and Web essential informations etc.;Believed using Whois inquiry collection business functions information, C sections, other station and server Breath etc.;Open port information collection is carried out using the port scans such as Nmap tool;Web mesh is carried out using tools such as DirBuster Directory structures information collection etc.;
Step 302 scans loophole using hole scanner in a manner that artificial permeation is combined, and obtains simultaneously writing scan The loophole gone out;
Here, hole scanner is including WVS, Appscan and BurpSuite etc.;
Step 303 utilizes the loophole scanned, thinks that system there are the loophole, is otherwise recognized if using success It is judged by accident for scanning, deletes the loophole scanned record.
Here, it may include step in detail below:
If step 303A, there are login interfaces for system, password explosion is carried out for login page, if password explosion success Then system is carried out in a manner that artificial permeation is combined using hole scanner again configuration registry information comprehensive Scanning loophole, obtain and loophole that writing scan goes out, enter step 303B after the completion, be otherwise directly entered step 303B;
Step 303B, dos attack is carried out to system, tests the anti-attack ability of system server;
Step 303C, the loophole found in step 301, step 302 and step 303A is utilized one by one, if using into Work(then thinks system there are the loophole, otherwise it is assumed that scanning erroneous judgement, deletes the loophole scanned record.
In this example, all analyses can be carried out based on the angle of hacker, so that vulnerability scanning is more in line with reality.

Claims (10)

1. family's Internet of Things application system penetration testing method based on end cloud translocation, which is characterized in that include the following steps:
Step 1 carries out safety test to each service terminal, is detected including at least compatibility test and decompiling;
Step 2 captures the data packet that service terminal is sent to high in the clouds by packet capturing mode, and end cloud interaction data safety is carried out to it Test, at least carries out the analysis of data packet transfer parameter and vulnerability exploit to it;
Step 3 investigates background management system comprehensively, at least it is collected into row information, vulnerability scanning and vulnerability exploit.
2. family's Internet of Things application system penetration testing method as described in claim 1 based on end cloud translocation, feature exist In in step 1, the safety test further includes configuration file detection, component detection, URL detections, encryption and decryption infomation detection, compiles Code infomation detection and daily record and Debugging message detection.
3. family's Internet of Things application system penetration testing method as claimed in claim 2 based on end cloud translocation, feature exist In step 1 includes step in detail below:
Step 101 installs service terminal on multi-platform and records and analyzes installation situation, obtains compatibility test result;
Step 102, using decompiling instrument to service terminal carry out decompiling, check whether that source code can be obtained, if then into Enter step 103, otherwise assert it for safety, decompiling detection is completed;
Step 103 analyzes the configuration file after decompiling by label, carries out configuration file detection;
Code file after step 104, analysis decompiling carries out component detection, URL detections, encryption and decryption infomation detection, coding letter Breath detection and daily record and Debugging message detection.
4. family's Internet of Things application system penetration testing method as claimed in claim 3 based on end cloud translocation, feature exist In in step 102, the decompiling instrument is apktool.
5. family's Internet of Things application system penetration testing method as described in claim 1 based on end cloud translocation, feature exist In step 2 includes step in detail below:
Step 201 captures the data packet that service terminal is sent to high in the clouds by packet catcher;
Step 202, the parameter transmitted to data packet are analyzed, and are excavated and are judged wherein with the presence or absence of vulnerability exploit point, if in the presence of Vulnerability exploit point is then recorded, the analysis of data packet transfer parameter is completed, enters step 203, otherwise hold cloud interaction data safety test It completes;
Step 203, modification parameter information, analog service terminal carry out vulnerability exploit to high in the clouds transmission data packet, record result.
6. family's Internet of Things application system penetration testing method as claimed in claim 5 based on end cloud translocation, feature exist In in step 201, the packet catcher is Fiddler or wireshark.
7. family's Internet of Things application system penetration testing method as described in claim 1 based on end cloud translocation, feature exist In step 3 includes step in detail below:
Step 301, the configuration information and site information that server is collected using tool, and sentenced according to the information analysis being collected into It break with the presence or absence of loophole and there are it is recorded during loophole;
Step 302 scans loophole using hole scanner in a manner that artificial permeation is combined, and obtains and writing scan goes out Loophole;
Step 303 utilizes the loophole scanned, system is thought there are the loophole if using success, otherwise it is assumed that sweeping Erroneous judgement is retouched, deletes the loophole scanned record.
8. family's Internet of Things application system penetration testing method as claimed in claim 7 based on end cloud translocation, feature exist In described to be included using the configuration information and site information of tool collection server in step 301:Utilize Google Hack Technology collects subdomain name and Web essential informations;Believed using Whois inquiry collection business functions information, C sections, other station and server Breath;Open port information collection is carried out using Nmap port scans tool;Web bibliographic structures are carried out using DirBuster tools Information is collected.
9. family's Internet of Things application system penetration testing method as claimed in claim 7 based on end cloud translocation, feature exist In in step 302, the hole scanner includes WVS, Appscan and BurpSuite.
10. family's Internet of Things application system penetration testing method as claimed in claim 7 based on end cloud translocation, feature exist In step 303 includes step in detail below:
If step 303A, there are login interfaces for system, password explosion is carried out for login page, is led to if password explosion success It crosses configuration registry information and comprehensive sweep is carried out to system in a manner that artificial permeation is combined using hole scanner again Loophole is retouched, is obtained and loophole that writing scan goes out, 303B is entered step after the completion, is otherwise directly entered step 303B;
Step 303B, dos attack is carried out to system, tests the anti-attack ability of system server;
Step 303C, the loophole found in step 301, step 302 and step 303A is utilized one by one, if utilizing successfully System is thought there are the loophole, otherwise it is assumed that scanning erroneous judgement, deletes the loophole scanned record.
CN201711420666.2A 2017-12-25 2017-12-25 Family's Internet of Things application system penetration testing method based on end cloud translocation Pending CN108173832A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201711420666.2A CN108173832A (en) 2017-12-25 2017-12-25 Family's Internet of Things application system penetration testing method based on end cloud translocation

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201711420666.2A CN108173832A (en) 2017-12-25 2017-12-25 Family's Internet of Things application system penetration testing method based on end cloud translocation

Publications (1)

Publication Number Publication Date
CN108173832A true CN108173832A (en) 2018-06-15

Family

ID=62520163

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201711420666.2A Pending CN108173832A (en) 2017-12-25 2017-12-25 Family's Internet of Things application system penetration testing method based on end cloud translocation

Country Status (1)

Country Link
CN (1) CN108173832A (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110035297A (en) * 2019-03-08 2019-07-19 视联动力信息技术股份有限公司 Method for processing video frequency and device
WO2021090047A1 (en) * 2019-11-06 2021-05-14 Mansouri Armin Iot penetration testing platform
CN113382006A (en) * 2021-06-15 2021-09-10 中国信息通信研究院 Internet of things terminal security and risk assessment and evaluation method

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8561154B2 (en) * 2003-12-22 2013-10-15 International Business Machines Corporation Method for providing network perimeter security assessment
CN104468267A (en) * 2014-11-24 2015-03-25 国家电网公司 Information safety penetration testing method for distribution automation system
CN104484607A (en) * 2014-12-16 2015-04-01 上海交通大学 Universal method and universal system for performing safety testing on Android application programs
CN106919844A (en) * 2017-02-14 2017-07-04 暨南大学 A kind of android system vulnerability of application program detection method

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8561154B2 (en) * 2003-12-22 2013-10-15 International Business Machines Corporation Method for providing network perimeter security assessment
CN104468267A (en) * 2014-11-24 2015-03-25 国家电网公司 Information safety penetration testing method for distribution automation system
CN104484607A (en) * 2014-12-16 2015-04-01 上海交通大学 Universal method and universal system for performing safety testing on Android application programs
CN106919844A (en) * 2017-02-14 2017-07-04 暨南大学 A kind of android system vulnerability of application program detection method

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110035297A (en) * 2019-03-08 2019-07-19 视联动力信息技术股份有限公司 Method for processing video frequency and device
WO2021090047A1 (en) * 2019-11-06 2021-05-14 Mansouri Armin Iot penetration testing platform
CN113382006A (en) * 2021-06-15 2021-09-10 中国信息通信研究院 Internet of things terminal security and risk assessment and evaluation method

Similar Documents

Publication Publication Date Title
CN108183895B (en) Network asset information acquisition system
CN112769821B (en) Threat response method and device based on threat intelligence and ATT & CK
CN109325351A (en) A kind of security breaches automatic Verification systems based on many survey platforms
Montesino et al. Information security automation: how far can we go?
CN108712396A (en) Networked asset management and loophole governing system
CN104363236A (en) Automatic vulnerability validation method
CN108809951A (en) A kind of penetration testing frame suitable for industrial control system
CN104009881A (en) Method and device for system penetration testing
CN109922073A (en) Network security monitoring device, method and system
CN108173832A (en) Family's Internet of Things application system penetration testing method based on end cloud translocation
CN104811447A (en) Security detection method and system based on attack association
CN112347485A (en) Multi-engine vulnerability acquisition and automatic penetration processing method
CN103442361B (en) Method for detecting safety of mobile application, and mobile terminal
Rahmatullah et al. Implementation of low interaction web server honeypot using cubieboard
CN106878339A (en) A kind of vulnerability scanning system and method based on internet-of-things terminal equipment
CN105871775B (en) A kind of safety protecting method and DPMA Protection Model
CN104486320A (en) Intranet sensitive information disclosure evidence collection system and method based on honeynet technology
Rosso et al. Saibersoc: Synthetic attack injection to benchmark and evaluate the performance of security operation centers
Visoottiviseth et al. Distributed honeypot log management and visualization of attacker geographical distribution
Adamović Penetration testing and vulnerability assessment: introduction, phases, tools and methods
CN112600822A (en) Network security system and method based on automatic drainage tool
CN101453454B (en) Internal tracking method and network attack detection
Aguirre-Anaya et al. A new procedure to detect low interaction honeypots
Avasthi Network forensic analysis with efficient preservation for SYN attack
CN114024740A (en) Threat trapping method based on secret tag bait

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20180615

RJ01 Rejection of invention patent application after publication