CN108173832A - Family's Internet of Things application system penetration testing method based on end cloud translocation - Google Patents
Family's Internet of Things application system penetration testing method based on end cloud translocation Download PDFInfo
- Publication number
- CN108173832A CN108173832A CN201711420666.2A CN201711420666A CN108173832A CN 108173832 A CN108173832 A CN 108173832A CN 201711420666 A CN201711420666 A CN 201711420666A CN 108173832 A CN108173832 A CN 108173832A
- Authority
- CN
- China
- Prior art keywords
- internet
- family
- loophole
- translocation
- application system
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1458—Denial of Service
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/12—Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
Abstract
The present invention relates to family's technology of Internet of things.The present invention is to solve the problem of existing relevant programme without detection family Internet of Things application system security weak spot, a kind of family's Internet of Things application system penetration testing method based on end cloud translocation is provided, technical solution can be summarized as:Safety test is carried out to each service terminal first, is detected including at least compatibility test and decompiling;Then the data packet that service terminal sends to high in the clouds is captured by packet capturing mode, end cloud interaction data safety test is carried out to it, the analysis of data packet transfer parameter and vulnerability exploit at least are carried out to it;Finally background management system is investigated comprehensively, at least it is collected into row information, vulnerability scanning and vulnerability exploit.The invention has the advantages that shortening the testing time, bug excavation efficiency is improved, suitable for family's Internet of Things test.
Description
Technical field
The present invention relates to family's technology of Internet of things, more particularly to family's Internet of Things application system penetration testing technology.
Background technology
Internet of Things is gradually dissolved into our life, from the intelligent thermostat and intelligent electric lamp applied to family
Etc. equipment, to the relevant intelligent wearable device of health, the appearance of each smart machine all facilitates people's significantly
Life.
Internet of Things has also brought various secret worries while offering convenience to people’s lives.2014, research
Personnel demonstrate the thermostatic controller that family how is invaded within the time of 15 seconds, by the collection to thermostatic controller data,
Invader can understand get home in when someone, their schedule is the information such as what.Many intelligence electricity at present
Optic zone has camera, even if smart television is not opened, the attacker for invading smart television can also monitor use using camera
Family, attacker is after obtaining for the access of the lighting system in wired home, other than it can control the light in family, also
The electric power of family can be accessed, so as to increase the power consumption of family, leads to great electricity bill.Various safety problems
Prompt people, enjoy that Internet of Things brings it is convenient and efficient while, also to pay close attention to the safety problem of Internet of Things.
The security architecture of Internet of Things can be divided into sensing layer safety, IP Security and application layer according to the framework of Internet of Things
Safety.It needs to consider that computing capability, communication capacity and storage capacity of internet of things equipment etc. are limited in the design of sensing layer safety,
Cannot be directly on the physical devices using complicated safe practice, IP Security for ensureing communication security, then close by application layer
Note the safety of the support platform in all kinds of business and business.
The core of Internet of Things safety product is technology, since the safety of Internet of Things is the extension of internet security, then
The existing safe practice in internet can be utilized, with reference to the actual needs of Internet of Things safety problem, prior art is improved, will improve
Technology afterwards is applied in Internet of Things, so as to solve the safety problem of Internet of Things.Such as:Firewall technology in internet environment,
Mainly ICP/IP protocol data packet is parsed, and in environment of internet of things, fire wall is also needed to the spy in Internet of Things
Determine agreement to be parsed, such as Modbus, PROFIBUS agreement in industry control environment.In addition Internet of Things also has its uniqueness, such as
Terminal device is numerous, and the problem of trusting is lacked between equipment, and the prior art is difficult to solve problems in internet, so also needing
Some new technologies are explored to solve distinctive new problem in Internet of Things, but there are one should for family's Internet of Things at present
With the analysis test method of system, for finding out the safe weak spot of family's Internet of Things application system, so as to allow technology people
Member goes exploitation targetedly safe practice.
Invention content
The invention aims to solve the related side currently without detection family Internet of Things application system security weak spot
The problem of case, provides a kind of family's Internet of Things application system penetration testing method based on end cloud translocation.
The present invention solves its technical problem, the technical solution adopted is that, the Internet of Things application system of family based on end cloud translocation
System penetration testing method, which is characterized in that include the following steps:
Step 1 carries out safety test to each service terminal, is detected including at least compatibility test and decompiling;
Step 2 captures the data packet that service terminal is sent to high in the clouds by packet capturing mode, and end cloud interaction data is carried out to it
Safety test at least carries out the analysis of data packet transfer parameter and vulnerability exploit to it;
Step 3 investigates background management system comprehensively, at least it is collected into row information, vulnerability scanning and loophole
It utilizes.
Specifically, in step 1, the safety test further includes configuration file detection, component detection, URL detections, encryption and decryption
Infomation detection, coding information detection and daily record and Debugging message detection.
Further, step 1 includes step in detail below:
Step 101 installs service terminal on multi-platform and records and analyzes installation situation, obtains compatibility test result;
Step 102 carries out decompiling using decompiling instrument to service terminal, checks whether that source code can be obtained, if
103 are then entered step, otherwise assert it for safety, decompiling detection is completed;
Step 103 analyzes the configuration file after decompiling by label, carries out configuration file detection;
Code file after step 104, analysis decompiling carries out component detection, URL detections, encryption and decryption infomation detection, compiles
Code infomation detection and daily record and Debugging message detection.
Specifically, in step 102, the decompiling instrument is apktool.
Further, step 2 includes step in detail below:
Step 201 captures the data packet that service terminal is sent to high in the clouds by packet catcher;
Step 202, the parameter transmitted to data packet are analyzed, and are excavated and are judged wherein with the presence or absence of vulnerability exploit point, if
In the presence of vulnerability exploit point is then recorded, the analysis of data packet transfer parameter is completed, enters step 203, otherwise hold cloud interaction data safety
Test is completed;
Step 203, modification parameter information, analog service terminal carry out vulnerability exploit, record knot to high in the clouds transmission data packet
Fruit.
Specifically, in step 201, the packet catcher is Fiddler or wireshark.
Further, step 3 includes step in detail below:
Step 301, the configuration information and site information that server is collected using tool, and according to the information being collected into point
Analysis judges that it whether there is loophole and there are it is recorded during loophole;
Step 302 scans loophole using hole scanner in a manner that artificial permeation is combined, and obtains simultaneously writing scan
The loophole gone out;
Step 303 utilizes the loophole scanned, thinks that system there are the loophole, is otherwise recognized if using success
It is judged by accident for scanning, deletes the loophole scanned record.
Specifically, in step 301, it is described to be included using the configuration information and site information of tool collection server:Profit
Subdomain name and Web essential informations are collected with Google Hack technologies;It is inquired using Whois and collects business function information, C sections, side
It stands and server info;Open port information collection is carried out using Nmap port scans tool;It is carried out using DirBuster tools
Web catalog structure informations are collected.
Further, in step 302, the hole scanner includes WVS, Appscan and BurpSuite.
Specifically, step 303 includes step in detail below:
If step 303A, there are login interfaces for system, password explosion is carried out for login page, if password explosion success
Then system is carried out in a manner that artificial permeation is combined using hole scanner again configuration registry information comprehensive
Scanning loophole, obtain and loophole that writing scan goes out, enter step 303B after the completion, be otherwise directly entered step 303B;
Step 303B, dos attack is carried out to system, tests the anti-attack ability of system server;
Step 303C, the loophole found in step 301, step 302 and step 303A is utilized one by one, if using into
Work(then thinks system there are the loophole, otherwise it is assumed that scanning erroneous judgement, deletes the loophole scanned record.
The invention has the advantages that in the present invention program, it should by above-mentioned family's Internet of Things based on end cloud translocation
With system penetration testing method, service terminal, end cloud interaction data and background management system are carried out with reference to system business complete
Orientation penetration testing, all safe weak spots of active analysis system shorten the testing time, improve bug excavation efficiency.
Specific embodiment
With reference to embodiment, detailed description of the present invention technical solution.
In family's Internet of Things application system penetration testing method of the present invention based on end cloud translocation, first to each business
Terminal carries out safety test, is detected including at least compatibility test and decompiling;Then service terminal is captured by packet capturing mode
The data packet sent to high in the clouds, carries out it end cloud interaction data safety test, and data packet transfer parameter point is at least carried out to it
Analysis and vulnerability exploit;Finally background management system is investigated comprehensively, at least it is collected into row information, vulnerability scanning and leakage
Hole utilizes.
Embodiment
The embodiment of the present invention based on end cloud translocation family's Internet of Things application system penetration testing method, specifically include with
Lower step:
Step 1 carries out safety test to each service terminal, is detected including at least compatibility test and decompiling.
In this step, safety test can also include configuration file detection, component detection, URL detections, the inspection of encryption and decryption information
Survey, coding information detection and daily record and Debugging message detection etc., this step may include step in detail below:
Step 101 installs service terminal on multi-platform and records and analyzes installation situation, obtains compatibility test result;
Step 102 carries out decompiling using decompiling instrument to service terminal, checks whether that source code can be obtained, if
103 are then entered step, otherwise assert it for safety, decompiling detection is completed;Decompiling instrument can be apktool etc.;
Step 103 analyzes the configuration file after decompiling by label, carries out configuration file detection;
Code file after step 104, analysis decompiling carries out component detection, URL detections, encryption and decryption infomation detection, compiles
Code infomation detection and daily record and Debugging message detection.
Step 2 captures the data packet that service terminal is sent to high in the clouds by packet capturing mode, and end cloud interaction data is carried out to it
Safety test at least carries out the analysis of data packet transfer parameter and vulnerability exploit to it.
This step may include step in detail below:
Step 201 captures the data packet that service terminal is sent to high in the clouds by packet catcher, and packet catcher can be
Fiddler or wireshark etc.;
Step 202, the parameter transmitted to data packet are analyzed, and are excavated and are judged wherein with the presence or absence of vulnerability exploit point, if
In the presence of vulnerability exploit point is then recorded, the analysis of data packet transfer parameter is completed, enters step 203, otherwise hold cloud interaction data safety
Test is completed;
Step 203, modification parameter information, analog service terminal carry out vulnerability exploit, record knot to high in the clouds transmission data packet
Fruit.
Step 3 investigates background management system comprehensively, at least it is collected into row information, vulnerability scanning and loophole
It utilizes.
This step can include step in detail below:
Step 301, the configuration information and site information that server is collected using tool, and according to the information being collected into point
Analysis judges that it whether there is loophole and there are it is recorded during loophole;
Here, collecting the configuration information of server and site information using tool may include:Utilize Google Hack skills
Art collects subdomain name and Web essential informations etc.;Believed using Whois inquiry collection business functions information, C sections, other station and server
Breath etc.;Open port information collection is carried out using the port scans such as Nmap tool;Web mesh is carried out using tools such as DirBuster
Directory structures information collection etc.;
Step 302 scans loophole using hole scanner in a manner that artificial permeation is combined, and obtains simultaneously writing scan
The loophole gone out;
Here, hole scanner is including WVS, Appscan and BurpSuite etc.;
Step 303 utilizes the loophole scanned, thinks that system there are the loophole, is otherwise recognized if using success
It is judged by accident for scanning, deletes the loophole scanned record.
Here, it may include step in detail below:
If step 303A, there are login interfaces for system, password explosion is carried out for login page, if password explosion success
Then system is carried out in a manner that artificial permeation is combined using hole scanner again configuration registry information comprehensive
Scanning loophole, obtain and loophole that writing scan goes out, enter step 303B after the completion, be otherwise directly entered step 303B;
Step 303B, dos attack is carried out to system, tests the anti-attack ability of system server;
Step 303C, the loophole found in step 301, step 302 and step 303A is utilized one by one, if using into
Work(then thinks system there are the loophole, otherwise it is assumed that scanning erroneous judgement, deletes the loophole scanned record.
In this example, all analyses can be carried out based on the angle of hacker, so that vulnerability scanning is more in line with reality.
Claims (10)
1. family's Internet of Things application system penetration testing method based on end cloud translocation, which is characterized in that include the following steps:
Step 1 carries out safety test to each service terminal, is detected including at least compatibility test and decompiling;
Step 2 captures the data packet that service terminal is sent to high in the clouds by packet capturing mode, and end cloud interaction data safety is carried out to it
Test, at least carries out the analysis of data packet transfer parameter and vulnerability exploit to it;
Step 3 investigates background management system comprehensively, at least it is collected into row information, vulnerability scanning and vulnerability exploit.
2. family's Internet of Things application system penetration testing method as described in claim 1 based on end cloud translocation, feature exist
In in step 1, the safety test further includes configuration file detection, component detection, URL detections, encryption and decryption infomation detection, compiles
Code infomation detection and daily record and Debugging message detection.
3. family's Internet of Things application system penetration testing method as claimed in claim 2 based on end cloud translocation, feature exist
In step 1 includes step in detail below:
Step 101 installs service terminal on multi-platform and records and analyzes installation situation, obtains compatibility test result;
Step 102, using decompiling instrument to service terminal carry out decompiling, check whether that source code can be obtained, if then into
Enter step 103, otherwise assert it for safety, decompiling detection is completed;
Step 103 analyzes the configuration file after decompiling by label, carries out configuration file detection;
Code file after step 104, analysis decompiling carries out component detection, URL detections, encryption and decryption infomation detection, coding letter
Breath detection and daily record and Debugging message detection.
4. family's Internet of Things application system penetration testing method as claimed in claim 3 based on end cloud translocation, feature exist
In in step 102, the decompiling instrument is apktool.
5. family's Internet of Things application system penetration testing method as described in claim 1 based on end cloud translocation, feature exist
In step 2 includes step in detail below:
Step 201 captures the data packet that service terminal is sent to high in the clouds by packet catcher;
Step 202, the parameter transmitted to data packet are analyzed, and are excavated and are judged wherein with the presence or absence of vulnerability exploit point, if in the presence of
Vulnerability exploit point is then recorded, the analysis of data packet transfer parameter is completed, enters step 203, otherwise hold cloud interaction data safety test
It completes;
Step 203, modification parameter information, analog service terminal carry out vulnerability exploit to high in the clouds transmission data packet, record result.
6. family's Internet of Things application system penetration testing method as claimed in claim 5 based on end cloud translocation, feature exist
In in step 201, the packet catcher is Fiddler or wireshark.
7. family's Internet of Things application system penetration testing method as described in claim 1 based on end cloud translocation, feature exist
In step 3 includes step in detail below:
Step 301, the configuration information and site information that server is collected using tool, and sentenced according to the information analysis being collected into
It break with the presence or absence of loophole and there are it is recorded during loophole;
Step 302 scans loophole using hole scanner in a manner that artificial permeation is combined, and obtains and writing scan goes out
Loophole;
Step 303 utilizes the loophole scanned, system is thought there are the loophole if using success, otherwise it is assumed that sweeping
Erroneous judgement is retouched, deletes the loophole scanned record.
8. family's Internet of Things application system penetration testing method as claimed in claim 7 based on end cloud translocation, feature exist
In described to be included using the configuration information and site information of tool collection server in step 301:Utilize Google Hack
Technology collects subdomain name and Web essential informations;Believed using Whois inquiry collection business functions information, C sections, other station and server
Breath;Open port information collection is carried out using Nmap port scans tool;Web bibliographic structures are carried out using DirBuster tools
Information is collected.
9. family's Internet of Things application system penetration testing method as claimed in claim 7 based on end cloud translocation, feature exist
In in step 302, the hole scanner includes WVS, Appscan and BurpSuite.
10. family's Internet of Things application system penetration testing method as claimed in claim 7 based on end cloud translocation, feature exist
In step 303 includes step in detail below:
If step 303A, there are login interfaces for system, password explosion is carried out for login page, is led to if password explosion success
It crosses configuration registry information and comprehensive sweep is carried out to system in a manner that artificial permeation is combined using hole scanner again
Loophole is retouched, is obtained and loophole that writing scan goes out, 303B is entered step after the completion, is otherwise directly entered step 303B;
Step 303B, dos attack is carried out to system, tests the anti-attack ability of system server;
Step 303C, the loophole found in step 301, step 302 and step 303A is utilized one by one, if utilizing successfully
System is thought there are the loophole, otherwise it is assumed that scanning erroneous judgement, deletes the loophole scanned record.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201711420666.2A CN108173832A (en) | 2017-12-25 | 2017-12-25 | Family's Internet of Things application system penetration testing method based on end cloud translocation |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201711420666.2A CN108173832A (en) | 2017-12-25 | 2017-12-25 | Family's Internet of Things application system penetration testing method based on end cloud translocation |
Publications (1)
Publication Number | Publication Date |
---|---|
CN108173832A true CN108173832A (en) | 2018-06-15 |
Family
ID=62520163
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201711420666.2A Pending CN108173832A (en) | 2017-12-25 | 2017-12-25 | Family's Internet of Things application system penetration testing method based on end cloud translocation |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN108173832A (en) |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110035297A (en) * | 2019-03-08 | 2019-07-19 | 视联动力信息技术股份有限公司 | Method for processing video frequency and device |
WO2021090047A1 (en) * | 2019-11-06 | 2021-05-14 | Mansouri Armin | Iot penetration testing platform |
CN113382006A (en) * | 2021-06-15 | 2021-09-10 | 中国信息通信研究院 | Internet of things terminal security and risk assessment and evaluation method |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8561154B2 (en) * | 2003-12-22 | 2013-10-15 | International Business Machines Corporation | Method for providing network perimeter security assessment |
CN104468267A (en) * | 2014-11-24 | 2015-03-25 | 国家电网公司 | Information safety penetration testing method for distribution automation system |
CN104484607A (en) * | 2014-12-16 | 2015-04-01 | 上海交通大学 | Universal method and universal system for performing safety testing on Android application programs |
CN106919844A (en) * | 2017-02-14 | 2017-07-04 | 暨南大学 | A kind of android system vulnerability of application program detection method |
-
2017
- 2017-12-25 CN CN201711420666.2A patent/CN108173832A/en active Pending
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8561154B2 (en) * | 2003-12-22 | 2013-10-15 | International Business Machines Corporation | Method for providing network perimeter security assessment |
CN104468267A (en) * | 2014-11-24 | 2015-03-25 | 国家电网公司 | Information safety penetration testing method for distribution automation system |
CN104484607A (en) * | 2014-12-16 | 2015-04-01 | 上海交通大学 | Universal method and universal system for performing safety testing on Android application programs |
CN106919844A (en) * | 2017-02-14 | 2017-07-04 | 暨南大学 | A kind of android system vulnerability of application program detection method |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110035297A (en) * | 2019-03-08 | 2019-07-19 | 视联动力信息技术股份有限公司 | Method for processing video frequency and device |
WO2021090047A1 (en) * | 2019-11-06 | 2021-05-14 | Mansouri Armin | Iot penetration testing platform |
CN113382006A (en) * | 2021-06-15 | 2021-09-10 | 中国信息通信研究院 | Internet of things terminal security and risk assessment and evaluation method |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN108183895B (en) | Network asset information acquisition system | |
CN112769821B (en) | Threat response method and device based on threat intelligence and ATT & CK | |
CN109325351A (en) | A kind of security breaches automatic Verification systems based on many survey platforms | |
Montesino et al. | Information security automation: how far can we go? | |
CN108712396A (en) | Networked asset management and loophole governing system | |
CN104363236A (en) | Automatic vulnerability validation method | |
CN108809951A (en) | A kind of penetration testing frame suitable for industrial control system | |
CN104009881A (en) | Method and device for system penetration testing | |
CN109922073A (en) | Network security monitoring device, method and system | |
CN108173832A (en) | Family's Internet of Things application system penetration testing method based on end cloud translocation | |
CN104811447A (en) | Security detection method and system based on attack association | |
CN112347485A (en) | Multi-engine vulnerability acquisition and automatic penetration processing method | |
CN103442361B (en) | Method for detecting safety of mobile application, and mobile terminal | |
Rahmatullah et al. | Implementation of low interaction web server honeypot using cubieboard | |
CN106878339A (en) | A kind of vulnerability scanning system and method based on internet-of-things terminal equipment | |
CN105871775B (en) | A kind of safety protecting method and DPMA Protection Model | |
CN104486320A (en) | Intranet sensitive information disclosure evidence collection system and method based on honeynet technology | |
Rosso et al. | Saibersoc: Synthetic attack injection to benchmark and evaluate the performance of security operation centers | |
Visoottiviseth et al. | Distributed honeypot log management and visualization of attacker geographical distribution | |
Adamović | Penetration testing and vulnerability assessment: introduction, phases, tools and methods | |
CN112600822A (en) | Network security system and method based on automatic drainage tool | |
CN101453454B (en) | Internal tracking method and network attack detection | |
Aguirre-Anaya et al. | A new procedure to detect low interaction honeypots | |
Avasthi | Network forensic analysis with efficient preservation for SYN attack | |
CN114024740A (en) | Threat trapping method based on secret tag bait |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20180615 |
|
RJ01 | Rejection of invention patent application after publication |