CN108875368A - A kind of safety detection method, apparatus and system - Google Patents
A kind of safety detection method, apparatus and system Download PDFInfo
- Publication number
- CN108875368A CN108875368A CN201710324721.1A CN201710324721A CN108875368A CN 108875368 A CN108875368 A CN 108875368A CN 201710324721 A CN201710324721 A CN 201710324721A CN 108875368 A CN108875368 A CN 108875368A
- Authority
- CN
- China
- Prior art keywords
- application
- detected
- data
- server
- flows
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/566—Dynamic detection, i.e. detection performed at run-time, e.g. emulation, suspicious activities
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Computing Systems (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Virology (AREA)
- Test And Diagnosis Of Digital Computers (AREA)
Abstract
The embodiment of the invention provides a kind of safety detection method, apparatus and system, this method obtains the installation file of application to be detected;Installation file is installed to target simulation equipment;Dry run instruction is sent to target simulation equipment, applies and is communicated with server-side so that the operation of target simulation equipment simulating is to be detected;Record target simulation equipment simulating runs application to be detected and communicates the data on flows generated with server-side;Judge whether to reach preset dry run termination condition;If so, carrying out vulnerability scanning to the data on flows recorded, the safety detection result for being directed to application to be detected is obtained.Safety detection is carried out to application to be detected using scheme provided in an embodiment of the present invention, it can be according to different test case dry run applications to be detected, it does not need artificially to be detected, efficiently reduces the probability of test leakage, improve the accuracy for carrying out safety detection to application.
Description
Technical field
The present invention relates to software testing technology fields, more particularly to a kind of safety detection method, apparatus and system.
Background technique
With the popularization of intelligent electronic products with the diversification of user demand, the quantity of application is also in explosive growth, mesh
Online application is just more than 1,700,000 under preceding only Android operation system environment, and is also increasing day by day.It is entire in order to guarantee
The stability of network environment, it is desirable that apply and need to carry out safety detection before online, exactly detection is using corresponding server-side
No there are loopholes, and the application that only safety detection reaches requirement online could be supplied to user.
Currently, the corresponding server-side of detection application whether there is loophole, also in more traditional stage, generally by
Testing staff subjectively detects and evaluates, and then obtains safety detection result;But server-side is at runtime, running environment
Change greatly, there may be a large amount of loopholes for server-side, and manually carry out detection there are very strong randomnesss, it is likely that cause to leak
The phenomenon that survey, therefore, the accuracy of safety detection, are low.
Summary of the invention
The embodiment of the present invention is designed to provide a kind of safety detection method, apparatus and system, with improve to application into
The accuracy of row safety detection.
In order to achieve the above objectives, the embodiment of the invention discloses a kind of safety detection methods, are applied to electronic equipment, the party
Method includes:
Obtain the installation file of application to be detected;
The installation file is installed to target simulation equipment;
Dry run instruction is sent to the target simulation equipment, so that described in target simulation equipment simulating operation
Application to be detected is simultaneously communicated with server-side;
The target simulation equipment simulating is recorded to run the application to be detected and communicate the flow number generated with server-side
According to;
Judge whether to reach preset dry run termination condition;
If so, carrying out vulnerability scanning to the data on flows recorded, the safety inspection for the application to be detected is obtained
Survey result.
Optionally, target simulation equipment application to be detected described in dry run and logical with server-side in the following manner
Letter:
Start test software, generates test case;
It is to be detected described in dry run to apply and communicated with server-side according to the test case.
Optionally, described according to the test case, application to be detected described in dry run and the step communicated with server-side
Suddenly, including:
It triggers the application to be detected and generates the network request for being directed to each test case;
According to network request generated, establishes and communicate to connect between the application to be detected and server-side, so that institute
Application to be detected is stated to be communicated by established communication connection with server-side.
Optionally, described to record the target simulation equipment simulating operation application to be detected and communicate production with server-side
The step of raw data on flows, including:
Establish agency service;
Using the agency service, recording needle to each network request it is described it is to be detected application and generated between server-side
Data on flows.
Optionally, the method also includes:
The data on flows recorded is stored into data on flows library;
It is described that vulnerability scanning is carried out to the data on flows recorded, obtain the safety detection knot for being directed to the application to be detected
Fruit, including:
Vulnerability scanning is carried out to the data on flows that stores in the data on flows library, obtains and to be detected is answered for described
Safety detection result.
Optionally, operation includes at least the multiple in application, described in the data on flows library of target application at the same time
The step of data on flows of storage carries out vulnerability scanning, obtains the safety detection result for being directed to the application to be detected, packet
It includes:
The first flow data to match with the network request are pulled from the data on flows library;
Vulnerability scanning is carried out to the first flow data, obtains the safety detection result for being directed to the application to be detected.
Optionally, described to judge whether the step of reaching preset dry run termination condition, including:
Judge whether the duration for running the application to be detected is more than or equal to preset standard operation duration;
And/or judge whether the quantity of the data on flows of record is more than or equal to preset standard quantity.
Optionally, the method also includes:
After obtaining the safety detection result, unload that install in the target simulation equipment described is to be detected to answer
With.
In order to achieve the above objectives, the embodiment of the invention also discloses a kind of safety detection devices, are applied to electronic equipment, institute
Stating device includes:
First obtains module, for obtaining the installation file of application to be detected;
First installation module, for installing the installation file to target simulation equipment;
Sending module, for sending dry run instruction to the target simulation equipment, so that the target simulation is set
It is to be detected described in standby dry run to apply and communicated with server-side;
Logging modle, for recording the target simulation equipment simulating operation application to be detected and being communicated with server-side
The data on flows of generation;
Judgment module reaches preset dry run termination condition for judging whether;
Second obtain module, for the judgment module judging result be in the case where, to the flow number recorded
According to vulnerability scanning is carried out, the safety detection result for being directed to the application to be detected is obtained.
Optionally, the target simulation equipment, including:
First generates submodule, for starting test software, generates test case;
First operation submodule, for according to the test case, application to be detected and and server-side described in dry run
Communication.
Optionally, the first operation submodule, is specifically used for:
It triggers the application to be detected and generates the network request for being directed to each test case;
According to network request generated, establishes and communicate to connect between the application to be detected and server-side, so that institute
Application to be detected is stated to be communicated by established communication connection with server-side.
Optionally, the logging modle, is specifically used for:
Establish agency service;
Using the agency service, recording needle to each network request it is described it is to be detected application and generated between server-side
Data on flows.
Optionally, described device further includes:
Memory module, for storing the data on flows recorded into data on flows library;
Described second obtains module, is specifically used for:
Vulnerability scanning is carried out to the data on flows that stores in the data on flows library, obtains and to be detected is answered for described
Safety detection result.
Optionally, described second module is obtained, be specifically used for:
Operation includes at least the multiple in application, pulling from the data on flows library and the net of target application at the same time
Network requests the first flow data to match;
Vulnerability scanning is carried out to the first flow data, obtains the safety detection result for being directed to the application to be detected.
Optionally, the judgment module, is specifically used for:
Judge whether the duration for running the application to be detected is more than or equal to preset standard operation duration;
And/or judge whether the quantity of the data on flows of record is more than or equal to preset standard quantity.
Optionally, described device further includes:
Unload module is installed in the target simulation equipment for unloading after obtaining the safety detection result
The application to be detected.
In order to achieve the above objectives, the embodiment of the invention also discloses a kind of safety detection methods, are applied to analog machine, institute
The method of stating includes:
The installation file of application to be detected is obtained from the electronic equipment communicated to connect with the analog machine;
The installation file is installed;
It is to be detected described in dry run to apply and communicated with server-side;
The data on flows that generation is communicated by application to be detected described in dry run and with server-side is transmitted to the electronics and sets
It is standby, so that the electronic equipment is determining that carrying out loophole to the data on flows when reaching predetermined analog end of run condition sweeps
Retouch the safety detection result for obtaining and being directed to the application to be detected.
Optionally, to be detected described in the dry run to apply and communicated with server-side, including:
Start test software, generates test case;
It is to be detected described in dry run to apply and communicated with server-side according to the test case.
Optionally, described according to the test case, application to be detected described in dry run and the step communicated with server-side
Suddenly, including:
It triggers the application to be detected and generates the network request for being directed to each test case;
According to network request generated, establishes and communicate to connect between the application to be detected and server-side, so that institute
Application to be detected is stated to be communicated by established communication connection with server-side.
Optionally, the method also includes:
Receive that the electronic equipment is sent after obtaining the safety detection result, instruction unloading is described to be detected to answer
Unloading command;
Unload the application to be detected.
In order to achieve the above objectives, the embodiment of the invention also discloses a kind of safety detection devices, are applied to client, described
Device includes:
Third obtains module, for obtaining the peace of application to be detected from the electronic equipment communicated to connect with the analog machine
Fill file;
Second installation module, for installing the installation file;
Dry run module is communicated for application to be detected described in dry run and with server-side;
Forwarding module, the data on flows for communicating generation by application to be detected described in dry run and with server-side forward
To the electronic equipment, so that the electronic equipment is when determination reaches predetermined analog end of run condition to the flow number
The safety detection result for being directed to the application to be detected according to vulnerability scanning acquisition is carried out.
Optionally, the dry run module, including:
Second generates submodule, for starting test software, generates test case;
Second operation submodule, for according to the test case, application to be detected and and server-side described in dry run
Communication.
Optionally, the second operation submodule, is specifically used for:
It triggers the application to be detected and generates the network request for being directed to each test case;
According to network request generated, establishes and communicate to connect between the application to be detected and server-side, so that institute
Application to be detected is stated to be communicated by established communication connection with server-side.
Optionally, described device further includes:
Receiving module is unloaded for receiving the electronic equipment is sent after obtaining the safety detection result, instruction
Carry the unloading command of the application to be detected;
Second Unload module, for unloading the application to be detected.
In order to achieve the above objectives, the embodiment of the invention also discloses a kind of safety detecting system, the system comprises controls
Node and analog machine, wherein the analog machine is configured with agent side;
The control node is installed for obtaining the installation file of application to be detected, and by the installation file to described
Analog machine;Dry run instruction is sent to the agent side of the analog machine, so that the analog machine dry run institute
It states application to be detected and is communicated with server-side;And record the target simulation equipment simulating operation application to be detected and with clothes
The data on flows that the communication of business end generates;Judge whether to reach preset dry run termination condition;If so, to the stream recorded
It measures data and carries out vulnerability scanning, obtain the safety detection result for being directed to the application to be detected;
The agent side, for after receiving the dry run instruction that the control node is sent, described in dry run to
Detection application is simultaneously communicated with server-side;
The analog machine, for installing the application to be detected.
Optionally, the agent side, is specifically used for:
After receiving the dry run instruction that the control node is sent, starts test software, generate test case;
It is to be detected described in dry run to apply and communicated with server-side according to the test case.
Optionally, described according to the test case, application to be detected described in dry run is simultaneously communicated with server-side, specifically
For:
It triggers the application to be detected and generates the network request for being directed to each test case;
According to network request generated, establishes and communicate to connect between the application to be detected and server-side, so that institute
Application to be detected is stated to be communicated by established communication connection with server-side.
Optionally, safety detecting system further includes:Data on flows library;
The data on flows library, the data on flows recorded for storing the control node;
The control node carries out vulnerability scanning to the data on flows recorded, obtains the peace for being directed to the application to be detected
Full inspection is surveyed as a result, being specially:
Vulnerability scanning is carried out to the data on flows that stores in the data on flows library, obtains and to be detected is answered for described
Safety detection result.
Optionally, operation includes at least the multiple in application, the control node is to the flow of target application at the same time
The data on flows stored in database carries out vulnerability scanning, obtains the safety detection result for being directed to the application to be detected,
Specially:
The first flow data to match with the network request are pulled from the data on flows library;
Vulnerability scanning is carried out to the first flow data, obtains the safety detection result for being directed to the application to be detected.
Optionally, the control node judges whether to reach preset dry run termination condition in the following way:
Judge whether the duration for running the application to be detected is more than or equal to preset standard operation duration;
And/or judge whether the quantity of the data on flows of record is more than or equal to preset standard quantity.
Optionally, the control node is also used to after obtaining the safety detection result, is sent to the agent side
Unloading command;
The agent side is used for after receiving the unloading command, triggers that analog machine unloading is described to be detected to answer
With.
Safety detection method provided in an embodiment of the present invention, apparatus and system, obtain the installation file of application to be detected;It will
Installation file is installed to target simulation equipment;Dry run instruction is sent to target simulation equipment, so that target simulation equipment
Dry run application to be detected is simultaneously communicated with server-side;Record target simulation equipment simulating operation application to be detected and and server-side
Communicate the data on flows generated;Judge whether to reach preset dry run termination condition;If so, to the flow number recorded
According to vulnerability scanning is carried out, the safety detection result for being directed to application to be detected is obtained.Using scheme pair provided in an embodiment of the present invention
Application to be detected carries out safety detection, can not be needed artificially according to different test case dry run applications to be detected
It is detected, efficiently reduces the probability of test leakage, improve the accuracy for carrying out safety detection to application.
Detailed description of the invention
In order to more clearly explain the embodiment of the invention or the technical proposal in the existing technology, to embodiment or will show below
There is attached drawing needed in technical description to be briefly described, it should be apparent that, the accompanying drawings in the following description is only this
Some embodiments of invention for those of ordinary skill in the art without creative efforts, can be with
It obtains other drawings based on these drawings.
Fig. 1 is the flow diagram for the safety detection method that one embodiment of the invention provides;
Fig. 2 be another embodiment of the present invention provides safety detection method flow diagram;
Fig. 3 is the flow diagram for the safety detection method that yet another embodiment of the invention provides;
Fig. 4 is the structural schematic diagram for the safety detection device that one embodiment of the invention provides;
Fig. 5 be another embodiment of the present invention provides safety detection device structural schematic diagram;
Fig. 6 is the structural schematic diagram for the safety detection device that yet another embodiment of the invention provides;
Fig. 7 is the flow diagram for the safety detection method that a further embodiment of the present invention provides;
Fig. 8 is the structural schematic diagram for the safety detection device that a further embodiment of the present invention provides;
Fig. 9 is a kind of specific schematic diagram of safety detecting system provided in an embodiment of the present invention;
Figure 10 is the specific schematic diagram of another kind of safety detecting system provided in an embodiment of the present invention.
Specific embodiment
Following will be combined with the drawings in the embodiments of the present invention, and technical solution in the embodiment of the present invention carries out clear, complete
Site preparation description, it is clear that described embodiments are only a part of the embodiments of the present invention, instead of all the embodiments.It is based on
Embodiment in the present invention, it is obtained by those of ordinary skill in the art without making creative efforts every other
Embodiment shall fall within the protection scope of the present invention.
Below by specific embodiment, the present invention will be described in detail.
It should be noted that safety detection method provided by the embodiment of the present invention can be applied in electronic equipment, it should
Electronic equipment can be specially to apply testing service device, test development board, smart phone, tablet computer, terminal console, virtual machine
Deng.Also, the software for realizing the function of safety detection method provided by the embodiment of the present invention can be to exclusively carry out safe inspection
The client or plug-in unit of survey, this is all reasonable.
Fig. 1 is the flow diagram for the safety detection method that one embodiment of the invention provides, and is applied to electronic equipment, the party
Method includes step:
S101:Obtain the installation file of application to be detected;
It will be appreciated to those of skill in the art that usually software developer completing to the design of a certain application or
It is that, in order to detect the safety of new application, will often carry out safety to it after completing the optimization and upgrading to a certain application
Test, the application for needing to carry out safety detection is referred to as application to be detected, and so-called application is application program (Application, letter
Claim APP) or application software, APP may be mounted on analog machine, but APP is in a pre-installation, usually (again with installation file
Claim, installation kit) form exist, after only the installation file of APP is mounted on analog machine, the APP could be run, into
And realize function or the optimization system of certain personalizations etc.;The analog machine referred at this is to refer to install and simulate APP fortune
The equipment that the software of APP running environment can be installed and be simulated to the equipment of row environment or carrying, such as:Smart phone, plate electricity
Brain, simulator etc..
It is to be detected application be before the mounting in the form of installation file existing for, such as:" Kingsoft enterprise cloud disk .apk ",
Wherein " apk " is the abbreviation of Android Package, is the installation kit applied in Android operation system.Certainly, only with peace at this
It is illustrated for tall and erect operating system, it is equally applicable for operating systems such as Microsoft, Saipan, apple iOS, for example, for plug
Class's operating system, the installation packet form of application to be detected can be:" Kingsoft enterprise cloud disk .sis ", since application installation package can be with
It will not enumerate there are many form, at this, therefore, the application does not do the concrete form of application to be detected and clearly limits.
The installation kit of application to be detected can store in disk, also can store in application library, or can store
In external storage medium, in scheme provided in an embodiment of the present invention, application to be detected can be software developer or
Testing staff determines, can also be determined according to task list, or determined by electronic third-party equipment, regardless of which kind of side passed through
Formula determines application to be detected, can obtain the corresponding installation file of application to be detected.
S102:The installation file is installed to target simulation equipment;
After the installation file for obtaining application to be detected, the installation file of acquisition is installed to analog machine (such as intelligence
Mobile phone, tablet computer, simulator etc.) on, the analog machine for installing above-mentioned installation file is referred to as target simulation equipment, example
Such as, target simulation equipment can be smart phone, and the installation file of application to be detected is:" Kingsoft enterprise cloud disk .apk ", then
" Kingsoft enterprise cloud disk .apk " can be mounted on smart phone, then, it can the dry run on smart phone after installation
It is to be detected to apply.
S103:Dry run instruction is sent to the target simulation equipment, so that the target simulation equipment simulating is transported
The row application to be detected is simultaneously communicated with server-side;
From the foregoing, it will be observed that target simulation equipment is after the installation file for installing application to be detected, for application to be detected
For, have been provided with the environment of operation;At this point it is possible to send a dry run instruction, the instruction to target simulation equipment
For triggering target simulation equipment simulating operation application to be detected and being communicated with server-side.
It is understandable to be, after above-mentioned dry run instruction is received in target simulation equipment, just start simulation fortune
Row application to be detected, once start the application to be detected, target simulation equipment will server-side corresponding with application to be detected build
Vertical communication;The dry run that the embodiment of the present invention refers to refers to:It does not need software developer or testing staff participates in, pass through mesh
The preassembled software with test function in analog machine is marked, the sequence of operations to application to be detected reaches simulation and uses
The function of family operation.
In a kind of specific implementation provided in an embodiment of the present invention, above-mentioned target simulation equipment can be by following
It is to be detected described in mode dry run to apply and communicated with server-side:
Start test software, generates test case;
It is to be detected described in dry run to apply and communicated with server-side according to the test case.
In order to accurately test application to be detected, can install in advance in smart phone has test function
Software, the software are referred to as test software, it should be noted that the test software being installed on smart phone in advance can be directed to
Application to be detected generates a series of test cases, for example, the test case generated for " Kingsoft enterprise cloud disk " is:It opens, is left
Screen sliding, right screen sliding, click, diminution, amplification etc. can also show position different in interface corresponding for be detected apply
The phenomenon that setting, generate enough test cases, capable of reducing test leakage in this way, improves the accuracy of safety detection.
Smart phone starts above-mentioned test software, can be given birth to by test software after receiving dry run instruction
At a series of test cases for application to be detected, carrys out corresponding operation application to be detected according to the test case of generation, make
Application to be detected operation is as the corresponding state of test case, and in this process, be installed on smart phone to be detected answers
Communication connection is established between corresponding server-side used in connecing, it is to be detected to be applied to its corresponding clothes after establishing communication connection
Business generates corresponding data traffic between end.
Further, above-mentioned according to the test case, application to be detected described in dry run is simultaneously communicated with server-side
The step of, including:
It triggers the application to be detected and generates the network request for being directed to each test case;
According to network request generated, establishes and communicate to connect between the application to be detected and server-side, so that institute
Application to be detected is stated to be communicated by established communication connection with server-side.
For the test case that each is generated, application to be detected can be triggered accordingly, for application to be detected
Each test case is equivalent to the instruction with specific function of input.
It is illustrated so that application to be detected is " Kingsoft enterprise cloud disk " as an example below, it is assumed that test case is " opening "
When, then, for " Kingsoft enterprise cloud disk ", " opening " is the equal of the instruction of input, then, " Kingsoft enterprise cloud disk " energy
Enough " opening " based on the received instructs, and opening " Kingsoft enterprise cloud disk " can generate corresponding at opening " Kingsoft enterprise cloud disk "
Network request;The network request can be obtained by API HOOK technology, wherein API (Application
Programming Interface, application programming interface) be some functions predetermined, it is therefore an objective to provide application with
Software developer is able to the ability of one group of routine of access based on certain software or hardware, and without accessing in source code, or understanding
The details of working mechanism of portion, and API HOOK technology is a kind of technology for changing API implementing result.
After network request is acquired, smart phone can be in " Kingsoft enterprise cloud disk " and " gold according to the network request access
Communication connection is established between the corresponding server-side of mountain enterprise cloud disk " (Kingsoft enterprise cloud disk server-side), and then can be according to the net
Network request, accesses Kingsoft enterprise cloud disk server-side.For example, generating login/registration network at opening " Kingsoft enterprise cloud disk "
Request, can be corresponding with " Kingsoft enterprise cloud disk " in " Kingsoft enterprise cloud disk " according to login/registration network request of generation
Communication connection is established between server-side (Kingsoft enterprise cloud disk server-side), " Kingsoft enterprise cloud disk " can be according to login/note in this way
The network request of volume accesses Kingsoft enterprise cloud disk server-side, then Kingsoft enterprise cloud disk server-side is that " Kingsoft enterprise cloud disk " mentions
For service, make " Kingsoft enterprise cloud disk " operation to the state of " opening ".
S104:The target simulation equipment simulating is recorded to run the application to be detected and communicate the stream generated with server-side
Measure data;
It will be appreciated to those of skill in the art that in " Kingsoft enterprise cloud disk " according to the network of each Test cases technology
When requesting access to Kingsoft enterprise cloud disk server-side, Kingsoft enterprise cloud disk server-side will be directed to each network request, and return data is given
" Kingsoft enterprise cloud disk ", in scheme provided in an embodiment of the present invention, the data that the above process generates are referred to as data on flows, these
Data on flows can truly embody the safe condition of " Kingsoft enterprise cloud disk " in the process of running, therefore, implement in the present invention
In the scheme that example provides, it can recorde " Kingsoft enterprise cloud disk " and carry out data with Kingsoft enterprise cloud disk server-side in the process of running
Communicate the data on flows generated, so according to the data on flows of record to application safe condition in the process of running to be detected into
Row detection, finds loophole, provides foundation for the maintenance to application in later period.
In scheme provided in an embodiment of the present invention, records the target simulation equipment simulating and run the application to be detected
And the step of data on flows generated is communicated with server-side, may include:
Establish agency service;Using the agency service, recording needle to each network request it is described it is to be detected application with
The data on flows generated between server-side.
It will be appreciated to those of skill in the art that agency service be it is a kind of be present among network, be capable of providing each
The entity of formula various kinds function can be a plug-in unit or script etc.;It common is assisted based on HTTP for example, Fiddler is exactly one
View acts on behalf of tool, it is able to record and checks the http communication process between client and internet, below only to use
This acts on behalf of for tool and is illustrated to the recording process of data on flows Fiddler, and specific working principle is as follows:
Fiddler can locally open HTTP Proxy service, and for application to be detected, which is serviced just
It is equivalent to server-side, and for server-side, which is then equivalent to the application to be detected for issuing request.
Therefore, after opening HTTP Proxy service, the network request that application to be detected issues can access first also to be opened
The network request is forwarded to server-side by the HTTP Proxy service by HTTP Proxy service, then, it is connect in HTTP Proxy service
After the flow for above-mentioned network request for receiving server-side transmission, which is transmitted to and issues the to be checked of above-mentioned network request
Survey application, it is seen then that therefore the above-mentioned HTTP Proxy service internuncial role of performer using Fiddler, is able to record
" mountain enterprise cloud disk " carries out the data on flows of data communication generation with Kingsoft enterprise cloud disk server-side in the process of running.
Understandable to be, the process of the process of above-mentioned record data on flows and application simulation to be detected operation is same stepping
Capable, because if if " Kingsoft enterprise cloud disk " is out of service, then " Kingsoft enterprise cloud disk " and Kingsoft enterprise cloud disk service
The data communication established between end will also interrupt, and also no longer generate data on flows, and the process of record is no in all senses, therefore,
It does not need to re-record data on flows yet.
S105:Judge whether to reach preset dry run termination condition, if so, executing S106;
In order to reasonably carry out safety detection to application to be detected, the effect that safety detection is carried out to application to be detected is improved
Rate reduces waste of time, corresponding dry run termination condition can be arranged for each application to be detected in advance, either
In advance for the dry run termination condition of all application to be detected setting standards.
In a kind of specific implementation provided in an embodiment of the present invention, judge whether that reaching preset dry run terminates
The step of condition, including:
Judge whether the duration for running the application to be detected is more than or equal to preset standard operation duration;
And/or judge whether the quantity of the data on flows of record is more than or equal to preset standard quantity.
Example one judges whether to reach dry run termination condition, can pass through judgement and run " Kingsoft enterprise cloud disk "
Whether duration is more than or equal to preset standard operation duration, which can be for " Kingsoft enterprise cloud disk ",
The empirical value obtained after largely testing is also possible to the pre-set standard being arranged for all types of applications
Operation duration, certain standard operation duration may be empirical value.When the duration of operation " Kingsoft enterprise cloud disk " refers to current
Between stamp subtract corresponding timestamp when bringing into operation " Kingsoft enterprise cloud disk ";For example, preset standard operation duration is that 10min (divides
Clock), bring into operation " Kingsoft enterprise cloud disk " be that corresponding timestamp is:2017-03-01-13:10:00, current time stamp is:
2017-03-01-13:09:00, then, it is not difficult to calculate the when a length of 9min of operation " Kingsoft enterprise cloud disk ", by comparing may be used
Know, the duration (9min) of operation " Kingsoft enterprise cloud disk " is less than preset standard operation duration (10min), at this point, determining currently not
Reach dry run termination condition, need to continue to run " Kingsoft enterprise cloud disk ", when operation to timestamp is:2017-03-01-
13:10:When 00, the duration of operation " Kingsoft enterprise cloud disk " is exactly 10min, equal with preset standard operation duration (10min),
Therefore, determine currently to reach dry run termination condition, step S106 can be performed.
Example two judges whether to reach dry run termination condition, can pass through the quantity of the data on flows of judgement record
Whether be more than or equal to preset standard quantity, understandable to be, one test case of every generation, can to it is to be detected apply into
Row one-time detection runs application to be detected for each test case, can correspond to and generate a data on flows, with test
Use-case quantity is continuously increased, the function and operating status of application to be detected also gradually Land cover, the data on flows of record
Quantity it is also corresponding increase, when test case is enough, there may be similar or identical phenomenon between test case,
If operation is gone down always, the accuracy for carrying out safety detection to application can not be significantly improved, and can also be consumed a large amount of
Time and smart phone running memory.
Comprehensively consider above situation, the record quantity an of standard can be preset before recording data on flows, it should
Quantity is preset standard quantity, for example, the preset standard quantity of setting is 2000, then that is, when the stream being recorded
When measuring the quantity of data more than or equal to 2000, determine currently to reach dry run termination condition, " Kingsoft enterprise out of service at this time
Step S106 can be performed, if needing if the quantity of the data on flows of current record does not reach 2000 after reforwarding in cloud disk "
Row " Kingsoft enterprise cloud disk ", until the quantity of the data on flows recorded is more than or equal to 2000.
Example three judges whether to reach dry run termination condition, and " Kingsoft enterprise cloud disk " can be run with comprehensive descision
Whether duration is more than or equal to preset standard operation duration, and judges whether the quantity of the data on flows of record is more than or equal to pre- bidding
Quasi- quantity realizes, a kind of specific implementation is that first to judge whether the duration for running " Kingsoft enterprise cloud disk " is more than or equal to pre-
It is marked with quasi- operation duration, if when the duration for running " Kingsoft enterprise cloud disk " is more than or equal to preset standard duration, then judge current
Whether the quantity of the data on flows of record is more than or equal to preset standard quantity, if the quantity of the data on flows of current record be greater than etc.
In preset standard quantity, then determines currently to reach dry run termination condition, otherwise continue to run " Kingsoft enterprise cloud disk ".It is another
Kind specific implementation is first to judge whether the quantity of the data on flows of record is more than or equal to preset standard quantity, if current note
If the quantity of the data on flows of record is more than or equal to preset standard quantity, then judge the duration for currently running " Kingsoft enterprise cloud disk "
Whether preset standard operation duration is more than or equal to, if currently the duration of operation " Kingsoft enterprise cloud disk " is transported more than or equal to preset standard
If row duration, then determine currently to reach dry run termination condition, step S106 can be performed, otherwise, continues to run " Kingsoft enterprise
Industry cloud disk ".
It should be noted that preset standard operation duration is 10min in above-described embodiment and preset standard quantity is
2000 be only a concrete example, does not constitute the application to the specific value of preset standard operation duration and preset standard quantity
Restriction.
S106:Vulnerability scanning is carried out to the data on flows recorded, obtains the safety detection for being directed to the application to be detected
As a result.
From the above, it can be seen that data on flows can truely and accurately embody the safe shape of application to be detected in the process of running
State, therefore, in order to analyze the above-mentioned each data on flows being recorded, in scheme provided in an embodiment of the present invention,
It needs to carry out vulnerability scanning to the data on flows recorded, so-called vulnerability scanning refers to based on vulnerability database, utilizes a series of foot
This carries out simulation attack to the corresponding network request of each data on flows, and the network request after being attacked morphs,
It using the network request access server-side after these variations, can obtain corresponding as a result, then carrying out result and vulnerability database
Matching, if meeting matching condition, that illustrates this data on flows " there are loopholes ", if being unsatisfactory for matching condition, that explanation
This data on flows " normal ".
It should be noted that the vulnerability database of above-mentioned meaning is according to security expert to network system security loophole, Hei Kegong
The practical experience that the analysis and system manager for hitting case are configured about network system security forms standard set vulnerability database.
Above-mentioned result is matched with vulnerability database, can use rule-based matching technique, it is so-called it is rule-based be based on one
It covers by the matching system of the rule of security expertise predefined.For example, being asked to the above-mentioned network for after each variation
The result and vulnerability database asked carry out in matching process, if it find that/cgi-bin/phf/cgi-bin/Count.cgi, that
, according to the sharing and standardization of security expertise and cgi script, can deducing corresponding server-side, there are two
CGI loophole.
Vulnerability scanning can be carried out to each data on flows being recorded according to above-mentioned vulnerability scanning rule, therefore,
After scanning through all datas on flows, the available scanning result for each data on flows, i.e., " there are loopholes " or
" normal ", if in the data on flows recorded there are scanning result be " there are loopholes " data on flows if, determine to
Not by safety detection, that is, the safety detection result obtained is " not passing through " for detection application (Kingsoft enterprise cloud disk .apk).If
If the scanning result of each data on flows recorded is " normal ", then application (Kingsoft enterprise cloud disk to be detected is determined
.apk) by safety detection, that is, the safety detection result obtained is " passing through ".
It should be noted that the process of above-mentioned vulnerability scanning is only a kind of specific example provided in an embodiment of the present invention,
The embodiment of the present invention does not further limit the concrete form of loophole.
It will be appreciated to those of skill in the art that in order to allow software developer or testing staff can be more intuitively
Safety detection result is obtained, it, can be directly by safety detection knot after obtaining the safety detection result for application to be detected
Fruit is pushed on the display interface of smart phone, or exports to electronic third-party equipment, in the aobvious of electronic third-party equipment
Show and shows safety detection result on interface.Specifically, safety detection can be embodied in the form of histogram, statistical form, text etc.
As a result particular content enables software developer or testing staff intuitively to obtain safety detection result, improves user's body
It tests.
It should be noted that be detected apply is illustrated by taking " Kingsoft enterprise cloud disk " as an example in the example above, to
Detection application can also be other than it can be " Kingsoft enterprise cloud disk ":Wechat, QQ, WPS, Alipay etc., therefore, this hair
Bright embodiment is not done the form of application to be detected and is clearly limited.
To sum up, in the scheme that Fig. 1 embodiment provides, the installation file of application to be detected is obtained;By installation file
It installs to target simulation equipment;Dry run instruction is sent to target simulation equipment, so that target simulation equipment simulating is run
Application to be detected is simultaneously communicated with server-side;Record target simulation equipment simulating operation application to be detected simultaneously communicates generation with server-side
Data on flows;Judge whether to reach preset dry run termination condition;If so, being leaked to the data on flows recorded
Hole scanning, obtains the safety detection result for being directed to application to be detected.It answers using scheme provided in an embodiment of the present invention to be detected
With safety detection is carried out, can not need artificially to be detected according to different test case dry run applications to be detected,
The probability of test leakage is efficiently reduced, the accuracy for carrying out safety detection to application is improved.
In addition, the author is by a large amount of experiment discovery, using scheme provided in an embodiment of the present invention to it is to be detected apply into
Row safety detection obtains the duration consumed in safety detection result and substantially can be controlled within 10min, compares in the prior art
For artificial progress safety detection consumes 2-3 days, the time consumed in safety detection highly shortened, and then improve safety
The efficiency of detection.
Fig. 2 be another embodiment of the present invention provides safety detection method flow diagram, except include Fig. 1 provide implementation
Outside step S101-S106 in example, this method further includes step:
S107:The data on flows recorded is stored into data on flows library;
The data on flows of " there are loopholes " can be carried out in order to facilitate software developer or testing staff further
Analysis, and then loophole is repaired, improved or is improved, can be by above-mentioned record in scheme provided in an embodiment of the present invention
To each data on flows store into specified memory space (data on flows library), in this way, if when detecting loophole,
The data on flows that " there are loopholes " can be directly found from the data on flows library, analyzes the data on flows, and then right
Existing loophole is repaired, improved or is improved, and is brought great convenience to software developer or testing staff, is effectively mentioned
The high efficiency that loophole is overhauled.
It should be noted that above-mentioned step S106 may include in the case where including step S107:
Vulnerability scanning is carried out to the data on flows that stores in the data on flows library, obtains and to be detected is answered for described
Safety detection result.
It is understood that each data on flows of above-mentioned record is stored into data on flows library, then, to record
Data on flows vulnerability scanning, loophole directly can be carried out to the data on flows that stores in flow database when carrying out vulnerability scanning
Scanning process is no different with aforementioned, and details are not described herein again.
In order to improve the efficiency for carrying out safety detection to application, in a kind of implementation provided in an embodiment of the present invention,
Safety detection can be carried out to multiple applications simultaneously, it should be noted that, can when carrying out safety detection to multiple applications at the same time
It is carried out in a manner of through following two, one is:It, can will be to be detected more when target simulation equipment is single analog machine
A application is mounted in above-mentioned analog machine, multiple applications in the analog machine after the installation of dry run simultaneously.It is another
It kind is that when target simulation equipment is multiple analog machines, multiple applications to be detected can be separately mounted to above-mentioned multiple
In analog machine, the case where allowing analog machine to install multiple applications, it then can run simultaneously and be mounted on respective mode
Standby upper application is proposed, the cluster of commonly referred to as multiple analog machine compositions is simulator cluster.
Operation includes at least the multiple in application, described to storing in the data on flows library of application to be detected at the same time
The data on flows carries out vulnerability scanning, obtains the safety detection result for being directed to the application to be detected, may include step:
A:The first flow data to match with the network request are pulled from the data on flows library;
Illustratively, application to be detected is still also transported while operation " Kingsoft enterprise cloud disk " for " Kingsoft enterprise cloud disk "
Row another application " WPS ", and for " Kingsoft enterprise cloud disk " and " WPS ", the two be in form it is reciprocity, therefore, often
One application carries out communicating the data on flows of generation respectively with corresponding server-side being also every one stream that is independent, and being recorded
Amount data are stored in data on flows library, and current, carry out safety detection only for " Kingsoft enterprise cloud disk ", therefore only need
Vulnerability scanning is carried out to the data on flows for " Kingsoft enterprise cloud disk " stored in flow database.
From the above, it can be seen that each data on flows is the network request applied for a certain Test cases technology, with
This is using generation when corresponding server-side progress data communication, for example, " WPS " corresponding data on flows is " WPS " for certain
The network request of one Test cases technology, with generation when WPS server-side progress data communication;And " Kingsoft enterprise cloud disk " is corresponding
Data on flows be " Kingsoft enterprise cloud disk " be directed to a certain Test cases technology network request, with Kingsoft enterprise cloud server terminal into
It is generated when row data communication.Therefore, in order to determine data on flows corresponding with " Kingsoft enterprise cloud disk " from data on flows library,
The data on flows to match with above-mentioned network request, scheme provided in an embodiment of the present invention can be pulled from data on flows library
In, it is referred to as first flow data with the data on flows that above-mentioned network request matches, first flow data are " Kingsoft enterprise's cloud
The corresponding data on flows of disk ", then, after having traversed each data on flows in data on flows library, " gold can be directed to
All datas on flows of mountain enterprise cloud disk ".
B:Vulnerability scanning is carried out to the first flow data, obtains the safety detection knot for being directed to the application to be detected
Fruit.
Vulnerability scanning is carried out to the above-mentioned first flow data pulled, which sweeps data on flows progress loophole with aforementioned
The process retouched is no different, and something in common refers to preceding sections, is repeated no more at this.
The embodiment that application drawing 2 provides carries out safety detection to application, can store the data on flows of record to flow
In database, software developer and testing staff is facilitated to repair, improve and improve to application to be detected, raising is answered
With the efficiency of maintenance, while multiple applications being supported to carry out the processes of safety detection simultaneously, further improves and pacify to applying
The efficiency that full inspection is surveyed.
Fig. 3 is the flow diagram for the safety detection method that yet another embodiment of the invention provides, except including Fig. 1 offer implementation
Outside step S101-S106 in example, this method further includes step:
S108:After obtaining the safety detection result, unload installed in the target simulation equipment it is described to be checked
Survey application.
It will be appreciated to those of skill in the art that needing to consume a certain size memory on analog machine using being mounted on
Space, and what the memory headroom size of analog machine was usually fixed, then, the quantity with installation application increases, and simulation is set
Standby memory headroom will be gradually occupied, it is to be understood that occupied memory headroom is bigger, and analog machine is applied in operation
When phenomena such as being also more easy to appear Caton, delay or crashing, this will directly affect accuracy to the safety detection of application
And efficiency.
In view of above-mentioned factor, in scheme provided in an embodiment of the present invention, after obtaining the safety detection result, unload
Carry the application to be detected installed in target simulation equipment;For example, in above-mentioned be directed to " Kingsoft enterprise cloud disk .apk "
After safety detection result, " Kingsoft enterprise cloud disk " directly is unloaded, discharges the memory headroom of electronic target analog machine.
To sum up, the scheme that 3 embodiment of application drawing provides carries out safety detection to application, answers obtaining for be detected
After safety detection result, the application to be detected installed in target simulation equipment is unloaded, therefore, can be discharged in corresponding
Space is deposited, provides advantageous running environment for the safety detection process of next application, occurs Caton when reducing operation application, prolong
Phenomena such as late or crashing, and then it is able to ascend the accuracy and efficiency that safety detection is carried out to application.
Fig. 4 is the structural schematic diagram for the safety detection device that one embodiment of the invention provides, and is applied to electronic equipment, the dress
Set including:First, which obtains module 201, first, installs module 202, sending module 203, logging modle 204,205 and of judgment module
Second obtains module 206.
First obtains module 201, for obtaining the installation file of application to be detected;
First installation module 202, for installing the installation file to target simulation equipment;
Sending module 203, for sending dry run instruction to the target simulation equipment, so that the target simulation
The equipment simulating operation application to be detected is simultaneously communicated with server-side;
Logging modle 204, for recording the target simulation equipment simulating operation application to be detected and and server-side
Communicate the data on flows generated;
Judgment module 205 reaches preset dry run termination condition for judging whether;
Second obtain module 206, for 205 judging result of judgment module be in the case where, to what is recorded
Data on flows carries out vulnerability scanning, obtains the safety detection result for being directed to the application to be detected.
Optionally, above-mentioned target simulation equipment, including:
First generates submodule, for starting test software, generates test case;
First operation submodule, for according to the test case, application to be detected and and server-side described in dry run
Communication.
Further, the first above-mentioned operation submodule, is specifically used for:
It triggers the application to be detected and generates the network request for being directed to each test case;
According to network request generated, establishes and communicate to connect between the application to be detected and server-side, so that institute
Application to be detected is stated to be communicated by established communication connection with server-side.
Optionally, above-mentioned logging modle 204, is specifically used for:
Establish agency service;
Using the agency service, recording needle to each network request it is described it is to be detected application and generated between server-side
Data on flows.
Optionally, above-mentioned judgment module 205, is specifically used for:
Judge whether the duration for running the application to be detected is more than or equal to preset standard operation duration;
And/or judge whether the quantity of the data on flows of record is more than or equal to preset standard quantity.
The scheme that 4 embodiment of application drawing provides carries out safety detection to application to be detected, can be used according to different tests
Example operational objective application, does not need artificially to be detected, efficiently reduces the probability of test leakage, improves and pacifies to application
The accuracy that full inspection is surveyed.
Fig. 5 be another embodiment of the present invention provides safety detection device structural schematic diagram, provide embodiment in Fig. 4
On the basis of, which further includes:Memory module 207.
Memory module 207, for storing the data on flows recorded into data on flows library;
It should be noted that above-mentioned second obtains module 206, specific to use in the case where including memory module 207
In:
Vulnerability scanning is carried out to the data on flows that stores in the data on flows library, obtains and to be detected is answered for described
Safety detection result.
Optionally, the second above-mentioned acquisition module 206, is specifically used for:
Operation includes at least the multiple in application, pulling from the data on flows library and the net of target application at the same time
Network requests the first flow data to match;
Vulnerability scanning is carried out to the first flow data, obtains the safety detection result for being directed to the application to be detected.
The embodiment that application drawing 5 provides carries out safety detection to application, can store the data on flows of record to flow
In database, software developer and testing staff is facilitated to repair, improve and improve to application to be detected, raising is answered
With the efficiency of maintenance, while multiple applications being supported to carry out the processes of safety detection simultaneously, further improves and pacify to applying
The efficiency that full inspection is surveyed.
Fig. 6 is the structural schematic diagram for the safety detection device that yet another embodiment of the invention provides, and provides embodiment in Fig. 4
On the basis of, which further includes:First Unload module 208.
First Unload module 208, for unloading in the target simulation equipment after obtaining the safety detection result
The application to be detected of installation.
The scheme that 6 embodiment of application drawing provides carries out safety detection to application, is obtaining the safety for being directed to application to be detected
After testing result, therefore corresponding memory headroom can be discharged by unloading the application to be detected installed in target simulation equipment,
There is provided advantageous running environment for the safety detection process of next application, reduce operation application when occur Caton, delay or
Phenomena such as crash, and then it is able to ascend the accuracy and efficiency that safety detection is carried out to application.
Fig. 7 is the flow diagram for the safety detection method that a further embodiment of the present invention provides, and is mentioned in the embodiment of the present invention
The safety detection method of confession can be applied to analog machine, understandable to be, analog machine can be smart phone, plate electricity
The equipment such as brain, terminal console, the method comprising the steps of:
S301:The installation file of application to be detected is obtained from the electronic equipment communicated to connect with the analog machine;
S302:The installation file is installed;
By taking analog machine is tablet computer (tablet computer carries Android operation system) as an example, it is assumed that tablet computer receives
To after the installation file (Kingsoft enterprise cloud disk .apk) of application (Kingsoft enterprise cloud disk) to be detected, tablet computer can be identified
Installation file suffix " .apk " just can install " Kingsoft enterprise cloud disk .apk " later, after being installed, that is, complete to be checked
Survey the installation of application " Kingsoft enterprise cloud disk ".
S303:It is to be detected described in dry run to apply and communicated with server-side;
When above-mentioned tablet computer installation " Kingsoft enterprise cloud disk .apk " complete after, tablet computer can for installation after to
Detection application provides running environment, and therefore, tablet computer starts dry run " Kingsoft enterprise cloud disk ", once dry run " gold
If this application of mountain enterprise cloud disk ", then should " Kingsoft enterprise cloud disk " being capable of initiatively corresponding server-side (Kingsoft enterprise
Industry cloud disk service end) it is communicated.
The present invention implement provide a kind of specific implementation in, described in above-mentioned dry run it is to be detected application and with clothes
The step of business end communication, including:
Start test software, generates test case;
It is to be detected described in dry run to apply and communicated with server-side according to the test case.
Specifically, described according to the test case, application to be detected described in dry run and the step communicated with server-side
Suddenly, may include:
It triggers the application to be detected and generates the network request for being directed to each test case;
According to network request generated, establishes and communicate to connect between the application to be detected and server-side, so that institute
Application to be detected is stated to be communicated by established communication connection with server-side.
It will not be described in great detail since the above process and the process in previous embodiment are no different, at this, before something in common refers to
State corresponding part.
S304:The data on flows that generation is communicated by application to be detected described in dry run and with server-side is transmitted to the electricity
Sub- equipment, so that the electronic equipment leaks the data on flows when determination reaches predetermined analog end of run condition
Hole scanning obtains the safety detection result for being directed to the application to be detected.
It should be noted that being put down after application to be detected is communicated by established communication connection with server-side
Generated data on flows in dry run application process to be detected is transmitted to electronic equipment by plate computer, electronic equipment here
It can be understood as application testing service device, test development board and terminal console for communicating with tablet computer etc..
After electronic equipment receives data on flows, it is able to record to be detected described in above-mentioned analog machine dry run apply simultaneously
The data on flows generated is communicated with server-side;It, can be by such as in a kind of specific implementation provided in an embodiment of the present invention
Under type records data on flows, specially:
Establish agency service;
Using the agency service, recording needle to each network request it is described it is to be detected application and generated between server-side
Data on flows.
It is emphasized that electronic equipment when reaching predetermined analog end of run condition, carries out the data on flows
Vulnerability scanning obtains the safety detection result for being directed to the application to be detected.Wherein, judge whether to reach preset dry run
Termination condition can be realized, specially by mode in detail below:
Judge whether the duration for running the application to be detected is more than or equal to preset standard operation duration;
And/or judge whether the quantity of the data on flows of record is more than or equal to preset standard quantity.
When determining to have reached predetermined analog end of run condition, electronic equipment carries out loophole to the data on flows recorded
Scanning obtains the safety detection result for being directed to the application to be detected.
It should be noted that the process of embodiment is provided since the process of the embodiment of the present invention is substantially similar to Fig. 1, so
It is described relatively simple, related place illustrates referring to the part of previous embodiment.
In addition to above-mentioned specific implementation, a kind of specific embodiment provided by the invention receives simulation in electronic equipment
It, can be with after the data on flows of device forwards:
The data on flows recorded is stored into data on flows library;
Comprising above-mentioned steps, vulnerability scanning is carried out to the data on flows that is recorded, obtain for it is described to
The safety detection result applied is detected, may include:
Vulnerability scanning is carried out to the data on flows that stores in the data on flows library, obtains and to be detected is answered for described
Safety detection result.
On the basis of above-mentioned offer embodiment, if analog machine is installed and is run including at least the more of target application simultaneously
It is a that in application, carrying out vulnerability scanning to the data on flows recorded, acquisition is directed to the safety detection result of the application to be detected,
May include:
The first flow data to match with the network request are pulled from the data on flows library;
Vulnerability scanning is carried out to the first flow data, obtains the safety detection result for being directed to the application to be detected.
The scheme that 7 embodiment of application drawing provides carries out safety detection to application to be detected, can be used according to different tests
Example dry run application to be detected, does not need artificially to be detected, efficiently reduces the probability of test leakage, improve to application
Carry out the accuracy of safety detection;Meanwhile by storing the data on flows of record into data on flows library, facilitate software development
Personnel and testing staff repair application to be detected, improve and improve, and improve the efficiency of application maintenance, support simultaneously
Multiple applications while the process for carrying out safety detection, further improve the efficiency that safety detection is carried out to application.
A kind of specific embodiment provided by the invention provides the step S301-S304 for including in embodiment in above-mentioned Fig. 7
On the basis of, this method further includes:
Receive that the electronic equipment is sent after obtaining the safety detection result, instruction unloading is described to be detected to answer
Unloading command;
Unload the application to be detected.
Safety detection is carried out to application using the scheme that the present invention applies example offer, is obtaining the safety for being directed to application to be detected
After testing result, therefore corresponding memory headroom can be discharged by unloading the application to be detected installed in target simulation equipment,
There is provided advantageous running environment for the safety detection process of next application, reduce operation application when occur Caton, delay or
Phenomena such as crash, and then it is able to ascend the accuracy and efficiency that safety detection is carried out to application.
It is corresponding with Fig. 7 embodiment of the method, as shown in figure 8, the safety detection dress provided for a further embodiment of the present invention
The structural schematic diagram set, is applied to analog machine, which includes:Third obtains module 401, second and installs module
402, dry run module 403 and forwarding module 404.
Third obtains module 401, for obtaining application to be detected from the electronic equipment communicated to connect with the analog machine
Installation file;
Second installation module 402, for installing the installation file;
Dry run module 403 is communicated for application to be detected described in dry run and with server-side;
Forwarding module 404, for communicating the data on flows of generation by application to be detected described in dry run and with server-side
It is transmitted to the electronic equipment, so that the electronic equipment is when determination reaches predetermined analog end of run condition to the stream
It measures data and carries out the safety detection result that vulnerability scanning acquisition is directed to the application to be detected.
Optionally, the dry run module 403, including:
Second generates submodule, for starting test software, generates test case;
Second operation submodule, for according to the test case, application to be detected and and server-side described in dry run
Communication.
Further, the second operation submodule, is specifically used for:
It triggers the application to be detected and generates the network request for being directed to each test case;
According to network request generated, establishes and communicate to connect between the application to be detected and server-side, so that institute
Application to be detected is stated to be communicated by established communication connection with server-side.
The scheme that 8 embodiment of application drawing provides carries out safety detection to application to be detected, can be used according to different tests
Example operational objective application, does not need artificially to be detected, efficiently reduces the probability of test leakage, improves and pacifies to application
The accuracy that full inspection is surveyed.
On the basis of Fig. 8 provides embodiment, safety detection device provided in an embodiment of the present invention further includes:Receiving module
With the second Unload module.
Receiving module is unloaded for receiving the electronic equipment is sent after obtaining the safety detection result, instruction
Carry the unloading command of the application to be detected;
Second Unload module, for unloading the application to be detected.
Application drawing scheme provided in an embodiment of the present invention carries out safety detection to application, is obtaining for application to be detected
After safety detection result, the application to be detected installed in target simulation equipment is unloaded, therefore, it is empty that corresponding memory can be discharged
Between, provide advantageous running environment for the safety detection process of next application, reduce operation application when occur Caton, delay or
Phenomena such as person is crashed, and then it is able to ascend the accuracy and efficiency that safety detection is carried out to application.
Fig. 9 is a kind of specific schematic diagram of safety detecting system provided in an embodiment of the present invention, which includes control section
Point and analog machine, wherein the analog machine is configured with agent side;
The control node is installed for obtaining the installation file of application to be detected, and by the installation file to described
Analog machine;Dry run instruction is sent to the agent side of the analog machine, so that the analog machine dry run institute
It states application to be detected and is communicated with server-side;Record the target simulation equipment simulating operation application to be detected and with service
The data on flows that end communication generates;Judge whether to reach preset dry run termination condition;If so, to the flow recorded
Data carry out vulnerability scanning, obtain the safety detection result for being directed to the application to be detected;
The agent side, for after receiving the dry run instruction that the control node is sent, described in dry run to
Detection application is simultaneously communicated with server-side;
The analog machine, for installing the application to be detected.
Optionally, the agent side, is specifically used for:
After receiving the dry run instruction that the control node is sent, starts test software, generate test case;
It is to be detected described in dry run to apply and communicated with server-side according to the test case.
Further, described according to the test case, application to be detected described in dry run simultaneously communicate, tool with server-side
Body is:
It triggers the application to be detected and generates the network request for being directed to each test case;
According to network request generated, establishes and communicate to connect between the application to be detected and server-side, so that institute
Application to be detected is stated to be communicated by established communication connection with server-side.
Optionally, the control node judges whether to reach preset dry run termination condition in the following way:
Judge whether the duration for running the application to be detected is more than or equal to preset standard operation duration;
And/or judge whether the quantity of the data on flows of record is more than or equal to preset standard quantity.
The safety detecting system that 9 embodiment of application drawing provides carries out safety detection to application to be detected, can be according to difference
Test case operational objective application, do not need artificially to be detected, efficiently reduce the probability of test leakage, improve correspondence
With the accuracy for carrying out safety detection.
Figure 10 is the specific schematic diagram of another kind of safety detecting system provided in an embodiment of the present invention, in the peace that Fig. 9 is provided
On the basis of full inspection examining system, safety detecting system provided in an embodiment of the present invention further includes:Data on flows library;
The data on flows library, the data on flows recorded for storing the control node;
The control node carries out vulnerability scanning to the data on flows recorded, obtains the peace for being directed to the application to be detected
Full inspection is surveyed as a result, being specially:
Vulnerability scanning is carried out to the data on flows that stores in the data on flows library, obtains and to be detected is answered for described
Safety detection result.
Further, operation includes at least the multiple in application, the control node is to the stream of target application at the same time
The data on flows stored in amount database carries out vulnerability scanning, obtains the safety detection knot for being directed to the application to be detected
Fruit, specially:
The first flow data to match with the network request are pulled from the data on flows library;
Vulnerability scanning is carried out to the first flow data, obtains the safety detection result for being directed to the application to be detected.
It should be noted that above-mentioned while operation includes at least multiple applications of target application, can be simulated by one
Device is realized, is also possible to realize by multiple simulators, in scheme provided in an embodiment of the present invention, is claimed multiple simulators
The cluster of composition is simulator cluster.Therefore, the embodiment of the present invention is provided to the simulator quantity for including in safety detecting system
Without clearly limiting.Multiple applications to be detected can be mounted in simulator cluster on the simulator of respective numbers, it can
To realize to multiple applications while carry out safety detection.
Safety detection is carried out to application using the embodiment of the present invention, the data on flows of record can be stored to data on flows
In library, software developer and testing staff is facilitated to repair, improve and improve to application to be detected, improves application inspection
The efficiency repaired, while supporting multiple applications while carrying out the process of safety detection, it further improves and safe inspection is carried out to application
The efficiency of survey.
Based on the safety detecting system that Fig. 9 embodiment provides, implement in the safety detecting system provided in the present invention, it is described
Control node is also used to after obtaining the safety detection result, sends unloading command to the agent side;
The agent side is used for after receiving the unloading command, triggers that analog machine unloading is described to be detected to answer
With.
To sum up, safety detection is carried out to application using safety detecting system provided in an embodiment of the present invention, obtained
After the safety detection result of application to be detected, therefore unloading target application can discharge corresponding memory headroom, be
The safety detection process of next application provides advantageous running environment, occurs Caton, delay or dead when reducing operation application
Phenomena such as machine, and then it is able to ascend the accuracy and efficiency that safety detection is carried out to application.
It should be noted that, in this document, relational terms such as first and second and the like are used merely to a reality
Body or operation are distinguished with another entity or operation, are deposited without necessarily requiring or implying between these entities or operation
In any actual relationship or order or sequence.Moreover, the terms "include", "comprise" or its any other variant are intended to
Non-exclusive inclusion, so that the process, method, article or equipment including a series of elements is not only wanted including those
Element, but also including other elements that are not explicitly listed, or further include for this process, method, article or equipment
Intrinsic element.In the absence of more restrictions, the element limited by sentence "including a ...", it is not excluded that
There is also other identical elements in process, method, article or equipment including the element.
Each embodiment in this specification is all made of relevant mode and describes, same and similar portion between each embodiment
Dividing may refer to each other, and each embodiment focuses on the differences from other embodiments.Especially for system reality
For applying example, since it is substantially similar to the method embodiment, so being described relatively simple, related place is referring to embodiment of the method
Part explanation.
The foregoing is merely illustrative of the preferred embodiments of the present invention, is not intended to limit the scope of the present invention.It is all
Any modification, equivalent replacement, improvement and so within the spirit and principles in the present invention, are all contained in protection scope of the present invention
It is interior.
Claims (25)
1. a kind of safety detection method, which is characterized in that it is applied to electronic equipment, the method includes:
Obtain the installation file of application to be detected;
The installation file is installed to target simulation equipment;
Dry run instruction is sent to the target simulation equipment, so that target simulation equipment simulating operation is described to be checked
It surveys application and is communicated with server-side;
The target simulation equipment simulating is recorded to run the application to be detected and communicate the data on flows generated with server-side;
Judge whether to reach preset dry run termination condition;
If so, carrying out vulnerability scanning to the data on flows recorded, the safety detection knot for being directed to the application to be detected is obtained
Fruit.
2. the method according to claim 1, wherein the target simulation equipment dry run in the following manner
The application to be detected is simultaneously communicated with server-side:
Start test software, generates test case;
It is to be detected described in dry run to apply and communicated with server-side according to the test case.
3. according to the method described in claim 2, it is characterized in that, described according to the test case, described in dry run to
The step of detecting application and being communicated with server-side, including:
It triggers the application to be detected and generates the network request for being directed to each test case;
According to network request generated, establish and communicate to connect between the application to be detected and server-side so that it is described to
Detection application is communicated by established communication connection with server-side.
4. according to the method described in claim 3, it is characterized in that, described record described in the target simulation equipment simulating operation
The step of applying and communicating the data on flows generated with server-side to be detected, including:
Establish agency service;
Using the agency service, the to be detected stream applying and server-side between generate of the recording needle to each network request
Measure data.
5. according to the method described in claim 3, it is characterized in that, the method also includes:
The data on flows recorded is stored into data on flows library;
It is described that vulnerability scanning is carried out to the data on flows recorded, the safety detection result for being directed to the application to be detected is obtained,
Including:
Vulnerability scanning is carried out to the data on flows stored in the data on flows library, is obtained for the application to be detected
Safety detection result.
6. according to the method described in claim 5, it is characterized in that, multiple applications of the operation including at least target application at the same time
When, it is described that vulnerability scanning is carried out to the data on flows that stores in the data on flows library, it obtains and to be detected is answered for described
The step of safety detection result, including:
The first flow data to match with the network request are pulled from the data on flows library;
Vulnerability scanning is carried out to the first flow data, obtains the safety detection result for being directed to the application to be detected.
7. method according to claim 1 to 6, which is characterized in that described to judge whether to reach preset simulation
The step of end of run condition, including:
Judge whether the duration for running the application to be detected is more than or equal to preset standard operation duration;
And/or judge whether the quantity of the data on flows of record is more than or equal to preset standard quantity.
8. method according to claim 1 to 6, which is characterized in that the method also includes:
After obtaining the safety detection result, the application to be detected installed in the target simulation equipment is unloaded.
9. a kind of safety detection device, which is characterized in that be applied to electronic equipment, described device includes:
First obtains module, for obtaining the installation file of application to be detected;
First installation module, for installing the installation file to target simulation equipment;
Sending module, for sending dry run instruction to the target simulation equipment, so that the target simulation equipment mould
It is quasi- to run the application to be detected and communicated with server-side;
Logging modle, for recording the target simulation equipment simulating operation application to be detected and communicating generation with server-side
Data on flows;
Judgment module reaches preset dry run termination condition for judging whether;
Second obtain module, for the judgment module judging result be in the case where, to the data on flows recorded into
Row vulnerability scanning obtains the safety detection result for being directed to the application to be detected.
10. device according to claim 9, which is characterized in that the target simulation equipment, including:
First generates submodule, for starting test software, generates test case;
First operation submodule, for according to the test case, application to be detected described in dry run is simultaneously communicated with server-side.
11. device according to claim 10, which is characterized in that the first operation submodule is specifically used for:
It triggers the application to be detected and generates the network request for being directed to each test case;
According to network request generated, establish and communicate to connect between the application to be detected and server-side so that it is described to
Detection application is communicated by established communication connection with server-side.
12. device according to claim 11, which is characterized in that the logging modle is specifically used for:
Establish agency service;
Using the agency service, the to be detected stream applying and server-side between generate of the recording needle to each network request
Measure data.
13. device according to claim 11, which is characterized in that described device further includes:
Memory module, for storing the data on flows recorded into data on flows library;
Described second obtains module, is specifically used for:
Vulnerability scanning is carried out to the data on flows stored in the data on flows library, is obtained for the application to be detected
Safety detection result.
14. device according to claim 12, which is characterized in that described second obtains module, is specifically used for:
Operation includes at least the multiple of target application and asks in application, pulling from the data on flows library with the network at the same time
Seek the first flow data to match;
Vulnerability scanning is carried out to the first flow data, obtains the safety detection result for being directed to the application to be detected.
15. the device according to any one of claim 9-14, which is characterized in that the judgment module is specifically used for:
Judge whether the duration for running the application to be detected is more than or equal to preset standard operation duration;
And/or judge whether the quantity of the data on flows of record is more than or equal to preset standard quantity.
16. the device according to any one of claim 9-14, which is characterized in that described device further includes:
First Unload module is installed in the target simulation equipment for unloading after obtaining the safety detection result
The application to be detected.
17. a kind of safety detection method, which is characterized in that it is applied to analog machine, the method includes:
The installation file of application to be detected is obtained from the electronic equipment communicated to connect with the analog machine;
The installation file is installed;
It is to be detected described in dry run to apply and communicated with server-side;
The data on flows that generation is communicated by application to be detected described in dry run and with server-side is transmitted to the electronic equipment, with
So that the electronic equipment is determining that carrying out vulnerability scanning to the data on flows when reaching predetermined analog end of run condition obtains
Obtain the safety detection result for the application to be detected.
18. according to the method for claim 17, which is characterized in that described in the dry run it is to be detected application and with service
End communication, including:
Start test software, generates test case;
It is to be detected described in dry run to apply and communicated with server-side according to the test case.
19. according to the method for claim 18, which is characterized in that it is described according to the test case, described in dry run
The step of applying and being communicated with server-side to be detected, including:
It triggers the application to be detected and generates the network request for being directed to each test case;
According to network request generated, establish and communicate to connect between the application to be detected and server-side so that it is described to
Detection application is communicated by established communication connection with server-side.
20. method described in any one of 7-19 according to claim 1, which is characterized in that the method also includes:
It receives the electronic equipment is sent after obtaining the safety detection result, instruction and unloads the application to be detected
Unloading command;
Unload the application to be detected.
21. a kind of safety detection device, which is characterized in that be applied to client, described device includes:
Third obtains module, for obtaining the installation text of application to be detected from the electronic equipment communicated to connect with the analog machine
Part;
Second installation module, for installing the installation file;
Dry run module is communicated for application to be detected described in dry run and with server-side;
Forwarding module, the data on flows for communicating generation by application to be detected described in dry run and with server-side are transmitted to institute
State electronic equipment so that the electronic equipment determine reach predetermined analog end of run condition when to the data on flows into
Row vulnerability scanning obtains the safety detection result for being directed to the application to be detected.
22. device according to claim 21, which is characterized in that the dry run module, including:
Second generates submodule, for starting test software, generates test case;
Second operation submodule, for according to the test case, application to be detected described in dry run is simultaneously communicated with server-side.
23. device according to claim 22, which is characterized in that the second operation submodule is specifically used for:
It triggers the application to be detected and generates the network request for being directed to each test case;
According to network request generated, establish and communicate to connect between the application to be detected and server-side so that it is described to
Detection application is communicated by established communication connection with server-side.
24. the device according to any one of claim 21-23, which is characterized in that described device further includes:
Receiving module, for receiving the electronic equipment is sent after obtaining the safety detection result, instruction unloading institute
State the unloading command of application to be detected;
Second Unload module, for unloading the application to be detected.
25. a kind of safety detecting system, which is characterized in that the system comprises control node and analog machines, wherein described
Analog machine is configured with agent side;
The control node is installed for obtaining the installation file of application to be detected, and by the installation file to the simulation
Equipment;To the agent side of the analog machine send dry run instruction so that described in the analog machine dry run to
Detection application is simultaneously communicated with server-side;It records the target simulation equipment simulating operation application to be detected and leads to server-side
Believe the data on flows generated;Judge whether to reach preset dry run termination condition;If so, to the data on flows recorded
Vulnerability scanning is carried out, the safety detection result for being directed to the application to be detected is obtained;
The agent side, it is to be detected described in dry run after being instructed in the dry run for receiving the control node transmission
It is communicated using and with server-side;
The analog machine, for installing the application to be detected.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710324721.1A CN108875368A (en) | 2017-05-10 | 2017-05-10 | A kind of safety detection method, apparatus and system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710324721.1A CN108875368A (en) | 2017-05-10 | 2017-05-10 | A kind of safety detection method, apparatus and system |
Publications (1)
Publication Number | Publication Date |
---|---|
CN108875368A true CN108875368A (en) | 2018-11-23 |
Family
ID=64287612
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201710324721.1A Pending CN108875368A (en) | 2017-05-10 | 2017-05-10 | A kind of safety detection method, apparatus and system |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN108875368A (en) |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111177729A (en) * | 2019-12-17 | 2020-05-19 | 腾讯云计算(北京)有限责任公司 | Program bug test method and related device |
WO2020155765A1 (en) * | 2019-01-31 | 2020-08-06 | 平安科技(深圳)有限公司 | Data crawling method for mobile terminal, device, mobile terminal, and storage medium |
CN112769655A (en) * | 2021-03-02 | 2021-05-07 | 北京百家科技集团有限公司 | Network variation testing method, device and system |
Citations (12)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1421771A (en) * | 2001-11-27 | 2003-06-04 | 四川安盟科技有限责任公司 | Guard system to defend network invansion of unkown attack trick effectively |
CN1606278A (en) * | 2003-10-10 | 2005-04-13 | 中国电信集团公司 | End-to-end service testing system and method |
CN101312393A (en) * | 2007-05-24 | 2008-11-26 | 北京启明星辰信息技术有限公司 | Detection method and system for SQL injection loophole |
CN101626368A (en) * | 2008-07-11 | 2010-01-13 | 中联绿盟信息技术(北京)有限公司 | Device, method and system for preventing web page from being distorted |
CN102609352A (en) * | 2011-01-19 | 2012-07-25 | 阿里巴巴集团控股有限公司 | Parallel testing method and parallel testing server |
CN104252598A (en) * | 2013-06-28 | 2014-12-31 | 深圳市腾讯计算机系统有限公司 | Method and device for detecting application bugs |
CN104461880A (en) * | 2014-12-04 | 2015-03-25 | 福建星网视易信息系统有限公司 | Method for automatically detecting heap corruption in embedded system |
CN104765682A (en) * | 2015-03-30 | 2015-07-08 | 微梦创科网络科技(中国)有限公司 | Offline detection method and system for cross-site scripting vulnerability |
CN105357195A (en) * | 2015-10-30 | 2016-02-24 | 深圳市深信服电子科技有限公司 | Unauthorized web access vulnerability detecting method and device |
CN105791273A (en) * | 2016-02-24 | 2016-07-20 | 上海携程商务有限公司 | Web vulnerability scanning system |
CN106022127A (en) * | 2016-05-10 | 2016-10-12 | 江苏通付盾科技有限公司 | APK file security detection method and apparatus |
CN106357670A (en) * | 2016-10-17 | 2017-01-25 | 成都知道创宇信息技术有限公司 | Simulator-based android application server side Web vulnerability detection method |
-
2017
- 2017-05-10 CN CN201710324721.1A patent/CN108875368A/en active Pending
Patent Citations (12)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1421771A (en) * | 2001-11-27 | 2003-06-04 | 四川安盟科技有限责任公司 | Guard system to defend network invansion of unkown attack trick effectively |
CN1606278A (en) * | 2003-10-10 | 2005-04-13 | 中国电信集团公司 | End-to-end service testing system and method |
CN101312393A (en) * | 2007-05-24 | 2008-11-26 | 北京启明星辰信息技术有限公司 | Detection method and system for SQL injection loophole |
CN101626368A (en) * | 2008-07-11 | 2010-01-13 | 中联绿盟信息技术(北京)有限公司 | Device, method and system for preventing web page from being distorted |
CN102609352A (en) * | 2011-01-19 | 2012-07-25 | 阿里巴巴集团控股有限公司 | Parallel testing method and parallel testing server |
CN104252598A (en) * | 2013-06-28 | 2014-12-31 | 深圳市腾讯计算机系统有限公司 | Method and device for detecting application bugs |
CN104461880A (en) * | 2014-12-04 | 2015-03-25 | 福建星网视易信息系统有限公司 | Method for automatically detecting heap corruption in embedded system |
CN104765682A (en) * | 2015-03-30 | 2015-07-08 | 微梦创科网络科技(中国)有限公司 | Offline detection method and system for cross-site scripting vulnerability |
CN105357195A (en) * | 2015-10-30 | 2016-02-24 | 深圳市深信服电子科技有限公司 | Unauthorized web access vulnerability detecting method and device |
CN105791273A (en) * | 2016-02-24 | 2016-07-20 | 上海携程商务有限公司 | Web vulnerability scanning system |
CN106022127A (en) * | 2016-05-10 | 2016-10-12 | 江苏通付盾科技有限公司 | APK file security detection method and apparatus |
CN106357670A (en) * | 2016-10-17 | 2017-01-25 | 成都知道创宇信息技术有限公司 | Simulator-based android application server side Web vulnerability detection method |
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2020155765A1 (en) * | 2019-01-31 | 2020-08-06 | 平安科技(深圳)有限公司 | Data crawling method for mobile terminal, device, mobile terminal, and storage medium |
CN111177729A (en) * | 2019-12-17 | 2020-05-19 | 腾讯云计算(北京)有限责任公司 | Program bug test method and related device |
CN111177729B (en) * | 2019-12-17 | 2023-03-10 | 腾讯云计算(北京)有限责任公司 | Program bug test method and related device |
CN112769655A (en) * | 2021-03-02 | 2021-05-07 | 北京百家科技集团有限公司 | Network variation testing method, device and system |
CN112769655B (en) * | 2021-03-02 | 2022-08-12 | 北京百家科技集团有限公司 | Network variation testing method, device and system |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN109302522B (en) | Test method, test device, computer system, and computer medium | |
CN111124850A (en) | MQTT server performance testing method, system, computer equipment and storage medium | |
CN105426298B (en) | A kind of method for testing software and system based on ADB | |
CN107861871A (en) | A kind of gray scale dissemination method, device, server and storage medium | |
CN103336696B (en) | The Oftware updating method of test instrunment and system | |
CN109740222B (en) | Testing device and system for automobile networking scene | |
CN107608901B (en) | Jmeter-based testing method and device, storage medium and electronic equipment | |
CN108509333A (en) | Adjustment method and device | |
CN111124919A (en) | User interface testing method, device, equipment and storage medium | |
CN105787364B (en) | Automatic testing method, device and system for tasks | |
US8539404B2 (en) | Functional simulation redundancy reduction by state comparison and pruning | |
CN110912776A (en) | Automatic fuzzy test method and device for entity router management protocol | |
CN105653338B (en) | A kind of update method and device of application | |
CN106708716A (en) | Software testing method, device and system | |
CN105607994A (en) | Mobile terminal software testing method and system | |
CN108875368A (en) | A kind of safety detection method, apparatus and system | |
CN110059011A (en) | Interface test method, device, medium and electronic equipment | |
CN109726108A (en) | Front-end code test method, device, system and medium based on analogue data | |
CN109254914A (en) | Software development kit test method, system, computer installation and readable storage medium storing program for executing | |
CN107229497A (en) | Server test method and server test device | |
CN108319554A (en) | Test method, computer readable storage medium and the terminal device of application function | |
WO2019178957A1 (en) | Distributed system test method and device, computer device and storage medium | |
CN108234246A (en) | A kind of method and system of multidirectional server network performance | |
CN110515755A (en) | Interface function verification method, device, equipment and computer readable storage medium | |
CN114640614B (en) | RPC interface automatic test method, system, electronic equipment, medium and product |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20181123 |
|
RJ01 | Rejection of invention patent application after publication |