CN109347812A - A kind of industry control bug excavation method and system - Google Patents

A kind of industry control bug excavation method and system Download PDF

Info

Publication number
CN109347812A
CN109347812A CN201811130002.7A CN201811130002A CN109347812A CN 109347812 A CN109347812 A CN 109347812A CN 201811130002 A CN201811130002 A CN 201811130002A CN 109347812 A CN109347812 A CN 109347812A
Authority
CN
China
Prior art keywords
module
task
web interface
client
data
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201811130002.7A
Other languages
Chinese (zh)
Inventor
王捷
王晋
喻潇
田里
刘畅
龙凤
徐江珮
周亮
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Electric Power Research Institute of State Grid Hubei Electric Power Co Ltd
Original Assignee
Electric Power Research Institute of State Grid Hubei Electric Power Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Electric Power Research Institute of State Grid Hubei Electric Power Co Ltd filed Critical Electric Power Research Institute of State Grid Hubei Electric Power Co Ltd
Priority to CN201811130002.7A priority Critical patent/CN109347812A/en
Publication of CN109347812A publication Critical patent/CN109347812A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1433Vulnerability analysis
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/577Assessing vulnerabilities and evaluating computer system security
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/18Protocol analysers
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/50Testing arrangements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/02Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/18Multiprotocol handlers, e.g. single devices capable of handling multiple protocols
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/22Parsing or analysis of headers

Abstract

The present invention provides a kind of industry control bug excavation method and system, system includes protocol frame system, web interface module, client modules, plug-in component operation module, task memory module, data analysis module and state recording module, method includes acquiring the industry control protocol data of industrial control equipment and industrial application software on bug excavation system access to industrial control equipment;Task configuration is carried out by web interface to fill in;Transfer engine start client;Plug-in component operation is sequentially completed data loading, session connection and node traverses;Data analysis module receives the process data recording that plug-in component operation generates, and carries out data processing;Data analysis module carries out data processing and sends task completion mark to client;Client receives after task completes mark and completes to scan and exit, and web interface completes vulnerability scanning and obtains scanning result data from data analysis module and carry out scanning result data displaying, sufficiently excavates in fortune and online preceding unknown industry control loophole.

Description

A kind of industry control bug excavation method and system
Technical field
The present invention relates to information security fields, specifically refer to a kind of industry control bug excavation method and system.
Background technique
Industrial control system has very important position in industrial information, is widely used in industry, electric power, energy Source, communications and transportation, water conservancy, public utilities and manufacturing enterprise, the range of controlled device include production process, mechanical device, traffic Tool, experimental provision, instrument and meter, family life facility, household electrical appliance etc..It is by carrying out automation prison to the course of work It surveys, commander, control and adjust, guarantee the normal operation of industrial plants, be the important of national critical infrastructures and information system Component part.
Meanwhile just because of importance of these critical infrastructures in national economy, also tends to become international hostile gesture Power, hostile tissue, hacker target of attack.ICS-CERT is announced in data, and annual industry control security incident in 2017 is up to 305 Part, wherein the national critical infrastructures industry that focuses mostly on, industry control security incident is in the trend of rapid growth, by numerous to these Industry control security incident analyse in depth it can be seen that, the key link for having a core is exactly that industrial control system is utilized " loophole ", and then captured entire industrial control system.And loophole disclosed in industrial control system is also to show rapid growth Trend, and industry distribution is extensive.
It is set in conclusion needing to research and develop a bug excavation for industrial control equipment and industrial application software at present It is standby, it sufficiently excavates in fortune and online preceding unknown industry control loophole, and propose corresponding counter-measure, can largely subtract It is directed to the network attack of industrial control system less.
Summary of the invention
The purpose of the present invention is to provide a kind of industry control bug excavation method and systems, pass through the depth solution to industry control agreement Analysis can judge the realization of target device and the expected consistency realized of standard agreement, can understand the agreement from deeper time Working method, more likely reach from service layer and realize excavation to equipment under test security breaches.
Technical solution of the present invention:
A kind of industry control bug excavation method, including step in detail below,
S1. by bug excavation system access to industrial control equipment, the industry control of acquisition industrial control equipment and industrial application software is assisted Discuss data;
S2. it is filled in by the web interface progress task configuration of bug excavation system and task queue is arranged and deposited It stores up in task Queue module and sends new task signal to engine is transferred;
S3. the new task signal acquisition task queue module that the transfer engine of bug excavation system is sent according to web interface In mission bit stream and start client;
S4. client starts plug-in unit according to mission bit stream, and plug-in component operation is sequentially completed data loading, session connection and section Point traversal;
S5. the data analysis module of bug excavation system receives the process data recording that plug-in component operation generates, line number of going forward side by side According to processing;
S6. data analysis module carries out data processing and sends task completion mark to client;
S7. client receives after task completes mark and completes to scan and exit, and web interface completes vulnerability scanning and from number Scanning result data are obtained according to analysis module and carry out scanning result data displaying.
State recording module is sent by task summary info after client terminal start-up in the step S3, in the step S4 Node typing information, session typing information and process typing information are sent state recording module, the client by plug-in unit Task Progress more new information is obtained according to plug-in unit node traverses completion information and sends it to state recording module, the web Interface obtains Task Progress information from state recording module.
Client sends task completed information in state recording module in the step S7, and web interface is remembered from state Task completed information is got in record module terminates vulnerability scanning operation.
Web interface carries out nodal information update when plug-in component operation in the step S4, session information is shown and operation team Column show and update nodal information, session information is shown and operation queue displaying is sent to state recording module.
A kind of industry control bug excavation system, including protocol frame system, web interface module, client modules, plug-in component operation Module, task memory module, data analysis module and state recording module,
The web interface module is connected with protocol frame system, to provide initial data input, vulnerability scanning task Information configuration carries out operational process monitoring, task start and stop;
The client modules are connected with protocol frame system, to the task start and stop information according to web interface module Realize driving conversion, plug-in component operation calls data analysis module;
The plug-in component operation module is connected with protocol frame system, to be realized according to the received mission bit stream of client Node initializing, field filling, session establishment, node variation, data send and receive, state recording, log recording and different Often record completes vulnerability scanning, and all vulnerability scanning information is transmitted to state recording module;
The task memory module is connected with protocol frame system, to store the task letter of web interface module configuration Breath;
The data analysis module is connected with protocol frame system, to client modules, plug-in component operation module with And the data that task memory module generates carry out analysis and analysis structure are returned to web interface module;
The state recording module is connected with protocol frame system, to record web interface module, client modules with And the status information that plug-in component operation module generates.
The protocol frame system is also connected with scheduling engine module, obtains new task signal and starting client to monitor End module.
The web interface module include subscriber interface module, profile module, process monitoring module and crash also Former module, the web interface module carries out information configuration to host, port and agreement by subscriber interface module, described to match Set file module carry out the input of vulnerability scanning task names, source language input and configuration block input and generate .XML file into Row saves, and the process monitoring module is to monitor path packet and real-time process.
The protocol frame system is constructed using fuzz testing framework agreement.
Signal custom function is received at the scheduling engine module inlet, is responsible for reception, and web interface module transmits new Task signal goes the task queue of task memory module to read new task ID or 60s polling tasks queue.
Compared with prior art, the beneficial effects of the present invention are: supporting a plurality of serial bus protocols;Support a plurality of mainstream works Industrial Ethernet agreement;The protocol test use-case of abundant subdivision, protocol format segments use-case, function segments use-case, thin using data Divide use-case etc.;Perfect fuzz testing frame support cooperates external DTU power supply that can support to automate unattended complete entirely Portion's test case executes detection;DTU assets global administration, quick port scanning, fingerprint recognition, category division, visualization classification It shows;Proceduring record is accurately positioned problem location in detail to session and session content;Progress visualization, overall progress are single Use-case implementation progress, and loophole is shown in real time;Diversification is monitored, remote link is monitored, network monitoring, port link monitoring, TCPDump backup, various dimensions obtain abnormal conditions;Refusal service is handled DTU response when abnormal, single response time, response Test is configurable, no response power-off restarting configuration;Packet sending speed, monitoring packet sending speed is configurable, and it is tested more to adapt to diversification Environment;Protocal analysis carries out data analysis with reference to domestic, international, industry inner stipulation standard, and there are laws to abide by, reasonable;Knot Fruit supports refusal service loophole and protocol realization irregularity risk analysis;Loophole shows that details are abundant in content, triggers use-case name, meeting ID, risk classifications, content of giving out a contract for a project, packet receiving content, risk reason are talked about, problem risk is very clear;Support loophole instant playback, fastly Speed verifying is accurately positioned;It supports loophole collection, realizes the autonomous property right of client, and to the quick validating vulnerability of same batch equipment, without Lengthy scan again;Device-fingerprint feature extraction before supporting, identifies device type, carries out classified finishing;Loophole POC is supported to sweep Plug-in unit generation is retouched, generaI investigation is quickly scanned to product on line, is triggered without loophole, it is lossless efficient;Support online report check and from The export of report from a liner table, abundant in content careful, report template content title can define;Auto report completing mail is supported to upload.
Detailed description of the invention
Fig. 1 is overall structure of the present invention;
Fig. 2 is the timing diagram of the method for the present invention;
Fig. 3 is goal task of embodiment of the present invention configuration diagram;
Fig. 4 is protocol configuration of embodiment of the present invention figure.
Specific embodiment
Following will be combined with the drawings in the embodiments of the present invention, and technical solution in the embodiment of the present invention carries out clear, complete Site preparation description, it is clear that described embodiments are only a part of the embodiments of the present invention, instead of all the embodiments.It is based on Embodiment in the present invention, it is obtained by those of ordinary skill in the art without making creative efforts every other Embodiment shall fall within the protection scope of the present invention.
Fig. 1 and Fig. 2 are please referred to, the present invention provides a kind of technical solution:
As shown in Fig. 2, a kind of industry control bug excavation method, including step in detail below,
S1. by bug excavation system access to industrial control equipment, the industry control of acquisition industrial control equipment and industrial application software is assisted Discuss data;
S2. it is filled in by the web interface progress task configuration of bug excavation system and task queue is arranged and deposited It stores up in task Queue module and sends new task signal to engine is transferred;
S3. the new task signal acquisition task queue module that the transfer engine of bug excavation system is sent according to web interface In mission bit stream and start client;
S4. client starts plug-in unit according to mission bit stream, and plug-in component operation is sequentially completed data loading, session connection and section Point traversal;
S5. the data analysis module of bug excavation system receives the process data recording that plug-in component operation generates, line number of going forward side by side According to processing;
S6. data analysis module carries out data processing and sends task completion mark to client;
S7. client receives after task completes mark and completes to scan and exit, and web interface completes vulnerability scanning and from number Scanning result data are obtained according to analysis module and carry out scanning result data displaying.
State recording module is sent by task summary info after client terminal start-up in the step S3, in the step S4 Node typing information, session typing information and process typing information are sent state recording module, the client by plug-in unit Task Progress more new information is obtained according to plug-in unit node traverses completion information and sends it to state recording module, the web Interface obtains Task Progress information from state recording module.
Client sends task completed information in state recording module in the step S7, and web interface is remembered from state Task completed information is got in record module terminates vulnerability scanning operation.
Web interface carries out nodal information update when plug-in component operation in the step S4, session information is shown and operation team Column show and update nodal information, session information is shown and operation queue displaying is sent to state recording module.
As shown in Figure 1, a kind of industry control bug excavation system, including protocol frame system, web interface module, client mould Block, plug-in component operation module, task memory module, data analysis module and state recording module,
The web interface module is connected with protocol frame system, to provide initial data input, vulnerability scanning task Information configuration carries out operational process monitoring, task start and stop;
The client modules are connected with protocol frame system, to the task start and stop information according to web interface module Realize driving conversion, plug-in component operation calls data analysis module;
The plug-in component operation module is connected with protocol frame system, to be realized according to the received mission bit stream of client Node initializing, field filling, session establishment, node variation, data send and receive, state recording, log recording and different Often record completes vulnerability scanning, and all vulnerability scanning information is transmitted to state recording module;
The task memory module is connected with protocol frame system, to store the task letter of web interface module configuration Breath;
The data analysis module is connected with protocol frame system, to client modules, plug-in component operation module with And the data that task memory module generates carry out analysis and analysis structure are returned to web interface module;
The state recording module is connected with protocol frame system, to record web interface module, client modules with And the status information that plug-in component operation module generates.
The protocol frame system is also connected with scheduling engine module, obtains new task signal and starting client to monitor End module.
The web interface module include subscriber interface module, profile module, process monitoring module and crash also Former module, the web interface module carries out information configuration to host, port and agreement by subscriber interface module, described to match Set file module carry out the input of vulnerability scanning task names, source language input and configuration block input and generate .XML file into Row saves, and the process monitoring module is to monitor path packet and real-time process.
The protocol frame system is constructed using fuzz testing framework agreement.
Signal custom function is received at the scheduling engine module inlet, is responsible for reception, and web interface module transmits new Task signal goes the task queue of task memory module to read new task ID or 60s polling tasks queue.
Embodiment:
Goal task configuration and protocol configuration are shown in Fig. 3 and Fig. 4 respectively,
After web interface task configuration successful, information is saved with XML structure from the background, specific as follows:
This system realizes that modularization web interface is only responsible for life with the progress of task format in order to draw close to line of production compatibility It is configured at task, task schedule execution is executed by control centre
Control centre receives the new task arrival signal of web interface, query task team as Deamon process running background Column new task.
After new task reaches, scheduling starting client driver
XML is converted into fuzz plug-in unit
Conversion principle:
It is parsed line by line from top to bottom from XML
Root is root node
Plugins is a TU task unit
Plugin is current task information
Target information is obtained from the attribute of plugin
Requests is protocol element
Request is the single request of agreement, can successively fill multiple interactive requests
s_initialize(“name”)
From top to bottom, block is converted into s_block (" name ")
Non- block is parsed line by line according to primitive type
Sessions is conversation element set
Session is some session, needs to indicate session path, the i.e. path (whole story) of Request request
Sess=session (" name ")
Monitor is monitoring data parameters, and default is network monitoring
According to above-mentioned rule, parsing generates final Py script line by line
Fuzz script generates, and runs in detail according to Fuzz frame
The sum of record variation in real time, variation vernier, the path fuzz in operational process
Detailed operation logic reference, Sulley Frame Design
Data processing module is called, intermediate result data analysis is carried out
Referring in detail to data processing module document
Interface is provided, Fuzz plug-in unit real-time storage intermediate data is made
State is used using statd engine
TaskId:
{ key:values }
}
Data structure storage
Full task sharing
Complete industry control bug excavation.
A kind of industry control bug excavation method of the invention and system, support a plurality of serial bus protocols;Support a plurality of mainstreams Industrial ethernet protocol;The protocol test use-case of abundant subdivision, protocol format segment use-case, function subdivision use-case, using data Segment use-case etc.;Perfect fuzz testing frame support, cooperates external DTU power supply that can support to automate unattended completion Whole test cases execute detection;DTU assets global administration, quick port scanning, fingerprint recognition, category division, visualization point Class is shown;Proceduring record is accurately positioned problem location in detail to session and session content;Progress visualization, overall progress, An implementation progress is applied alone, and loophole is shown in real time;Diversification is monitored, remote link is monitored, network monitoring, port link prison It listens, TCPDump backup, various dimensions obtain abnormal conditions;Refusal service is handled DTU response when abnormal, single response time, sound Configurable, no response power-off restarting configuration should be tested;Packet sending speed, monitoring packet sending speed is configurable, more adapts to diversified quilt Survey environment;Protocal analysis carries out data analysis with reference to domestic, international, industry inner stipulation standard, and there are laws to abide by, reasonable; As a result refusal service loophole and protocol realization irregularity risk analysis are supported;Loophole shows that details are abundant in content, triggering use-case name, Session id, risk classifications, content of giving out a contract for a project, packet receiving content, risk reason, problem risk are very clear;Support loophole instant playback, Fast verification, accurate positioning;It supports loophole collection, realizes the autonomous property right of client, and to the quick validating vulnerability of same batch equipment, nothing It must lengthy scan again;Device-fingerprint feature extraction before supporting, identifies device type, carries out classified finishing;Support loophole POC It scans plug-in unit to generate, generaI investigation is quickly scanned to product on line, triggered without loophole, it is lossless efficient;Support online report check and Offline report export, abundant in content careful, report template content title can define;Auto report completing mail is supported to upload.
It although an embodiment of the present invention has been shown and described, for the ordinary skill in the art, can be with A variety of variations, modification, replacement can be carried out to these embodiments without departing from the principles and spirit of the present invention by understanding And modification, the scope of the present invention is defined by the appended.

Claims (9)

1. a kind of industry control bug excavation method, it is characterised in that: including step in detail below,
S1. by bug excavation system access to industrial control equipment, the industry control agreement number of industrial control equipment and industrial application software is acquired According to;
S2. it is filled in by the web interface progress task configuration of bug excavation system and task queue is arranged and is stored to New task signal is sent in task queue module and to engine is transferred;
S3. in the new task signal acquisition task queue module that the transfer engine of bug excavation system is sent according to web interface Mission bit stream simultaneously starts client;
S4. client starts plug-in unit according to mission bit stream, and plug-in component operation is sequentially completed data loading, session connection and node time It goes through;
S5. the data analysis module of bug excavation system receives the process data recording that plug-in component operation generates, and carries out at data Reason;
S6. data analysis module carries out data processing and sends task completion mark to client;
S7. client is completed to scan and exit after receiving task completion mark, and web interface is completed vulnerability scanning and divided from data Analysis module obtains scanning result data and carries out scanning result data displaying.
2. a kind of industry control bug excavation method according to claim 1, it is characterised in that: client opens in the step S3 State recording module is sent by task summary info after dynamic, plug-in unit is by node typing information, session typing in the step S4 Information and process typing information are sent to state recording module, and the client is completed information according to plug-in unit node traverses and obtained Task Progress more new information simultaneously sends it to state recording module, the web interface from state recording module obtain task into Spend information.
3. a kind of industry control bug excavation method according to claim 1, it is characterised in that: client will in the step S7 Task completed information is sent in state recording module, and web interface gets task completed information knot from state recording module The operation of beam vulnerability scanning.
4. a kind of industry control bug excavation method according to claim 1, it is characterised in that: plug-in component operation in the step S4 When web interface carry out nodal information update, session information show and operation queue show and by nodal information update, session believe Breath is shown and operation queue displaying is sent to state recording module.
5. a kind of industry control bug excavation system, it is characterised in that: including protocol frame system, web interface module, client mould Block, plug-in component operation module, task memory module, data analysis module and state recording module,
The web interface module is connected with protocol frame system, to provide initial data input, vulnerability scanning mission bit stream Configuration carries out operational process monitoring, task start and stop;
The client modules are connected with protocol frame system, to the task start and stop information realization according to web interface module Driving conversion, plug-in component operation call data analysis module;
The plug-in component operation module is connected with protocol frame system, to realize node according to the received mission bit stream of client Initialization, field filling, session establishment, node variation, data send and receive, state recording, log recording and exception are remembered Record completes vulnerability scanning, and all vulnerability scanning information is transmitted to state recording module;
The task memory module is connected with protocol frame system, to store the mission bit stream of web interface module configuration;
The data analysis module is connected with protocol frame system, to client modules, plug-in component operation module and appoint The data that business memory module generates carry out analysis and analysis structure are returned to web interface module;
The state recording module is connected with protocol frame system, to record web interface module, client modules and insert Part runs the status information that module generates.
6. a kind of industry control bug excavation system according to claim 5, it is characterised in that: the protocol frame system also connects Scheduling engine module is connect, obtains new task signal and starting client modules to monitor.
7. a kind of industry control bug excavation system according to claim 5, it is characterised in that: the web interface module includes Subscriber interface module, profile module, process monitoring module and crash recovery module, the web interface module pass through use Family interface module carries out information configuration to host, port and agreement, and the profile module carries out vulnerability scanning task name Claim input, source language input and configuration block input and generate .XML file and saved, the process monitoring module to Path packet and real-time process are monitored.
8. a kind of industry control bug excavation system according to claim 5, it is characterised in that: the protocol frame system uses Fuzz testing framework agreement is constructed.
9. a kind of industry control bug excavation system according to claim 6, it is characterised in that: the scheduling engine module inlet Place receives signal custom function, is responsible for receiving the new task signal that web interface module transmits, goes the task of task memory module New task ID or 60s polling tasks queue are read in queue.
CN201811130002.7A 2018-09-27 2018-09-27 A kind of industry control bug excavation method and system Pending CN109347812A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201811130002.7A CN109347812A (en) 2018-09-27 2018-09-27 A kind of industry control bug excavation method and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201811130002.7A CN109347812A (en) 2018-09-27 2018-09-27 A kind of industry control bug excavation method and system

Publications (1)

Publication Number Publication Date
CN109347812A true CN109347812A (en) 2019-02-15

Family

ID=65307148

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201811130002.7A Pending CN109347812A (en) 2018-09-27 2018-09-27 A kind of industry control bug excavation method and system

Country Status (1)

Country Link
CN (1) CN109347812A (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110730180A (en) * 2019-10-17 2020-01-24 杭州安恒信息技术股份有限公司 Portable communication equipment detection instrument and communication equipment detection method
CN110865851A (en) * 2019-11-18 2020-03-06 中国民航信息网络股份有限公司 Automatic Android application data acquisition method and system
CN111581438A (en) * 2019-02-19 2020-08-25 青岛海信移动通信技术股份有限公司 File analysis method and terminal
CN113285841A (en) * 2021-06-15 2021-08-20 无锡热能在线科技有限公司 Configuration device and method for industrial gateway data transmission protocol

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104144142A (en) * 2013-05-07 2014-11-12 阿里巴巴集团控股有限公司 Web vulnerability discovery method and system
CN104426850A (en) * 2013-08-23 2015-03-18 南京理工大学常熟研究院有限公司 Vulnerability detection method based on plug-in
EP2943843A1 (en) * 2013-01-08 2015-11-18 Secure-Nok AS Method, device and computer program for monitoring an industrial control system
CN106878341A (en) * 2017-04-14 2017-06-20 北京匡恩网络科技有限责任公司 The vulnerability scanning method and device of the network equipment
CN107094158A (en) * 2017-06-27 2017-08-25 四维创智(北京)科技发展有限公司 The fragile analysis system of one kind automation intranet security

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2943843A1 (en) * 2013-01-08 2015-11-18 Secure-Nok AS Method, device and computer program for monitoring an industrial control system
CN104144142A (en) * 2013-05-07 2014-11-12 阿里巴巴集团控股有限公司 Web vulnerability discovery method and system
CN104426850A (en) * 2013-08-23 2015-03-18 南京理工大学常熟研究院有限公司 Vulnerability detection method based on plug-in
CN106878341A (en) * 2017-04-14 2017-06-20 北京匡恩网络科技有限责任公司 The vulnerability scanning method and device of the network equipment
CN107094158A (en) * 2017-06-27 2017-08-25 四维创智(北京)科技发展有限公司 The fragile analysis system of one kind automation intranet security

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
于长奇: "工控设备漏洞挖掘技术研究", 《中国优秀硕士学位论文全文数据库(电子期刊)信息科技辑》 *
向騻: "一种基于改进Fuzzing架构的工业控制设备漏洞挖掘框架", 《武汉大学学报(理学版)》 *
张凤臣: "工业控制设备漏洞检测系统浅析", 《科技与创新》 *

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111581438A (en) * 2019-02-19 2020-08-25 青岛海信移动通信技术股份有限公司 File analysis method and terminal
CN111581438B (en) * 2019-02-19 2024-01-23 青岛海信移动通信技术有限公司 File analysis method and terminal
CN110730180A (en) * 2019-10-17 2020-01-24 杭州安恒信息技术股份有限公司 Portable communication equipment detection instrument and communication equipment detection method
CN110865851A (en) * 2019-11-18 2020-03-06 中国民航信息网络股份有限公司 Automatic Android application data acquisition method and system
CN110865851B (en) * 2019-11-18 2023-12-01 中国民航信息网络股份有限公司 Automatic Android application data acquisition method and system
CN113285841A (en) * 2021-06-15 2021-08-20 无锡热能在线科技有限公司 Configuration device and method for industrial gateway data transmission protocol
CN113285841B (en) * 2021-06-15 2023-08-08 无锡摩尔汇萃智能技术有限公司 Configuration method of industrial gateway data transmission protocol

Similar Documents

Publication Publication Date Title
CN109347812A (en) A kind of industry control bug excavation method and system
CN106961362B (en) Automated testing method and mobile cloud test system
US9059939B2 (en) End-to-end network service assurance solution
CN109889551A (en) A kind of method of the Internet of Things cloud platform of Intelligent hardware access
CN109495308A (en) A kind of automation operational system based on management information system
CN108418704A (en) A kind of network element device method of network entry based on automation template configuration
CN103812726A (en) Automated testing method and device for data communication equipment
CN104092755B (en) A kind of method and device for capturing of cloud service origination data
CN112511218A (en) Satellite ground station monitoring system based on microservice
CN111130922A (en) Airborne information safety automatic test method and test platform
CN103731205A (en) Method for automatically testing optical network unit
CN103746840A (en) Method and system for automatic checking of software version information of network equipment
CN109086213A (en) A kind of commercial vehicle network test management system and method based on distributed system
CN104023071A (en) System and method of monitoring software performance test resources
US10673769B2 (en) Analysis device for the analysis and manipulation of a communication sequence
CN101656642A (en) Method, device and system for testing authentication performance of network access equipment
Turcato et al. Introducing a cloud based architecture for the distributed analysis of Real-Time Ethernet traffic
CN112583663B (en) Automatic network performance testing method based on domestic operating system
CN108234246A (en) A kind of method and system of multidirectional server network performance
CN110636127B (en) Communication processing method and system between information data
Seifermann Application performance monitoring in microservice-based systems
CN107301125A (en) A kind of method, device and electronic equipment for finding root mistake
CN105827462A (en) Method and tool for detecting network device
CN112486706B (en) Internet of things local equipment linkage method based on MQTT message driving mechanism
CN113872686A (en) Customer self-service troubleshooting processing method based on optical broadband network service

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20190215

RJ01 Rejection of invention patent application after publication