CN109347812A - A kind of industry control bug excavation method and system - Google Patents
A kind of industry control bug excavation method and system Download PDFInfo
- Publication number
- CN109347812A CN109347812A CN201811130002.7A CN201811130002A CN109347812A CN 109347812 A CN109347812 A CN 109347812A CN 201811130002 A CN201811130002 A CN 201811130002A CN 109347812 A CN109347812 A CN 109347812A
- Authority
- CN
- China
- Prior art keywords
- module
- task
- web interface
- client
- data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/18—Protocol analysers
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/50—Testing arrangements
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/02—Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L69/00—Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
- H04L69/18—Multiprotocol handlers, e.g. single devices capable of handling multiple protocols
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L69/00—Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
- H04L69/22—Parsing or analysis of headers
Abstract
The present invention provides a kind of industry control bug excavation method and system, system includes protocol frame system, web interface module, client modules, plug-in component operation module, task memory module, data analysis module and state recording module, method includes acquiring the industry control protocol data of industrial control equipment and industrial application software on bug excavation system access to industrial control equipment;Task configuration is carried out by web interface to fill in;Transfer engine start client;Plug-in component operation is sequentially completed data loading, session connection and node traverses;Data analysis module receives the process data recording that plug-in component operation generates, and carries out data processing;Data analysis module carries out data processing and sends task completion mark to client;Client receives after task completes mark and completes to scan and exit, and web interface completes vulnerability scanning and obtains scanning result data from data analysis module and carry out scanning result data displaying, sufficiently excavates in fortune and online preceding unknown industry control loophole.
Description
Technical field
The present invention relates to information security fields, specifically refer to a kind of industry control bug excavation method and system.
Background technique
Industrial control system has very important position in industrial information, is widely used in industry, electric power, energy
Source, communications and transportation, water conservancy, public utilities and manufacturing enterprise, the range of controlled device include production process, mechanical device, traffic
Tool, experimental provision, instrument and meter, family life facility, household electrical appliance etc..It is by carrying out automation prison to the course of work
It surveys, commander, control and adjust, guarantee the normal operation of industrial plants, be the important of national critical infrastructures and information system
Component part.
Meanwhile just because of importance of these critical infrastructures in national economy, also tends to become international hostile gesture
Power, hostile tissue, hacker target of attack.ICS-CERT is announced in data, and annual industry control security incident in 2017 is up to 305
Part, wherein the national critical infrastructures industry that focuses mostly on, industry control security incident is in the trend of rapid growth, by numerous to these
Industry control security incident analyse in depth it can be seen that, the key link for having a core is exactly that industrial control system is utilized
" loophole ", and then captured entire industrial control system.And loophole disclosed in industrial control system is also to show rapid growth
Trend, and industry distribution is extensive.
It is set in conclusion needing to research and develop a bug excavation for industrial control equipment and industrial application software at present
It is standby, it sufficiently excavates in fortune and online preceding unknown industry control loophole, and propose corresponding counter-measure, can largely subtract
It is directed to the network attack of industrial control system less.
Summary of the invention
The purpose of the present invention is to provide a kind of industry control bug excavation method and systems, pass through the depth solution to industry control agreement
Analysis can judge the realization of target device and the expected consistency realized of standard agreement, can understand the agreement from deeper time
Working method, more likely reach from service layer and realize excavation to equipment under test security breaches.
Technical solution of the present invention:
A kind of industry control bug excavation method, including step in detail below,
S1. by bug excavation system access to industrial control equipment, the industry control of acquisition industrial control equipment and industrial application software is assisted
Discuss data;
S2. it is filled in by the web interface progress task configuration of bug excavation system and task queue is arranged and deposited
It stores up in task Queue module and sends new task signal to engine is transferred;
S3. the new task signal acquisition task queue module that the transfer engine of bug excavation system is sent according to web interface
In mission bit stream and start client;
S4. client starts plug-in unit according to mission bit stream, and plug-in component operation is sequentially completed data loading, session connection and section
Point traversal;
S5. the data analysis module of bug excavation system receives the process data recording that plug-in component operation generates, line number of going forward side by side
According to processing;
S6. data analysis module carries out data processing and sends task completion mark to client;
S7. client receives after task completes mark and completes to scan and exit, and web interface completes vulnerability scanning and from number
Scanning result data are obtained according to analysis module and carry out scanning result data displaying.
State recording module is sent by task summary info after client terminal start-up in the step S3, in the step S4
Node typing information, session typing information and process typing information are sent state recording module, the client by plug-in unit
Task Progress more new information is obtained according to plug-in unit node traverses completion information and sends it to state recording module, the web
Interface obtains Task Progress information from state recording module.
Client sends task completed information in state recording module in the step S7, and web interface is remembered from state
Task completed information is got in record module terminates vulnerability scanning operation.
Web interface carries out nodal information update when plug-in component operation in the step S4, session information is shown and operation team
Column show and update nodal information, session information is shown and operation queue displaying is sent to state recording module.
A kind of industry control bug excavation system, including protocol frame system, web interface module, client modules, plug-in component operation
Module, task memory module, data analysis module and state recording module,
The web interface module is connected with protocol frame system, to provide initial data input, vulnerability scanning task
Information configuration carries out operational process monitoring, task start and stop;
The client modules are connected with protocol frame system, to the task start and stop information according to web interface module
Realize driving conversion, plug-in component operation calls data analysis module;
The plug-in component operation module is connected with protocol frame system, to be realized according to the received mission bit stream of client
Node initializing, field filling, session establishment, node variation, data send and receive, state recording, log recording and different
Often record completes vulnerability scanning, and all vulnerability scanning information is transmitted to state recording module;
The task memory module is connected with protocol frame system, to store the task letter of web interface module configuration
Breath;
The data analysis module is connected with protocol frame system, to client modules, plug-in component operation module with
And the data that task memory module generates carry out analysis and analysis structure are returned to web interface module;
The state recording module is connected with protocol frame system, to record web interface module, client modules with
And the status information that plug-in component operation module generates.
The protocol frame system is also connected with scheduling engine module, obtains new task signal and starting client to monitor
End module.
The web interface module include subscriber interface module, profile module, process monitoring module and crash also
Former module, the web interface module carries out information configuration to host, port and agreement by subscriber interface module, described to match
Set file module carry out the input of vulnerability scanning task names, source language input and configuration block input and generate .XML file into
Row saves, and the process monitoring module is to monitor path packet and real-time process.
The protocol frame system is constructed using fuzz testing framework agreement.
Signal custom function is received at the scheduling engine module inlet, is responsible for reception, and web interface module transmits new
Task signal goes the task queue of task memory module to read new task ID or 60s polling tasks queue.
Compared with prior art, the beneficial effects of the present invention are: supporting a plurality of serial bus protocols;Support a plurality of mainstream works
Industrial Ethernet agreement;The protocol test use-case of abundant subdivision, protocol format segments use-case, function segments use-case, thin using data
Divide use-case etc.;Perfect fuzz testing frame support cooperates external DTU power supply that can support to automate unattended complete entirely
Portion's test case executes detection;DTU assets global administration, quick port scanning, fingerprint recognition, category division, visualization classification
It shows;Proceduring record is accurately positioned problem location in detail to session and session content;Progress visualization, overall progress are single
Use-case implementation progress, and loophole is shown in real time;Diversification is monitored, remote link is monitored, network monitoring, port link monitoring,
TCPDump backup, various dimensions obtain abnormal conditions;Refusal service is handled DTU response when abnormal, single response time, response
Test is configurable, no response power-off restarting configuration;Packet sending speed, monitoring packet sending speed is configurable, and it is tested more to adapt to diversification
Environment;Protocal analysis carries out data analysis with reference to domestic, international, industry inner stipulation standard, and there are laws to abide by, reasonable;Knot
Fruit supports refusal service loophole and protocol realization irregularity risk analysis;Loophole shows that details are abundant in content, triggers use-case name, meeting
ID, risk classifications, content of giving out a contract for a project, packet receiving content, risk reason are talked about, problem risk is very clear;Support loophole instant playback, fastly
Speed verifying is accurately positioned;It supports loophole collection, realizes the autonomous property right of client, and to the quick validating vulnerability of same batch equipment, without
Lengthy scan again;Device-fingerprint feature extraction before supporting, identifies device type, carries out classified finishing;Loophole POC is supported to sweep
Plug-in unit generation is retouched, generaI investigation is quickly scanned to product on line, is triggered without loophole, it is lossless efficient;Support online report check and from
The export of report from a liner table, abundant in content careful, report template content title can define;Auto report completing mail is supported to upload.
Detailed description of the invention
Fig. 1 is overall structure of the present invention;
Fig. 2 is the timing diagram of the method for the present invention;
Fig. 3 is goal task of embodiment of the present invention configuration diagram;
Fig. 4 is protocol configuration of embodiment of the present invention figure.
Specific embodiment
Following will be combined with the drawings in the embodiments of the present invention, and technical solution in the embodiment of the present invention carries out clear, complete
Site preparation description, it is clear that described embodiments are only a part of the embodiments of the present invention, instead of all the embodiments.It is based on
Embodiment in the present invention, it is obtained by those of ordinary skill in the art without making creative efforts every other
Embodiment shall fall within the protection scope of the present invention.
Fig. 1 and Fig. 2 are please referred to, the present invention provides a kind of technical solution:
As shown in Fig. 2, a kind of industry control bug excavation method, including step in detail below,
S1. by bug excavation system access to industrial control equipment, the industry control of acquisition industrial control equipment and industrial application software is assisted
Discuss data;
S2. it is filled in by the web interface progress task configuration of bug excavation system and task queue is arranged and deposited
It stores up in task Queue module and sends new task signal to engine is transferred;
S3. the new task signal acquisition task queue module that the transfer engine of bug excavation system is sent according to web interface
In mission bit stream and start client;
S4. client starts plug-in unit according to mission bit stream, and plug-in component operation is sequentially completed data loading, session connection and section
Point traversal;
S5. the data analysis module of bug excavation system receives the process data recording that plug-in component operation generates, line number of going forward side by side
According to processing;
S6. data analysis module carries out data processing and sends task completion mark to client;
S7. client receives after task completes mark and completes to scan and exit, and web interface completes vulnerability scanning and from number
Scanning result data are obtained according to analysis module and carry out scanning result data displaying.
State recording module is sent by task summary info after client terminal start-up in the step S3, in the step S4
Node typing information, session typing information and process typing information are sent state recording module, the client by plug-in unit
Task Progress more new information is obtained according to plug-in unit node traverses completion information and sends it to state recording module, the web
Interface obtains Task Progress information from state recording module.
Client sends task completed information in state recording module in the step S7, and web interface is remembered from state
Task completed information is got in record module terminates vulnerability scanning operation.
Web interface carries out nodal information update when plug-in component operation in the step S4, session information is shown and operation team
Column show and update nodal information, session information is shown and operation queue displaying is sent to state recording module.
As shown in Figure 1, a kind of industry control bug excavation system, including protocol frame system, web interface module, client mould
Block, plug-in component operation module, task memory module, data analysis module and state recording module,
The web interface module is connected with protocol frame system, to provide initial data input, vulnerability scanning task
Information configuration carries out operational process monitoring, task start and stop;
The client modules are connected with protocol frame system, to the task start and stop information according to web interface module
Realize driving conversion, plug-in component operation calls data analysis module;
The plug-in component operation module is connected with protocol frame system, to be realized according to the received mission bit stream of client
Node initializing, field filling, session establishment, node variation, data send and receive, state recording, log recording and different
Often record completes vulnerability scanning, and all vulnerability scanning information is transmitted to state recording module;
The task memory module is connected with protocol frame system, to store the task letter of web interface module configuration
Breath;
The data analysis module is connected with protocol frame system, to client modules, plug-in component operation module with
And the data that task memory module generates carry out analysis and analysis structure are returned to web interface module;
The state recording module is connected with protocol frame system, to record web interface module, client modules with
And the status information that plug-in component operation module generates.
The protocol frame system is also connected with scheduling engine module, obtains new task signal and starting client to monitor
End module.
The web interface module include subscriber interface module, profile module, process monitoring module and crash also
Former module, the web interface module carries out information configuration to host, port and agreement by subscriber interface module, described to match
Set file module carry out the input of vulnerability scanning task names, source language input and configuration block input and generate .XML file into
Row saves, and the process monitoring module is to monitor path packet and real-time process.
The protocol frame system is constructed using fuzz testing framework agreement.
Signal custom function is received at the scheduling engine module inlet, is responsible for reception, and web interface module transmits new
Task signal goes the task queue of task memory module to read new task ID or 60s polling tasks queue.
Embodiment:
Goal task configuration and protocol configuration are shown in Fig. 3 and Fig. 4 respectively,
After web interface task configuration successful, information is saved with XML structure from the background, specific as follows:
This system realizes that modularization web interface is only responsible for life with the progress of task format in order to draw close to line of production compatibility
It is configured at task, task schedule execution is executed by control centre
Control centre receives the new task arrival signal of web interface, query task team as Deamon process running background
Column new task.
After new task reaches, scheduling starting client driver
XML is converted into fuzz plug-in unit
Conversion principle:
It is parsed line by line from top to bottom from XML
Root is root node
Plugins is a TU task unit
Plugin is current task information
Target information is obtained from the attribute of plugin
Requests is protocol element
Request is the single request of agreement, can successively fill multiple interactive requests
s_initialize(“name”)
From top to bottom, block is converted into s_block (" name ")
Non- block is parsed line by line according to primitive type
Sessions is conversation element set
Session is some session, needs to indicate session path, the i.e. path (whole story) of Request request
Sess=session (" name ")
Monitor is monitoring data parameters, and default is network monitoring
According to above-mentioned rule, parsing generates final Py script line by line
Fuzz script generates, and runs in detail according to Fuzz frame
The sum of record variation in real time, variation vernier, the path fuzz in operational process
Detailed operation logic reference, Sulley Frame Design
Data processing module is called, intermediate result data analysis is carried out
Referring in detail to data processing module document
Interface is provided, Fuzz plug-in unit real-time storage intermediate data is made
State is used using statd engine
TaskId:
{ key:values }
}
Data structure storage
Full task sharing
Complete industry control bug excavation.
A kind of industry control bug excavation method of the invention and system, support a plurality of serial bus protocols;Support a plurality of mainstreams
Industrial ethernet protocol;The protocol test use-case of abundant subdivision, protocol format segment use-case, function subdivision use-case, using data
Segment use-case etc.;Perfect fuzz testing frame support, cooperates external DTU power supply that can support to automate unattended completion
Whole test cases execute detection;DTU assets global administration, quick port scanning, fingerprint recognition, category division, visualization point
Class is shown;Proceduring record is accurately positioned problem location in detail to session and session content;Progress visualization, overall progress,
An implementation progress is applied alone, and loophole is shown in real time;Diversification is monitored, remote link is monitored, network monitoring, port link prison
It listens, TCPDump backup, various dimensions obtain abnormal conditions;Refusal service is handled DTU response when abnormal, single response time, sound
Configurable, no response power-off restarting configuration should be tested;Packet sending speed, monitoring packet sending speed is configurable, more adapts to diversified quilt
Survey environment;Protocal analysis carries out data analysis with reference to domestic, international, industry inner stipulation standard, and there are laws to abide by, reasonable;
As a result refusal service loophole and protocol realization irregularity risk analysis are supported;Loophole shows that details are abundant in content, triggering use-case name,
Session id, risk classifications, content of giving out a contract for a project, packet receiving content, risk reason, problem risk are very clear;Support loophole instant playback,
Fast verification, accurate positioning;It supports loophole collection, realizes the autonomous property right of client, and to the quick validating vulnerability of same batch equipment, nothing
It must lengthy scan again;Device-fingerprint feature extraction before supporting, identifies device type, carries out classified finishing;Support loophole POC
It scans plug-in unit to generate, generaI investigation is quickly scanned to product on line, triggered without loophole, it is lossless efficient;Support online report check and
Offline report export, abundant in content careful, report template content title can define;Auto report completing mail is supported to upload.
It although an embodiment of the present invention has been shown and described, for the ordinary skill in the art, can be with
A variety of variations, modification, replacement can be carried out to these embodiments without departing from the principles and spirit of the present invention by understanding
And modification, the scope of the present invention is defined by the appended.
Claims (9)
1. a kind of industry control bug excavation method, it is characterised in that: including step in detail below,
S1. by bug excavation system access to industrial control equipment, the industry control agreement number of industrial control equipment and industrial application software is acquired
According to;
S2. it is filled in by the web interface progress task configuration of bug excavation system and task queue is arranged and is stored to
New task signal is sent in task queue module and to engine is transferred;
S3. in the new task signal acquisition task queue module that the transfer engine of bug excavation system is sent according to web interface
Mission bit stream simultaneously starts client;
S4. client starts plug-in unit according to mission bit stream, and plug-in component operation is sequentially completed data loading, session connection and node time
It goes through;
S5. the data analysis module of bug excavation system receives the process data recording that plug-in component operation generates, and carries out at data
Reason;
S6. data analysis module carries out data processing and sends task completion mark to client;
S7. client is completed to scan and exit after receiving task completion mark, and web interface is completed vulnerability scanning and divided from data
Analysis module obtains scanning result data and carries out scanning result data displaying.
2. a kind of industry control bug excavation method according to claim 1, it is characterised in that: client opens in the step S3
State recording module is sent by task summary info after dynamic, plug-in unit is by node typing information, session typing in the step S4
Information and process typing information are sent to state recording module, and the client is completed information according to plug-in unit node traverses and obtained
Task Progress more new information simultaneously sends it to state recording module, the web interface from state recording module obtain task into
Spend information.
3. a kind of industry control bug excavation method according to claim 1, it is characterised in that: client will in the step S7
Task completed information is sent in state recording module, and web interface gets task completed information knot from state recording module
The operation of beam vulnerability scanning.
4. a kind of industry control bug excavation method according to claim 1, it is characterised in that: plug-in component operation in the step S4
When web interface carry out nodal information update, session information show and operation queue show and by nodal information update, session believe
Breath is shown and operation queue displaying is sent to state recording module.
5. a kind of industry control bug excavation system, it is characterised in that: including protocol frame system, web interface module, client mould
Block, plug-in component operation module, task memory module, data analysis module and state recording module,
The web interface module is connected with protocol frame system, to provide initial data input, vulnerability scanning mission bit stream
Configuration carries out operational process monitoring, task start and stop;
The client modules are connected with protocol frame system, to the task start and stop information realization according to web interface module
Driving conversion, plug-in component operation call data analysis module;
The plug-in component operation module is connected with protocol frame system, to realize node according to the received mission bit stream of client
Initialization, field filling, session establishment, node variation, data send and receive, state recording, log recording and exception are remembered
Record completes vulnerability scanning, and all vulnerability scanning information is transmitted to state recording module;
The task memory module is connected with protocol frame system, to store the mission bit stream of web interface module configuration;
The data analysis module is connected with protocol frame system, to client modules, plug-in component operation module and appoint
The data that business memory module generates carry out analysis and analysis structure are returned to web interface module;
The state recording module is connected with protocol frame system, to record web interface module, client modules and insert
Part runs the status information that module generates.
6. a kind of industry control bug excavation system according to claim 5, it is characterised in that: the protocol frame system also connects
Scheduling engine module is connect, obtains new task signal and starting client modules to monitor.
7. a kind of industry control bug excavation system according to claim 5, it is characterised in that: the web interface module includes
Subscriber interface module, profile module, process monitoring module and crash recovery module, the web interface module pass through use
Family interface module carries out information configuration to host, port and agreement, and the profile module carries out vulnerability scanning task name
Claim input, source language input and configuration block input and generate .XML file and saved, the process monitoring module to
Path packet and real-time process are monitored.
8. a kind of industry control bug excavation system according to claim 5, it is characterised in that: the protocol frame system uses
Fuzz testing framework agreement is constructed.
9. a kind of industry control bug excavation system according to claim 6, it is characterised in that: the scheduling engine module inlet
Place receives signal custom function, is responsible for receiving the new task signal that web interface module transmits, goes the task of task memory module
New task ID or 60s polling tasks queue are read in queue.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201811130002.7A CN109347812A (en) | 2018-09-27 | 2018-09-27 | A kind of industry control bug excavation method and system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201811130002.7A CN109347812A (en) | 2018-09-27 | 2018-09-27 | A kind of industry control bug excavation method and system |
Publications (1)
Publication Number | Publication Date |
---|---|
CN109347812A true CN109347812A (en) | 2019-02-15 |
Family
ID=65307148
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201811130002.7A Pending CN109347812A (en) | 2018-09-27 | 2018-09-27 | A kind of industry control bug excavation method and system |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN109347812A (en) |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110730180A (en) * | 2019-10-17 | 2020-01-24 | 杭州安恒信息技术股份有限公司 | Portable communication equipment detection instrument and communication equipment detection method |
CN110865851A (en) * | 2019-11-18 | 2020-03-06 | 中国民航信息网络股份有限公司 | Automatic Android application data acquisition method and system |
CN111581438A (en) * | 2019-02-19 | 2020-08-25 | 青岛海信移动通信技术股份有限公司 | File analysis method and terminal |
CN113285841A (en) * | 2021-06-15 | 2021-08-20 | 无锡热能在线科技有限公司 | Configuration device and method for industrial gateway data transmission protocol |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104144142A (en) * | 2013-05-07 | 2014-11-12 | 阿里巴巴集团控股有限公司 | Web vulnerability discovery method and system |
CN104426850A (en) * | 2013-08-23 | 2015-03-18 | 南京理工大学常熟研究院有限公司 | Vulnerability detection method based on plug-in |
EP2943843A1 (en) * | 2013-01-08 | 2015-11-18 | Secure-Nok AS | Method, device and computer program for monitoring an industrial control system |
CN106878341A (en) * | 2017-04-14 | 2017-06-20 | 北京匡恩网络科技有限责任公司 | The vulnerability scanning method and device of the network equipment |
CN107094158A (en) * | 2017-06-27 | 2017-08-25 | 四维创智(北京)科技发展有限公司 | The fragile analysis system of one kind automation intranet security |
-
2018
- 2018-09-27 CN CN201811130002.7A patent/CN109347812A/en active Pending
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP2943843A1 (en) * | 2013-01-08 | 2015-11-18 | Secure-Nok AS | Method, device and computer program for monitoring an industrial control system |
CN104144142A (en) * | 2013-05-07 | 2014-11-12 | 阿里巴巴集团控股有限公司 | Web vulnerability discovery method and system |
CN104426850A (en) * | 2013-08-23 | 2015-03-18 | 南京理工大学常熟研究院有限公司 | Vulnerability detection method based on plug-in |
CN106878341A (en) * | 2017-04-14 | 2017-06-20 | 北京匡恩网络科技有限责任公司 | The vulnerability scanning method and device of the network equipment |
CN107094158A (en) * | 2017-06-27 | 2017-08-25 | 四维创智(北京)科技发展有限公司 | The fragile analysis system of one kind automation intranet security |
Non-Patent Citations (3)
Title |
---|
于长奇: "工控设备漏洞挖掘技术研究", 《中国优秀硕士学位论文全文数据库(电子期刊)信息科技辑》 * |
向騻: "一种基于改进Fuzzing架构的工业控制设备漏洞挖掘框架", 《武汉大学学报(理学版)》 * |
张凤臣: "工业控制设备漏洞检测系统浅析", 《科技与创新》 * |
Cited By (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111581438A (en) * | 2019-02-19 | 2020-08-25 | 青岛海信移动通信技术股份有限公司 | File analysis method and terminal |
CN111581438B (en) * | 2019-02-19 | 2024-01-23 | 青岛海信移动通信技术有限公司 | File analysis method and terminal |
CN110730180A (en) * | 2019-10-17 | 2020-01-24 | 杭州安恒信息技术股份有限公司 | Portable communication equipment detection instrument and communication equipment detection method |
CN110865851A (en) * | 2019-11-18 | 2020-03-06 | 中国民航信息网络股份有限公司 | Automatic Android application data acquisition method and system |
CN110865851B (en) * | 2019-11-18 | 2023-12-01 | 中国民航信息网络股份有限公司 | Automatic Android application data acquisition method and system |
CN113285841A (en) * | 2021-06-15 | 2021-08-20 | 无锡热能在线科技有限公司 | Configuration device and method for industrial gateway data transmission protocol |
CN113285841B (en) * | 2021-06-15 | 2023-08-08 | 无锡摩尔汇萃智能技术有限公司 | Configuration method of industrial gateway data transmission protocol |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN109347812A (en) | A kind of industry control bug excavation method and system | |
CN106961362B (en) | Automated testing method and mobile cloud test system | |
US9059939B2 (en) | End-to-end network service assurance solution | |
CN109889551A (en) | A kind of method of the Internet of Things cloud platform of Intelligent hardware access | |
CN109495308A (en) | A kind of automation operational system based on management information system | |
CN108418704A (en) | A kind of network element device method of network entry based on automation template configuration | |
CN103812726A (en) | Automated testing method and device for data communication equipment | |
CN104092755B (en) | A kind of method and device for capturing of cloud service origination data | |
CN112511218A (en) | Satellite ground station monitoring system based on microservice | |
CN111130922A (en) | Airborne information safety automatic test method and test platform | |
CN103731205A (en) | Method for automatically testing optical network unit | |
CN103746840A (en) | Method and system for automatic checking of software version information of network equipment | |
CN109086213A (en) | A kind of commercial vehicle network test management system and method based on distributed system | |
CN104023071A (en) | System and method of monitoring software performance test resources | |
US10673769B2 (en) | Analysis device for the analysis and manipulation of a communication sequence | |
CN101656642A (en) | Method, device and system for testing authentication performance of network access equipment | |
Turcato et al. | Introducing a cloud based architecture for the distributed analysis of Real-Time Ethernet traffic | |
CN112583663B (en) | Automatic network performance testing method based on domestic operating system | |
CN108234246A (en) | A kind of method and system of multidirectional server network performance | |
CN110636127B (en) | Communication processing method and system between information data | |
Seifermann | Application performance monitoring in microservice-based systems | |
CN107301125A (en) | A kind of method, device and electronic equipment for finding root mistake | |
CN105827462A (en) | Method and tool for detecting network device | |
CN112486706B (en) | Internet of things local equipment linkage method based on MQTT message driving mechanism | |
CN113872686A (en) | Customer self-service troubleshooting processing method based on optical broadband network service |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20190215 |
|
RJ01 | Rejection of invention patent application after publication |