CN109587643A - A kind of method and apparatus of detection application traffic leakage - Google Patents
A kind of method and apparatus of detection application traffic leakage Download PDFInfo
- Publication number
- CN109587643A CN109587643A CN201811555328.4A CN201811555328A CN109587643A CN 109587643 A CN109587643 A CN 109587643A CN 201811555328 A CN201811555328 A CN 201811555328A CN 109587643 A CN109587643 A CN 109587643A
- Authority
- CN
- China
- Prior art keywords
- target application
- application
- test
- target
- network access
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 351
- 238000001514 detection method Methods 0.000 title claims abstract description 35
- 230000008569 process Effects 0.000 claims abstract description 322
- 238000012360 testing method Methods 0.000 claims abstract description 173
- 238000004088 simulation Methods 0.000 claims abstract description 27
- 238000006243 chemical reaction Methods 0.000 claims description 7
- 238000011022 operating instruction Methods 0.000 claims description 7
- 230000005540 biological transmission Effects 0.000 claims description 6
- 238000005516 engineering process Methods 0.000 abstract description 3
- 238000012545 processing Methods 0.000 description 13
- 230000006870 function Effects 0.000 description 8
- 238000010586 diagram Methods 0.000 description 4
- 238000012795 verification Methods 0.000 description 3
- 230000008901 benefit Effects 0.000 description 2
- 238000007689 inspection Methods 0.000 description 2
- 230000026676 system process Effects 0.000 description 2
- 238000001787 Wald–Wolfowitz test Methods 0.000 description 1
- 230000006399 behavior Effects 0.000 description 1
- 238000004891 communication Methods 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 230000002045 lasting effect Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
- 230000001960 triggered effect Effects 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W4/00—Services specially adapted for wireless communication networks; Facilities therefor
- H04W4/24—Accounting or billing
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/08—Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters
- H04L43/0876—Network utilisation, e.g. volume of load or congestion level
- H04L43/0888—Throughput
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W24/00—Supervisory, monitoring or testing arrangements
- H04W24/08—Testing, supervising or monitoring using real traffic
Abstract
The invention discloses a kind of method and apparatus of detection application traffic leakage, belong to field of computer technology.The described method includes: test process receives the flow rate test instruction for target application, start the target application;When carrying out scenario simulation to the target application, the test process records file by the corresponding transport layer data of each process of target application described in system administration catalogue, obtains the network access state information of each process of the target application;The test process judges whether each process of the target application flow leakage occurs according to the orientation IP address of the network access state information and the preset target application.Using the present invention, the time human cost of detection application traffic leakage can be reduced, improves the efficiency of detection application traffic leakage.
Description
Technical field
The present invention relates to field of computer technology, in particular to a kind of method and apparatus of detection application traffic leakage.
Background technique
Orienting charge on traffic is a kind of based on CDN cluster and mobile network, for the meter of the data traffic of specified application
Take mode.For having the A that applies of orientation charge on traffic function, this can be applied the destination IP of all requests of A by CDN service side
Application resource on address is aggregated into same CDN node.In this way, user is when using using A, network operator can pass through
The data traffic (can be described as orientation flow) using A in the CDN node is counted, it is fixed to realize to the application A data traffic generated
To charge on traffic.
At runtime using A, it is possible that part is sent to the request of other IP address, and these IP address (can be described as
Non-directional IP address) it is not aggregate to above-mentioned CDN node, therefore, network operator will be according to general charge on traffic mode
Carry out charging to the data traffic (can be described as non-directional flow) of the request influences to answer to increase the campus network of user
With the user experience with mobile network.For this purpose, needing during for application and development orientation charge on traffic function to application
In non-directional flow carry out test verification, with determine application whether can generate non-directional flow in the process of running, i.e., whether
There are problems that flow leakage.
For the A that applies under Android system, when progress non-directional flow carries out test verification, technical staff will can first be transported
Row has this to be connected to test equipment using the terminal device of A, then in user's usage scenario of simulation application A, sets in test
It is filtered on standby by the network packet that network packet catcher generates terminal device.Later, technical staff can extract
The information of the network packet filtered out, judges whether the network packet is issued by application A, and whether is sent to the IP summarized
Address (can be described as orientation IP address), and then the problem of revealing using A with the presence or absence of flow is determined by judging result.
In the implementation of the present invention, the inventor finds that the existing technology has at least the following problems:
First, being limited to the performance of software/hardware, it is typically only capable to survey a terminal device with a test equipment
Examination, inefficiency;Second, the network communication due to Android system background application can not completely close, checked result will be by very
Big interference;Third, testing verification non-directional flow by manually, time human cost is higher, while the accuracy of checked result
It is difficult to ensure.
Summary of the invention
In order to solve problems in the prior art, the embodiment of the invention provides it is a kind of detection application traffic leakage method and
Device.The technical solution is as follows:
In a first aspect, providing a kind of method of detection application traffic leakage, which comprises
Test process receives the flow rate test instruction for target application, starts the target application;
When carrying out scenario simulation to the target application, the test process passes through target described in system administration catalogue
The corresponding transport layer data of each process of application records file, obtains the network access shape of each process of the target application
State information;
The test process according to the orientation IP address of the network access state information and the preset target application,
Judge whether each process of the target application flow leakage occurs.
Optionally, after the test process starting target application, further includes:
The test process executes shell-command, obtains the target application according to the application identities of the target application
The process identity information of each process.
Optionally, the corresponding transmission of each process that the test process passes through target application described in system administration catalogue
Layer data records file, obtains the network access state information of each process of the target application, comprising:
For the target process of the target application, the test process is searched in system administration catalogue based on the mesh
The file destination catalogue of the process identity information name of mark process, and remembered by the transport layer data in the file destination catalogue
Record the network access state information of target process described in file acquisition.
Optionally, the corresponding transmission of each process that the test process passes through target application described in system administration catalogue
Layer data records file, obtains the network access state information of each process of the target application, comprising:
The corresponding transmission of each process of target application described in the test process periodicity Ergodic Theory administrative directory
Layer data records file, generates the corresponding status information table of comparisons of each process, wherein the status information table of comparisons is extremely
The connection status of network access connection including process and opposite end address less;
The test process traverses the corresponding status information table of comparisons of each process, obtains the every of the target application
The network access state information of a process.
Optionally, the test process is according to the orientation of the network access state information and the preset target application
IP address, before judging whether each process of the target application flow leakage occurs, further includes:
The test process is to the opposite end of network access connection in the corresponding status information table of comparisons of each process
Location carries out system conversion.
Optionally, after the test process starting target application, further includes:
The test process is based on the corresponding application simulation operation of the preset target application, Xiang Suoshu target application
Application process sends different application operating instructions.
Optionally, the method also includes:
When flow leakage occurs in the target process for detecting the target application, the test process determines most proximad institute
State the target application operational order of application process transmission;
The test process sends the target application operational order to the application process again, and monitors the system
The corresponding transport layer data of target process described in administrative directory records file.
Second aspect provides a kind of device of detection application traffic leakage, and described device operation has test process, described
Test process is used for:
The flow rate test received for target application instructs, and starts the target application;
To the target application carry out scenario simulation when, by each of target application described in system administration catalogue into
The corresponding transport layer data of journey records file, obtains the network access state information of each process of the target application;
According to the orientation IP address of the network access state information and the preset target application, the target is judged
Whether each process of application there is flow leakage.
Optionally, the test process, is also used to:
After starting the target application, shell-command is executed, obtains institute according to the application identities of the target application
State the process identity information of each process of target application.
Optionally, the test process, is specifically used for:
For the target process of the target application, the process based on the target process is searched in system administration catalogue
The file destination catalogue of identification information name, and file acquisition institute is recorded by the transport layer data in the file destination catalogue
State the network access state information of target process.
Optionally, the test process, is specifically used for:
The corresponding transport layer data record text of each process of target application described in periodical Ergodic Theory administrative directory
Part generates the corresponding status information table of comparisons of each process, wherein the status information table of comparisons includes at least process
The connection status of network access connection and opposite end address;
The corresponding status information table of comparisons of each process is traversed, the network of each process of the target application is obtained
Access state information.
Optionally, the test process, is also used to:
In the orientation IP address according to the network access state information and the preset target application, the mesh is judged
Before whether each process of mark application flow leakage occurs, to network in the corresponding status information table of comparisons of each process
The opposite end address of access connection carries out system conversion.
Optionally, the test process, is also used to:
After starting the target application, it is based on the corresponding application simulation operation of the preset target application, to institute
The application process for stating target application sends different application operating instructions.
Optionally, the test process, is also used to:
When flow leakage occurs in the target process for detecting the target application, determine that most proximad the application process is sent out
The target application operational order sent;
The target application operational order is sent again to the application process, and monitors institute in the system administration catalogue
State the corresponding transport layer data record file of target process.
The third aspect, provides a kind of test terminal, and the test terminal includes processor and memory, the memory
In be stored at least one instruction, at least a Duan Chengxu, code set or instruction set, at least one instruction, described at least one
Duan Chengxu, the code set or instruction set are loaded by the processor and are executed to realize detection application as described in relation to the first aspect
The method of flow leakage.
Fourth aspect provides a kind of computer readable storage medium, at least one finger is stored in the storage medium
Enable, at least a Duan Chengxu, code set or instruction set, at least one instruction, an at least Duan Chengxu, the code set or
The method that instruction set is loaded by processor and executed to realize detection application traffic leakage as described in relation to the first aspect.
Technical solution provided in an embodiment of the present invention has the benefit that
In the embodiment of the present invention, test process receives the flow rate test instruction for target application, starts target application;?
When carrying out scenario simulation to target application, test process passes through the corresponding biography of each process of target application in system administration catalogue
Defeated layer data records file, obtains the network access state information of each process of target application;Test process is visited according to network
The orientation IP address for asking status information and preset target application, judges whether each process of target application flow occurs and let out
Leakage.In this way, recording file by the corresponding transport layer data of application process in test process access system administration catalogue, applied
The network access state information of process can support more test equipments while carry out flow leak detection, and can be accurately straight
It sees ground and determines the process that flow leakage occurs, and participated in without artificial, reduce the time human cost of detection, improve detection
Efficiency.
Detailed description of the invention
To describe the technical solutions in the embodiments of the present invention more clearly, make required in being described below to embodiment
Attached drawing is briefly described, it should be apparent that, drawings in the following description are only some embodiments of the invention, for
For those of ordinary skill in the art, without creative efforts, it can also be obtained according to these attached drawings other
Attached drawing.
Fig. 1 is a kind of method flow diagram of detection application traffic leakage provided in an embodiment of the present invention;
Fig. 2 is a kind of structural schematic diagram for testing terminal provided in an embodiment of the present invention.
Specific embodiment
To make the object, technical solutions and advantages of the present invention clearer, below in conjunction with attached drawing to embodiment party of the present invention
Formula is described in further detail.
The embodiment of the invention provides a kind of method of detection application traffic leakage, this method can be used in the survey of application
It tries in terminal, and is specifically realized by the test process operated in test terminal.Wherein, test terminal can be to apply and be in
It is that CDN service side is used to detect the flow leak case of application, configured with android operating system in test phase
Arbitrary network equipment, in every test terminal, CDN service side can install the testing tool for specifically being tested.
When needing to detect application with the presence or absence of flow leakage problem, CDN service side can start above-mentioned test work in test terminal
Tool operation test process, and relevant detection processing is carried out by test process.If be appreciated that in more test terminals
On dispose testing tool, then can by more test terminals simultaneously to one or more application carry out flow leak-testing.
Above-mentioned test terminal may include processor, memory, transceiver, processor can be used for carrying out the test in following processes into
Processing performed by journey, memory can be used for storing the data of the data and generation that need in following treatment processes, transmitting-receiving
Device can be used for sending and receiving the related data in following treatment processes.It is appreciated that test process is realized in the application
All processing, it is understood that be implemented by the test terminal of operation test process by test process.
Below in conjunction with specific embodiment, process flow shown in FIG. 1 is described in detail, content can be as
Under:
Step 101, test process receives the flow rate test instruction for target application, starts target application.
Wherein, using to may operate at the application program in terminal, target application then can be for one or a kind of using journey
Sequence.
In an implementation, survey can be passed through in the exploitation of the orientation charge on traffic function of application and test phase, CDN service side
It tries terminal and flow leak-testing is carried out to application.By taking target application as an example, the technical staff of CDN service side is in detection target application
When with the presence or absence of flow leakage problem, the target application first can be installed in test terminal, it is then pre- in starting test terminal
The testing tool first disposed runs test process.Later, technical staff input can be directed to target application in test terminal
Flow rate test instruction determines target application to be tested, and call and be so that triggering test process receives flow rate test instruction
Intent API unite to start target application.
Optionally, after starting target application, test process can obtain relevant process identification (PID) by shell-command
Information, correspondingly, may exist following processing after step 101: test process executes shell-command, according to answering for target application
The process identity information of each process of target application is obtained with mark.
Wherein, process identity information can be the information for uniquely tagged process, specifically can be pid information, can also
It is unified in the present embodiment to be illustrated by taking pid information as an example to be the information of other forms, the information of other forms with etc
Seemingly, it no longer introduces one by one.
In an implementation, after target application starting, test process can execute shell-command, then according to target application
Application identities obtain the pid information of each process of target application.Specific shell-command can be " ps | grep " order,
For obtaining the pid information of all processes in current test terminal, then by the application identities of target application " packagename "
As the parameter of " ps | grep " order, that is, constitute " ps | grep packagename ", with filter out each of target application into
The pid information of journey.
Step 102, when carrying out scenario simulation to target application, test process passes through target application in system administration catalogue
The corresponding transport layer data of each process record file, obtain the network access state information of each process of target application.
Wherein, transport layer data record file can be the transport layer data of the network access connection for record the process
File, specifically can be the net/tcp file of tcp connection under corresponding ipv4 or is the net/ of tcp connection under corresponding ipv6
Tcp6 file or be udp connection under corresponding ipv4 net/udp file, or under corresponding ipv6 udp connection net/
Udp6 file.Network access state information can be the network including process access connection connection status (such as connection status or
Off-state) and network access connection five-tuple information etc..
In an implementation, after target application starting, the system process for testing terminal can create mesh in system administration catalogue
The corresponding transport layer data of each process for marking application records file, and each by record in transport layer data record file
The network access state information of process.In this way, to target application carry out flow leak-testing when, can first to target application into
Row scenario simulation, with all scenes being likely to occur when reappearing user using target application.And field is being carried out to target application
It, can real-time record the process in the corresponding transport layer data record file of each process of above-mentioned target application while scape is simulated
Network access state information.In turn, test process can be corresponding by each process of target application in system administration catalogue
Transport layer data record file, obtain the network access state information of each process of target application.
Optionally, the processing of process identity information is obtained based on above-mentioned test process, test process can pass through process mark
The corresponding network access state information of acquisition of information process is known, correspondingly, obtaining the place of network access state information in step 102
Reason can be such that the target process for target application, and for the target process of target application, test process is in system administration mesh
The file destination catalogue of the process identity information name based on target process is searched in record, and passes through the biography in file destination catalogue
The network access state information of defeated layer data record file acquisition target process.
In an implementation, target application starting after, test terminal system process can be created in system administration catalogue with
Multiple file directorys of the pid information name of each process of target application, and create under each file directory for remembering
Picture recording answers the transport layer data record file of the network access state information of process.In this way, the target process with target application is
Example, test process after getting the pid information of target process, can first in system administration catalogue search based on target into
The file destination catalogue of the pid information name of journey can then be remembered later by the transport layer data in access target file directory
File is recorded, to obtain the network access state information of target process.
It optionally, can be by the form of the unified table of comparisons come the network access state information of record the process, correspondingly, obtaining
The processing of all process network access state information is taken specifically to can be such that in test process periodicity Ergodic Theory administrative directory
The corresponding transport layer data of each process of target application records file, generates the corresponding status information table of comparisons of each process.
Test process traverses the corresponding status information table of comparisons of each process, obtains the network access state of each process of target application
Information.
Wherein, the status information table of comparisons includes at least connection status and the opposite end address of the network access connection of process.
In an implementation, when carrying out scenario simulation to target application, test process can periodically Ergodic Theory management
The corresponding transport layer data of each process of target application records file in catalogue, so as to generate each of target application into
The corresponding status information table of comparisons of journey.Each status information table of comparisons can be named with the pid information of each process, wherein can be with
Connection status and opposite end address including at least the network access connection of a process of target application, specifically refer to table 1 and show
The state of a process information contrast table that pid information out is 5533.
Table 1
In this way, test process can traverse the corresponding status information table of comparisons of each process, each of target application is obtained
The network access state information of process.Intuitively reflect mesh as can be seen that can understand by way of the status information table of comparisons
The network access state information of the process of application is marked, convenient for subsequent artefacts to the network access state information inspection of process and really
Recognize.
Step 103, orientation IP address of the test process according to network access state information and preset target application, judgement
Whether each process of target application there is flow leakage.
It in an implementation, can be with after test process gets the network access state information of each process of target application
The orientation IP address of preset target application is obtained, which can be orientation of the CDN service side based on target application
Charge on traffic business is predefined and is configured in each test terminal, can specifically be existed in the form of IP address table, should
IP address table can be using the application identities of target application as table name, and record has the corresponding all orientation IP of known target application
Address.In this way, the orientation IP of network access state information and above-mentioned preset target application that test process can will acquire
Address compares, to judge whether each process of target application flow leakage occurs.Specifically, working as certain of target application
The IP address in the address of opposite end that the network access state information of a process includes is not belonging to the orientation IP of preset target application
When address, it is possible to determine that flow leakage occurs in the process, on the contrary, if IP address in above-mentioned opposite end address and above-mentioned orientation IP
An address in address is identical, it may be considered that the process does not occur flow leakage.For example, the process A of target application is corresponding
Opposite end address IP address IPaFor 125.77.130.208, the IP address IP of the corresponding opposite end address process BbFor
125.77.120.208, the orientation IP address of preset target application is 125.77.130.0-125.77.130.255, then
IPaBelong to orientation IP address, IPbIt is not belonging to orientation IP address, so, process A does not occur flow leakage, and process B flow occurs and lets out
Leakage.Further, if flow leakage occurs in some process, the network access state information of the process can be added to
In the test log of target application.
Optionally, after generating the status information table of comparisons, the opposite end address of access connection therein can be converted,
In order to be compared with orientation IP address, correspondingly, there may be following processing before step 103: test process is to each
The opposite end address of network access connection carries out system conversion in the corresponding status information table of comparisons of process.
In an implementation, test process generates the corresponding status information table of comparisons of process for each process of target application
Later, the opposite end address of the network access connection in the status information table of comparisons can be extracted.The opposite end of network access connection
Location can be the form of the network bytes sequence of 16 systems, and for the ease of comparing with orientation IP address, test process can be right
The opposite end address of network access connection carries out system conversion, generates the opposite end address of dotted decimal notation.In turn, test process can
With the opposite end address based on dotted decimal notation, the subsequent processing compared with orienting IP address is carried out.
It optionally, can be configured with the function of carrying out scenario simulation to application, correspondingly, test process exists in testing tool
After starting target application, there may be following processing: test process is based on the corresponding scenario simulation behaviour of preset target application
Make, different application operating instructions is sent to the application process of target application.
In an implementation, the technical staff of CDN service side can add correspondence when developing testing tool in testing tool
With the function of carrying out scenario simulation, further, it is contemplated that the usage scenario of same type of application is essentially identical, so can be with
For same type of application, the function code of identical scenario simulation is configured, it, can be with for example, for video playback class application
The analog functuion for providing the scenes such as video playing, video download, video sharing can provide text for instant messaging class application
The analog functuion of the scenes such as word session, voice conversation, video session.In this way, after test process starts target application, it can be true
It sets the goal using affiliated classification, is then based on the corresponding scenario simulation operation of preset target application, i.e. field under the category
Scape simulated operation sends different application operating instructions to the application process of target application, to realize the field to target application
Scape simulation.It is noted that the transmission interval that different application operatings instructs can be according to the needs of application scenarios by artificial
Voluntarily adjust.Certainly, for the scenario simulation of target application, realization, Huo Zheyou can also be manually triggered by technical staff
Test process is realized with the mode manually combined.
Optionally, it is based on above-mentioned test process sending application operational order, the processing of application scenarios simulation is realized, works as detection
To when flow leakage, test process can carry out current scene repeating simulation, to confirm whether flow leakage is accidentally, accordingly
, the processing of test process can be such that test process is true when flow leakage occurs in the target process for detecting target application
The fixed target application operational order that most proximad application process is sent;Test process sends target application operation to application process again
Instruction, and monitor the corresponding transport layer data record file of target process described in the system administration catalogue.
In an implementation, test process is when the network access state information of all processes to target application is analyzed,
If it find that flow leakage occurs in some process (such as target process) of target application, then it can determine flow leakage occur
Reappear again using scene, and to this using scene.It is most proximad applied specifically, test process can be determined first
Then the target application operational order that process is sent sends target application operation to the application process of target application again and refers to
It enables.Later, test process can only the corresponding transport layer data of target process records file in monitoring system administrative directory, to obtain
The network access state information for taking target process, then further determines that whether target process is deposited according to network access state information
In flow leakage problem.Detect that some process there are when flow leakage problem, need to pass through for the first time it can be appreciated that may be set in
N times scene reproduction, and judge each scene reproduction when, whether which all has flow leakage problem, in this way, inspection can be reduced
Survey result is influenced by incident, ensure that the accuracy of testing result to a certain extent.
In the embodiment of the present invention, test process receives the flow rate test instruction for target application, starts target application;?
When carrying out scenario simulation to target application, test process passes through the corresponding biography of each process of target application in system administration catalogue
Defeated layer data records file, obtains the network access state information of each process of target application;Test process is visited according to network
The orientation IP address for asking status information and preset target application, judges whether each process of target application flow occurs and let out
Leakage.In this way, recording file by the corresponding transport layer data of application process in test process access system administration catalogue, applied
The network access state information of process can support more test equipments while carry out flow leak detection, and can be accurately straight
It sees ground and determines the process that flow leakage occurs, and participated in without artificial, reduce the time human cost of detection, improve detection
Efficiency.
Based on the same technical idea, the embodiment of the invention also provides a kind of device of detection application traffic leakage, institutes
Stating device operation has test process, and the test process is used for:
The flow rate test received for target application instructs, and starts the target application;
To the target application carry out scenario simulation when, by each of target application described in system administration catalogue into
The corresponding transport layer data of journey records file, obtains the network access state information of each process of the target application;
According to the orientation IP address of the network access state information and the preset target application, the target is judged
Whether each process of application there is flow leakage.
Optionally, the test process, is also used to:
After starting the target application, shell-command is executed, obtains institute according to the application identities of the target application
State the process identity information of each process of target application.
Optionally, the test process, is specifically used for:
For the target process of the target application, the process based on the target process is searched in system administration catalogue
The file destination catalogue of identification information name, and file acquisition institute is recorded by the transport layer data in the file destination catalogue
State the network access state information of target process.
Optionally, the test process, is specifically used for:
The corresponding transport layer data record text of each process of target application described in periodical Ergodic Theory administrative directory
Part generates the corresponding status information table of comparisons of each process, wherein the status information table of comparisons includes at least process
The connection status of network access connection and opposite end address;
The corresponding status information table of comparisons of each process is traversed, the network of each process of the target application is obtained
Access state information.
Optionally, the test process, is also used to:
In the orientation IP address according to the network access state information and the preset target application, the mesh is judged
Before whether each process of mark application flow leakage occurs, to network in the corresponding status information table of comparisons of each process
The opposite end address of access connection carries out system conversion.
Optionally, the test process, is also used to:
After starting the target application, it is based on the corresponding application simulation operation of the preset target application, to institute
The application process for stating target application sends different application operating instructions.
Optionally, the test process, is also used to:
When flow leakage occurs in the target process for detecting the target application, determine that most proximad the application process is sent out
The target application operational order sent;
The target application operational order is sent again to the application process, and monitors institute in the system administration catalogue
State the corresponding transport layer data record file of target process.
In the embodiment of the present invention, test process receives the flow rate test instruction for target application, starts target application;?
When carrying out scenario simulation to target application, test process passes through the corresponding biography of each process of target application in system administration catalogue
Defeated layer data records file, obtains the network access state information of each process of target application;Test process is visited according to network
The orientation IP address for asking status information and preset target application, judges whether each process of target application flow occurs and let out
Leakage.In this way, recording file by the corresponding transport layer data of application process in test process access system administration catalogue, applied
The network access state information of process can support more test equipments while carry out flow leak detection, and can be accurately straight
It sees ground and determines the process that flow leakage occurs, and participated in without artificial, reduce the time human cost of detection, improve detection
Efficiency.
It should be understood that the device of detection application traffic leakage provided by the above embodiment is in detection application traffic leakage
When, only the example of the division of the above functional modules, in practical application, it can according to need and divide above-mentioned function
With being completed by different functional modules, i.e., the internal structure of device is divided into different functional modules, to complete above description
All or part of function.In addition, device and the detection application traffic of detection application traffic leakage provided by the above embodiment
The embodiment of the method for leakage belongs to same design, and specific implementation process is detailed in embodiment of the method, and which is not described herein again.
Fig. 2 is the structural schematic diagram of test terminal provided in an embodiment of the present invention.The test terminal 200 can be because of configuration or property
Energy is different and generates bigger difference, may include one or more central processing units 222 (for example, one or one
The above processor) and memory 232, the 230 (example of storage medium of one or more storage application programs 242 or data 244
Such as one or more mass memory units).Wherein, memory 232 and storage medium 230 can be of short duration storage or lasting
Storage.The program for being stored in storage medium 230 may include one or more modules (diagram does not mark), and each module can
To include to the series of instructions operation in test terminal 200.Further, central processing unit 222 can be set to and deposit
Storage media 230 communicates, and the series of instructions operation in storage medium 230 is executed in test terminal 200.
Testing terminal 200 can also include one or more power supplys 229, one or more wired or wireless nets
Network interface 250, one or more input/output interfaces 258, one or more keyboards 256, and/or, one or one
A above operating system 241, such as Windows Server, Mac OS X, Unix, Linux, FreeBSD etc..
Test terminal 200 may include have memory and one perhaps more than one program one of them or one
A procedure above is stored in memory, and is configured to execute one or one by one or more than one processor
A procedure above includes the instruction for carrying out above-mentioned detection application traffic leakage.
Those of ordinary skill in the art will appreciate that realizing that all or part of the steps of above-described embodiment can pass through hardware
It completes, relevant hardware can also be instructed to complete by program, the program can store in a kind of computer-readable
In storage medium, storage medium mentioned above can be read-only memory, disk or CD etc..
The foregoing is merely presently preferred embodiments of the present invention, is not intended to limit the invention, it is all in spirit of the invention and
Within principle, any modification, equivalent replacement, improvement and so on be should all be included in the protection scope of the present invention.
Claims (16)
1. a kind of method of detection application traffic leakage, which is characterized in that the described method includes:
Test process receives the flow rate test instruction for target application, starts the target application;
When carrying out scenario simulation to the target application, the test process passes through target application described in system administration catalogue
The corresponding transport layer data of each process record file, obtain the network access state letter of each process of the target application
Breath;
Orientation IP address of the test process according to the network access state information and the preset target application, judgement
Whether each process of the target application there is flow leakage.
2. the method according to claim 1, wherein being gone back after the test process starts the target application
Include:
The test process executes shell-command, and it is each to obtain the target application according to the application identities of the target application
The process identity information of process.
3. according to the method described in claim 2, it is characterized in that, the test process passes through mesh described in system administration catalogue
The corresponding transport layer data of each process for marking application records file, obtains the network access of each process of the target application
Status information, comprising:
For the target process of the target application, the test process searched in system administration catalogue based on the target into
The file destination catalogue of the process identity information name of journey, and text is recorded by the transport layer data in the file destination catalogue
Part obtains the network access state information of the target process.
4. the method according to claim 1, wherein the test process passes through mesh described in system administration catalogue
The corresponding transport layer data of each process for marking application records file, obtains the network access of each process of the target application
Status information, comprising:
The corresponding transmission number of plies of each process of target application described in the test process periodicity Ergodic Theory administrative directory
According to record file, the corresponding status information table of comparisons of each process is generated, wherein the status information table of comparisons at least wraps
Include connection status and the opposite end address of the network access connection of process;
The corresponding status information table of comparisons of test process traversal each process, obtain each of described target application into
The network access state information of journey.
5. according to the method described in claim 4, it is characterized in that, the test process is according to the network access state information
With the orientation IP address of the preset target application, judge whether each process of the target application flow occurs and leak it
Before, further includes:
The test process to the opposite end address of network access connection in the corresponding status information table of comparisons of each process into
System of advancing conversion.
6. the method according to claim 1, wherein being gone back after the test process starts the target application
Include:
The test process is based on the corresponding application simulation operation of the preset target application, the application of Xiang Suoshu target application
Process sends different application operating instructions.
7. according to the method described in claim 6, it is characterized in that, the method also includes:
When flow leakage occurs in the target process for detecting the target application, the test process determines most proximad described answer
The target application operational order sent with process;
The test process sends the target application operational order to the application process again, and monitors the system administration
The corresponding transport layer data of target process described in catalogue records file.
8. a kind of device of detection application traffic leakage, which is characterized in that described device operation has a test process, it is described test into
Journey is used for:
The flow rate test received for target application instructs, and starts the target application;
When carrying out scenario simulation to the target application, pass through each process pair of target application described in system administration catalogue
The transport layer data record file answered, obtains the network access state information of each process of the target application;
According to the orientation IP address of the network access state information and the preset target application, the target application is judged
Each process whether there is flow leakage.
9. device according to claim 8, which is characterized in that the test process is also used to:
After starting the target application, shell-command is executed, obtains the mesh according to the application identities of the target application
The process identity information of each process of mark application.
10. device according to claim 9, which is characterized in that the test process is specifically used for:
For the target process of the target application, the process identification (PID) based on the target process is searched in system administration catalogue
The file destination catalogue of information name, and mesh described in file acquisition is recorded by the transport layer data in the file destination catalogue
The network access state information of mark process.
11. device according to claim 8, which is characterized in that the test process is specifically used for:
The corresponding transport layer data of each process of target application described in periodical Ergodic Theory administrative directory records file, raw
At the corresponding status information table of comparisons of each process, wherein the status information table of comparisons includes at least the network of process
Access connection status and the opposite end address of connection;
The corresponding status information table of comparisons of each process is traversed, the network access of each process of the target application is obtained
Status information.
12. device according to claim 11, which is characterized in that the test process is also used to:
In the orientation IP address according to the network access state information and the preset target application, judge that the target is answered
Before whether each process flow leakage occurs, network in the corresponding status information table of comparisons of each process is accessed
The opposite end address of connection carries out system conversion.
13. device according to claim 8, which is characterized in that the test process is also used to:
After starting the target application, it is based on the corresponding application simulation operation of the preset target application, Xiang Suoshu mesh
The application process of mark application sends different application operating instructions.
14. device according to claim 13, which is characterized in that the test process is also used to:
When flow leakage occurs in the target process for detecting the target application, determine that most proximad the application process is sent
Target application operational order;
The target application operational order is sent again to the application process, and monitors mesh described in the system administration catalogue
The corresponding transport layer data of mark process records file.
15. a kind of test terminal, which is characterized in that the test terminal includes processor and memory, is deposited in the memory
Contain at least one instruction, at least a Duan Chengxu, code set or instruction set, at least one instruction, an at least Duan Cheng
Sequence, the code set or instruction set are loaded by the processor and are executed to realize the detection as described in claim 1 to 7 is any
The method of application traffic leakage.
16. a kind of computer readable storage medium, which is characterized in that be stored at least one instruction, extremely in the storage medium
A few Duan Chengxu, code set or instruction set, at least one instruction, an at least Duan Chengxu, the code set or instruction
The method that collection is loaded by processor and executed to realize the detection application traffic leakage as described in claim 1 to 7 is any.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811555328.4A CN109587643B (en) | 2018-12-18 | 2018-12-18 | Method and device for detecting flow leakage of application |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811555328.4A CN109587643B (en) | 2018-12-18 | 2018-12-18 | Method and device for detecting flow leakage of application |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN109587643A true CN109587643A (en) | 2019-04-05 |
| CN109587643B CN109587643B (en) | 2020-11-06 |
Family
ID=65930048
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201811555328.4A Expired - Fee Related CN109587643B (en) | 2018-12-18 | 2018-12-18 | Method and device for detecting flow leakage of application |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109587643B (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115277502A (en) * | 2022-06-17 | 2022-11-01 | 广州根链国际网络研究院有限公司 | Method for automatically measuring IPv6 flow aiming at APP application |
Citations (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20070130324A1 (en) * | 2005-12-05 | 2007-06-07 | Jieming Wang | Method for detecting non-responsive applications in a TCP-based network |
| US20080244086A1 (en) * | 2007-03-28 | 2008-10-02 | Cisco Technology, Inc. | Identifying network path including network proxies |
| CN103001814A (en) * | 2011-09-09 | 2013-03-27 | 湖南神州祥网科技有限公司 | Method for describing network flow characteristic statistics |
| CN103166807A (en) * | 2011-12-15 | 2013-06-19 | 中国电信股份有限公司 | Analyzing and processing method and analyzing and processing system of traffic flow direction based on application |
| CN103929373A (en) * | 2014-03-20 | 2014-07-16 | 江苏省未来网络创新研究院 | Method for accurately recognizing network application traffic |
| CN104023092A (en) * | 2014-04-29 | 2014-09-03 | 中国联合网络通信集团有限公司 | Method and system for realizing directed flow packet |
| CN104348682A (en) * | 2014-10-11 | 2015-02-11 | 北京中创腾锐技术有限公司 | Method and system for mobile application flow feature automatic analysis |
| CN105988928A (en) * | 2015-03-02 | 2016-10-05 | 腾讯科技(深圳)有限公司 | Terminal application testing method and mobile terminal |
| CN106302350A (en) * | 2015-06-01 | 2017-01-04 | 阿里巴巴集团控股有限公司 | URL monitoring method, device and equipment |
| CN108494616A (en) * | 2018-02-26 | 2018-09-04 | 上海康斐信息技术有限公司 | A kind of cell phone application flow rate test method and system |
-
2018
- 2018-12-18 CN CN201811555328.4A patent/CN109587643B/en not_active Expired - Fee Related
Patent Citations (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20070130324A1 (en) * | 2005-12-05 | 2007-06-07 | Jieming Wang | Method for detecting non-responsive applications in a TCP-based network |
| US20080244086A1 (en) * | 2007-03-28 | 2008-10-02 | Cisco Technology, Inc. | Identifying network path including network proxies |
| CN103001814A (en) * | 2011-09-09 | 2013-03-27 | 湖南神州祥网科技有限公司 | Method for describing network flow characteristic statistics |
| CN103166807A (en) * | 2011-12-15 | 2013-06-19 | 中国电信股份有限公司 | Analyzing and processing method and analyzing and processing system of traffic flow direction based on application |
| CN103929373A (en) * | 2014-03-20 | 2014-07-16 | 江苏省未来网络创新研究院 | Method for accurately recognizing network application traffic |
| CN104023092A (en) * | 2014-04-29 | 2014-09-03 | 中国联合网络通信集团有限公司 | Method and system for realizing directed flow packet |
| CN104348682A (en) * | 2014-10-11 | 2015-02-11 | 北京中创腾锐技术有限公司 | Method and system for mobile application flow feature automatic analysis |
| CN105988928A (en) * | 2015-03-02 | 2016-10-05 | 腾讯科技(深圳)有限公司 | Terminal application testing method and mobile terminal |
| CN106302350A (en) * | 2015-06-01 | 2017-01-04 | 阿里巴巴集团控股有限公司 | URL monitoring method, device and equipment |
| CN108494616A (en) * | 2018-02-26 | 2018-09-04 | 上海康斐信息技术有限公司 | A kind of cell phone application flow rate test method and system |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115277502A (en) * | 2022-06-17 | 2022-11-01 | 广州根链国际网络研究院有限公司 | Method for automatically measuring IPv6 flow aiming at APP application |
| CN115277502B (en) * | 2022-06-17 | 2023-10-10 | 广州根链国际网络研究院有限公司 | Method for automatically measuring IPv6 flow aiming at APP |
Also Published As
| Publication number | Publication date |
|---|---|
| CN109587643B (en) | 2020-11-06 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110636131B (en) | Internet of things testing system based on cloud technology | |
| US8874736B2 (en) | Event extractor | |
| CN109308266A (en) | Construction method, test method, device, equipment and the medium of test case | |
| CN109639782B (en) | Message sending platform and method | |
| CN105376335B (en) | Collected data uploading method and device | |
| CN109067938B (en) | Method and device for testing DNS (Domain name Server) | |
| Qiao et al. | Characterizing flow, application, and user behavior in mobile networks: A framework for mobile big data | |
| CN106412975B (en) | A kind of test method and device of content charging loophole | |
| CN111371639B (en) | Network delay analysis method and device, storage medium and computer equipment | |
| CN111028085A (en) | Network shooting range asset information acquisition method and device based on active and passive combination | |
| CN106161396B (en) | A kind of method and device for realizing virtual machine network access control | |
| Lin et al. | Low-storage capture and loss recovery selective replay of real flows | |
| CN106067879B (en) | The detection method and device of information | |
| CN112217777A (en) | Attack backtracking method and equipment | |
| CN103368783A (en) | Method, system and equipment for network communication process monitoring | |
| CN109587643A (en) | A kind of method and apparatus of detection application traffic leakage | |
| Trammell et al. | Identifying Skype traffic in a large-scale flow data repository | |
| CN114389792B (en) | WEB log NAT (network Address translation) front-back association method and system | |
| CN109582585A (en) | A kind of method and apparatus of detection application traffic leakage | |
| EP4042649A1 (en) | A method of capturing packets from a container in a cluster background | |
| CN108737387A (en) | Recording method, server and the computer readable storage medium of network request | |
| CN115114132A (en) | Performance test method and system for auditing program | |
| CN111881384B (en) | Evidence obtaining method, system and storage medium for illegal external connection | |
| CN108616415A (en) | data correlation method and device | |
| CN114071391A (en) | Content charging test method, management device, terminal device and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20201106 |
|
| CF01 | Termination of patent right due to non-payment of annual fee |