CN110516441A - A security protection detection system for intelligent mining terminals - Google Patents

A security protection detection system for intelligent mining terminals Download PDF

Info

Publication number
CN110516441A
CN110516441A CN201910759191.2A CN201910759191A CN110516441A CN 110516441 A CN110516441 A CN 110516441A CN 201910759191 A CN201910759191 A CN 201910759191A CN 110516441 A CN110516441 A CN 110516441A
Authority
CN
China
Prior art keywords
detection
terminal
intelligence
port
scanning
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201910759191.2A
Other languages
Chinese (zh)
Inventor
梁晓兵
许斌
翟峰
刘鹰
吕英杰
王楠
岑炜
付义伦
李保丰
曹永峰
张庚
孔令达
徐萌
冯云
袁泉
冯占成
杨全萍
任博
周琪
卢艳
韩文博
李丽丽
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
State Grid Corp of China SGCC
China Electric Power Research Institute Co Ltd CEPRI
Original Assignee
State Grid Corp of China SGCC
China Electric Power Research Institute Co Ltd CEPRI
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by State Grid Corp of China SGCC, China Electric Power Research Institute Co Ltd CEPRI filed Critical State Grid Corp of China SGCC
Priority to CN201910759191.2A priority Critical patent/CN110516441A/en
Publication of CN110516441A publication Critical patent/CN110516441A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Computer And Data Communications (AREA)

Abstract

本发明公开了一种智能用采终端的安全防护检测系统,其特征在于,包括:扫描检测模块,用于依据扫描规则对智能用采终端进行扫描检测,并对扫描结果进行判断;端口检测模块,用于对智能用采终端端口的数据和报文进行检测;运行安全检测模块,用于模拟业务操作,判断智能用采终端实际上报事件与业务操作预期触发事件是否一致;控制台检测模块,用于检测连接与退出控制台操作是否正确,通过检测系统内存储的检测方案模拟各种安全事故和攻击,进而检测智能用采终端的安全防护功能是否有效可靠。

The invention discloses a safety protection detection system for an intelligent mining terminal, which is characterized in that it includes: a scanning detection module for scanning and detecting the intelligent mining terminal according to scanning rules and judging the scanning result; a port detection module , used to detect the data and messages of the intelligent terminal port; run the security detection module, used to simulate the business operation, and judge whether the event actually reported by the intelligent terminal is consistent with the expected trigger event of the business operation; the console detection module, It is used to detect whether the operation of connecting and exiting the console is correct, and simulates various security accidents and attacks through the detection scheme stored in the detection system, and then detects whether the security protection function of the smart terminal is effective and reliable.

Description

一种智能用采终端的安全防护检测系统A security protection detection system for intelligent mining terminals

技术领域technical field

本发明涉及智能用采终端安全防护领域,具体涉及一种智能用采终端的安全防护检测系统。The invention relates to the field of security protection of intelligent mining terminals, in particular to a security detection system for intelligent mining terminals.

背景技术Background technique

国网集中招标模式实施多年来,用采产品已进入关键运维期,国网计量中心经过广泛调研,发现智能用采终端现场运行存在安全隐患,尤其是网络端口和本地通信端口缺失安全防护措施,存在易遭受非法攻击的安全隐患。在此背景下,如何杜绝和预防上述安全隐患,保证智能电网更加稳定、安全的运行,保证智能电网各层级用户的信息安全,成为整个智能电网行业面临的一个严峻问题。State Grid’s centralized bidding model has been implemented for many years, and the mining products have entered a critical operation and maintenance period. After extensive research, the State Grid Metrology Center found that there are potential safety hazards in the on-site operation of smart mining terminals, especially the lack of security protection measures for network ports and local communication ports. , there are security risks that are vulnerable to illegal attacks. In this context, how to eliminate and prevent the above security risks, ensure a more stable and safe operation of the smart grid, and ensure the information security of users at all levels of the smart grid has become a serious problem facing the entire smart grid industry.

发明内容Contents of the invention

本发明提供一种智能用采终端的安全防护检测系统,用于解决智能用采终端的安全防护问题。The invention provides a safety protection detection system of an intelligent mining terminal, which is used to solve the problem of safety protection of the intelligent mining terminal.

本发明提供一种智能用采终端的安全防护检测系统,其特征在于,包括:The present invention provides a safety protection detection system for intelligent mining terminals, which is characterized in that it includes:

扫描检测模块,用于依据扫描规则对智能用采终端进行扫描检测,并对扫描结果进行判断;The scanning detection module is used to scan and detect the intelligent user terminals according to the scanning rules, and judge the scanning results;

端口检测模块,用于对智能用采终端端口的数据和报文进行检测;The port detection module is used to detect the data and messages of the intelligent terminal port;

运行安全检测模块,用于模拟业务操作,判断智能用采终端实际上报事件与业务操作预期触发事件是否一致;Run the safety detection module, which is used to simulate business operations, and judge whether the events actually reported by the smart mining terminal are consistent with the expected trigger events of business operations;

控制台检测模块,用于检测连接与退出控制台操作是否正确。The console detection module is used to detect whether the operation of connecting and exiting the console is correct.

优选的,所述扫描检测模块,其检测内容包括:智能用采终端漏洞扫描、弱口令检测、以太网远程服务开放信息检测。Preferably, the detection content of the scanning detection module includes: intelligent user terminal vulnerability scanning, weak password detection, and Ethernet remote service open information detection.

优选的,所述扫描检测模块,用于依据扫描规则对智能用采终端进行扫描检测,并对扫描结果进行判断,包括:Preferably, the scanning detection module is used to scan and detect the intelligent user terminal according to the scanning rules, and judge the scanning results, including:

依据扫描检测用例启动对应的扫描服务,一个扫描服务对应一个扫描规则;Start the corresponding scanning service according to the scanning detection use case, and one scanning service corresponds to one scanning rule;

依据扫描规则对智能用采终端进行扫描检测,并对扫描结果进行判断;Scan and detect smart mining terminals according to the scanning rules, and judge the scanning results;

依据子检测结果判断最终的检测结果。The final detection result is judged according to the sub-detection results.

优选的,所述端口检测模块,其检测内容包括:智能用采终端232端口监测、智能用采终端维护485端口监测、智能用采终端SSH端口监测、智能用采终端红外端口监测、智能用采终端USB安全接入。Preferably, the port detection module, its detection content includes: intelligent user terminal 232 port monitoring, intelligent user terminal maintenance 485 port monitoring, intelligent user terminal SSH port monitoring, intelligent user terminal infrared port monitoring, intelligent user terminal monitoring Terminal USB secure access.

优选的,所述端口检测模块,用于对智能用采终端端口的数据和报文进行检测,包括:Preferably, the port detection module is used to detect the data and packets of the intelligent terminal port, including:

进行端口未授权非法数据检测;Perform port unauthorized and illegal data detection;

进行端口未授权非安全认证及授权的合法数据检测;Carry out legal data detection of port unauthorized non-safety authentication and authorization;

进行端口未授权安全认证报文检测;Perform port unauthorized security authentication message detection;

进行端口授权合法数据检测;Perform port authorization legal data detection;

进行端口授权自动关闭检测。Perform port authorization automatic shutdown detection.

优选的,运行安全检测模块,其检测内容包括:智能用采终端液晶密码设置、以太网远程端口打开检测、智能用采终端外联信息、智能用采终端密码变更检测、关键文件目录变更、智能用采终端危险操作信息。Preferably, the safety detection module is operated, and its detection content includes: intelligent terminal liquid crystal password setting, Ethernet remote port opening detection, intelligent terminal outreach information, intelligent terminal password change detection, key file directory change, intelligent Use terminal hazard operation information.

优选的,所述运行安全检测模块,用于模拟业务操作,判断智能用采终端实际上报事件与业务操作预期触发事件是否一致,包括:Preferably, the operation safety detection module is used for simulating business operations, and judging whether the event actually reported by the smart user terminal is consistent with the expected triggering event of the business operation, including:

进行智能用采终端控制台授权,并登录控制台;Authorize the smart terminal console and log in to the console;

在控制台内部根据检测子项模拟业务操作;Simulate business operations in the console based on the detected sub-items;

判断智能用采终端实际上报事件与业务操作预期触发事件是否一致。Determine whether the event actually reported by the smart user terminal is consistent with the expected trigger event of the business operation.

本发明提供一种智能用采终端的安全防护检测系统,通过检测系统和检测台体的配合,通过检测系统内存储的检测方案模拟各种安全事故和攻击,进而检测智能用采终端的安全防护功能是否有效可靠。The present invention provides a safety protection detection system for intelligent mining terminals. Through the cooperation of the detection system and the detection platform, various security accidents and attacks are simulated through the detection scheme stored in the detection system, and then the security protection of intelligent mining terminals is detected. function is effective and reliable.

附图说明Description of drawings

图1是本发明实施例提供的一种智能用采终端的安全防护检测系统的功能架构图;FIG. 1 is a functional architecture diagram of a security detection system for a smart mining terminal provided by an embodiment of the present invention;

图2是本发明实施例涉及的智能用采终端信息库表结构;Fig. 2 is the structure of the information database table of the intelligent user terminal involved in the embodiment of the present invention;

图3是本发明实施例涉及的台体工位库表结构;Fig. 3 is the table structure of the table body station database involved in the embodiment of the present invention;

图4是本发明实施例涉及的公共检测参数库表结构;Fig. 4 is the table structure of the public detection parameter database involved in the embodiment of the present invention;

图5是本发明实施例涉及的测试方案库表结构;Fig. 5 is the table structure of the test scheme library involved in the embodiment of the present invention;

图6是本发明实施例涉及的智能用采终端安全防护检测方案架构示意图。Fig. 6 is a schematic diagram of the structure of a security protection detection scheme for a smart user terminal according to an embodiment of the present invention.

具体实施方式Detailed ways

在下面的描述中阐述了很多具体细节以便于充分理解本申请。但是本发明能够以很多不同于在此描述的其它方式来实施,本领域技术人员可以在不违背本发明内涵的情况下做类似推广,因此本发明不受下面公开的具体实施的限制。In the following description, numerous specific details are set forth in order to provide a thorough understanding of the application. However, the present invention can be implemented in many other ways different from those described here, and those skilled in the art can make similar extensions without violating the connotation of the present invention, so the present invention is not limited by the specific implementations disclosed below.

图1是本发明提供的一种智能用采终端的安全防护检测系统的功能架构图,从图中可以看出,智能用采终端的安全防护检测系统包括:扫描检测、端口检测、运行安全检测、控制台检测。Fig. 1 is a functional framework diagram of a safety protection detection system of a smart user terminal provided by the present invention. It can be seen from the figure that the safety protection detection system of a smart user terminal includes: scanning detection, port detection, and operation safety detection , Console detection.

扫描检测模块,用于依据扫描规则对智能用采终端进行扫描检测,并对扫描结果进行判断;The scanning detection module is used to scan and detect the intelligent user terminals according to the scanning rules, and judge the scanning results;

端口检测模块,用于对智能用采终端端口的数据和报文进行检测;The port detection module is used to detect the data and messages of the intelligent terminal port;

运行安全检测模块,用于模拟业务操作,判断智能用采终端实际上报事件与业务操作预期触发事件是否一致;Run the safety detection module, which is used to simulate business operations, and judge whether the events actually reported by the smart mining terminal are consistent with the expected trigger events of business operations;

控制台检测模块,用于检测连接与退出控制台操作是否正确。The console detection module is used to detect whether the operation of connecting and exiting the console is correct.

扫描检测模块,其检测内容包括:智能用采终端漏洞扫描、弱口令检测、以太网远程服务开放信息检测。扫描检测模块,用于依据扫描规则对智能用采终端进行扫描检测,并对扫描结果进行判断,包括:依据扫描检测用例启动对应的扫描服务,一个扫描服务对应一个扫描规则;依据扫描规则对智能用采终端进行扫描检测,并对扫描结果进行判断;依据子检测结果判断最终的检测结果。Scanning detection module, its detection content includes: intelligent user terminal vulnerability scanning, weak password detection, Ethernet remote service open information detection. The scanning detection module is used to scan and detect the smart terminal according to the scanning rules, and judge the scanning results, including: start the corresponding scanning service according to the scanning detection use case, and a scanning service corresponds to a scanning rule; Use the mining terminal to scan and detect, and judge the scanning results; judge the final detection results based on the sub-detection results.

端口检测模块,其检测内容包括:智能用采终端232端口监测、智能用采终端维护485端口监测、智能用采终端SSH端口监测、智能用采终端红外端口监测、智能用采终端USB安全接入。端口检测模块,用于对智能用采终端端口的数据和报文进行检测,包括:进行端口未授权非法数据检测;进行端口未授权非安全认证及授权的合法数据检测;进行端口未授权安全认证报文检测;进行端口授权合法数据检测;进行端口授权自动关闭检测。Port detection module, the detection content includes: smart user terminal 232 port monitoring, smart user terminal maintenance 485 port monitoring, smart user terminal SSH port monitoring, smart user terminal infrared port monitoring, smart terminal USB security access . The port detection module is used to detect the data and messages of the intelligent terminal port, including: detection of port unauthorized and illegal data; detection of port unauthorized non-safety authentication and authorized legal data; port unauthorized security authentication Packet detection; detection of legal data of port authorization; detection of automatic shutdown of port authorization.

运行安全检测模块,其检测内容包括:智能用采终端液晶密码设置、以太网远程端口打开检测、智能用采终端外联信息、智能用采终端密码变更检测、关键文件目录变更、智能用采终端危险操作信息。运行安全检测模块,用于模拟业务操作,判断智能用采终端实际上报事件与业务操作预期触发事件是否一致,包括:进行智能用采终端控制台授权,并登录控制台;在控制台内部根据检测子项模拟业务操作;判断智能用采终端实际上报事件与业务操作预期触发事件是否一致。Run the security detection module, and its detection content includes: intelligent terminal LCD password setting, Ethernet remote port open detection, intelligent terminal outreach information, intelligent terminal password change detection, key file directory change, intelligent terminal Hazardous handling information. Run the security detection module, which is used to simulate business operations, and judge whether the event actually reported by the smart user terminal is consistent with the expected trigger event of the business operation, including: authorizing the console of the smart user terminal and logging in to the console; The subitem simulates the business operation; judges whether the event actually reported by the smart user terminal is consistent with the expected trigger event of the business operation.

在使用该系统对智能用采终端进行安全防护检测之前,首先,需对智能用采终端的安全防护检测的流程进行规划和设计,该流程具体的可以包括:智能用采终端安全防护功能的测试准备的规划与构建、智能用采终端安全防护功能的测试执行流程设计、智能用采终端安全防护功能的检测结果规划与设计。下面将智能用采终端的安全防护检测系统结合该流程进一步说明智能用采终端的安全防护检测的具体过程。Before using the system to detect the security protection of smart terminals, first of all, it is necessary to plan and design the process of security detection of smart terminals. Specifically, the process can include: testing of security functions of smart terminals The planning and construction of the preparation, the design of the test execution process of the security protection function of the intelligent application terminal, and the planning and design of the test result of the security protection function of the intelligent application terminal. The following will further illustrate the specific process of the security protection detection of the smart user terminal by combining the security protection detection system of the smart user terminal with this process.

S101、智能用采终端安全防护功能的测试准备的规划与构建。S101. Planning and construction of test preparation for the security protection function of the smart application terminal.

智能用采终端安全防护功能测试准备的规划与构建主要指测试前对被测产品、检测台体、测试方案公共参数的建档和配置。包括构建智能用采终端档案信息及其智能用采终端管理库、构建智能用采终端检测台体工位信息、构建智能用采终端公共检测参数和构建多层次模块化测试方案及测试方案库。下面以某一智能用采终端为例来进行说明:The planning and construction of smart application terminal security protection function test preparation mainly refers to the filing and configuration of the public parameters of the product under test, the test platform, and the test plan before the test. It includes constructing the file information of the smart mining terminal and its management library, constructing the detection table information of the smart mining terminal, constructing the public detection parameters of the smart mining terminal, and building a multi-level modular test plan and a test plan library. Let's take a certain smart terminal as an example to illustrate:

(1)构建智能用采终端档案信息及其智能用采终端信息管理库。智能用采终端档案信息主要指被测的智能用采终端检测过程中需要使用到的参数信息,包括通讯、协议、方案等信息。具体内容如图2所示。(1) Construct the file information of intelligent user-acquisition terminal and its information management database of intelligent user-acquisition terminal. The file information of the intelligent application terminal mainly refers to the parameter information that needs to be used in the detection process of the intelligent application terminal under test, including communication, protocol, scheme and other information. The specific content is shown in Figure 2.

(2)构建智能用采终端检测台体工位信息。台体工位信息主要指配合终端测试的测试台体的工位参数信息。具体内容如图3所示。(2) Construct an intelligent mining terminal to detect the station body information. Bench body station information mainly refers to the station parameter information of the test bench body that cooperates with the terminal test. The specific content is shown in Figure 3.

(3)构建智能用采终端公共检测参数。公共参数主要指检测系统与台体、终端三者之前的通讯参数。具体内容如图4所示。(3) Construct the public detection parameters of intelligent mining terminals. The public parameters mainly refer to the communication parameters between the detection system, the platform and the terminal. The specific content is shown in Figure 4.

(4)构建多层次模块化测试方案及测试方案库。具体内容如图5所示。(4) Construct multi-level modular test scheme and test scheme library. The specific content is shown in Figure 5.

S102、智能用采终端安全防护功能的测试执行流程设计。S102. Design a test execution process for the security protection function of the intelligent application terminal.

结合S101中的库表结构和附图6分模块进一步阐述智能用采终端安全防护功能的测试流程步骤:Combined with the library table structure in S101 and the sub-modules in Figure 6, the test process steps of the security protection function of the intelligent application terminal are further explained:

(1)以“终端漏洞扫描”为例,进一步说明扫描检测模块的检测步骤;(1) Taking "terminal vulnerability scanning" as an example, further explain the detection steps of the scanning detection module;

1.1)依据扫描检测用例启动对应的扫描服务,一个扫描检测用例对应一个扫描规则:1.1) Start the corresponding scanning service according to the scanning detection use case, and a scanning detection use case corresponds to a scanning rule:

参见图5的测试方案库表结构,读取测试方案库中“终端漏洞扫描”的用例编号,即二级模块编号,并以此编号信息,启动程序中对应扫描服务,扫描智能用采终端中的安全漏洞。Refer to the table structure of the test plan library in Figure 5, read the use case number of "terminal vulnerability scanning" in the test plan library, that is, the second-level module number, and use this number information to start the corresponding scanning service in the program, and scan the intelligent application terminal security holes.

1.2)依据扫描规则对智能用采终端进行扫描检测,并对扫描结果进行判断;1.2) Scan and detect the smart mining terminal according to the scanning rules, and judge the scanning results;

1.2.1)安全漏洞分为高级、中级、低级三个层级。1.2.1) Security vulnerabilities are divided into three levels: high-level, medium-level, and low-level.

1.2.2)若智能用采终端中扫描出高危漏洞,则判断智能用户采终端该功能检测不合格。1.2.2) If a high-risk vulnerability is detected in the smart user terminal, it is judged that the function of the smart user terminal fails to pass the test.

1.3)依据子检测结果判断最终的检测结果。1.3) Judge the final detection result according to the sub-detection results.

(2)以“终端232端口监测”为例,进一步阐述端口检测的流程步骤:(2) Taking "terminal 232 port monitoring" as an example, further explain the process steps of port detection:

2.1)参见图5的测试方案库表结构,读取测试方案库中“终端232端口监测”的用例编号,即二级模块编号,并以此编号信息,启动程序中终端232端口监测检测流程;2.1) Referring to the table structure of the test program library in Figure 5, read the use case number of "terminal 232 port monitoring" in the test program library, that is, the secondary module number, and use this number information to start the terminal 232 port monitoring and detection process in the program;

2.2)在终端232端口监测检测流程中,在对智能用采终端未授权情况下,通过检测系统向智能用采终端发送非法数据;若终端产生“232未授权事件”,判定该子项合格,否则判定不合格;2.2) In the terminal 232 port monitoring and detection process, if the smart user terminal is not authorized, send illegal data to the smart user terminal through the detection system; if the terminal generates a "232 unauthorized event", it is determined that the sub-item is qualified, Otherwise, it is judged as unqualified;

2.3)在终端232端口监测检测流程中,在对智能用采终端未授权情况下,通过检测系统向智能用采终端发送非安全认证及授权的合法数据,若终端产生“232未授权事件”,判定该子项合格,否则判定不合格;2.3) In the terminal 232 port monitoring and detection process, in the case of unauthorized use of the intelligent terminal, the detection system sends non-safe authentication and authorized legal data to the intelligent terminal. If the terminal generates a "232 unauthorized event", The sub-item is judged to be qualified, otherwise it is judged to be unqualified;

2.4)在终端232端口监测检测流程中,在对智能用采终端未授权情况下,通过检测系统向智能用采终端发送安全认证报文检测;若终端正常响应且不产生“232未授权事件”,判定为合格,否则判定不合格;2.4) In the terminal 232 port monitoring and detection process, if the smart user terminal is not authorized, the detection system sends a security authentication message to the smart user terminal for detection; if the terminal responds normally and does not generate "232 unauthorized event" , it is judged as qualified, otherwise it is judged as unqualified;

2.5)在终端232端口监测检测流程中,在对智能用采终端授权情况下,通过检测系统向智能用采终端发送合法数据检测;若终端正常响应且不产生“232未授权事件”,判定为合格,否则判定不合格;2.5) In the monitoring and detection process of the terminal 232 port, in the case of authorization to the smart user terminal, the detection system sends legal data detection to the smart user terminal; if the terminal responds normally and does not generate "232 unauthorized event", it is judged as Qualified, otherwise it is judged as unqualified;

2.6)在终端232端口监测检测流程中,在对智能用采终端进行5分钟授权情况下,等待6分钟后,发送任意合法命令,若终端产生“232未授权事件”,判定为合格,否则判定不合格。2.6) In the terminal 232 port monitoring and detection process, in the case of authorizing the smart terminal for 5 minutes, wait 6 minutes and send any legal command. If the terminal generates "232 Unauthorized Event", it is judged as qualified, otherwise it is judged failed.

(3)以“密码变更检测”为例,进一步阐述运行安全检测的流程步骤:(3) Taking "password change detection" as an example, further explain the process steps of running security detection:

3.1)参见图5的测试方案库表结构,读取测试方案库中“密码变更检测”的用例编号,即二级模块编号,并以此编号信息,启动程序中密码变更检测流程;3.1) Referring to the table structure of the test plan library in Figure 5, read the use case number of "password change detection" in the test plan library, that is, the second-level module number, and use this number information to start the password change detection process in the program;

3.2)通过检测系统对智能用采终端进行控制台授权,并登录到智能用采终端的控制台;3.2) Authorize the console of the smart user terminal through the detection system, and log in to the console of the smart user terminal;

3.3)在控制台内部根据检测子项进行密码变更操作;3.3) Perform password change operations in the console according to the detected sub-items;

3.4)若产生“密码变更”事件,判定为合格,否则判定为不合格。3.4) If a "password change" event occurs, it is judged as qualified, otherwise it is judged as unqualified.

(4)以“终端登录控制台成功[网口]”为例,进一步阐述控制台检测的流程步骤:(4) Taking "the terminal successfully logs in to the console [network port]" as an example, further explain the process steps of the console detection:

4.1)参见图5的测试方案库表结构,读取测试方案库中“终端登录控制台成功[网口]”的用例编号,即二级模块编号,并以此编号信息,启动程序中终端登录控制台成功[网口]检测流程。4.1) Referring to the table structure of the test plan library in Figure 5, read the use case number of "the terminal logs in to the console successfully [network port]" in the test plan library, that is, the second-level module number, and use this number information to start the terminal login in the program The console successfully detects the [network port] process.

4.2)通过检测系统对智能用采终端进行连接控制台操作,若产生“控制台登录成功”事件,判定为合格,否则判定为不合格;4.2) Through the detection system, connect the smart mining terminal to the console operation, if a "console login successful" event occurs, it is judged as qualified, otherwise it is judged as unqualified;

4.3)通过检测系统执行退出控制台操作,若产生“控制台退出成功”事件,判定为合格,否则判定为不合格。4.3) Execute the operation of exiting the console through the detection system. If the "console exits successfully" event occurs, it is judged as qualified, otherwise it is judged as unqualified.

S103、智能用采终端安全防护功能的检测结果规划与设计。S103. Planning and design of detection results of the security protection function of the smart application terminal.

本发明提供一种智能用采终端的安全防护检测系统,通过检测系统和检测台体的配合,通过检测系统内存储的检测方案模拟各种安全事故和攻击,进而检测智能用采终端的安全防护功能是否有效可靠。The present invention provides a safety protection detection system for intelligent mining terminals. Through the cooperation of the detection system and the detection platform, various security accidents and attacks are simulated through the detection scheme stored in the detection system, and then the security protection of intelligent mining terminals is detected. function is effective and reliable.

Claims (7)

1. a kind of intelligence safety protection detection for adopting terminal characterized by comprising
Scanning Detction module for being scanned detection with terminal is adopted to intelligence according to scanning rule, and carries out scanning result Judgement;
Port detecting module, for being detected to intelligence with the data and message for adopting terminal prot;
Operational safety detection module is operated for analog service, judges intelligence with adopting the practical reported event of terminal and business operation It is expected that whether trigger event is consistent;
Console detection module, for detecting connection and whether exit consing correct.
2. system according to claim 1, which is characterized in that the Scanning Detction module, detection content include: intelligence With adopt terminal vulnerability scanning, weak passwurd detection, Ethernet remote service opening imformation detection.
3. system according to claim 1, which is characterized in that the Scanning Detction module, for according to scanning rule pair Intelligence is scanned detection with adopting terminal, and judges scanning result, comprising:
Start corresponding scan service, the corresponding scanning rule of a scan service according to Scanning Detction use-case;
Detection is scanned with terminal is adopted to intelligence according to scanning rule, and scanning result is judged;
Final testing result is judged according to sub- testing result.
4. system according to claim 1, which is characterized in that the port detecting module, detection content include: intelligence With adopting the monitoring of 232 port of terminal, intelligence with adopting the monitoring of 485 port of terminal maintenance, intelligence with adopting the port terminal SSH monitoring, intelligent With adopting the monitoring of terminal infrared port, intelligence with adopting terminal USB secure accessing.
5. system according to claim 1, which is characterized in that the port detecting module, for intelligence with adopting terminal The data and message of port are detected, comprising:
Carry out the detection of port unauthorized invalid data;
Carry out the valid data detection of the non-security certification of port unauthorized and authorization;
Carry out port unauthorized safety certification packet check;
Carry out port authorization valid data detection;
It carries out port authorization and detection is automatically closed.
6. system according to claim 1, which is characterized in that operational safety detection module, detection content include: intelligence With adopt the setting of terminal liquid crystal password, Ethernet remote port opens detection, intelligence is with adopting terminal external connection information, intelligence with adopting terminal Password change detection, the change of critical file catalogue, intelligence are with adopting terminal risky operation information.
7. system according to claim 1, which is characterized in that the operational safety detection module is grasped for analog service Make, judge intelligence with adopt the practical reported event of terminal and business operation expection trigger event it is whether consistent, comprising:
Intelligence is carried out with adopting terminal console authorization, and logs in console;
According to detection subitem analog service operation inside console;
Judge intelligence with adopt the practical reported event of terminal and business operation expection trigger event it is whether consistent.
CN201910759191.2A 2019-08-16 2019-08-16 A security protection detection system for intelligent mining terminals Pending CN110516441A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910759191.2A CN110516441A (en) 2019-08-16 2019-08-16 A security protection detection system for intelligent mining terminals

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910759191.2A CN110516441A (en) 2019-08-16 2019-08-16 A security protection detection system for intelligent mining terminals

Publications (1)

Publication Number Publication Date
CN110516441A true CN110516441A (en) 2019-11-29

Family

ID=68625545

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910759191.2A Pending CN110516441A (en) 2019-08-16 2019-08-16 A security protection detection system for intelligent mining terminals

Country Status (1)

Country Link
CN (1) CN110516441A (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112975956A (en) * 2021-02-04 2021-06-18 内蒙古汇能集团长滩发电有限公司 Inspection robot and testing method and testing device thereof
CN117407872A (en) * 2023-12-13 2024-01-16 深圳市科力锐科技有限公司 Security protection detection method, device, equipment and storage medium

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2001084270A2 (en) * 2000-04-28 2001-11-08 Internet Security Systems, Inc. Method and system for intrusion detection in a computer network
CN104767757A (en) * 2015-04-17 2015-07-08 国家电网公司 Multi-dimensional security monitoring method and system based on WEB business
CN108830084A (en) * 2018-06-12 2018-11-16 国网江苏省电力有限公司无锡供电分公司 Realize the handheld terminal and means of defence of computer information safe protection vulnerability scanning and protective reinforcing
CN109600371A (en) * 2018-12-08 2019-04-09 公安部第三研究所 A kind of network layer leakage location and method

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2001084270A2 (en) * 2000-04-28 2001-11-08 Internet Security Systems, Inc. Method and system for intrusion detection in a computer network
CN104767757A (en) * 2015-04-17 2015-07-08 国家电网公司 Multi-dimensional security monitoring method and system based on WEB business
CN108830084A (en) * 2018-06-12 2018-11-16 国网江苏省电力有限公司无锡供电分公司 Realize the handheld terminal and means of defence of computer information safe protection vulnerability scanning and protective reinforcing
CN109600371A (en) * 2018-12-08 2019-04-09 公安部第三研究所 A kind of network layer leakage location and method

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112975956A (en) * 2021-02-04 2021-06-18 内蒙古汇能集团长滩发电有限公司 Inspection robot and testing method and testing device thereof
CN112975956B (en) * 2021-02-04 2022-05-13 内蒙古汇能集团长滩发电有限公司 Inspection robot and testing method and testing device thereof
CN117407872A (en) * 2023-12-13 2024-01-16 深圳市科力锐科技有限公司 Security protection detection method, device, equipment and storage medium
CN117407872B (en) * 2023-12-13 2024-04-09 深圳市科力锐科技有限公司 Security protection detection method, device, equipment and storage medium

Similar Documents

Publication Publication Date Title
CN108646722B (en) Information security simulation model and terminal of industrial control system
CN113114647A (en) Network security risk detection method and device, electronic equipment and storage medium
CN110011848B (en) Mobile operation and maintenance auditing system
CN103903187A (en) Fast detection method for potential safety hazards of power distribution automation system information
CN106059087A (en) Intelligent transformer substation vulnerability analysis and assessment system
CN103716785A (en) Mobile Internet security service system
CN109587159A (en) A kind of comprehensive industry control security evaluation System and method for
CN109636971A (en) A kind of intelligent Community safety entrance guard management method and system
CN110516441A (en) A security protection detection system for intelligent mining terminals
Fan et al. Ruledger: Ensuring execution integrity in trigger-action iot platforms
KR20220121745A (en) Smart Factory System
CN115766065A (en) Security protection method, system, medium, and equipment for electric power Internet of Things system
CN108305357A (en) A method of the error-unlocking prevention based on intelligent unlocking key
CN101854357B (en) Method and system for monitoring network authentication
CN114625074A (en) A safety protection system and method for DCS system of thermal power unit
CN106534110B (en) Trinity transformer substation secondary system safety protection system framework system
CN117292054B (en) Three-dimensional digital-based intelligent operation and maintenance method and system for power grid
CN105897711A (en) System for isolating industrial control system and management network
CN111652454A (en) Supervision quality and safety production management evaluation management system
Hu et al. Security assessment of intelligent connected vehicles based on cyber range
CN111770100B (en) Method and system for verifying safe access of external equipment to Internet of things terminal
KR20220121744A (en) IoT device monitoring method based on Big Data and Artificial intelligence and IoT device monitoring system performing the same
Liu et al. Research on software security and compatibility test for mobile application
Cagalaban et al. Improving SCADA control systems security with software vulnerability analysis
CN114338072B (en) A method for detecting remote login permission of Root account of power distribution automation terminal

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination