CN111163067A - Safety testing method and device and electronic equipment - Google Patents

Safety testing method and device and electronic equipment Download PDF

Info

Publication number
CN111163067A
CN111163067A CN201911306950.6A CN201911306950A CN111163067A CN 111163067 A CN111163067 A CN 111163067A CN 201911306950 A CN201911306950 A CN 201911306950A CN 111163067 A CN111163067 A CN 111163067A
Authority
CN
China
Prior art keywords
target
test case
network flow
security
flow message
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201911306950.6A
Other languages
Chinese (zh)
Other versions
CN111163067B (en
Inventor
曹世杰
张维
徐辰
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Alipay Hangzhou Information Technology Co Ltd
Original Assignee
Alipay Hangzhou Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Alipay Hangzhou Information Technology Co Ltd filed Critical Alipay Hangzhou Information Technology Co Ltd
Priority to CN201911306950.6A priority Critical patent/CN111163067B/en
Publication of CN111163067A publication Critical patent/CN111163067A/en
Application granted granted Critical
Publication of CN111163067B publication Critical patent/CN111163067B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1433Vulnerability analysis
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/22Parsing or analysis of headers

Abstract

The embodiment of the specification discloses a safety test method, a safety test device and electronic equipment, wherein the method comprises the following steps: collecting a network flow message related to a target application from an interface of an operating system of a target terminal; acquiring a target security test case corresponding to the type of the network traffic message from a preset security test case library; and carrying out safety test on the network flow message based on the target safety test case to obtain a safety test result of the target application.

Description

Safety testing method and device and electronic equipment
Technical Field
The present disclosure relates to the field of computer software technologies, and in particular, to a security testing method and apparatus, and an electronic device.
Background
At present, after the application applied to a domestic business scene is popularized to an international business scene, a security team cannot collect flow data of an international gateway for automatic vulnerability testing due to compliance reasons that online data cannot be exported and the like.
In this case, the interaction flow between the client and the server needs to be tested manually for security. Manual testing consumes a lot of manpower and time, and the rapid development process also causes the difficulty of keeping up with the speed of business development. Therefore, how to provide a security testing method to test the interaction flow between the client and the server in the international business scenario, and ensure the secure interaction between the client and the server, a further solution is still needed.
Disclosure of Invention
An embodiment of the present specification provides a security testing method, a security testing device, and an electronic device, so as to improve security testing efficiency of an interaction procedure between a client and a server in an international business scenario.
In order to solve the above technical problem, the embodiments of the present specification are implemented as follows:
in a first aspect, a security testing method is provided, including:
collecting a network flow message related to a target application from an interface of an operating system of a target terminal;
acquiring a target security test case corresponding to the type of the network traffic message from a preset security test case library;
and carrying out safety test on the network flow message based on the target safety test case to obtain a safety test result of the target application.
In a second aspect, a safety testing device is provided, which includes:
the acquisition unit is used for acquiring a network flow message related to the target application from an interface of an operating system of the target terminal;
an obtaining unit, configured to obtain a target security test case corresponding to the type of the network traffic packet from a preset security test case library;
and the test unit is used for carrying out safety test on the network flow message based on the target safety test case to obtain a safety test result of the target application.
In a third aspect, a security testing system is provided, which includes a data collection program, a central gateway, a data parsing engine, and a test execution module, wherein:
the data acquisition program acquires a network flow message related to the target application from an interface of an operating system of the target terminal and sends the network flow message to a central gateway;
the central gateway receives and stores the network flow message from the data acquisition program, and sends the network flow message to a data analysis engine;
the data analysis engine receives the network flow message from the central gateway, acquires a target safety test case corresponding to the type of the network flow message from a preset safety test case library, and sends the target safety test case to a test execution module;
and the test execution module is used for carrying out safety test on the network flow message based on the target safety test case to obtain a safety test result of the target application.
In a fourth aspect, an electronic device is presented, comprising:
a processor; and
a memory arranged to store computer executable instructions that, when executed, cause the processor to:
collecting a network flow message related to a target application from an interface of an operating system of a target terminal;
acquiring a target security test case corresponding to the type of the network traffic message from a preset security test case library;
and carrying out safety test on the network flow message based on the target safety test case to obtain a safety test result of the target application.
In a fifth aspect, a computer-readable storage medium is presented, the computer-readable storage medium storing one or more programs that, when executed by an electronic device comprising a plurality of application programs, cause the electronic device to:
collecting a network flow message related to a target application from an interface of an operating system of a target terminal;
acquiring a target security test case corresponding to the type of the network traffic message from a preset security test case library;
and carrying out safety test on the network flow message based on the target safety test case to obtain a safety test result of the target application.
As can be seen from the technical solutions provided in the embodiments of the present specification, the embodiments of the present specification have at least one of the following technical effects:
one or more embodiments provided in this specification can acquire a network traffic packet related to a target application from an interface of an operating system of a target terminal, obtain a target security test case corresponding to a type of the network traffic packet from a preset security test case library, and perform security test on the network traffic packet based on the target security test case to obtain a security test result of the target application. The application related data can be directly obtained from the interface of the operating system of the terminal equipment, so that the problem of data source when the application is subjected to security testing is solved, a universal security testing method is provided for various types of applications and different types of terminals, and the security testing requirements of different mobile terminal applications are met. In addition, corresponding safety test cases are set in advance based on different types of flow messages, and the safety test efficiency is improved.
Drawings
In order to more clearly illustrate the embodiments of the present specification or the technical solutions in the prior art, the drawings needed to be used in the description of the embodiments or the prior art will be briefly introduced below, it is obvious that the drawings in the following description are only some embodiments described in the present specification, and for those skilled in the art, other drawings can be obtained according to the drawings without any creative effort.
Fig. 1 is a schematic implementation flow diagram of a security testing method according to an embodiment of the present disclosure.
Fig. 2 is a schematic diagram of a security testing method provided in an embodiment of the present specification applied in an actual scenario.
Fig. 3 is a schematic structural diagram of a safety testing device according to an embodiment of the present disclosure.
Fig. 4 is a schematic structural diagram of a security testing system according to an embodiment of the present disclosure.
Fig. 5 is a schematic structural diagram of an electronic device provided in an embodiment of the present specification.
Detailed Description
In order to make the objects, technical solutions and advantages of the present specification clearer, the technical solutions in the present specification will be clearly and completely described below with reference to the specific embodiments of the present specification and the accompanying drawings. It is to be understood that the embodiments described are only a few embodiments of this document, and not all embodiments. All other embodiments obtained by a person skilled in the art without making creative efforts based on the embodiments in this document belong to the protection scope of this document.
The technical solutions provided by the embodiments of the present description are described in detail below with reference to the accompanying drawings.
In order to improve the security testing efficiency of the interaction process between the client and the server in the international business scenario, one or more embodiments of the present specification provide a security testing method, which can collect a network traffic packet related to a target application from an interface of an operating system of a target terminal, obtain a target security testing case corresponding to the type of the network traffic packet from a preset security testing case library, and perform security testing on the network traffic packet based on the target security testing case to obtain a security testing result of the target application.
The application related data can be directly obtained from the interface of the operating system of the terminal equipment, so that the problem of data source when the application is subjected to security testing is solved, a universal security testing method is provided for various types of applications and different types of terminals, and the security testing requirements of different mobile terminal applications are met. In addition, corresponding safety test cases are set in advance based on different types of flow messages, and the safety test efficiency is improved.
Fig. 1 is a schematic implementation flow diagram of a security testing method according to an embodiment of the present disclosure. The method of fig. 1 may include:
s110, collecting network flow messages related to the target application from an interface of an operating system of the target terminal.
When the target application is transferred from the domestic market to the international market, gateway traffic data of the target application cannot be collected due to compliance reasons such as online data failing to exit, and the like, so that domestic safety testing tools and systems are difficult to apply to the international market. In order to solve the problem, in one or more embodiments of the present specification, it is considered that the target application often calls an interface of an operating system in the terminal device during a running process, and based on this point, the embodiments of the present specification may collect a network traffic message related to the target application from the interface of the operating system of the target terminal.
The operating system of the target terminal may include an Android operating system (Android), an Iphone Operating System (IOS), and other operating systems of the terminal device. In order to mask differences between operating systems, one or more embodiments of the present disclosure may set corresponding data collection programs in advance according to different types of operating systems.
Optionally, in order to improve the security testing efficiency and reduce the investment of a large amount of human resources in the security testing process, in one or more embodiments of the present specification, a data collection program may be designed in advance, and by installing the data collection program in the target terminal, the data collection program collects the network traffic messages related to the target application from the interface of the operating system of the target terminal. Specifically, collecting a network traffic message related to a target application from an interface of an operating system of a target terminal includes:
and acquiring a network flow message related to the target application from an interface of an operating system of the target terminal through a data acquisition program in the target terminal.
It should be appreciated that data collection from an interface of an operating system often requires authorization and permission to qualify for data collection. In order to obtain the access right and the control right of the interface of the operating system of the target terminal, one or more embodiments of the present disclosure may perform secure tangent plane on the operating system of the target terminal through a data collection program in the target terminal, that is, perform a security checkpoint on the interface of the operating system, and perform security analysis, control, and report on the data in the interface of the operating system at the security checkpoint.
Specifically, acquiring a network traffic message related to a target application from an interface of an operating system of a target terminal through a data acquisition program in the target terminal includes:
performing a safety tangent plane on an operating system of the target terminal through a data acquisition program in the target terminal to obtain an access right and a control right to an interface of the operating system of the target terminal;
and acquiring a network flow message related to the target application from an interface of an operating system of the target terminal through a data acquisition program in the target terminal.
For example, when an application accesses a file, an open function (an interface in an operating system) is called to perform a read operation on the file, and after a security cut is performed on the open function, source information, parameters, and a return result of the call can be seen on a security bayonet of the security cut, and at this time, operations such as blocking, modifying, and the like can be performed on data called by the security bayonet.
Optionally, in order to improve the data acquisition efficiency, it may be determined which interfaces in the operating system of the target terminal will be called by the target application in the running process based on the type of the target application and the type of the operating system of the target terminal, and then the interfaces are monitored to obtain the network traffic packet related to the target application.
Optionally, in order to improve the determination process of the target security test case, data features of different network traffic messages may be associated with corresponding security test cases in advance. Specifically, obtaining a target security test case corresponding to the type of the network traffic packet from a preset security test case library includes:
acquiring the type of the network flow message based on the data characteristics of the network flow message;
and acquiring a target security test case corresponding to the type of the network flow message from a preset security test case library.
And S120, acquiring a target security test case corresponding to the type of the network traffic message from a preset security test case library.
Optionally, in order to facilitate transmission of the network traffic message, in one or more embodiments of the present specification, a central gateway is further designed in advance, where the central gateway may be a cloud server deployed in an international region, and is configured to collect the network traffic message sent by the data acquisition program and store the network traffic message. Specifically, obtaining a target security test case corresponding to the type of the network traffic packet from a preset security test case library includes:
sending the network flow message to a central gateway through a data acquisition program in a target terminal;
sending the network flow message to a data analysis engine through a central gateway;
and acquiring a target security test case corresponding to the type of the network flow message from a preset security test case library through a data analysis engine.
In order to improve the determination efficiency of the target security test case, a data analysis engine is designed in advance in one or more embodiments of the present specification, and the data analysis engine may match the corresponding vulnerability test rule according to network traffic messages of different formats, and generate the corresponding target security test case according to the corresponding vulnerability test rule.
Specifically, the type of the test payload to be sent is selected based on different characteristics of the data traffic packet. The judgment of the selection can be made by the experience of safety operators or a trained artificial intelligence model. For example, if an html tag exists in the network traffic message, the xss payload may be used for testing, and if an http request exists, the SSRF test payload may be used for vulnerability detection.
S130, safety testing is carried out on the network flow message based on the target safety test case, and a safety test result of the target application is obtained.
Optionally, in order to adapt to security tests of different types of mobile end applications, one or more embodiments of the present specification may set a use case test module, and the use case test module may quickly access a manual test scenario, an automated test scenario, and a simulator test scenario. The manual test scene can be specifically a manual test implemented by a tester by using a terminal installation application program such as a mobile phone; the automatic test scene can be specifically an automatic application program test implemented by terminals such as a script-driven mobile phone and the like; the simulator test scenario may be specifically an automated application test performed by installing virtual equipment on a personal computer.
Specifically, the performing a security test on the network traffic packet based on the target security test case to obtain a security test result of the target application includes:
issuing the target safety test case to a case execution module through a data analysis engine;
and performing safety test on the network flow message based on the target safety test case through a case execution module to obtain a safety test result of the target application.
It should be appreciated that to quickly and accurately determine vulnerabilities that may exist in a target application, one or more embodiments of the present disclosure may preset vulnerability classes that may exist, such as logic bypass vulnerabilities, sensitive information leakage vulnerabilities, SSRF vulnerabilities, XSS script attack vulnerabilities, and the like. Specifically, the performing a security test on the network traffic packet based on the target security test case to obtain a security test result of the target application includes:
performing security test on the network flow message based on the target security test case;
and if the network flow message obtained through the test has the specified type of bug, determining that the bug exists in the target application.
Fig. 2 is a schematic diagram illustrating an application of the security testing method provided for one embodiment of the present specification in an actual scenario. In fig. 2, the data sources for the target application in the international market include the following three types: the system comprises external network environment data of the target application, internal network environment data of the target application and internal network environment data of the target application in an automatic running state.
After the data sources of the target application are acquired, firstly, code slicing is carried out on the data sources through a data acquisition program, namely, a safety tangent plane is carried out on the interface of the operating system corresponding to each data source, and the access right and the control right of the interface of the operating system are obtained; then, the collected data are sent to a central gateway through a data collection program, the central gateway stores the data in the central gateway after receiving the data, and the received data are sent to a data analysis engine; after receiving the data, the data analysis engine analyzes the data, determines a target security case corresponding to the type of the received data, and then issues the target security case to a case execution module; and after the case execution module receives the target security case, the data is subjected to replay test to obtain a data test result.
The use case execution module comprises three test scenes: an online testing environment, an offline testing environment, and an automated login scenario.
One or more embodiments provided in this specification can acquire a network traffic packet related to a target application from an interface of an operating system of a target terminal, obtain a target security test case corresponding to a type of the network traffic packet from a preset security test case library, and perform security test on the network traffic packet based on the target security test case to obtain a security test result of the target application. The application related data can be directly obtained from the interface of the operating system of the terminal equipment, so that the problem of data source when the application is subjected to security testing is solved, a universal security testing method is provided for various types of applications and different types of terminals, and the security testing requirements of different mobile terminal applications are met. In addition, corresponding safety test cases are set in advance based on different types of flow messages, and the safety test efficiency is improved.
Fig. 3 is a schematic structural diagram of a safety testing device 300 according to an embodiment of the present disclosure. Referring to fig. 3, in one software implementation, the security testing apparatus 300 may include:
the acquisition unit 301 acquires a network traffic message related to a target application from an interface of an operating system of a target terminal;
an obtaining unit 302, configured to obtain a target security test case corresponding to the type of the network traffic packet from a preset security test case library;
the testing unit 303 performs a security test on the network traffic packet based on the target security test case to obtain a security test result of the target application.
In one or more embodiments provided in this specification, a network traffic packet related to a target application can be acquired from an interface of an operating system of a target terminal through the acquisition unit 301, and then a target security test case corresponding to a type of the network traffic packet is acquired from a preset security test case library through the acquisition unit 302, and a security test result of the target application can be obtained by performing a security test on the network traffic packet based on the target security test case through the test unit 303. The application related data can be directly obtained from the interface of the operating system of the terminal equipment, so that the problem of data source when the application is subjected to security testing is solved, a universal security testing method is provided for various types of applications and different types of terminals, and the security testing requirements of different mobile terminal applications are met. In addition, corresponding safety test cases are set in advance based on different types of flow messages, and the safety test efficiency is improved.
Optionally, in an embodiment, the acquisition unit 301 is configured to:
and acquiring a network flow message related to the target application from an interface of an operating system of the target terminal through a data acquisition program in the target terminal.
Optionally, in an embodiment, the acquisition unit 301 is configured to:
performing a safety tangent plane on the operating system of the target terminal through a data acquisition program in the target terminal to obtain an access right and a control right of an interface of the operating system of the target terminal;
and acquiring a network flow message related to the target application from an interface of an operating system of the target terminal through a data acquisition program in the target terminal.
Optionally, in an embodiment, the obtaining unit 302 is configured to:
sending the network flow message to a central gateway through a data acquisition program in the target terminal;
sending the network flow to a data analysis engine through the central gateway;
and acquiring a target security test case corresponding to the type of the network flow message from a preset security test case library through the data analysis engine.
Optionally, in an embodiment, the testing unit 303 is configured to:
issuing the target safety test case to a case execution module through the data analysis engine;
and performing safety test on the network flow message based on the target safety test case through the case execution module to obtain a safety test result of the target application.
Optionally, in an embodiment, the testing unit 303 is configured to:
performing security test on the network flow message based on the target security test case;
and if the network flow message obtained through the test has the specified type of bug, determining that the bug exists in the target application.
The security testing apparatus 300 can implement the method of the embodiment of the method shown in fig. 1 to fig. 2, and specifically refer to the security testing method of the embodiment shown in fig. 1 to fig. 2, which is not described again.
Fig. 4 is a schematic structural diagram of a security testing system 400 according to an embodiment of the present disclosure. Referring to fig. 4, in a software implementation, the security testing system 400 may include a data collection program 401, a central gateway 402, a data parsing engine 403, and a test execution module 404, where:
the data collection program 401 collects a network traffic message related to a target application from an interface of an operating system of a target terminal, and sends the network traffic message to a central gateway;
the central gateway 402 receives and stores the network traffic message from the data acquisition program, and sends the network traffic message to a data analysis engine;
the data analysis engine 403 receives the network traffic message from the central gateway, obtains a target security test case corresponding to the type of the network traffic message from a preset security test case library, and issues the target security test case to a test execution module;
the test execution module 404 performs a security test on the network traffic packet based on the target security test case to obtain a security test result of the target application.
Optionally, in an embodiment, the data acquisition program 401 is configured to:
performing a security tangent plane on the operating system of the target terminal to obtain an access right and a control right to an interface of the operating system of the target terminal;
and collecting network flow messages related to the target application from an interface of an operating system of the target terminal.
Optionally, in an embodiment, the test execution module 404 is configured to:
performing security test on the network flow message based on the target security test case;
and if the network flow message obtained through the test has the specified type of bug, determining that the bug exists in the target application.
The security test system 400 can implement the method of the embodiment of the method shown in fig. 1 to 2, and specifically refer to the security test method of the embodiment shown in fig. 1 to 2, which is not described again.
Fig. 5 is a schematic structural diagram of an electronic device according to an embodiment of the present specification. Referring to fig. 5, at a hardware level, the electronic device includes a processor, and optionally further includes an internal bus, a network interface, and a memory. The Memory may include a Memory, such as a Random-Access Memory (RAM), and may further include a non-volatile Memory, such as at least 1 disk Memory. Of course, the electronic device may also include hardware required for other services.
The processor, the network interface, and the memory may be connected to each other via an internal bus, which may be an ISA (Industry Standard Architecture) bus, a PCI (peripheral component Interconnect) bus, an EISA (Extended Industry Standard Architecture) bus, or the like. The bus may be divided into an address bus, a data bus, a control bus, etc. For ease of illustration, only one double-headed arrow is shown in FIG. 5, but this does not indicate only one bus or one type of bus.
And the memory is used for storing programs. In particular, the program may include program code comprising computer operating instructions. The memory may include both memory and non-volatile storage and provides instructions and data to the processor.
The processor reads the corresponding computer program from the nonvolatile memory into the memory and then runs the computer program to form the safety testing device on the logic level. The processor is used for executing the program stored in the memory and is specifically used for executing the following operations:
collecting a network flow message related to a target application from an interface of an operating system of a target terminal;
acquiring a target security test case corresponding to the type of the network traffic message from a preset security test case library;
and carrying out safety test on the network flow message based on the target safety test case to obtain a safety test result of the target application.
One or more embodiments provided in this specification can acquire a network traffic packet related to a target application from an interface of an operating system of a target terminal, obtain a target security test case corresponding to a type of the network traffic packet from a preset security test case library, and perform security test on the network traffic packet based on the target security test case to obtain a security test result of the target application. The application related data can be directly obtained from the interface of the operating system of the terminal equipment, so that the problem of data source when the application is subjected to security testing is solved, a universal security testing method is provided for various types of applications and different types of terminals, and the security testing requirements of different mobile terminal applications are met. In addition, corresponding safety test cases are set in advance based on different types of flow messages, and the safety test efficiency is improved.
The method executed by the security testing apparatus according to the embodiment shown in fig. 1 to fig. 2 of the present specification can be applied to or implemented by a processor. The processor may be an integrated circuit chip having signal processing capabilities. In implementation, the steps of the above method may be performed by integrated logic circuits of hardware in a processor or instructions in the form of software. The Processor may be a general-purpose Processor, including a Central Processing Unit (CPU), a Network Processor (NP), and the like; but also Digital Signal Processors (DSPs), Application Specific Integrated Circuits (ASICs), Field Programmable Gate Arrays (FPGAs) or other Programmable logic devices, discrete Gate or transistor logic devices, discrete hardware components. The various methods, steps and logic blocks disclosed in the embodiments of the present specification may be implemented or performed. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like. The steps of a method disclosed in connection with the embodiments of the present specification may be embodied directly in a hardware decoding processor, or in a combination of hardware and software modules in the decoding processor. The software module may be located in ram, flash memory, rom, prom, or eprom, registers, etc. storage media as is well known in the art. The storage medium is located in a memory, and a processor reads information in the memory and completes the steps of the method in combination with hardware of the processor.
The electronic device may also execute the methods of fig. 1 to fig. 2, and implement the functions of the content display apparatus in the embodiments shown in fig. 1 to fig. 3, which are not described herein again in this specification.
Embodiments of the present specification also propose a computer-readable storage medium storing one or more programs, the one or more programs comprising instructions, which when executed by a portable electronic device comprising a plurality of application programs, are capable of causing the portable electronic device to perform the method of the embodiments shown in fig. 1-3, and in particular to perform the following:
collecting a network flow message related to a target application from an interface of an operating system of a target terminal;
acquiring a target security test case corresponding to the type of the network traffic message from a preset security test case library;
and carrying out safety test on the network flow message based on the target safety test case to obtain a safety test result of the target application.
One or more embodiments provided in this specification can acquire a network traffic packet related to a target application from an interface of an operating system of a target terminal, obtain a target security test case corresponding to a type of the network traffic packet from a preset security test case library, and perform security test on the network traffic packet based on the target security test case to obtain a security test result of the target application. The application related data can be directly obtained from the interface of the operating system of the terminal equipment, so that the problem of data source when the application is subjected to security testing is solved, a universal security testing method is provided for various types of applications and different types of terminals, and the security testing requirements of different mobile terminal applications are met. In addition, corresponding safety test cases are set in advance based on different types of flow messages, and the safety test efficiency is improved.
Of course, besides the software implementation, the electronic device in this specification does not exclude other implementations, such as logic devices or a combination of software and hardware, and the like, that is, the execution subject of the following processing flow is not limited to each logic unit, and may also be hardware or logic devices.
In short, the above description is only a preferred embodiment of the present disclosure, and is not intended to limit the scope of the present disclosure. Any modification, equivalent replacement, improvement and the like made within the spirit and principle of the present specification shall be included in the protection scope of the present specification.
The systems, devices, modules or units illustrated in the above embodiments may be implemented by a computer chip or an entity, or by a product with certain functions. One typical implementation device is a computer. In particular, the computer may be, for example, a personal computer, a laptop computer, a cellular telephone, a camera phone, a smartphone, a personal digital assistant, a media player, a navigation device, an email device, a game console, a tablet computer, a wearable device, or a combination of any of these devices.
Computer-readable media, including both non-transitory and non-transitory, removable and non-removable media, may implement information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of computer storage media include, but are not limited to, phase change memory (PRAM), Static Random Access Memory (SRAM), Dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), Read Only Memory (ROM), Electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), Digital Versatile Discs (DVD) or other optical storage, magnetic cassettes, magnetic tape magnetic disk storage or other magnetic storage devices, or any other non-transmission medium that can be used to store information that can be accessed by a computing device. As defined herein, a computer readable medium does not include a transitory computer readable medium such as a modulated data signal and a carrier wave.
It should also be noted that the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.
The embodiments in the present specification are described in a progressive manner, and the same and similar parts among the embodiments are referred to each other, and each embodiment focuses on the differences from the other embodiments. In particular, for the system embodiment, since it is substantially similar to the method embodiment, the description is simple, and for the relevant points, reference may be made to the partial description of the method embodiment.

Claims (10)

1. A security test method, comprising:
collecting a network flow message related to a target application from an interface of an operating system of a target terminal;
acquiring a target security test case corresponding to the type of the network traffic message from a preset security test case library;
and carrying out safety test on the network flow message based on the target safety test case to obtain a safety test result of the target application.
2. The method of claim 1, collecting network traffic messages associated with the target application from an interface of an operating system of the target terminal, comprising:
and acquiring a network flow message related to the target application from an interface of an operating system of the target terminal through a data acquisition program in the target terminal.
3. The method of claim 2, wherein collecting, by a data collection program in the target terminal, network traffic messages associated with a target application from an interface of an operating system of the target terminal comprises:
performing a safety tangent plane on the operating system of the target terminal through a data acquisition program in the target terminal to obtain an access right and a control right of an interface of the operating system of the target terminal;
and acquiring a network flow message related to the target application from an interface of an operating system of the target terminal through a data acquisition program in the target terminal.
4. The method of claim 2, wherein obtaining the target security test case corresponding to the type of the network traffic packet from a preset security test case library comprises:
sending the network flow message to a central gateway through a data acquisition program in the target terminal;
sending the network flow to a data analysis engine through the central gateway;
and acquiring a target security test case corresponding to the type of the network flow message from a preset security test case library through the data analysis engine.
5. The method of claim 4, wherein the performing the security test on the network traffic packet based on the target security test case to obtain the security test result of the target application comprises:
issuing the target safety test case to a case execution module through the data analysis engine;
and performing safety test on the network flow message based on the target safety test case through the case execution module to obtain a safety test result of the target application.
6. The method according to any one of claims 1 to 5, wherein performing a security test on the network traffic packet based on the target security test case to obtain a security test result of the target application includes:
performing security test on the network flow message based on the target security test case;
and if the network flow message obtained through the test has the specified type of bug, determining that the bug exists in the target application.
7. A security test device comprising:
the acquisition unit is used for acquiring a network flow message related to the target application from an interface of an operating system of the target terminal;
an obtaining unit, configured to obtain a target security test case corresponding to the type of the network traffic packet from a preset security test case library;
and the test unit is used for carrying out safety test on the network flow message based on the target safety test case to obtain a safety test result of the target application.
8. A safety test system comprises a data acquisition program, a central gateway, a data analysis engine and a test execution module, wherein:
the data acquisition program acquires a network flow message related to the target application from an interface of an operating system of the target terminal and sends the network flow message to a central gateway;
the central gateway receives and stores the network flow message from the data acquisition program, and sends the network flow message to a data analysis engine;
the data analysis engine receives the network flow message from the central gateway, acquires a target safety test case corresponding to the type of the network flow message from a preset safety test case library, and sends the target safety test case to a test execution module;
and the test execution module is used for carrying out safety test on the network flow message based on the target safety test case to obtain a safety test result of the target application.
9. An electronic device, comprising:
a processor; and
a memory arranged to store computer executable instructions that, when executed, cause the processor to:
collecting a network flow message related to a target application from an interface of an operating system of a target terminal;
acquiring a target security test case corresponding to the type of the network traffic message from a preset security test case library;
and carrying out safety test on the network flow message based on the target safety test case to obtain a safety test result of the target application.
10. A computer-readable storage medium storing one or more programs that, when executed by an electronic device including a plurality of application programs, cause the electronic device to:
collecting a network flow message related to a target application from an interface of an operating system of a target terminal;
acquiring a target security test case corresponding to the type of the network traffic message from a preset security test case library;
and carrying out safety test on the network flow message based on the target safety test case to obtain a safety test result of the target application.
CN201911306950.6A 2019-12-18 2019-12-18 Safety testing method and device and electronic equipment Active CN111163067B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201911306950.6A CN111163067B (en) 2019-12-18 2019-12-18 Safety testing method and device and electronic equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201911306950.6A CN111163067B (en) 2019-12-18 2019-12-18 Safety testing method and device and electronic equipment

Publications (2)

Publication Number Publication Date
CN111163067A true CN111163067A (en) 2020-05-15
CN111163067B CN111163067B (en) 2022-05-03

Family

ID=70557608

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201911306950.6A Active CN111163067B (en) 2019-12-18 2019-12-18 Safety testing method and device and electronic equipment

Country Status (1)

Country Link
CN (1) CN111163067B (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112019544A (en) * 2020-08-28 2020-12-01 支付宝(杭州)信息技术有限公司 Network interface security scanning method, device and system
CN113360409A (en) * 2021-07-16 2021-09-07 康剑萍 Security testing method and system for mobile terminal application program

Citations (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101295280A (en) * 2008-06-18 2008-10-29 腾讯科技(深圳)有限公司 Automatic software debugging method and system
CN101447898A (en) * 2008-11-19 2009-06-03 中国人民解放军信息安全测评认证中心 Test system used for network safety product and test method thereof
CN103678120A (en) * 2013-11-12 2014-03-26 北京京东尚科信息技术有限公司 Automatic web-application testing method based on modeling
CN105138461A (en) * 2015-09-23 2015-12-09 网易(杭州)网络有限公司 Interface testing method and device for application program
CN105656727A (en) * 2016-02-24 2016-06-08 北京奇虎科技有限公司 Method and device achieving application testing on mobile terminal
US20180052763A1 (en) * 2016-08-18 2018-02-22 International Business Machines Corporation Test case reduction in application binary interface (abi) compatibility testing
CN107908540A (en) * 2017-07-26 2018-04-13 平安壹钱包电子商务有限公司 Test case creation method, apparatus, computer equipment and medium
CN108614774A (en) * 2018-04-24 2018-10-02 百度在线网络技术(北京)有限公司 Automated testing method and device
CN109062788A (en) * 2018-07-17 2018-12-21 招银云创(深圳)信息技术有限公司 Method for generating test case, device, computer equipment and storage medium
CN109726128A (en) * 2018-12-29 2019-05-07 亚信科技(中国)有限公司 A kind of method for generating test case, device and server
CN110287093A (en) * 2019-05-20 2019-09-27 平安普惠企业管理有限公司 Mobile terminal, data-interface test method and storage medium

Patent Citations (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101295280A (en) * 2008-06-18 2008-10-29 腾讯科技(深圳)有限公司 Automatic software debugging method and system
CN101447898A (en) * 2008-11-19 2009-06-03 中国人民解放军信息安全测评认证中心 Test system used for network safety product and test method thereof
CN103678120A (en) * 2013-11-12 2014-03-26 北京京东尚科信息技术有限公司 Automatic web-application testing method based on modeling
CN105138461A (en) * 2015-09-23 2015-12-09 网易(杭州)网络有限公司 Interface testing method and device for application program
CN105656727A (en) * 2016-02-24 2016-06-08 北京奇虎科技有限公司 Method and device achieving application testing on mobile terminal
US20180052763A1 (en) * 2016-08-18 2018-02-22 International Business Machines Corporation Test case reduction in application binary interface (abi) compatibility testing
CN107908540A (en) * 2017-07-26 2018-04-13 平安壹钱包电子商务有限公司 Test case creation method, apparatus, computer equipment and medium
CN108614774A (en) * 2018-04-24 2018-10-02 百度在线网络技术(北京)有限公司 Automated testing method and device
CN109062788A (en) * 2018-07-17 2018-12-21 招银云创(深圳)信息技术有限公司 Method for generating test case, device, computer equipment and storage medium
CN109726128A (en) * 2018-12-29 2019-05-07 亚信科技(中国)有限公司 A kind of method for generating test case, device and server
CN110287093A (en) * 2019-05-20 2019-09-27 平安普惠企业管理有限公司 Mobile terminal, data-interface test method and storage medium

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112019544A (en) * 2020-08-28 2020-12-01 支付宝(杭州)信息技术有限公司 Network interface security scanning method, device and system
CN113360409A (en) * 2021-07-16 2021-09-07 康剑萍 Security testing method and system for mobile terminal application program

Also Published As

Publication number Publication date
CN111163067B (en) 2022-05-03

Similar Documents

Publication Publication Date Title
CN111163067B (en) Safety testing method and device and electronic equipment
US20130117855A1 (en) Apparatus for automatically inspecting security of applications and method thereof
CN107506648B (en) Method, device and system for searching application vulnerability
CN110035105B (en) Screen recording evidence obtaining method and system based on block chain and electronic equipment
US10481964B2 (en) Monitoring activity of software development kits using stack trace analysis
CN108121633B (en) Abnormity capturing method and device
CN110782374A (en) Electronic evidence obtaining method and system based on block chain
CN111597065A (en) Method and device for collecting equipment information
CN109327353B (en) Service flow determination method and device and electronic equipment
CN109189677B (en) Test method and device for updating state of variable value
CN107515811B (en) Method and device for acquiring power consumption of application program
CN113190464A (en) mock testing method, mock testing device, electronic equipment and mock testing medium
CN111104664B (en) Risk identification method of electronic equipment and server
CN110955887B (en) Abnormal behavior detection method and device
CN109062793B (en) Test method and device of roller control and electronic equipment
CN109302423B (en) Vulnerability scanning capability testing method and device
CN108228444B (en) Test method and device
CN108241580B (en) Client program testing method and terminal
CN108256320B (en) Dynamic detection method, device, equipment and storage medium for differential domain
CN113360409A (en) Security testing method and system for mobile terminal application program
CN108111611B (en) Client detection method and device and electronic equipment
CN111371650B (en) Flow forwarding-based quasi-production equipment testing method and system
CN105528298A (en) Safety testing method and device
CN111125714A (en) Safety detection method and device and electronic equipment
CN113434389A (en) Data verification method and device, storage medium and electronic device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant