CN111709026A - 静态安全检测方法、装置、计算机设备和存储介质 - Google Patents
静态安全检测方法、装置、计算机设备和存储介质 Download PDFInfo
- Publication number
- CN111709026A CN111709026A CN202010523982.8A CN202010523982A CN111709026A CN 111709026 A CN111709026 A CN 111709026A CN 202010523982 A CN202010523982 A CN 202010523982A CN 111709026 A CN111709026 A CN 111709026A
- Authority
- CN
- China
- Prior art keywords
- security detection
- interface
- information
- static security
- description
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000001514 detection method Methods 0.000 title claims abstract description 116
- 230000003068 static effect Effects 0.000 title claims abstract description 105
- 238000002372 labelling Methods 0.000 claims description 25
- 238000004590 computer program Methods 0.000 claims description 13
- 238000010276 construction Methods 0.000 claims description 4
- 238000006243 chemical reaction Methods 0.000 claims description 2
- 238000000605 extraction Methods 0.000 claims description 2
- 238000000034 method Methods 0.000 abstract description 22
- 238000010586 diagram Methods 0.000 description 12
- 230000008569 process Effects 0.000 description 12
- 238000002347 injection Methods 0.000 description 4
- 239000007924 injection Substances 0.000 description 4
- 230000006870 function Effects 0.000 description 3
- 241000282672 Ateles sp. Species 0.000 description 2
- 230000007547 defect Effects 0.000 description 2
- 238000009795 derivation Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000001360 synchronised effect Effects 0.000 description 2
- 238000004364 calculation method Methods 0.000 description 1
- 238000001914 filtration Methods 0.000 description 1
- 239000004973 liquid crystal related substance Substances 0.000 description 1
- 239000000243 solution Substances 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/562—Static detection
- G06F21/563—Static detection by source code analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D10/00—Energy efficient computing, e.g. low power processors, power management or thermal management
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Computing Systems (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Virology (AREA)
- Stored Programmes (AREA)
Abstract
Description
Claims (10)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202010523982.8A CN111709026B (zh) | 2020-06-10 | 2020-06-10 | 静态安全检测方法、装置、计算机设备和存储介质 |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202010523982.8A CN111709026B (zh) | 2020-06-10 | 2020-06-10 | 静态安全检测方法、装置、计算机设备和存储介质 |
Publications (2)
Publication Number | Publication Date |
---|---|
CN111709026A true CN111709026A (zh) | 2020-09-25 |
CN111709026B CN111709026B (zh) | 2023-10-24 |
Family
ID=72539435
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202010523982.8A Active CN111709026B (zh) | 2020-06-10 | 2020-06-10 | 静态安全检测方法、装置、计算机设备和存储介质 |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN111709026B (zh) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112235149A (zh) * | 2020-12-15 | 2021-01-15 | 广东省新一代通信与网络创新研究院 | 一种网络功能单元仿真建模的方法及系统、网络功能单元 |
CN115828248A (zh) * | 2023-02-17 | 2023-03-21 | 杭州未名信科科技有限公司 | 基于可解释性深度学习的恶意代码检测方法及装置 |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101017458A (zh) * | 2007-03-02 | 2007-08-15 | 北京邮电大学 | 基于源代码静态分析的软件安全代码分析器及其检测方法 |
US20130014093A1 (en) * | 2010-03-29 | 2013-01-10 | Soft4Soft Co., Ltd. | Code inspection executing system for performing a code inspection of abap source codes |
CN106354632A (zh) * | 2016-08-24 | 2017-01-25 | 北京奇虎测腾科技有限公司 | 一种基于静态分析技术的源代码检测系统及方法 |
CN106709333A (zh) * | 2015-11-16 | 2017-05-24 | 华为技术有限公司 | 一种应用编程的安全性检测方法及装置 |
CN111026663A (zh) * | 2019-12-09 | 2020-04-17 | Xc5香港有限公司 | 一种软件缺陷检测方法、装置、计算机设备和存储介质 |
CN111158667A (zh) * | 2020-01-02 | 2020-05-15 | 广州虎牙科技有限公司 | 代码注入方法和装置、电子设备及存储介质 |
-
2020
- 2020-06-10 CN CN202010523982.8A patent/CN111709026B/zh active Active
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101017458A (zh) * | 2007-03-02 | 2007-08-15 | 北京邮电大学 | 基于源代码静态分析的软件安全代码分析器及其检测方法 |
US20130014093A1 (en) * | 2010-03-29 | 2013-01-10 | Soft4Soft Co., Ltd. | Code inspection executing system for performing a code inspection of abap source codes |
CN106709333A (zh) * | 2015-11-16 | 2017-05-24 | 华为技术有限公司 | 一种应用编程的安全性检测方法及装置 |
CN106354632A (zh) * | 2016-08-24 | 2017-01-25 | 北京奇虎测腾科技有限公司 | 一种基于静态分析技术的源代码检测系统及方法 |
CN111026663A (zh) * | 2019-12-09 | 2020-04-17 | Xc5香港有限公司 | 一种软件缺陷检测方法、装置、计算机设备和存储介质 |
CN111158667A (zh) * | 2020-01-02 | 2020-05-15 | 广州虎牙科技有限公司 | 代码注入方法和装置、电子设备及存储介质 |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112235149A (zh) * | 2020-12-15 | 2021-01-15 | 广东省新一代通信与网络创新研究院 | 一种网络功能单元仿真建模的方法及系统、网络功能单元 |
CN112235149B (zh) * | 2020-12-15 | 2021-03-02 | 广东省新一代通信与网络创新研究院 | 一种网络功能单元仿真建模的方法及系统、网络功能单元 |
CN115828248A (zh) * | 2023-02-17 | 2023-03-21 | 杭州未名信科科技有限公司 | 基于可解释性深度学习的恶意代码检测方法及装置 |
Also Published As
Publication number | Publication date |
---|---|
CN111709026B (zh) | 2023-10-24 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN107832619B (zh) | Android平台下应用程序漏洞自动化挖掘系统及方法 | |
US8635602B2 (en) | Verification of information-flow downgraders | |
CN109684607B (zh) | Json数据解析方法、装置、计算机设备和存储介质 | |
Alkhalaf et al. | Verifying client-side input validation functions using string analysis | |
US20130081000A1 (en) | Test failure bucketing | |
KR101507469B1 (ko) | 소스 코드 분석 서비스 제공 방법 | |
CN104881608A (zh) | 一种基于模拟浏览器行为的xss漏洞检测方法 | |
CN104881607A (zh) | 一种基于模拟浏览器行为的xss漏洞检测系统 | |
CN108256322B (zh) | 安全测试方法、装置、计算机设备和存储介质 | |
CN113139192B (zh) | 基于知识图谱的第三方库安全风险分析方法及系统 | |
Møller et al. | Automated detection of client-state manipulation vulnerabilities | |
CN111709026B (zh) | 静态安全检测方法、装置、计算机设备和存储介质 | |
US11816479B2 (en) | System and method for implementing a code audit tool | |
Schneider et al. | Automatic extraction of security-rich dataflow diagrams for microservice applications written in Java | |
CN112817877B (zh) | 异常脚本检测方法、装置、计算机设备和存储介质 | |
CN112767155B (zh) | 智能合约安全交易序列生成方法、装置、介质和设备 | |
CN110719344B (zh) | 域名获取方法、装置、电子设备及存储介质 | |
CN116361793A (zh) | 代码检测方法、装置、电子设备及存储介质 | |
CN111459793B (zh) | 一种全生命周期的软件自动化测试方法和装置 | |
Xiong et al. | Static taint analysis method for intent injection vulnerability in android applications | |
CN111191235B (zh) | 可疑文件分析方法、装置和计算机可读存储介质 | |
CN113139184A (zh) | 基于静态分析的Binder通信过载漏洞的检测方法 | |
CN116049823B (zh) | 一种内存马检测方法、装置、计算机设备及存储介质 | |
CN116881930B (zh) | 一种基于orm框架的sql注入漏洞的分析方法与装置 | |
CN112202822B (zh) | 数据库注入检测方法、装置、电子设备及存储介质 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
CB02 | Change of applicant information |
Address after: Room 1405, 135 Wenham East Street Commercial Centre, 135 Wenham East Street, Sheung Wan, Hong Kong, China Applicant after: XC5 Hong Kong Ltd. Applicant after: Jianshi Technology (Shenzhen) Co.,Ltd. Address before: 14 / F, Hong Kong tower, 8 Hennessy Road, Wanchai, Hong Kong, China Applicant before: XC5 Hong Kong Ltd. Applicant before: Stalemate software (Shenzhen) Co.,Ltd. |
|
CB02 | Change of applicant information | ||
TA01 | Transfer of patent application right |
Effective date of registration: 20230421 Address after: LB505, Building 1, Shenye Shangcheng (South District) Commercial Complex Building, No. 5001 Huanggang Road, Lianhua Yicun Community, Huafu Street, Futian District, Shenzhen City, Guangdong Province, 518000, self-made 05B002 Applicant after: Jianshi Technology (Shenzhen) Co.,Ltd. Address before: Room 1405, 135 Wenham East Street Commercial Centre, 135 Wenham East Street, Sheung Wan, Hong Kong, China Applicant before: XC5 Hong Kong Ltd. Applicant before: Jianshi Technology (Shenzhen) Co.,Ltd. |
|
TA01 | Transfer of patent application right | ||
TA01 | Transfer of patent application right |
Effective date of registration: 20230525 Address after: B1301, Lenovo Houhai Center, 3288 Houhaibin Road, Haizhu Community, Yuehai Street, Nanshan District, Shenzhen, Guangdong Province, 518000 Applicant after: Shenzhen Zhishi Network Technology Co.,Ltd. Address before: LB505, Building 1, Shenye Shangcheng (South District) Commercial Complex Building, No. 5001 Huanggang Road, Lianhua Yicun Community, Huafu Street, Futian District, Shenzhen City, Guangdong Province, 518000, self-made 05B002 Applicant before: Jianshi Technology (Shenzhen) Co.,Ltd. |
|
TA01 | Transfer of patent application right | ||
GR01 | Patent grant | ||
GR01 | Patent grant |