CN113656308A - Computer software analysis system - Google Patents
Computer software analysis system Download PDFInfo
- Publication number
- CN113656308A CN113656308A CN202110950216.4A CN202110950216A CN113656308A CN 113656308 A CN113656308 A CN 113656308A CN 202110950216 A CN202110950216 A CN 202110950216A CN 113656308 A CN113656308 A CN 113656308A
- Authority
- CN
- China
- Prior art keywords
- computer software
- module
- analyzed
- shelling
- analysis
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000004458 analytical method Methods 0.000 claims abstract description 71
- 230000003068 static effect Effects 0.000 claims abstract description 55
- 238000000034 method Methods 0.000 claims abstract description 32
- 238000012545 processing Methods 0.000 claims abstract description 22
- 238000000605 extraction Methods 0.000 claims abstract description 11
- 230000005540 biological transmission Effects 0.000 claims abstract description 8
- 238000013135 deep learning Methods 0.000 claims abstract description 8
- 238000012549 training Methods 0.000 claims description 13
- 238000005516 engineering process Methods 0.000 claims description 12
- 238000012360 testing method Methods 0.000 claims description 12
- 238000012952 Resampling Methods 0.000 claims description 3
- 238000013527 convolutional neural network Methods 0.000 claims description 3
- 230000004927 fusion Effects 0.000 claims description 3
- 238000004088 simulation Methods 0.000 claims description 2
- 244000035744 Hura crepitans Species 0.000 description 2
- 230000006399 behavior Effects 0.000 description 2
- 238000010276 construction Methods 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000006837 decompression Effects 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 230000006870 function Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 231100000817 safety factor Toxicity 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/36—Preventing errors by testing or debugging software
- G06F11/3604—Software analysis for verifying properties of programs
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F18/00—Pattern recognition
- G06F18/20—Analysing
- G06F18/21—Design or setup of recognition systems or techniques; Extraction of features in feature space; Blind source separation
- G06F18/214—Generating training patterns; Bootstrap methods, e.g. bagging or boosting
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/40—Transformation of program code
- G06F8/53—Decompilation; Disassembly
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06N—COMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N20/00—Machine learning
- G06N20/20—Ensemble learning
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06N—COMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N3/00—Computing arrangements based on biological models
- G06N3/02—Neural networks
- G06N3/04—Architecture, e.g. interconnection topology
- G06N3/045—Combinations of networks
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06N—COMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N3/00—Computing arrangements based on biological models
- G06N3/02—Neural networks
- G06N3/08—Learning methods
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- General Physics & Mathematics (AREA)
- Data Mining & Analysis (AREA)
- Artificial Intelligence (AREA)
- Evolutionary Computation (AREA)
- Computing Systems (AREA)
- Life Sciences & Earth Sciences (AREA)
- Mathematical Physics (AREA)
- Biophysics (AREA)
- Molecular Biology (AREA)
- General Health & Medical Sciences (AREA)
- Computational Linguistics (AREA)
- Biomedical Technology (AREA)
- Health & Medical Sciences (AREA)
- Computer Vision & Pattern Recognition (AREA)
- Bioinformatics & Computational Biology (AREA)
- Bioinformatics & Cheminformatics (AREA)
- Evolutionary Biology (AREA)
- Medical Informatics (AREA)
- Computer Hardware Design (AREA)
- Quality & Reliability (AREA)
- Stored Programmes (AREA)
Abstract
The invention discloses a computer software analysis system, which belongs to the technical field of computer software and comprises a data input module, a data transmission module, a shelling judgment module, a shelling processing module, a feature extraction module, a database module, a deep learning module, a software analysis judgment module, a safety alarm module and a system management module; compared with the traditional dynamic analysis method, the static analysis method or the hybrid analysis method, the method does not need analysts to have higher software safety analysis knowledge, and the multiple bases are fused, so that the generalization is strong, the accuracy of computer software safety analysis is improved, and the method has higher safety analysis efficiency compared with the dynamic analysis method.
Description
Technical Field
The invention relates to the technical field of computer software, in particular to a computer software analysis system.
Background
Through retrieval, the Chinese patent No. CN109992512A discloses a computer software analysis system, although the invention realizes the safety management of the computer software by the traditional dynamic and static analysis means, the method has more limitations and lower safety analysis efficiency and accuracy; computer software is the basis for realizing various functions of a computer, is directly oriented to the needs of users, and can directly help the users to improve the working quality and efficiency; the software analysis technology is one of important branches in the field of software engineering, and aims to analyze codes, system behaviors, network behaviors, user interfaces and the like of software by technical means such as decompilation, sandbox and the like so as to assist analysts to deeply understand the intention and implementation mode of the software, wherein the software analysis technology is mainly divided into a static analysis technology and a dynamic analysis technology; the static analysis technology obtains information such as an operation code, an API (application program interface), a dynamic link library, a configuration file and the like of an executable program by performing decompilation on the executable program, and further obtains a source code of the executable program by performing decompilation; the dynamic analysis technology captures information such as modules, calls and the like when the executable program runs by adopting a sandbox, a simulator and the like; at present, the computer software is difficult to avoid the existence of the self constraint of a writing language or other objective factors in the programming process, and a lawless person often carries out malicious tampering on the software, so that a plurality of safety factors exist in the computer software, and the software must be analyzed; therefore, it becomes important to invent a computer software analysis system;
most of the existing computer software analysis systems are realized by a traditional dynamic analysis method, a static analysis method or a hybrid analysis method, but the analysis methods have more limitations, such as higher requirements on knowledge reserves of analysts, and the like, and the methods have relatively lower safety analysis efficiency and accuracy; to this end, we propose a computer software analysis system.
Disclosure of Invention
The invention aims to solve the defects in the prior art and provides a computer software analysis system.
In order to achieve the purpose, the invention adopts the following technical scheme:
a computer software analysis system comprises a data input module, a data transmission module, a shelling judgment module, a shelling processing module, a feature extraction module, a database module, a deep learning module, a software analysis judgment module, a safety alarm module and a system management module;
the data input module is used for acquiring computer software to be analyzed;
the data transmission module is used for transmitting the computer software to be analyzed to the shell adding judgment module;
the shell adding judgment module is used for judging whether the computer software to be analyzed is added with a shell or not to obtain a shell adding judgment result;
the shelling processing module is used for shelling the computer software to be analyzed according to the shelling judgment result;
the feature extraction module is used for performing decompiling on the computer software to be analyzed after shelling or the computer software to be analyzed without shells, and extracting static features to obtain a static feature set of the computer software to be analyzed;
the external data end is connected with the database module and is used for acquiring malicious computer software by using a data crawler means, and performing corresponding decompilation and static feature extraction to obtain a static feature set of the malicious computer software;
the database module is used for storing the computer software static feature set to be analyzed and the malicious computer software static feature set;
the deep learning module is used for acquiring a computer software static feature set to be analyzed and a malicious computer software static feature set, performing ensemble learning on the computer software static feature set and constructing an integrated computer software security analysis model;
the software analysis and judgment module is used for extracting computer software to be analyzed and performing safety analysis and judgment on the computer software by using the integrated computer software safety analysis model to obtain an analysis and judgment result;
the safety alarm module is used for alarming according to the analysis and judgment result to form safety alarm information;
the system management module is used for displaying the safety alarm information and enabling system management personnel to perform corresponding safety processing according to the safety alarm information.
Further, the shelling judging module performs decompiling on the computer software to be analyzed through decompiling software, if the source code of the computer software to be analyzed cannot be observed, the computer software to be analyzed is judged to be shelled, and otherwise, the computer software to be analyzed is judged not to be shelled; the decompilation software includes, but is not limited to, VBExploer, JD, exescope, and Reflector.
Further, the shelling processing module carries out shelling processing on the computer software to be analyzed with the shell adding judgment result of shell adding by utilizing a shelling technology; the shelling technology includes but is not limited to a single-step tracing method, an ESP (electronic stability program) law determining method, a second breakpoint method, a last exception method and a simulation tracing method; the shelling processing module needs to perform decompiling on computer software to be analyzed after shelling processing.
Further, the specific construction process of the integrated computer software security analysis model is as follows;
s1: firstly, acquiring a computer software static feature set to be analyzed and a malicious computer software static feature set, and vectorizing;
s2: then, using a depth self-encoder to reduce the dimension of the vectorized static feature set of the computer software to be analyzed and the static feature set of the malicious computer software;
s3: mixing the computer software static feature set to be analyzed and the malicious computer software static feature set after dimension reduction, and dividing the computer software static feature set into a training set of 70% and a testing set of 30%;
s4: constructing a plurality of initial classifiers, dividing 70% of training sets according to weights, and inputting the training sets into the initial classifiers for training and learning respectively to obtain an initial computer software security analysis model I, initial computer software security analysis models II and … and an initial computer software security analysis model N;
s5: performing decision-level fusion on the initial computer software security analysis model I, the initial computer software security analysis models II and … and the initial computer software security analysis model N according to an integrated learning strategy to obtain an integrated computer software security analysis model;
s6: and inputting 30% of the test set into the integrated computer software safety analysis model for testing, outputting the model if the test accuracy reaches 95%, and otherwise, performing characteristic resampling.
Further, the plurality of initial classifiers are homogeneous classifiers, which are specifically convolutional neural networks; the ensemble learning strategy is specifically one of an absolute majority voting method, a relative majority voting method or a weighted voting method.
Compared with the prior art, the invention has the beneficial effects that:
compared with the traditional dynamic analysis method, the static analysis method or the hybrid analysis method, the computer software security analysis system does not need analysts to have higher software security analysis knowledge, and is fused through multiple base learners, so that the generalization performance is strong, the accuracy of computer software security analysis is improved, and the computer software security analysis system has higher security analysis efficiency compared with the dynamic analysis method.
Drawings
The accompanying drawings, which are included to provide a further understanding of the invention and are incorporated in and constitute a part of this specification, illustrate embodiments of the invention and together with the description serve to explain the principles of the invention and not to limit the invention.
Fig. 1 is a schematic diagram of an overall structure of a computer software analysis system according to the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments.
In the description of the present invention, it is to be understood that the terms "upper", "lower", "front", "rear", "left", "right", "top", "bottom", "inner", "outer", and the like, indicate orientations or positional relationships based on the orientations or positional relationships shown in the drawings, are merely for convenience in describing the present invention and simplifying the description, and do not indicate or imply that the device or element being referred to must have a particular orientation, be constructed and operated in a particular orientation, and thus, should not be construed as limiting the present invention.
Referring to fig. 1, the embodiment discloses a computer software analysis system, which includes a data input module, a data transmission module, a shelling judgment module, a shelling processing module, a feature extraction module, a database module, a deep learning module, a software analysis judgment module, a safety alarm module and a system management module;
the data input module is used for acquiring computer software to be analyzed;
the data transmission module is used for transmitting the computer software to be analyzed to the shell adding judgment module;
the shell adding judgment module is used for judging whether the computer software to be analyzed is added with a shell or not to obtain a shell adding judgment result;
specifically, the shelling judging module performs decompiling on the computer software to be analyzed through decompiling software, if the source code of the computer software to be analyzed cannot be observed, the computer software to be analyzed is judged to be shelled, otherwise, the computer software to be analyzed is judged not to be shelled; decompiling software includes but is not limited to VBExploer, JD, exescope, and Reflector;
specifically, the shell adding is to compress the resources in the executable file by using a special algorithm, the compressed file can run independently, the decompression process is completely concealed and is completed in the memory, the compressed file is loaded into the memory by the loader after being attached to the original program and is executed before the original program to obtain the control right, the original program is decrypted and restored in the execution process, the control right is returned to the original program after the restoration is completed, the original code part is executed, the original program code generally exists in an encrypted form in the disk file after the shell is added, and is restored in the memory only in the execution process, so that the illegal modification of the program file by a cracker can be effectively prevented, and the program can be prevented from being statically decompiled.
The shelling processing module is used for shelling the computer software to be analyzed according to the shelling judgment result;
specifically, the shelling processing module carries out shelling processing on the computer software to be analyzed with the shell adding judgment result of shell adding by utilizing a shelling technology; shelling techniques include, but are not limited to, single-step tracing, ESP regularization, secondary breakpoint, last exception, and analog tracing; the shelling processing module needs to perform decompilation on the computer software to be analyzed after shelling processing.
The feature extraction module is used for performing decompiling on the computer software to be analyzed after shelling or the computer software to be analyzed without shells, and extracting static features to obtain a static feature set of the computer software to be analyzed;
the external data end is connected with the database module and is used for acquiring malicious computer software by using a data crawler means, and performing corresponding decompilation and static feature extraction to obtain a static feature set of the malicious computer software;
the database module is used for storing the computer software static feature set to be analyzed and the malicious computer software static feature set;
the deep learning module is used for acquiring a computer software static feature set to be analyzed and a malicious computer software static feature set, performing ensemble learning on the computer software static feature set and constructing an integrated computer software security analysis model;
the software analysis and judgment module is used for extracting computer software to be analyzed and performing safety analysis and judgment on the computer software by using the integrated computer software safety analysis model to obtain an analysis and judgment result;
the safety alarm module is used for alarming according to the analysis and judgment result to form safety alarm information;
the system management module is used for displaying the safety alarm information and enabling system management personnel to perform corresponding safety processing according to the safety alarm information.
Referring to fig. 1, the embodiment discloses a computer software analysis system, which includes a data input module, a data transmission module, a shelling judgment module, a shelling processing module, a feature extraction module, a database module, a deep learning module, a software analysis judgment module, a safety alarm module and a system management module;
except for the same structure as the above embodiments, the present embodiment will specifically describe an integrated computer software security analysis model;
specifically, the specific construction process of the integrated computer software security analysis model is as follows; firstly, acquiring a computer software static feature set to be analyzed and a malicious computer software static feature set, and vectorizing; then, using a depth self-encoder to reduce the dimension of the vectorized static feature set of the computer software to be analyzed and the static feature set of the malicious computer software; mixing the computer software static feature set to be analyzed and the malicious computer software static feature set after dimension reduction, and dividing the computer software static feature set into a training set of 70% and a testing set of 30%; constructing a plurality of initial classifiers, dividing 70% of training sets according to weights, and inputting the training sets into the initial classifiers for training and learning respectively to obtain an initial computer software security analysis model I, initial computer software security analysis models II and … and an initial computer software security analysis model N; performing decision-level fusion on the initial computer software security analysis model I, the initial computer software security analysis models II and … and the initial computer software security analysis model N according to an integrated learning strategy to obtain an integrated computer software security analysis model; the method comprises the steps of inputting 30% of test sets into an integrated computer software security analysis model for testing, outputting the model if the test accuracy reaches 95%, otherwise, performing feature resampling, acquiring static features in computer software source codes through a decompilation technology, and performing learning training based on an integrated learning technology to form the integrated computer software security analysis model.
Specifically, the plurality of initial classifiers are homogeneous classifiers, specifically convolutional neural networks; the ensemble learning strategy is specifically one of an absolute majority voting method, a relative majority voting method or a weighted voting method.
The above description is only for the preferred embodiment of the present invention, but the scope of the present invention is not limited thereto, and any person skilled in the art should be considered to be within the technical scope of the present invention, and the technical solutions and the inventive concepts thereof according to the present invention should be equivalent or changed within the scope of the present invention.
Claims (5)
1. A computer software analysis system is characterized by comprising a data input module, a data transmission module, a shelling judgment module, a shelling processing module, a feature extraction module, a database module, a deep learning module, a software analysis judgment module, a safety alarm module and a system management module;
the data input module is used for acquiring computer software to be analyzed;
the data transmission module is used for transmitting the computer software to be analyzed to the shell adding judgment module;
the shell adding judgment module is used for judging whether the computer software to be analyzed is added with a shell or not to obtain a shell adding judgment result;
the shelling processing module is used for shelling the computer software to be analyzed according to the shelling judgment result;
the feature extraction module is used for performing decompiling on the computer software to be analyzed after shelling or the computer software to be analyzed without shells, and extracting static features to obtain a static feature set of the computer software to be analyzed;
the external data end is connected with the database module and is used for acquiring malicious computer software by using a data crawler means, and performing corresponding decompilation and static feature extraction to obtain a static feature set of the malicious computer software;
the database module is used for storing the computer software static feature set to be analyzed and the malicious computer software static feature set;
the deep learning module is used for acquiring a computer software static feature set to be analyzed and a malicious computer software static feature set, performing ensemble learning on the computer software static feature set and constructing an integrated computer software security analysis model;
the software analysis and judgment module is used for extracting computer software to be analyzed and performing safety analysis and judgment on the computer software by using the integrated computer software safety analysis model to obtain an analysis and judgment result;
the safety alarm module is used for alarming according to the analysis and judgment result to form safety alarm information;
the system management module is used for displaying the safety alarm information and enabling system management personnel to perform corresponding safety processing according to the safety alarm information.
2. The computer software analysis system according to claim 1, wherein the shelling determination module decompiles the computer software to be analyzed through decompiling software, determines that the computer software to be analyzed is shelled if the source code of the computer software to be analyzed cannot be viewed, and determines that the computer software to be analyzed is not shelled if the source code of the computer software to be analyzed cannot be viewed; the decompilation software includes, but is not limited to, VBExploer, JD, exescope, and Reflector.
3. The computer software analysis system according to claim 1, wherein the shelling module performs shelling processing on the computer software to be analyzed, which is shelled as a result of the shelling determination, by using a shelling technique; the shelling technology includes but is not limited to a single-step tracing method, an ESP (electronic stability program) law determining method, a second breakpoint method, a last exception method and a simulation tracing method; the shelling processing module needs to perform decompiling on computer software to be analyzed after shelling processing.
4. The computer software analysis system according to claim 1, wherein the integrated computer software security analysis model is constructed as follows;
s1: firstly, acquiring a computer software static feature set to be analyzed and a malicious computer software static feature set, and vectorizing;
s2: then, using a depth self-encoder to reduce the dimension of the vectorized static feature set of the computer software to be analyzed and the static feature set of the malicious computer software;
s3: mixing the computer software static feature set to be analyzed and the malicious computer software static feature set after dimension reduction, and dividing the computer software static feature set into a training set of 70% and a testing set of 30%;
s4: constructing a plurality of initial classifiers, dividing 70% of training sets according to weights, and inputting the training sets into the initial classifiers for training and learning respectively to obtain an initial computer software security analysis model I, initial computer software security analysis models II and … and an initial computer software security analysis model N;
s5: performing decision-level fusion on the initial computer software security analysis model I, the initial computer software security analysis models II and … and the initial computer software security analysis model N according to an integrated learning strategy to obtain an integrated computer software security analysis model;
s6: and inputting 30% of the test set into the integrated computer software safety analysis model for testing, outputting the model if the test accuracy reaches 95%, and otherwise, performing characteristic resampling.
5. The computer software analysis system of claim 4, wherein the plurality of initial classifiers are homogeneous classifiers, in particular convolutional neural networks; the ensemble learning strategy is specifically one of an absolute majority voting method, a relative majority voting method or a weighted voting method.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110950216.4A CN113656308A (en) | 2021-08-18 | 2021-08-18 | Computer software analysis system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110950216.4A CN113656308A (en) | 2021-08-18 | 2021-08-18 | Computer software analysis system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN113656308A true CN113656308A (en) | 2021-11-16 |
Family
ID=78492238
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110950216.4A Pending CN113656308A (en) | 2021-08-18 | 2021-08-18 | Computer software analysis system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113656308A (en) |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106709290A (en) * | 2016-12-16 | 2017-05-24 | 江苏通付盾科技有限公司 | Application security analysis method and device |
| CN108345794A (en) * | 2017-12-29 | 2018-07-31 | 北京物资学院 | The detection method and device of Malware |
| CN108537010A (en) * | 2018-03-14 | 2018-09-14 | 广东能龙教育股份有限公司 | AES (advanced encryption standard) algorithm-based Android application Native shell encryption method |
| CN109063478A (en) * | 2018-07-19 | 2018-12-21 | 中国人民解放军61660部队 | Method for detecting virus, device, equipment and the medium of transplantable executable file |
| CN109271788A (en) * | 2018-08-23 | 2019-01-25 | 北京理工大学 | A kind of Android malware detection method based on deep learning |
| US20190219994A1 (en) * | 2018-01-18 | 2019-07-18 | General Electric Company | Feature extractions to model large-scale complex control systems |
| CN111310185A (en) * | 2020-03-11 | 2020-06-19 | 合肥工业大学 | Android malicious software detection method based on improved stacking algorithm |
-
2021
- 2021-08-18 CN CN202110950216.4A patent/CN113656308A/en active Pending
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106709290A (en) * | 2016-12-16 | 2017-05-24 | 江苏通付盾科技有限公司 | Application security analysis method and device |
| CN108345794A (en) * | 2017-12-29 | 2018-07-31 | 北京物资学院 | The detection method and device of Malware |
| US20190219994A1 (en) * | 2018-01-18 | 2019-07-18 | General Electric Company | Feature extractions to model large-scale complex control systems |
| CN108537010A (en) * | 2018-03-14 | 2018-09-14 | 广东能龙教育股份有限公司 | AES (advanced encryption standard) algorithm-based Android application Native shell encryption method |
| CN109063478A (en) * | 2018-07-19 | 2018-12-21 | 中国人民解放军61660部队 | Method for detecting virus, device, equipment and the medium of transplantable executable file |
| CN109271788A (en) * | 2018-08-23 | 2019-01-25 | 北京理工大学 | A kind of Android malware detection method based on deep learning |
| CN111310185A (en) * | 2020-03-11 | 2020-06-19 | 合肥工业大学 | Android malicious software detection method based on improved stacking algorithm |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US20230177170A1 (en) | System and method for automatically detecting a security vulnerability in a source code using a machine learning model | |
| Ali et al. | A search-based OCL constraint solver for model-based test data generation | |
| CN105184160B (en) | A kind of method of the Android phone platform application program malicious act detection based on API object reference relational graphs | |
| CN103312850B (en) | A kind of mobile phone automatized test macro and method of work | |
| CN109753800A (en) | Merge the Android malicious application detection method and system of frequent item set and random forests algorithm | |
| CN113821804B (en) | Cross-architecture automatic detection method and system for third-party components and security risks thereof | |
| CN104134041A (en) | Anti-detecting method and device of terminal simulator system | |
| CN104184728A (en) | Safety detection method and device for Web application system | |
| CN103617114B (en) | Based on third party's component vulnerability test method of condition and parameter variation | |
| CN104866764B (en) | A kind of Android phone malware detection method based on object reference figure | |
| CN110334180B (en) | Mobile application security evaluation method based on comment data | |
| Yaâ et al. | A systematic mapping study on cloud-based mobile application testing | |
| CN112019403B (en) | Cross-platform automatic mining method and system for message protocol state machine of Internet of things | |
| CN102982282B (en) | The detection system of bug and method | |
| CN110309656B (en) | Implicit type conversion security detection method | |
| CN113656308A (en) | Computer software analysis system | |
| CN112131587A (en) | Intelligent contract pseudo-random number security inspection method, system, medium and device | |
| CN117009972A (en) | Vulnerability detection method, vulnerability detection device, computer equipment and storage medium | |
| CN111459774A (en) | Method, device and equipment for acquiring flow of application program and storage medium | |
| Fitzgerald et al. | Triumphs and challenges for the industrial application of model-oriented formal methods | |
| CN112487421B (en) | Android malicious application detection method and system based on heterogeneous network | |
| Wang et al. | Correlating context-awareness and mutation analysis for pervasive computing systems | |
| CN113935847A (en) | Online process risk processing method, device, server and medium | |
| CN107239706A (en) | The safety loophole mining method of application program of mobile phone under a kind of Android platform | |
| CN105718801A (en) | Loophole clustering method based on programming mode and mode matching |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |