CN115695269A - Comprehensive quantitative evaluation method for performance of fuzzy test tool - Google Patents

Comprehensive quantitative evaluation method for performance of fuzzy test tool Download PDF

Info

Publication number
CN115695269A
CN115695269A CN202211343024.8A CN202211343024A CN115695269A CN 115695269 A CN115695269 A CN 115695269A CN 202211343024 A CN202211343024 A CN 202211343024A CN 115695269 A CN115695269 A CN 115695269A
Authority
CN
China
Prior art keywords
evaluation
evaluation index
comprehensive quantitative
performance
calculating
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202211343024.8A
Other languages
Chinese (zh)
Other versions
CN115695269B (en
Inventor
钟杰
杨英
郑力
雷颜铭
冯博
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Chengdu Yufu Technology Co ltd
Chengdu Science and Technology Development Center of CAEP
Original Assignee
Chengdu Yufu Technology Co ltd
Chengdu Science and Technology Development Center of CAEP
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Chengdu Yufu Technology Co ltd, Chengdu Science and Technology Development Center of CAEP filed Critical Chengdu Yufu Technology Co ltd
Priority to CN202211343024.8A priority Critical patent/CN115695269B/en
Publication of CN115695269A publication Critical patent/CN115695269A/en
Application granted granted Critical
Publication of CN115695269B publication Critical patent/CN115695269B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02PCLIMATE CHANGE MITIGATION TECHNOLOGIES IN THE PRODUCTION OR PROCESSING OF GOODS
    • Y02P90/00Enabling technologies with a potential contribution to greenhouse gas [GHG] emissions mitigation
    • Y02P90/30Computing systems specially adapted for manufacturing

Landscapes

  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

The invention provides a comprehensive quantitative evaluation method for the performance of a fuzzy test tool, which comprises the following steps of S1: selecting a test reference suite and setting experiment conditions; the experimental conditions comprise test times, overtime time, a reference fuzzy test tool and seeds; s2: selecting an evaluation index; the evaluation indexes comprise the number of the collapse points, the code coverage rate, the average time for exposing the collapse points, the number of the vulnerabilities, the number of high-risk vulnerabilities and the resource occupancy rate; s3: constructing an evaluation model; after the data are subjected to forward processing and standardization processing, the weight is calculated, and then comprehensive quantitative evaluation of the evaluation indexes is performed. According to the invention, a plurality of independent evaluation indexes are fused and associated, so that comprehensive quantitative evaluation of the performance of the fuzzy test tool is realized.

Description

Comprehensive quantitative evaluation method for performance of fuzzy test tool
Technical Field
The invention relates to the technical field of network space security, in particular to a comprehensive quantitative evaluation method for the performance of a fuzzy test tool.
Background
In the field of network space security, an attacker can cause network security threat by using security vulnerabilities existing in software, and destroy the network security. Fuzzy testing is a representative technique in vulnerability detection technologies, and tests a target program multiple times by using a random character stream generated for the target program to detect a possible vulnerability. The usability of the fuzzy test tool has a direct relation with the improvement of the safety of a tested target, the evaluation of the fuzzy test tool is beneficial to finding the defects of the fuzzy test tool and inspiring the design of a new fuzzy test tool, and a unified and standard fuzzy test tool evaluation method is not formed at present.
The current evaluation method for the fuzz testing tool mainly considers the aspects of test conditions and evaluation indexes. The test conditions comprise an experiment platform, a reference fuzzifier, a reference test suite, test times, a vulnerability verification tool, timeout time, experiment times, seeds and the like, and the evaluation indexes comprise code coverage rate, tool execution speed, CPU resource occupancy rate, the number of breakdown points, vulnerability number, coverage rate and the like. The existing evaluation method aiming at the fuzz testing tool mostly adopts a comparison method, and the advancement of the newly designed fuzz testing tool is highlighted by evaluating the performances of the specific reference fuzz testing tool and the newly designed fuzz testing tool.
The emphasis points of different fuzz testing tools may be different, such as: AFL is a coverage-oriented fuzzy test tool, and aims to improve the code coverage of a tested target; the Driller analyzes the magic value by using concolic execution to improve the detection quantity of the bugs, and can detect more bugs compared with AFL. Therefore, the numerical values corresponding to a plurality of independent evaluation indexes are directly used as evaluation results of different fuzzy test tools, effective fusion and association of the evaluation indexes are lacked, and the obtained evaluation results cannot decide a reasonable comprehensive quantitative numerical value to represent the performance of the fuzzy test tool.
Disclosure of Invention
In order to solve the problems, the invention provides a comprehensive quantitative evaluation method for the performance of a fuzzy test tool. On the basis of the selected and set experimental conditions and evaluation indexes, testing the evaluated fuzzy test tool for multiple times aiming at each evaluation index to obtain a plurality of numerical values corresponding to each evaluation index; after preprocessing such as forward transformation and standardization and the like is carried out on the data, determining the weight value of the evaluation index according to the difference degree of the data values of each evaluation index; and finally, constructing a comprehensive quantitative evaluation calculation system, calculating the quantitative evaluation score of the comprehensive evaluation index, and realizing the automatic evaluation calculation of the performance comprehensive evaluation index quantification of the fuzzy test tool.
The invention provides a comprehensive quantitative evaluation method for the performance of a fuzzy test tool, which comprises the following specific technical scheme:
s1: selecting a test reference suite and setting experiment conditions;
the experimental conditions comprise test times, overtime time, a reference fuzzy test tool and seeds;
s2: selecting an evaluation index;
the evaluation indexes comprise the number of the crash points, the code coverage rate, the average time for exposing the crash points, the number of the vulnerabilities, the number of high-risk vulnerabilities and the resource occupancy rate;
s3: constructing an evaluation model, and carrying out comprehensive quantitative evaluation on evaluation indexes;
further, in step S3, the comprehensive quantitative evaluation process of the evaluation index is as follows:
s301: constructing an evaluation index numerical matrix;
s302: carrying out data forward processing on the obtained numerical values corresponding to the evaluation indexes;
s303: carrying out standardization processing on the forward data;
s304: calculating the weight of each evaluation index;
s305: and calculating a comprehensive quantitative evaluation value.
Further, in step S301, a tested fuzzy test tool is tested for a plurality of times according to each evaluation index to obtain an evaluation index value corresponding to each evaluation index, and an evaluation index value matrix is constructed, where the evaluation index value matrix is as follows:
X=(x ij ) (m×n)
wherein m represents the number of test times, and n represents the number of evaluation indexes.
Further, in step S302, the data forward processing specifically includes the following steps:
Figure BDA0003916743440000031
wherein ,
Figure BDA0003916743440000032
representing forward data, x j Representing a set of values, x, corresponding to an evaluation index ij Indicating data that needs to be forward-oriented.
Further, in step S303, the normalization process specifically includes the following steps:
Figure BDA0003916743440000033
wherein ,yij In order to standardize the data on the display,
Figure BDA0003916743440000034
represents the minimum in the jth column of the forward data,
Figure BDA0003916743440000035
the maximum value in the j-th column of the forward data is represented, i is 1,2,3, 8230, m, and j is 1,2,3, 8230, n.
Further, in step S304, evaluating the weight of the indicator includes calculating an entropy value of the indicator, calculating a difference coefficient, and calculating the weight, and the specific process is as follows:
the evaluation index entropy is calculated as follows:
Figure BDA0003916743440000036
wherein ,ej Representing the entropy of the evaluation index, m represents the number of numerical values corresponding to the evaluation index,
Figure BDA0003916743440000037
the specific gravity of the ith numerical value of a certain evaluation index in the sum of all numerical values of the evaluation index is represented;
the difference coefficient is calculated as follows:
G j =1-e j
wherein ,Gj A difference coefficient representing an evaluation index;
the weight is calculated as follows:
Figure BDA0003916743440000041
wherein ,Wj Represents the weight of the evaluation index.
Further, in step S305, the comprehensive quantization evaluation value calculation includes: calculating a weighted normalization matrix; calculating the optimal solution and the worst solution of each evaluation index according to the weighted standardization matrix; and finally, calculating and outputting a comprehensive quantitative evaluation value of the tested fuzzy test tool through the Euclidean distance of the optimal solution and the worst solution of each evaluation index through the weighted standardization matrix, the optimal solution and the worst solution.
Further, the test reference suite is a LAVA-M standard corpus, the test times are 5 times, and the timeout time is 5 hours.
Further, the reference fuzz testing tool is AFLFuzz.
The invention has the following beneficial effects:
the weights of the evaluation indexes are obtained through calculation, the independent evaluation indexes are correlated, automatic quantitative evaluation of comprehensive evaluation index quantification of the performance of the fuzzy test tool is achieved, the referability of evaluation results is enhanced, and the evaluation accuracy of the performance of the tested fuzzy test tool is improved.
Drawings
FIG. 1 is a schematic flow diagram of the overall process of the present invention;
FIG. 2 is a schematic view of the comprehensive quantitative evaluation process of evaluation indexes according to the present invention;
fig. 3 is a schematic diagram of a flow of calculating an integrated quantization evaluation value according to the present invention.
Detailed Description
In the following description, technical solutions in the embodiments of the present invention are clearly and completely described, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Example 1
The embodiment 1 of the invention discloses a comprehensive quantitative evaluation method for the performance of a fuzzy test tool, which comprises the following specific steps as shown in figure 1:
s1: selecting a test reference kit, and setting experiment conditions;
the test conditions include: test times, timeout time, reference fuzz test tool, and seed.
The test benchmark suite is used for the fuzzy test as an analysis target and is constructed by adopting manually written codes, the benchmark test suite contains some definite vulnerabilities, and the vulnerabilities meet the following 4-point conditions: spanning the execution lifecycle of the program, embedding representative control and data streams, providing input use cases as proof of presence, and listing a small portion of possible input use cases;
in this embodiment, the test benchmark suite selects a LAVA-M corpus. The LAVA-M corpus is four copies of coretils version 8.24 source code; one copy injected 44 errors in base64 and there were 44 inputs known to trigger these errors respectively, another copy md5sum had 57 holes, and a third copy uniq had 28 holes. Finally, there is a copy of 2136 vulnerabilities that exist simultaneously and are expressed separately in who. The LAVA-M adds a mechanism to ensure that each embedded vulnerability is triggered by only one specific input, i.e., unique crash points, if included in the inputs listed by the LAVA-M, are all triggered by the corresponding unique vulnerability, and the number of crash points represents the number of unique vulnerabilities.
In this embodiment, the number of times of the test is set to 5;
in this embodiment, the timeout period is set to 5 hours,
in this embodiment, the reference fuzzy test tool is AFLFuzz.
In this embodiment, the seeds are constructed manually. The AFLFuzz is used as a reference fuzzy test tool, an initial tester case needs to be manually input when the AFLFuzz is used as an initial seed, a plurality of test cases are generated in a variation-based mode, and the test results of the tested tool and the AFLFuzz tool can be compared by adopting a manual construction mode.
S2: selecting an evaluation index;
determining according to the input, output and intermediate processes of the fuzzy test tool;
in this embodiment, the evaluation index includes the number of crash points, the code coverage rate, the average time for exposing the crash points, the number of vulnerabilities, the number of high-risk vulnerabilities, and the resource (CPU) occupancy rate;
the number of crash points refers to the number of test cases that cause the analysis target to crash in the fuzz test, and it should be noted that a unique crash point refers to a test case in a case where a path that causes the analysis target to crash is unique.
The code coverage rate refers to a path recognition capability or code fragmentation capability measurement evaluation index of the fuzzy test tool for an analysis target. Typically, the evaluation index is directly proportional to the number of unique crash points.
The average time to expose a crash point is the ratio of the total length of time used for the fuzz test to the number of crash points that have been found to be unique.
The number of the vulnerabilities refers to the classification number of the vulnerabilities belonging to different types in the crash points, and the possibility that the crash points are caused by the vulnerabilities is evaluated. The relationship between a crash point and a vulnerability may be a many-to-one relationship, i.e., multiple crash points may be caused by the same vulnerability. The statistical number of vulnerabilities may be implemented by selecting a particular test benchmark suite or using vulnerability type analysis tools. Wherein, a mechanism for ensuring that each embedded bug is triggered only by a specific input needs to be added to a specific test benchmark suite (such as LAVA-M), and if a crash point output by the fuzzy test tool belongs to a specific input, the crash point can be judged to belong to a bug type corresponding to the specific input. In this example, the statistics of the number of vulnerabilities is based on a test benchmark suite, and the number of vulnerabilities refers to the number of vulnerabilities that belong to a benchmark test suite and are detected by the fuzzy test tool.
The high-risk vulnerability number refers to the number of vulnerabilities detected by the fuzzy test tool, which belong to marked vulnerabilities in the benchmark test suite and belong to the high-risk vulnerabilities. The severity level of each type of embedded vulnerability needs to be preset in the test benchmark suite.
The resource (CPU) occupancy rate is in direct proportion to the number of test cases generated by the fuzz testing tool. A plurality of test cases are generated based on a seed variation mode and used for the fuzzy test, and under the condition that the number of the crash points is consistent, if the tool finds a certain number of crash points by using fewer test cases, the seed variation algorithm used by the fuzzy test tool is proved to have advantages.
S3: constructing an evaluation model, and carrying out comprehensive quantitative evaluation on evaluation indexes;
the specific process is as follows:
s301: based on the evaluation indexes, testing the tested fuzzy test tool aiming at each evaluation index respectively to obtain a plurality of numerical values corresponding to each evaluation index, and constructing an evaluation index numerical value matrix X = (X) ij ) (m×n) M is the number of tool tests; n is the number of the tool evaluation indexes, and i and j represent data index values;
s302: carrying out data forward processing on the obtained numerical values corresponding to the evaluation indexes;
the evaluation indexes of the fuzzy test tool can be divided into two types according to the analysis types, wherein the smaller the numerical value is, the better the evaluation result is, such as: average time and resource (CPU) occupancy to expose crash points; the other is that the larger the value, the better the evaluation results, such as: number of crash points, path coverage, number of vulnerabilities, and number of high risk vulnerabilities.
In this embodiment, in order to simplify data analysis, the data is subjected to forward processing so that a larger value indicates a better evaluation result.
The specific calculation formula is as follows:
Figure BDA0003916743440000071
wherein ,
Figure BDA0003916743440000072
representing forward data, x j A set of values, x, representing a certain evaluation index ij Representing data that needs to be forward-oriented.
S303: carrying out standardization processing on the forward data;
because each type of evaluation index value has different dimensions, the dimensions of different evaluation indexes may not match, which may affect the comprehensive quantitative evaluation result, for example, the number of collapse points uses integer counting, the value may adopt 'thousand' as the dimension, but the resource occupancy rate is expressed in percentage, and the value is [0, 100], so that the data needs to be standardized;
however, in practice, there may be a case where the value of the data after the forward processing is "0", and the square sum standardization method in the classical multi-attribute decision method may cause a large difference between the negative-going evaluation index weight and the actual observation weight, and the negative-going evaluation index weight is usually greater than the forward-going evaluation index weight, which is not in accordance with the actual situation.
In this embodiment, a specific calculation formula for data normalization is as follows:
Figure BDA0003916743440000081
wherein ,yij In order to standardize the data on the display,
Figure BDA0003916743440000082
which represents the forward-oriented data, and,
Figure BDA0003916743440000083
represents the minimum in the jth column of the forward data,
Figure BDA0003916743440000084
the maximum value in the j-th column representing the forward data, i takes the value {1,2,3 \8230;, m }, and j takes the value {1,2,3 \8230;, n }.
S304: calculating the weight of each evaluation index;
in the embodiment, the weight is calculated by adopting a weighted entropy method, and the weight calculation comprises entropy calculation, difference coefficient calculation and weight calculation;
the specific process is as follows:
calculating an entropy value:
Figure BDA0003916743440000085
wherein ,ej For a certain evaluation index entropy value, m represents the number of values corresponding to the evaluation index, namely the number of matrix rows,
Figure BDA0003916743440000086
the specific gravity of the ith numerical value of a certain evaluation index in the sum of all numerical values of the evaluation index is represented;
calculating a difference coefficient:
G j =1-e j
wherein ,Gj A coefficient of difference representing an evaluation index;
calculating the weight:
Figure BDA0003916743440000087
wherein ,Wj A weight representing a certain evaluation index.
S305: the integrated quantized evaluation value is calculated as follows:
calculating a weighted normalization matrix; calculating the optimal solution and the worst solution of each evaluation index according to the weighted standardization matrix; and finally, calculating and outputting a comprehensive quantitative evaluation value of the tested fuzzy test tool through the Euclidean distance obtained by calculating the Euclidean distances of the optimal solution and the worst solution of each evaluation index through the weighted standardization matrix, the optimal solution and the worst solution.
In this embodiment, the specific calculation process is as follows:
calculating a weighted normalization matrix Z ij
Z ij =W j ×y ij
Calculating the optimal solution and the worst solution of each evaluation index:
BI j + =max(z 1j ,z 2j ,...,z mj )
WI j - =min(z 1j ,z 2j ,...,z mj )
wherein ,BIj + Represents the optimal solution, WI, of each evaluation index j - Z represents the worst solution of each evaluation index mj The value of m is {1,2, \8230;, m } for the values in the weighted normalization matrix.
Calculating the Euclidean distance between the optimal solution and the worst solution of each evaluation index:
Figure BDA0003916743440000091
Figure BDA0003916743440000092
wherein ,Di + Expressing the optimal Euclidean distance of each evaluation index, D i - Represents the worst solution of each evaluation indexDistance of formula z ij The values in the normalization matrix are weighted.
Calculating a comprehensive quantitative evaluation value:
Figure BDA0003916743440000093
c corresponding to tested fuzz testing tool i The larger the value, the higher the comprehensive quantification score of the fuzzy test tool.
The invention is not limited to the foregoing embodiments. The invention extends to any novel feature or any novel combination of features disclosed in this specification, and to any novel method or process steps or any novel combination of steps disclosed.

Claims (9)

1. A comprehensive quantitative evaluation method for performance of a fuzzy test tool is characterized by comprising the following steps:
s1: selecting a test reference kit, and setting experiment conditions;
the experimental conditions comprise test times, overtime time, a reference fuzzy test tool and seeds;
s2: selecting an evaluation index;
the evaluation indexes comprise the number of the collapse points, the code coverage rate, the average time for exposing the collapse points, the number of the vulnerabilities, the number of high-risk vulnerabilities and the resource occupancy rate;
s3: and (4) constructing an evaluation model, and carrying out comprehensive quantitative evaluation on evaluation indexes.
2. The comprehensive quantitative evaluation method for the performance of the fuzzy test tool according to claim 1, wherein in the step S3, the comprehensive quantitative evaluation process of the evaluation index is as follows:
s301: constructing an evaluation index numerical matrix;
s302: carrying out data forward processing on the obtained numerical values corresponding to the evaluation indexes;
s303: carrying out standardization processing on the forward data;
s304: calculating the weight of each evaluation index;
s305: and (5) calculating comprehensive quantitative evaluation indexes.
3. The comprehensive quantitative evaluation method for the performance of the fuzz testing tool according to claim 2, wherein in step S301, by performing a plurality of tests on the fuzz testing tool under the above experimental conditions for each evaluation index, an evaluation index value corresponding to each evaluation index is obtained, and an evaluation index value matrix is constructed, wherein the evaluation index value matrix is as follows:
X=(x ij ) (m×n )
wherein m represents the number of times of testing, and n represents the number of evaluation indexes.
4. The comprehensive quantitative evaluation method for the performance of the fuzz testing tool according to claim 3, wherein in the step S302, the forward processing of the data is specifically calculated as follows:
Figure FDA0003916743430000011
wherein ,
Figure FDA0003916743430000012
representing forward data, x j A set of values, x, representing a certain evaluation index ij Representing data that needs to be forward-oriented.
5. The method according to claim 4, wherein in step S303, the normalization process specifically comprises the following steps:
Figure FDA0003916743430000021
wherein ,yij In order to standardize the data, it is,
Figure FDA0003916743430000022
represents the minimum in the jth column of the forward data,
Figure FDA0003916743430000023
the maximum value in the j-th column of the forward data is represented, i is 1,2,3, 8230, m, and j is 1,2,3, 8230, n.
6. The method according to claim 5, wherein in step S304, the evaluating the weights of the indicators includes calculating entropy values of the indicators, calculating difference coefficients, and calculating weights, and the specific process is as follows:
the evaluation index entropy value is calculated as follows:
Figure FDA0003916743430000024
wherein ,ej Representing the entropy of the evaluation index, m represents the number of numerical values corresponding to the evaluation index,
Figure FDA0003916743430000025
the specific gravity of the ith numerical value of the evaluation index in the sum of all numerical values of the evaluation index is represented;
the difference coefficient is calculated as follows:
G j =1-e j
wherein ,Gj A difference coefficient representing an evaluation index;
the weights are calculated as follows:
Figure FDA0003916743430000026
wherein ,Wj The weight of the evaluation index is represented.
7. The comprehensive quantitative evaluation method for the performance of the fuzzy test tool as claimed in claim 2, wherein in step S305, the calculation of the comprehensive quantitative evaluation index comprises: calculating a weighted standardization matrix by evaluating the index weight; calculating the optimal solution and the worst solution of each evaluation index according to the weighted standardization matrix; and finally, calculating and outputting a comprehensive quantitative evaluation value of the tested fuzzy test tool through the Euclidean distance of the optimal solution and the worst solution of each evaluation index through the weighted standardization matrix, the optimal solution and the worst solution.
8. The comprehensive quantitative evaluation method for the performance of the fuzzy test tool according to any one of claims 1 to 7, wherein the test reference suite is a LAVA-M standard corpus, the test times are 5 times, and the timeout time is 5 hours.
9. The comprehensive quantitative assessment method for the performance of the fuzz testing tool according to any one of claims 1-7, wherein the reference fuzz testing tool is AFLFuzz.
CN202211343024.8A 2022-10-31 2022-10-31 Comprehensive quantitative evaluation method for performance of fuzzy test tool Active CN115695269B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202211343024.8A CN115695269B (en) 2022-10-31 2022-10-31 Comprehensive quantitative evaluation method for performance of fuzzy test tool

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202211343024.8A CN115695269B (en) 2022-10-31 2022-10-31 Comprehensive quantitative evaluation method for performance of fuzzy test tool

Publications (2)

Publication Number Publication Date
CN115695269A true CN115695269A (en) 2023-02-03
CN115695269B CN115695269B (en) 2023-10-27

Family

ID=85045411

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202211343024.8A Active CN115695269B (en) 2022-10-31 2022-10-31 Comprehensive quantitative evaluation method for performance of fuzzy test tool

Country Status (1)

Country Link
CN (1) CN115695269B (en)

Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106992904A (en) * 2017-05-19 2017-07-28 湖南省起航嘉泰网络科技有限公司 Network equipment health degree appraisal procedure based on dynamic comprehensive weight
CN112101813A (en) * 2020-09-24 2020-12-18 贵州电网有限责任公司 Comprehensive evaluation and sequencing method for testing of distribution automation equipment
CN112217650A (en) * 2019-07-09 2021-01-12 北京邮电大学 Network blocking attack effect evaluation method, device and storage medium
CN112749097A (en) * 2021-01-26 2021-05-04 杭州木链物联网科技有限公司 Performance evaluation method and device for fuzzy test tool
CN112819279A (en) * 2020-12-31 2021-05-18 国网山东省电力公司聊城供电公司 Planning evaluation method and system for expansion adaptability of distributed energy and power distribution network
CN112819322A (en) * 2021-01-29 2021-05-18 常州常供电力设计院有限公司 Power transmission line path scheme evaluation method based on improved fuzzy analytic hierarchy process
CN113722230A (en) * 2021-09-07 2021-11-30 中国科学院软件研究所 Integrated assessment method and device for vulnerability mining capability of fuzzy test tool
WO2022135473A1 (en) * 2020-12-22 2022-06-30 国网上海市电力公司 Method for evaluating acceptance capability of electric vehicle in urban distribution network
CN115168870A (en) * 2022-07-29 2022-10-11 江苏大学 Block chain safety assessment method based on comprehensive evaluation

Patent Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106992904A (en) * 2017-05-19 2017-07-28 湖南省起航嘉泰网络科技有限公司 Network equipment health degree appraisal procedure based on dynamic comprehensive weight
CN112217650A (en) * 2019-07-09 2021-01-12 北京邮电大学 Network blocking attack effect evaluation method, device and storage medium
CN112101813A (en) * 2020-09-24 2020-12-18 贵州电网有限责任公司 Comprehensive evaluation and sequencing method for testing of distribution automation equipment
WO2022135473A1 (en) * 2020-12-22 2022-06-30 国网上海市电力公司 Method for evaluating acceptance capability of electric vehicle in urban distribution network
CN112819279A (en) * 2020-12-31 2021-05-18 国网山东省电力公司聊城供电公司 Planning evaluation method and system for expansion adaptability of distributed energy and power distribution network
CN112749097A (en) * 2021-01-26 2021-05-04 杭州木链物联网科技有限公司 Performance evaluation method and device for fuzzy test tool
CN112819322A (en) * 2021-01-29 2021-05-18 常州常供电力设计院有限公司 Power transmission line path scheme evaluation method based on improved fuzzy analytic hierarchy process
CN113722230A (en) * 2021-09-07 2021-11-30 中国科学院软件研究所 Integrated assessment method and device for vulnerability mining capability of fuzzy test tool
CN115168870A (en) * 2022-07-29 2022-10-11 江苏大学 Block chain safety assessment method based on comprehensive evaluation

Also Published As

Publication number Publication date
CN115695269B (en) 2023-10-27

Similar Documents

Publication Publication Date Title
Gegick et al. Prioritizing software security fortification throughcode-level metrics
US20160004861A1 (en) System and Method for Detection of Heap Spray Attack
CN111898647B (en) Clustering analysis-based low-voltage distribution equipment false alarm identification method
US20050144537A1 (en) Method to use a receiver operator characteristics curve for model comparison in machine condition monitoring
CN105072214A (en) C&C domain name identification method based on domain name feature
CN112866292B (en) Attack behavior prediction method and device for multi-sample combination attack
CN115987615A (en) Network behavior safety early warning method and system
CN109543408A (en) A kind of Malware recognition methods and system
CN112784281A (en) Safety assessment method, device, equipment and storage medium for industrial internet
CN114499956A (en) Network information security risk assessment system and method thereof
CN114333317B (en) Traffic event processing method and device, electronic equipment and storage medium
CN110162973A (en) A kind of Webshell file test method and device
CN115695269B (en) Comprehensive quantitative evaluation method for performance of fuzzy test tool
CN112598326A (en) Model iteration method and device, electronic equipment and storage medium
CN117319001A (en) Network security assessment method, device, storage medium and computer equipment
CN113242213A (en) Power communication backbone network node vulnerability diagnosis method
CN116128299B (en) Clinical test quality risk monitoring method, device, computer equipment and storage medium
CN112073396A (en) Method and device for detecting transverse movement attack behavior of intranet
CN111770053A (en) Malicious program detection method based on improved clustering and self-similarity
CN105787369A (en) Android software security analysis method based on slice measurement
US20100114500A1 (en) Analysis of dna
CN113722230A (en) Integrated assessment method and device for vulnerability mining capability of fuzzy test tool
CN116226673B (en) Training method of buffer region vulnerability recognition model, vulnerability detection method and device
CN114745722B (en) Short message platform security audit verification method and system
CN113055396B (en) Cross-terminal traceability analysis method, device, system and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant