CN117177245A - Vehicle WIFI security testing methods, systems and equipment - Google Patents

Vehicle WIFI security testing methods, systems and equipment Download PDF

Info

Publication number
CN117177245A
CN117177245A CN202311049207.3A CN202311049207A CN117177245A CN 117177245 A CN117177245 A CN 117177245A CN 202311049207 A CN202311049207 A CN 202311049207A CN 117177245 A CN117177245 A CN 117177245A
Authority
CN
China
Prior art keywords
test
wifi
vehicle under
vulnerability
vehicle
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202311049207.3A
Other languages
Chinese (zh)
Inventor
李闯
孙伟
黄炎
谢瑛
蔡艳波
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Dongfeng Motor Group Co Ltd
Original Assignee
Dongfeng Motor Group Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Dongfeng Motor Group Co Ltd filed Critical Dongfeng Motor Group Co Ltd
Priority to CN202311049207.3A priority Critical patent/CN117177245A/en
Publication of CN117177245A publication Critical patent/CN117177245A/en
Pending legal-status Critical Current

Links

Landscapes

  • Debugging And Monitoring (AREA)

Abstract

The application discloses a WIFI safety test method, a system and equipment for a vehicle, wherein the method is applied to test equipment and comprises the following steps: establishing WIFI connection with the tested vehicle; acquiring a plurality of test instructions, transmitting the plurality of test instructions to a tested vehicle based on WIFI connection, so that the tested vehicle executes the plurality of test instructions, and performing security test on WIFI of the tested vehicle to obtain a test result; receiving a test result sent by a tested vehicle; if the test result represents that the WIFI of the tested vehicle has potential safety hazards, generating a vulnerability test report according to the test result, wherein the vulnerability test report comprises vulnerability information of the vulnerability of the WIFI of the tested vehicle and a vulnerability modification suggestion. The method and the device solve the technical problem of low WIFI safety test efficiency of the vehicle.

Description

车辆的WIFI安全测试方法、系统及设备Vehicle WIFI security testing methods, systems and equipment

技术领域Technical field

本发明属于信息安全测试技术领域,尤其涉及一种车辆的WIFI安全测试方法、系统及设备。The invention belongs to the technical field of information security testing, and in particular relates to a vehicle WIFI security testing method, system and equipment.

背景技术Background technique

随着智能网联车辆的发展,车辆面临着越来越多的信息安全攻击风险,不法分子通过非法入侵车辆的WIFI(Wireless Fidelity,无线网络),可以轻易获取到车辆上存储的个人信息、用户数据,甚至可以控制、挟持车辆。在现阶段公开的技术中,只是单纯的涉及到车辆WIFI信息安全的测试内容及连接方式,并没有一个方案能将车辆WIFI的信息安全进行完整性测试验证,包括完成测试环境的搭建、测试执行、测试分析、测试记录功能,需要人工确认和其他操作,单项逐步进行,使得车辆信息安全测试的测试过程和结果分析所需时间太长。所以,车辆的WIFI安全测试效率低是亟待解决的技术问题。With the development of intelligent network-connected vehicles, vehicles are facing more and more information security attack risks. Criminals can easily obtain personal information and user information stored on the vehicle by illegally invading the vehicle's WIFI (Wireless Fidelity, wireless network). Data can even control and hijack vehicles. Among the technologies disclosed at this stage, they only involve the testing content and connection methods of vehicle WIFI information security. There is no solution that can conduct integrity testing and verification of vehicle WIFI information security, including completing the construction of the test environment and test execution. , test analysis, and test recording functions require manual confirmation and other operations, and each step is performed step by step, which makes the test process and result analysis of vehicle information security testing take too long. Therefore, the low efficiency of vehicle WIFI security testing is a technical problem that needs to be solved urgently.

发明内容Contents of the invention

本发明实施例提供了一种车辆的WIFI安全测试方法、系统及设备,解决了车辆的WIFI安全测试效率低的技术问题。Embodiments of the present invention provide a vehicle WIFI security testing method, system and equipment, which solves the technical problem of low efficiency in vehicle WIFI security testing.

第一方面,本发明实施例提供了一种车辆的WIFI安全测试方法,应用于测试设备,所述方法包括:与被测车辆建立WIFI连接;获取多个测试指令,基于所述WIFI连接将所述多个测试指令发送至所述被测车辆,以使所述被测车辆执行所述多个测试指令,对所述被测车辆的WIFI进行安全测试,得到测试结果;接收所述被测车辆发送的所述测试结果;如果所述测试结果表征所述被测车辆的WIFI存在安全隐患,根据所述测试结果生成漏洞测试报告,所述漏洞测试报告包括对所述被测车辆的WIFI所存在漏洞的漏洞信息以及所述漏洞的修改建议。In a first aspect, embodiments of the present invention provide a vehicle WIFI security testing method, which is applied to testing equipment. The method includes: establishing a WIFI connection with the vehicle under test; obtaining multiple test instructions, and converting all test instructions based on the WIFI connection. Send the multiple test instructions to the vehicle under test, so that the vehicle under test executes the multiple test instructions, conduct a safety test on the WIFI of the vehicle under test, and obtain test results; receive the vehicle under test The test results sent; if the test results indicate that the WIFI of the vehicle under test has security risks, a vulnerability test report is generated according to the test results, and the vulnerability test report includes information on the WIFI of the vehicle under test. Vulnerability information for the vulnerability and suggestions for modifications to said vulnerability.

结合本发明的第一方面,在一些实施方式下,所述基于所述WIFI连接将所述多个测试指令发送至所述被测车辆,包括:将所述多个测试指令的一个测试指令发送至所述被测车辆,以使所述被测车辆进行WIFI安全测试的当前测试;响应于接收到所述被测车辆反馈的当前测试完成信号,从所述多个测试指令中选择下一个测试指令发送至所述被测车辆。In conjunction with the first aspect of the present invention, in some embodiments, sending the plurality of test instructions to the vehicle under test based on the WIFI connection includes: sending one test instruction of the plurality of test instructions. to the vehicle under test, so that the vehicle under test performs the current test of the WIFI security test; in response to receiving the current test completion signal fed back by the vehicle under test, select the next test from the multiple test instructions Instructions are sent to the vehicle under test.

结合本发明的第一方面,在一些实施方式下,所述基于所述WIFI连接将所述多个测试指令发送至所述被测车辆,包括:按照预设时间间隔,将所述多个测试指令一一发送至所述被测车辆,以使所述被测车辆按照接收顺序进行WIFI安全测试。In conjunction with the first aspect of the present invention, in some embodiments, sending the multiple test instructions to the vehicle under test based on the WIFI connection includes: sending the multiple test instructions at preset time intervals. Instructions are sent to the vehicles under test one by one, so that the vehicles under test perform WIFI security testing in the order in which they are received.

结合本发明的第一方面,在一些实施方式下,所述基于所述WIFI连接将所述多个测试指令发送至所述被测车辆,包括:将所述多个测试指令合并得到测试指令集,并将所述测试指令集发送至所述被测车辆。In conjunction with the first aspect of the present invention, in some embodiments, sending the multiple test instructions to the vehicle under test based on the WIFI connection includes: merging the multiple test instructions to obtain a test instruction set , and send the test instruction set to the vehicle under test.

结合本发明的第一方面,在一些实施方式下,所述获取多个测试指令,包括:获取多个测试内容;向所述多个测试内容添加可执行命令,得到所述多个测试指令。In conjunction with the first aspect of the present invention, in some embodiments, obtaining multiple test instructions includes: obtaining multiple test contents; adding executable commands to the multiple test contents to obtain the multiple test instructions.

结合本发明的第一方面,在一些实施方式下,所述多个测试内容包括如下至少两个:协议栈漏洞测试内容;弱加密算法测试内容;拒绝服务攻击测试内容;弱口令测试内容;端口开放测试内容;以及钓鱼攻击测试内容。Combined with the first aspect of the present invention, in some embodiments, the plurality of test contents include at least two of the following: protocol stack vulnerability test contents; weak encryption algorithm test contents; denial of service attack test contents; weak password test contents; port Open test content; and phishing attack test content.

结合本发明的第一方面,在一些实施方式下,所述根据所述测试结果生成漏洞测试报告,包括:基于所述测试结果,获取所述被测车辆的WIFI存在的多个漏洞;按照预设的危害评分原则对所述多个漏洞进行评分,以得到所述多个漏洞对应的漏洞等级;基于所述多个漏洞以及每个所述漏洞对应的漏洞等级,得到所述漏洞测试报告。In conjunction with the first aspect of the present invention, in some embodiments, generating a vulnerability test report based on the test results includes: obtaining multiple vulnerabilities in the WIFI of the vehicle under test based on the test results; Score the multiple vulnerabilities according to the hazard scoring principle set up to obtain the vulnerability levels corresponding to the multiple vulnerabilities; obtain the vulnerability test report based on the multiple vulnerabilities and the vulnerability level corresponding to each vulnerability.

第二方面,本发明实施例提供了一种车辆的WIFI安全测试方法,应用于被测车辆,包括:接收并响应于测试设备发送的WIFI连接请求,以使所述测试设备获取多个测试指令后,基于所述WIFI连接发送所述多个测试指令;接收所述多个测试指令;执行所述多个测试指令,对所述被测车辆的WIFI进行安全测试,得到测试结果;将所述测试结果发送至所述测试设备,以使如果所述测试结果表征所述被测车辆的WIFI存在安全隐患,所述测试设备根据所述测试结果生成漏洞测试报告。In a second aspect, embodiments of the present invention provide a vehicle WIFI security testing method, which is applied to a vehicle under test, including: receiving and responding to a WIFI connection request sent by a test device, so that the test device obtains multiple test instructions. Finally, send the multiple test instructions based on the WIFI connection; receive the multiple test instructions; execute the multiple test instructions, conduct a safety test on the WIFI of the vehicle under test, and obtain the test results; The test results are sent to the test equipment, so that if the test results indicate that there is a security risk in the WIFI of the vehicle under test, the test equipment generates a vulnerability test report based on the test results.

第三方面,本发明实施例提供了一种车辆的WIFI安全测试系统,所述系统包括被测车辆和测试设备;所述测试设备,用于与所述被测车辆建立WIFI连接;所述被测车辆,用于接收并响应于测试设备发送的WIFI连接请求;所述测试设备,还用于获取多个测试指令,基于所述WIFI连接将所述多个测试指令发送至所述被测车辆;所述被测车辆,还用于接收所述多个测试指令;执行所述多个测试指令,对所述被测车辆的WIFI进行安全测试,得到测试结果;将所述测试结果发送至所述测试设备;所述测试设备,还用于接收所述被测车辆发送的所述测试结果;如果所述测试结果表征所述被测车辆的WIFI存在安全隐患,根据所述测试结果生成漏洞测试报告,所述漏洞测试报告包括对所述被测车辆的WIFI所存在漏洞的漏洞信息以及所述漏洞的修改建议。In a third aspect, embodiments of the present invention provide a vehicle WIFI security testing system. The system includes a vehicle under test and a testing device; the testing device is used to establish a WIFI connection with the vehicle under test; the tested vehicle The test vehicle is configured to receive and respond to the WIFI connection request sent by the test device; the test device is also used to obtain multiple test instructions and send the multiple test instructions to the vehicle under test based on the WIFI connection. ; The vehicle under test is also used to receive the multiple test instructions; execute the multiple test instructions, conduct a safety test on the WIFI of the vehicle under test, and obtain test results; send the test results to the vehicle under test; The test equipment; the test equipment is also used to receive the test results sent by the vehicle under test; if the test results indicate that there is a security risk in the WIFI of the vehicle under test, generate a vulnerability test according to the test results Report, the vulnerability test report includes vulnerability information on the vulnerabilities existing in the WIFI of the vehicle under test and suggestions for modifying the vulnerabilities.

第四方面,本发明实施例提供了一种电子设备,包括:存储器、处理器及存储在存储器上并可在处理器上运行的计算机程序,所述处理器执行所述计算机程序时实现第一方面或第二方面中任一项所述方法。In a fourth aspect, embodiments of the present invention provide an electronic device, including: a memory, a processor, and a computer program stored in the memory and executable on the processor. When the processor executes the computer program, the first The method described in any one of the aspects or the second aspect.

本发明实施例提供的一个或者多个技术方案,至少实现了如下技术效果或者优点:One or more technical solutions provided by embodiments of the present invention at least achieve the following technical effects or advantages:

本发明实施例通过与被测车辆建立WIFI连接;获取多个测试指令,基于WIFI连接将多个测试指令发送至被测车辆,以使被测车辆执行多个测试指令,对被测车辆的WIFI进行安全测试,得到测试结果;接收被测车辆发送的测试结果;如果测试结果表征被测车辆的WIFI存在安全隐患,根据测试结果生成漏洞测试报告,漏洞测试报告包括对被测车辆的WIFI所存在漏洞的漏洞信息以及漏洞的修改建议。通过测试设备向被测车辆发送多个测试指令,以使被测车辆执行多个测试指令,并根据测试结果生成漏洞测试报告,避免了人工确认和其他操作,缩短了车辆信息安全测试的测试过程和结果分析所需时间。所以,提高了车辆的WIFI安全测试效率。The embodiment of the present invention establishes a WIFI connection with the vehicle under test; obtains multiple test instructions, and sends the multiple test instructions to the vehicle under test based on the WIFI connection, so that the vehicle under test executes the multiple test instructions, and the WIFI of the vehicle under test is Conduct security tests and obtain test results; receive test results sent by the vehicle under test; if the test results indicate that the WIFI of the vehicle under test has security risks, generate a vulnerability test report based on the test results. The vulnerability test report includes information on the WIFI of the vehicle under test. Vulnerability information of the vulnerability and suggestions for modifying the vulnerability. Send multiple test instructions to the vehicle under test through the test equipment, so that the vehicle under test executes multiple test instructions, and generates a vulnerability test report based on the test results, avoiding manual confirmation and other operations, and shortening the testing process of vehicle information security testing and the time required for result analysis. Therefore, the efficiency of vehicle WIFI security testing is improved.

同时,提高了车辆的WIFI安全测试的自动化程度。At the same time, the automation level of vehicle WIFI security testing is improved.

附图说明Description of drawings

为了更清楚地说明本发明实施例中的技术方案,下面将对实施例描述中所需要使用的附图作一简单地介绍,显而易见地,下面描述中的附图是本发明的一些实施例,对于本领域普通技术人员来讲,在不付出创造性劳动的前提下,还可以根据这些附图获得其他的附图。In order to more clearly illustrate the technical solutions in the embodiments of the present invention, the drawings needed to be used in the description of the embodiments will be briefly introduced below. Obviously, the drawings in the following description are some embodiments of the present invention. For those of ordinary skill in the art, other drawings can also be obtained based on these drawings without exerting creative efforts.

图1为本发明实施例中车辆的WIFI安全测试系统的示意图;Figure 1 is a schematic diagram of a vehicle WIFI security test system in an embodiment of the present invention;

图2为本发明实施例中车辆的WIFI安全测试方法的流程图;Figure 2 is a flow chart of a vehicle WIFI security testing method in an embodiment of the present invention;

图3为本发明实施例中电子设备的结构示意图。Figure 3 is a schematic structural diagram of an electronic device in an embodiment of the present invention.

具体实施方式Detailed ways

下面将结合本发明实施例中的附图,对本发明实施例中的技术方案进行清楚、完整地描述,显然,所描述的实施例仅仅是本发明的一部分实施例,而不是全部的实施例。基于本发明中的实施例,本领域普通技术人员在没有作出创造性劳动前提下所获得的所有其他实施例,都属于本发明保护的范围。The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present invention. Obviously, the described embodiments are only some of the embodiments of the present invention, rather than all of the embodiments. Based on the embodiments of the present invention, all other embodiments obtained by those of ordinary skill in the art without making creative efforts fall within the scope of protection of the present invention.

在本发明中如涉及“第一”、“第二”等的描述仅用于描述目的,而不能理解为指示或暗示其相对重要性或者隐含指明所指示的技术特征的数量。由此,限定有“第一”、“第二”的特征可以明示或者隐含地包括至少一个该特征。另外,各个实施例之间的技术方案可以相互结合,但是必须是以本领域普通技术人员能够实现为基础,当技术方案的结合出现相互矛盾或无法实现时应当认为这种技术方案的结合不存在,也不在本发明要求的保护范围之内。Descriptions such as "first", "second", etc. in the present invention are for descriptive purposes only and cannot be understood as indicating or implying their relative importance or implicitly indicating the number of indicated technical features. Therefore, features defined as "first" and "second" may explicitly or implicitly include at least one of these features. In addition, the technical solutions in various embodiments can be combined with each other, but it must be based on the realization by those of ordinary skill in the art. When the combination of technical solutions is contradictory or cannot be realized, it should be considered that such a combination of technical solutions does not exist. , nor within the protection scope required by the present invention.

本发明实施例提供一种车辆的WIFI安全测试系统,参考图1所示,系统包括被测车辆和测试设备;测试设备,用于与被测车辆建立WIFI连接;被测车辆,用于接收并响应于测试设备发送的WIFI连接请求;测试设备,还用于获取多个测试指令,基于WIFI连接将多个测试指令发送至被测车辆;被测车辆,还用于接收多个测试指令;执行多个测试指令,对被测车辆的WIFI进行安全测试,得到测试结果;将测试结果发送至测试设备;测试设备,还用于接收被测车辆发送的测试结果;如果测试结果表征被测车辆的WIFI存在安全隐患,根据测试结果生成漏洞测试报告,漏洞测试报告包括对被测车辆的WIFI所存在漏洞的漏洞信息以及漏洞的修改建议。An embodiment of the present invention provides a vehicle WIFI security testing system. As shown in Figure 1, the system includes a vehicle under test and a testing device; the testing device is used to establish a WIFI connection with the vehicle under test; the vehicle under test is used to receive and In response to the WIFI connection request sent by the test equipment; the test equipment is also used to obtain multiple test instructions, and sends the multiple test instructions to the vehicle under test based on the WIFI connection; the vehicle under test is also used to receive multiple test instructions; execute Multiple test instructions are used to conduct security tests on the WIFI of the vehicle under test and obtain test results; the test results are sent to the test equipment; the test equipment is also used to receive test results sent by the vehicle under test; if the test results represent the There are security risks in WIFI. A vulnerability test report is generated based on the test results. The vulnerability test report includes vulnerability information on the vulnerabilities in the WIFI of the vehicle being tested and suggestions for modifying the vulnerabilities.

本发明实施例提供了一种车辆的WIFI安全测试方法,应用于测试设备。参考图2所示,该方法包括以下步骤S101~S104:The embodiment of the present invention provides a vehicle WIFI security testing method, which is applied to testing equipment. Referring to Figure 2, the method includes the following steps S101 to S104:

S101:与被测车辆建立WIFI连接。S101: Establish a WIFI connection with the vehicle under test.

可以理解的是,被测车辆接收并响应于测试设备发送的WIFI连接请求,建立起测试设备与被测车辆之间的WIFI连接。It can be understood that the vehicle under test receives and responds to the WIFI connection request sent by the test device, and establishes a WIFI connection between the test device and the vehicle under test.

S102:获取多个测试指令,基于WIFI连接将多个测试指令发送至被测车辆,以使被测车辆执行多个测试指令,对被测车辆的WIFI进行安全测试,得到测试结果。S102: Obtain multiple test instructions, send multiple test instructions to the vehicle under test based on WIFI connection, so that the vehicle under test executes multiple test instructions, conduct a safety test on the WIFI of the vehicle under test, and obtain test results.

可以理解的是,获取多个测试指令的方法包括以下步骤:获取多个测试内容;向多个测试内容添加可执行命令,得到多个测试指令。It can be understood that the method of obtaining multiple test instructions includes the following steps: obtaining multiple test contents; adding executable commands to the multiple test contents to obtain multiple test instructions.

其中,多个测试内容包括如下至少两个:协议栈漏洞测试内容、弱加密算法测试内容、拒绝服务攻击测试内容、弱口令测试内容、端口开放测试内容以及钓鱼攻击测试内容。Among them, multiple test contents include at least two of the following: protocol stack vulnerability test content, weak encryption algorithm test content, denial of service attack test content, weak password test content, port opening test content, and phishing attack test content.

具体的,协议栈漏洞测试内容可以是从CVE(Common Vulnerabilities&Exposures,公共漏洞和暴露)或者CNNVD(China National Vulnerability Database ofInformatio,中国国家信息安全漏洞库)官网上下载WIFI协议栈漏洞检测脚本。弱加密算法测试内容可以是内置WIFI协议检测功能,并识别WIFI的加密算法。拒绝服务攻击测试内容可以是内置WIFI的DOS攻击脚本。弱口令测试内容可以是内置密码字典库,对WIFI密码进行破解的脚本。端口开放测试内容可以是对WIFI端口进行扫描,确定开放的端口的脚本。钓鱼攻击测试内容可以是模拟已经连接过的手机WIFI网络相似的名称和加密方式,连接车辆WIFI,向车辆请求敏感信息或个人数据的脚本。Specifically, the protocol stack vulnerability testing content can be downloading the WIFI protocol stack vulnerability detection script from the official website of CVE (Common Vulnerabilities & Exposures) or CNNVD (China National Vulnerability Database of Informatio, China National Information Security Vulnerability Database). The weak encryption algorithm test content can be the built-in WIFI protocol detection function and identification of WIFI encryption algorithms. The denial of service attack test content can be a DOS attack script with built-in WIFI. The weak password test content can be a built-in password dictionary library and a script for cracking WIFI passwords. The content of the port open test can be a script that scans the WIFI port and determines the open port. The content of the phishing attack test can be a script that simulates a similar name and encryption method to the connected mobile phone WIFI network, connects to the vehicle WIFI, and requests sensitive information or personal data from the vehicle.

可以理解的是,基于WIFI连接将多个测试指令发送至被测车辆可以包括多种实施方式,下面分别进行说明:It can be understood that sending multiple test instructions to the vehicle under test based on WIFI connection can include multiple implementation methods, which are explained below:

实施方式一:Implementation method one:

将多个测试指令的一个测试指令发送至被测车辆,以使被测车辆进行WIFI安全测试的当前测试;响应于接收到被测车辆反馈的当前测试完成信号,从多个测试指令中选择下一个测试指令发送至被测车辆。Send one test instruction of multiple test instructions to the vehicle under test, so that the vehicle under test performs the current test of the WIFI security test; in response to receiving the current test completion signal fed back by the vehicle under test, select the next test instruction from the multiple test instructions A test command is sent to the vehicle under test.

可以理解的是,从多个测试指令中选择下一个测试指令发送至被测车辆的方法可以是按照预先设定顺序进行发送,也可以是随机选择发送。等待接收到当前测试完成信号之后再发送下一个指令,能够保障车辆进行WIFI安全测试的有序进行,提高测试结果的可信度。It can be understood that the method of selecting the next test command from multiple test commands to send to the vehicle under test may be to send it in a preset order, or to send it randomly. Waiting to receive the current test completion signal before sending the next command can ensure the orderly conduct of the vehicle's WIFI security test and improve the credibility of the test results.

实施方式二:Implementation method two:

按照预设时间间隔,将多个测试指令一一发送至被测车辆,以使被测车辆按照接收顺序进行WIFI安全测试。According to the preset time interval, multiple test instructions are sent to the vehicle under test one by one, so that the vehicle under test performs WIFI security testing in the order of reception.

需要说明的是,设置预设时间间隔,可以实现保障车辆进行WIFI安全测试的有序进行,提高测试结果的可信度。It should be noted that setting a preset time interval can ensure the orderly conduct of WIFI security tests on vehicles and improve the credibility of test results.

实施方式三:Implementation method three:

将多个测试指令合并得到测试指令集,并将测试指令集发送至被测车辆。Multiple test instructions are combined to obtain a test instruction set, and the test instruction set is sent to the vehicle under test.

需要说明的是,将多个测试指令合并得到测试指令集,而不需要等待当前测试完成后再发送,可以提高测试效率,避免测试时间过长。It should be noted that merging multiple test instructions to obtain a test instruction set without waiting for the current test to complete before sending can improve test efficiency and avoid too long test times.

可以理解的是,在测试设备基于WIFI连接将多个测试指令发送至被测车辆之后,被测车辆接收多个测试指令;执行多个测试指令,对被测车辆的WIFI进行安全测试,得到测试结果;将测试结果发送至测试设备。It can be understood that after the test equipment sends multiple test instructions to the vehicle under test based on the WIFI connection, the vehicle under test receives the multiple test instructions; executes the multiple test instructions to perform a safety test on the WIFI of the vehicle under test, and obtains the test Results; sends the test results to the test device.

S103:接收被测车辆发送的测试结果。S103: Receive the test results sent by the vehicle under test.

S104:如果测试结果表征被测车辆的WIFI存在安全隐患,根据测试结果生成漏洞测试报告,漏洞测试报告包括对被测车辆的WIFI所存在漏洞的漏洞信息以及漏洞的修改建议。S104: If the test results indicate that the WIFI of the vehicle under test has security risks, generate a vulnerability test report based on the test results. The vulnerability test report includes vulnerability information about the vulnerabilities in the WIFI of the vehicle under test and suggestions for modifying the vulnerabilities.

需要说明的是,漏洞信息包括具体的漏洞类型及其对应的漏洞等级。It should be noted that vulnerability information includes specific vulnerability types and their corresponding vulnerability levels.

可以理解的是,根据测试结果生成漏洞测试报告的方法包括步骤S1041~S1043:It can be understood that the method of generating a vulnerability test report based on the test results includes steps S1041 to S1043:

S1041:基于测试结果,获取被测车辆的WIFI存在的多个漏洞。S1041: Based on the test results, obtain multiple vulnerabilities in the WIFI of the vehicle under test.

可以理解的是,步骤S1041所确定的漏洞有如下多种情况:It can be understood that the vulnerabilities identified in step S1041 include the following situations:

如果获取到的漏洞信息和特征值,与协议栈漏洞的漏洞信息和特征值匹配,则确定为协议栈漏洞。漏洞等级可以是和CVE或者CNNVD官网上一致。If the obtained vulnerability information and characteristic values match those of the protocol stack vulnerability, it is determined to be a protocol stack vulnerability. The vulnerability level can be consistent with the CVE or CNNVD official website.

如果弱加密算法为WPA算法,则确定存在弱加密漏洞。如果弱加密算法为WPA2算法、WPA2-PSK算法或者WPA3算法,则确定不存在弱加密漏洞。If the weak encryption algorithm is the WPA algorithm, it is determined that a weak encryption vulnerability exists. If the weak encryption algorithm is the WPA2 algorithm, WPA2-PSK algorithm, or WPA3 algorithm, it is determined that there is no weak encryption vulnerability.

如果在遭受到拒绝服务攻击时,WIFI不能够正常通信,则确定存在拒绝服务攻击漏洞。如果在遭受到拒绝服务攻击时,WIFI能够正常通信,则确定不存在拒绝服务攻击漏洞。If WIFI cannot communicate normally when suffering a denial of service attack, it is determined that a denial of service attack vulnerability exists. If WIFI can communicate normally when suffering a denial of service attack, it is determined that there is no denial of service attack vulnerability.

如果使用密码字典进行爆破时,爆破成功,则确定存在弱口令漏洞。如果使用密码字典进行爆破时,爆破不成功,则确定不存在弱口令漏洞。其中,密码字典是依据常用的密码组成的,包括纯数字、生日、姓名等,包含公开可用的密码字典,自定义的密码字典和已泄露的密码库。If the password dictionary is used for cracking and the cracking is successful, it is determined that a weak password vulnerability exists. If the password dictionary is used for blasting and the blasting fails, it is determined that there is no weak password vulnerability. Among them, the password dictionary is composed of commonly used passwords, including pure numbers, birthdays, names, etc., including publicly available password dictionaries, customized password dictionaries and leaked password libraries.

如果核查WIFI模块开放了危险端口,则确定存在端口开放漏洞。其中,常见的危险端口:管理端口,为WIFI设备提供用于管理和配置的特定端口,如80(HTTP)和443(HTTPS),如果这些端口没有正确配置或受到攻击者的滥用,可能导致设备的未授权访问和操纵。开放的端口,某些WIFI网络可能会开放一些端口用于特定的服务或应用,如FTP(端口21)、Telnet(端口23)等,这些开放的端口如果没有适当的安全措施,可能会被攻击者利用进行未授权访问或攻击。文件共享端口,一些WIFI网络可能启用了文件共享功能,如SMB(端口445)或AFP(端口548)。未正确配置或保护这些文件共享端口可能导致未授权的网络访问和文件泄露。VPN端口,虚拟私有网络(VPN)通常使用特定的端口进行安全的通信。如果Wi-Fi设备上的VPN端口没有适当的配置或保护,可能会导致VPN连接中的数据泄露或攻击。UPnP端口,通用即插即用协议(UPnP)可以帮助设备自动配置网络和端口转发。然而,未经适当配置和保护的UPnP端口可能会成为攻击者进入网络并对其他设备进行攻击的入口。If you check that the WIFI module has opened dangerous ports, it is determined that there is a port open vulnerability. Among them, common dangerous ports: management port, which provides specific ports for management and configuration of WIFI devices, such as 80 (HTTP) and 443 (HTTPS). If these ports are not configured correctly or abused by attackers, the device may be damaged. unauthorized access and manipulation. Open ports. Some WIFI networks may open some ports for specific services or applications, such as FTP (port 21), Telnet (port 23), etc. These open ports may be attacked without appropriate security measures. used by attackers to conduct unauthorized access or attacks. File sharing port, some WIFI networks may have the file sharing function enabled, such as SMB (port 445) or AFP (port 548). Failure to properly configure or secure these file sharing ports can lead to unauthorized network access and file disclosure. VPN Ports, Virtual Private Networks (VPNs) often use specific ports for secure communication. If VPN ports on Wi-Fi devices are not properly configured or protected, it can lead to data leakage or attacks on the VPN connection. UPnP port, Universal Plug and Play Protocol (UPnP) can help devices automatically configure networks and port forwarding. However, UPnP ports that are not properly configured and protected can become an entry point for attackers to enter the network and attack other devices.

模拟已经连接过的手机WIFI网络相似的名称和加密方式,连接车辆WIFI,向车辆请求敏感信息或个人数据,如果能获取车辆敏感信息或个人数据,则确定存在钓鱼攻击漏洞。如果不能获取车辆敏感信息或个人数据,则确定不存在钓鱼攻击漏洞。Simulate the similar name and encryption method of the connected mobile phone WIFI network, connect to the vehicle WIFI, and request sensitive information or personal data from the vehicle. If the sensitive information or personal data of the vehicle can be obtained, it is determined that there is a phishing attack vulnerability. If sensitive vehicle information or personal data cannot be obtained, it is determined that there is no phishing attack vulnerability.

S1042:按照预设的危害评分原则对多个漏洞进行评分,以得到多个漏洞对应的漏洞等级。S1042: Score multiple vulnerabilities according to the preset hazard scoring principles to obtain vulnerability levels corresponding to multiple vulnerabilities.

可以理解的是,按照预设的危害评分原则对多个漏洞进行评分的方法可以是:基于基本分、时间分和环境分,对多个漏洞进行评分。It can be understood that the method of scoring multiple vulnerabilities according to the preset hazard scoring principles may be: scoring multiple vulnerabilities based on basic scores, time scores, and environment scores.

具体的,基本分(Base):代表着漏洞的原始属性,不受时间与环境的影响,又由可执行性(Exploitability)与影响程度(Impact)度量。基本评分原则有以下几条:第一,每个安全漏洞必须是单独评估,不能考虑与其他安全漏洞的交叉影响。第二,只考虑漏洞的直接影响,不考虑间接影响。第三,按照通常使用的权限来评估漏洞的影响。第四,按照漏洞的最大影响来打分。时间分(Temporal):反应漏洞随着时间推移的影响而不受环境影响,举个简单的例子,随着一个漏洞软件的补丁不断增加,该漏洞的CVSS(Common VulnerabilityScoring System,通用漏洞评分系统)分数会随之减少。环境分(Environmental):代表特定环境下执行漏洞的分数,允许根据相应业务需求提高或者降低该分值。通常环境分需要最终用户进行评估和计算。评分字段用于以简洁的形式记录或传输CVSS定量信息,评分字段应按照表1和表2所示顺序进行评分。其中基础分为必选项,时间分和环境分为可选项。每个衡量值(Metric Value)都有一个相关的常数(Numerical Value),该常数在公式中使用。Specifically, Base: represents the original attribute of the vulnerability, which is not affected by time and environment, and is measured by Exploitability and Impact. The basic scoring principles are as follows: First, each security vulnerability must be evaluated independently, and cross-influence with other security vulnerabilities cannot be considered. Second, only the direct impact of vulnerabilities is considered, and indirect impacts are not considered. Third, assess the impact of the vulnerability in terms of commonly used permissions. Fourth, the vulnerability is scored according to its greatest impact. Temporal: reflects the impact of the vulnerability over time without being affected by the environment. For a simple example, as the patches of a vulnerable software continue to increase, the CVSS (Common Vulnerability Scoring System) of the vulnerability will The score will be reduced accordingly. Environmental score (Environmental): represents the score of execution vulnerabilities in a specific environment, allowing the score to be increased or decreased according to corresponding business needs. Often environmental scores require evaluation and calculation by the end user. Scoring fields are used to record or transmit CVSS quantitative information in a concise form. Scoring fields should be scored in the order shown in Table 1 and Table 2. Among them, the basics are divided into mandatory options, and the time points and environment are divided into optional options. Each metric value (Metric Value) has an associated constant (Numerical Value), which is used in the formula.

表1:Table 1:

表2:Table 2:

通过上述的方法,对多个漏洞进行评分,然后,基于评分得到多个漏洞对应的漏洞等级可以参考表3所示。漏洞的评分范围为0-10.0,分为超危(critical)、高危(high)、中危(medium)、低危(low)、无(none)五个级别。Through the above method, multiple vulnerabilities are scored. Then, the vulnerability levels corresponding to multiple vulnerabilities based on the scores can be obtained as shown in Table 3. Vulnerability scores range from 0 to 10.0 and are divided into five levels: critical, high, medium, low, and none.

表3:table 3:

等级grade 评分score none 00 低危low risk 0.1-3.90.1-3.9 中危medium risk 4-6.94-6.9 高危high risk 7-8.97-8.9 超危Extremely dangerous 9-109-10

S1043:基于多个漏洞以及每个漏洞对应的漏洞等级,得到漏洞测试报告。S1043: Obtain a vulnerability test report based on multiple vulnerabilities and the vulnerability level corresponding to each vulnerability.

本发明实施例通过与被测车辆建立WIFI连接;获取多个测试指令,基于WIFI连接将多个测试指令发送至被测车辆,以使被测车辆执行多个测试指令,对被测车辆的WIFI进行安全测试,得到测试结果;接收被测车辆发送的测试结果;如果测试结果表征被测车辆的WIFI存在安全隐患,根据测试结果生成漏洞测试报告,漏洞测试报告包括对被测车辆的WIFI所存在漏洞的漏洞信息以及漏洞的修改建议。通过测试设备向被测车辆发送多个测试指令,以使被测车辆执行多个测试指令,并根据测试结果生成漏洞测试报告,避免了人工确认和其他操作,缩短了车辆信息安全测试的测试过程和结果分析所需时间。所以,提高了车辆的WIFI安全测试效率。同时,提高了车辆的WIFI安全测试的自动化程度。The embodiment of the present invention establishes a WIFI connection with the vehicle under test; obtains multiple test instructions, and sends the multiple test instructions to the vehicle under test based on the WIFI connection, so that the vehicle under test executes the multiple test instructions, and the WIFI of the vehicle under test is Conduct security tests and obtain test results; receive test results sent by the vehicle under test; if the test results indicate that the WIFI of the vehicle under test has security risks, generate a vulnerability test report based on the test results. The vulnerability test report includes information on the WIFI of the vehicle under test. Vulnerability information of the vulnerability and suggestions for modifying the vulnerability. Send multiple test instructions to the vehicle under test through the test equipment, so that the vehicle under test executes multiple test instructions, and generates a vulnerability test report based on the test results, avoiding manual confirmation and other operations, and shortening the testing process of vehicle information security testing and the time required for result analysis. Therefore, the efficiency of vehicle WIFI security testing is improved. At the same time, the automation level of vehicle WIFI security testing is improved.

基于同一发明构思,本发明实施例提供一种车辆的WIFI安全测试方法,应用于被测车辆,该方法包括步骤S201~S204:Based on the same inventive concept, an embodiment of the present invention provides a vehicle WIFI security testing method, which is applied to the vehicle under test. The method includes steps S201 to S204:

S201:接收并响应于测试设备发送的WIFI连接请求,以使测试设备获取多个测试指令后,基于WIFI连接发送多个测试指令。S201: Receive and respond to the WIFI connection request sent by the test device, so that after the test device obtains multiple test instructions, it sends multiple test instructions based on the WIFI connection.

S202:接收多个测试指令。S202: Receive multiple test instructions.

S203:执行多个测试指令,对被测车辆的WIFI进行安全测试,得到测试结果。S203: Execute multiple test instructions, conduct a security test on the WIFI of the vehicle under test, and obtain the test results.

S204:将测试结果发送至测试设备,以使如果测试结果表征被测车辆的WIFI存在安全隐患,测试设备根据测试结果生成漏洞测试报告。S204: Send the test results to the test equipment, so that if the test results indicate that there is a security risk in the WIFI of the vehicle under test, the test equipment generates a vulnerability test report based on the test results.

应当理解的是,本发明实施例中应用于被测车辆的车辆的WIFI安全测试方法的更多实施细节参考前述应用于测试设备的车辆的WIFI安全测试方法所述,为了说明书的简洁,在此不再赘述。It should be understood that, in the embodiment of the present invention, for more implementation details of the WIFI security testing method applied to the vehicle under test, please refer to the aforementioned WIFI security testing method applied to the vehicle testing equipment. For the sake of simplicity of the description, here No longer.

基于同一发明构思,本发明实施例还提供了一种电子设备,如图3所示,包括存储器304、处理器302及存储在存储器304上并可在处理器302上运行的计算机程序,处理器302执行程序实现应用于测试设备的车辆的WIFI安全测试方法或者实现应用于被测车辆的车辆的WIFI安全测试方法实施例任一实施方式所述的步骤。Based on the same inventive concept, an embodiment of the present invention also provides an electronic device, as shown in Figure 3, including a memory 304, a processor 302, and a computer program stored in the memory 304 and executable on the processor 302. The processor 302 Execute the program to implement the WIFI security testing method of the vehicle applied to the test device or implement the steps described in any embodiment of the WIFI security testing method applied to the vehicle being tested.

其中,在图3中,总线架构(用总线300来代表),总线300可以包括任意数量的互联的总线和桥,总线300将包括由处理器302代表的一个或多个处理器和存储器304代表的存储器的各种电路链接在一起。总线300还可以将诸如外围设备、稳压器和功率管理电路等之类的各种其他电路链接在一起,这些都是本领域所公知的,因此,本文不再对其进行进一步描述。总线接口305在总线300和接收器301和发送器303之间提供接口。接收器301和发送器303可以是同一个元件,即收发机,提供用于在传输介质上与各种其他装置通信的单元。处理器302负责管理总线300和通常的处理,而存储器304可以被用于存储处理器302在执行操作时所使用的数据。Among them, in Figure 3, the bus architecture (represented by bus 300), bus 300 may include any number of interconnected buses and bridges, bus 300 will include one or more processors represented by processor 302 and memory 304. The various circuits of memory are linked together. Bus 300 may also link together various other circuits such as peripherals, voltage regulators, power management circuits, etc., which are all well known in the art and therefore will not be described further herein. Bus interface 305 provides an interface between bus 300 and receiver 301 and transmitter 303 . The receiver 301 and the transmitter 303 may be the same element, a transceiver, providing a unit for communicating with various other devices over a transmission medium. The processor 302 is responsible for managing the bus 300 and general processing, while the memory 304 may be used to store data used by the processor 302 in performing operations.

本发明实施例通过与被测车辆建立WIFI连接;获取多个测试指令,基于WIFI连接将多个测试指令发送至被测车辆,以使被测车辆执行多个测试指令,对被测车辆的WIFI进行安全测试,得到测试结果;接收被测车辆发送的测试结果;如果测试结果表征被测车辆的WIFI存在安全隐患,根据测试结果生成漏洞测试报告,漏洞测试报告包括对被测车辆的WIFI所存在漏洞的漏洞信息以及漏洞的修改建议。通过测试设备向被测车辆发送多个测试指令,以使被测车辆执行多个测试指令,并根据测试结果生成漏洞测试报告,避免了人工确认和其他操作,缩短了车辆信息安全测试的测试过程和结果分析所需时间。所以,提高了车辆的WIFI安全测试效率。同时,提高了车辆的WIFI安全测试的自动化程度。The embodiment of the present invention establishes a WIFI connection with the vehicle under test; obtains multiple test instructions, and sends the multiple test instructions to the vehicle under test based on the WIFI connection, so that the vehicle under test executes the multiple test instructions, and the WIFI of the vehicle under test is Conduct security tests and obtain test results; receive test results sent by the vehicle under test; if the test results indicate that the WIFI of the vehicle under test has security risks, generate a vulnerability test report based on the test results. The vulnerability test report includes information on the WIFI of the vehicle under test. Vulnerability information of the vulnerability and suggestions for modifying the vulnerability. Send multiple test instructions to the vehicle under test through the test equipment, so that the vehicle under test executes multiple test instructions, and generates a vulnerability test report based on the test results, avoiding manual confirmation and other operations, and shortening the testing process of vehicle information security testing and the time required for result analysis. Therefore, the efficiency of vehicle WIFI security testing is improved. At the same time, the automation level of vehicle WIFI security testing is improved.

本文中所描述的功能可在硬件、由处理器执行的软件、固件或其任何组合中实施。如果在由处理器执行的软件中实施,那么可将功能作为一或多个指令或代码存储于计算机可读媒体上或经由计算机可读媒体予以传输。其它实例及实施方案在本发明及所附权利要求书的范围及精神内。举例来说,归因于软件的性质,上文所描述的功能可使用由处理器、硬件、固件、硬连线或这些中的任何者的组合执行的软件实施。此外,各功能单元可以集成在一个处理单元中,也可以是各个单元单独物理存在,也可以两个或两个以上单元集成在一个单元中。The functionality described herein may be implemented in hardware, software executed by a processor, firmware, or any combination thereof. If implemented in software executed by a processor, the functions may be stored on or transmitted over as one or more instructions or code on a computer-readable medium. Other examples and implementations are within the scope and spirit of the invention and appended claims. For example, due to the nature of software, the functions described above may be implemented using software executed by a processor, hardware, firmware, hardwiring, or a combination of any of these. In addition, each functional unit can be integrated into one processing unit, or each unit can exist physically alone, or two or more units can be integrated into one unit.

在本申请所提供的几个实施例中,应该理解到,所揭露的技术内容,可通过其它的方式实现。其中,以上所描述的装置实施例仅仅是示意性的,例如所述单元的划分,可以为一种逻辑功能划分,实际实现时可以有另外的划分方式,例如多个单元或组件可以结合或者可以集成到另一个系统,或一些特征可以忽略,或不执行。另一点,所显示或讨论的相互之间的耦合或直接耦合或通信连接可以是通过一些接口,单元或模块的间接耦合或通信连接,可以是电性或其它的形式。In the several embodiments provided in this application, it should be understood that the disclosed technical content can be implemented in other ways. The device embodiments described above are only illustrative. For example, the division of the units may be a logical functional division. In actual implementation, there may be other division methods. For example, multiple units or components may be combined or may be Integrated into another system, or some features can be ignored, or not implemented. On the other hand, the coupling or direct coupling or communication connection between each other shown or discussed may be through some interfaces, and the indirect coupling or communication connection of the units or modules may be in electrical or other forms.

所述作为分离部件说明的单元可以是或者也可以不是物理上分开的,作为控制装置的部件可以是或者也可以不是物理单元,即可以位于一个地方,或者也可以分布到多个单元上。可以根据实际的需要选择其中的部分或者全部单元来实现本实施例方案的目的。The units described as separate components may or may not be physically separated, and the components described as control devices may or may not be physical units, that is, they may be located in one place, or they may be distributed to multiple units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of this embodiment.

所述集成的单元如果以软件功能单元的形式实现并作为独立的产品销售或使用时,可以存储在一个计算机可读取存储介质中。基于这样的理解,本发明的技术方案本质上或者说对现有技术做出贡献的部分或者该技术方案的全部或部分可以以软件产品的形式体现出来,该计算机软件产品存储在一个存储介质中,包括若干指令用以使得一台计算机设备(可为个人计算机、服务器或者网络设备等)执行本发明各个实施例所述方法的全部或部分步骤。而前述的存储介质包括:U盘、只读存储器(ROM,Read-Only Memory)、随机存取存储器(RAM,Random Access Memory)、移动硬盘、磁碟或者光盘等各种可以存储程序代码的介质。If the integrated unit is implemented in the form of a software functional unit and sold or used as an independent product, it may be stored in a computer-readable storage medium. Based on this understanding, the technical solution of the present invention is essentially or contributes to the existing technology or all or part of the technical solution can be embodied in the form of a software product, and the computer software product is stored in a storage medium , including several instructions to cause a computer device (which can be a personal computer, a server or a network device, etc.) to execute all or part of the steps of the method described in various embodiments of the present invention. The aforementioned storage media include: U disk, read-only memory (ROM, Read-Only Memory), random access memory (RAM, Random Access Memory), mobile hard disk, magnetic disk or optical disk and other media that can store program code. .

以上所述仅为本发明的实施例而已,并不用于限制本发明,对于本领域的技术人员来说,本发明可以有各种更改和变化。凡在本发明的精神和原则之内,所作的任何修改、等同替换、改进等,均应包含在本发明的权利要求范围。The above are only examples of the present invention and are not intended to limit the present invention. For those skilled in the art, the present invention may have various modifications and changes. Any modifications, equivalent substitutions, improvements, etc. made within the spirit and principles of the present invention shall be included in the scope of the claims of the present invention.

Claims (10)

1.一种车辆的WIFI安全测试方法,应用于测试设备,其特征在于,所述方法包括:1. A vehicle WIFI security testing method, applied to testing equipment, characterized in that the method includes: 与被测车辆建立WIFI连接;Establish a WIFI connection with the vehicle under test; 获取多个测试指令,基于所述WIFI连接将所述多个测试指令发送至所述被测车辆,以使所述被测车辆执行所述多个测试指令,对所述被测车辆的WIFI进行安全测试,得到测试结果;Acquire multiple test instructions, send the multiple test instructions to the vehicle under test based on the WIFI connection, so that the vehicle under test executes the multiple test instructions, and perform the WIFI on the vehicle under test Safety testing and obtaining test results; 接收所述被测车辆发送的所述测试结果;Receive the test results sent by the vehicle under test; 如果所述测试结果表征所述被测车辆的WIFI存在安全隐患,根据所述测试结果生成漏洞测试报告,所述漏洞测试报告包括对所述被测车辆的WIFI所存在漏洞的漏洞信息以及所述漏洞的修改建议。If the test results indicate that there is a security risk in the WIFI of the vehicle under test, a vulnerability test report is generated according to the test results, and the vulnerability test report includes vulnerability information about the vulnerabilities in the WIFI of the vehicle under test and the Suggestions for modifying the vulnerability. 2.根据权利要求1所述的车辆的WIFI安全测试方法,其特征在于,所述基于所述WIFI连接将所述多个测试指令发送至所述被测车辆,包括:2. The WIFI security testing method of a vehicle according to claim 1, wherein the sending the plurality of test instructions to the vehicle under test based on the WIFI connection includes: 将所述多个测试指令的一个测试指令发送至所述被测车辆,以使所述被测车辆进行WIFI安全测试的当前测试;Send one test instruction of the plurality of test instructions to the vehicle under test, so that the vehicle under test performs the current test of the WIFI security test; 响应于接收到所述被测车辆反馈的当前测试完成信号,从所述多个测试指令中选择下一个测试指令发送至所述被测车辆。In response to receiving the current test completion signal fed back by the vehicle under test, a next test instruction is selected from the plurality of test instructions and sent to the vehicle under test. 3.根据权利要求1所述的车辆的WIFI安全测试方法,其特征在于,所述基于所述WIFI连接将所述多个测试指令发送至所述被测车辆,包括:3. The WIFI security testing method of a vehicle according to claim 1, wherein the sending the plurality of test instructions to the vehicle under test based on the WIFI connection includes: 按照预设时间间隔,将所述多个测试指令一一发送至所述被测车辆,以使所述被测车辆按照接收顺序进行WIFI安全测试。According to the preset time interval, the plurality of test instructions are sent to the vehicle under test one by one, so that the vehicle under test performs the WIFI security test in the order of reception. 4.根据权利要求1所述的车辆的WIFI安全测试方法,其特征在于,所述基于所述WIFI连接将所述多个测试指令发送至所述被测车辆,包括:4. The WIFI security testing method of a vehicle according to claim 1, wherein the sending the plurality of test instructions to the vehicle under test based on the WIFI connection includes: 将所述多个测试指令合并得到测试指令集,并将所述测试指令集发送至所述被测车辆。The multiple test instructions are combined to obtain a test instruction set, and the test instruction set is sent to the vehicle under test. 5.根据权利要求1所述的车辆的WIFI安全测试方法,其特征在于,所述获取多个测试指令,包括:5. The vehicle WIFI security testing method according to claim 1, characterized in that said obtaining multiple test instructions includes: 获取多个测试内容;Get multiple test content; 向所述多个测试内容添加可执行命令,得到所述多个测试指令。Add executable commands to the multiple test contents to obtain the multiple test instructions. 6.根据权利要求5所述的车辆的WIFI安全测试方法,其特征在于,所述多个测试内容包括如下至少两个:6. The vehicle WIFI security testing method according to claim 5, characterized in that the plurality of test contents include at least two of the following: 协议栈漏洞测试内容;Protocol stack vulnerability testing content; 弱加密算法测试内容;Weak encryption algorithm test content; 拒绝服务攻击测试内容;Denial of service attack test content; 弱口令测试内容;Weak password test content; 端口开放测试内容;以及Port opening test content; and 钓鱼攻击测试内容。Phishing attack test content. 7.根据权利要求1所述的车辆的WIFI安全测试方法,其特征在于,所述根据所述测试结果生成漏洞测试报告,包括:7. The vehicle WIFI security testing method according to claim 1, characterized in that generating a vulnerability test report based on the test results includes: 基于所述测试结果,获取所述被测车辆的WIFI存在的多个漏洞;Based on the test results, obtain multiple vulnerabilities in the WIFI of the vehicle under test; 按照预设的危害评分原则对所述多个漏洞进行评分,以得到所述多个漏洞对应的漏洞等级;Score the multiple vulnerabilities according to preset hazard scoring principles to obtain vulnerability levels corresponding to the multiple vulnerabilities; 基于所述多个漏洞以及每个所述漏洞对应的漏洞等级,得到所述漏洞测试报告。Based on the multiple vulnerabilities and the vulnerability level corresponding to each vulnerability, the vulnerability test report is obtained. 8.一种车辆的WIFI安全测试方法,应用于被测车辆,其特征在于,包括:8. A vehicle WIFI security testing method, applied to the vehicle under test, characterized by including: 接收并响应于测试设备发送的WIFI连接请求,以使所述测试设备获取多个测试指令后,基于所述WIFI连接发送所述多个测试指令;Receive and respond to the WIFI connection request sent by the test device, so that after the test device obtains multiple test instructions, it sends the multiple test instructions based on the WIFI connection; 接收所述多个测试指令;Receive the multiple test instructions; 执行所述多个测试指令,对所述被测车辆的WIFI进行安全测试,得到测试结果;Execute the plurality of test instructions, conduct a safety test on the WIFI of the vehicle under test, and obtain test results; 将所述测试结果发送至所述测试设备,以使如果所述测试结果表征所述被测车辆的WIFI存在安全隐患,所述测试设备根据所述测试结果生成漏洞测试报告。The test results are sent to the test equipment, so that if the test results indicate that there is a security risk in the WIFI of the vehicle under test, the test equipment generates a vulnerability test report based on the test results. 9.一种车辆的WIFI安全测试系统,其特征在于,所述系统包括被测车辆和测试设备;9. A vehicle WIFI security testing system, characterized in that the system includes the vehicle under test and testing equipment; 所述测试设备,用于与所述被测车辆建立WIFI连接;The test equipment is used to establish a WIFI connection with the vehicle under test; 所述被测车辆,用于接收并响应于所述测试设备发送的WIFI连接请求;The vehicle under test is used to receive and respond to the WIFI connection request sent by the test device; 所述测试设备,还用于获取多个测试指令,基于所述WIFI连接将所述多个测试指令发送至所述被测车辆;The test equipment is also used to obtain multiple test instructions and send the multiple test instructions to the vehicle under test based on the WIFI connection; 所述被测车辆,还用于接收所述多个测试指令;执行所述多个测试指令,对所述被测车辆的WIFI进行安全测试,得到测试结果;将所述测试结果发送至所述测试设备;The vehicle under test is also used to receive the multiple test instructions; execute the multiple test instructions, conduct a safety test on the WIFI of the vehicle under test, and obtain test results; and send the test results to the Test Equipment; 所述测试设备,还用于接收所述被测车辆发送的所述测试结果;如果所述测试结果表征所述被测车辆的WIFI存在安全隐患,根据所述测试结果生成漏洞测试报告,所述漏洞测试报告包括对所述被测车辆的WIFI所存在漏洞的漏洞信息以及所述漏洞的修改建议。The test equipment is also used to receive the test results sent by the vehicle under test; if the test results indicate that there is a security risk in the WIFI of the vehicle under test, generate a vulnerability test report according to the test results, The vulnerability test report includes vulnerability information about the vulnerabilities existing in the WIFI of the vehicle under test and suggestions for modifying the vulnerabilities. 10.一种电子设备,其特征在于,包括:存储器、处理器及存储在存储器上并可在处理器上运行的计算机程序,所述处理器执行所述计算机程序时实现权利要求1-7中任一项所述方法,或者实现权利要求8中任一项所述方法。10. An electronic device, characterized in that it includes: a memory, a processor, and a computer program stored in the memory and executable on the processor. When the processor executes the computer program, claims 1-7 are implemented. Any one of the methods described in claim 8, or any one of the methods described in claim 8.
CN202311049207.3A 2023-08-18 2023-08-18 Vehicle WIFI security testing methods, systems and equipment Pending CN117177245A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202311049207.3A CN117177245A (en) 2023-08-18 2023-08-18 Vehicle WIFI security testing methods, systems and equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202311049207.3A CN117177245A (en) 2023-08-18 2023-08-18 Vehicle WIFI security testing methods, systems and equipment

Publications (1)

Publication Number Publication Date
CN117177245A true CN117177245A (en) 2023-12-05

Family

ID=88943974

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202311049207.3A Pending CN117177245A (en) 2023-08-18 2023-08-18 Vehicle WIFI security testing methods, systems and equipment

Country Status (1)

Country Link
CN (1) CN117177245A (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113365286A (en) * 2020-03-04 2021-09-07 上海擎感智能科技有限公司 Wireless network performance test method, system and computer storage medium
CN217546084U (en) * 2022-04-01 2022-10-04 博泰车联网科技(上海)股份有限公司 Anti-interference test system of on-vehicle wiFi module
CN115168219A (en) * 2022-07-21 2022-10-11 中汽创智科技有限公司 Vehicle information safety testing method and device and storage medium
CN115396896A (en) * 2022-10-27 2022-11-25 中汽研软件测评(天津)有限公司 Vehicle WiFi information safety testing method and device

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113365286A (en) * 2020-03-04 2021-09-07 上海擎感智能科技有限公司 Wireless network performance test method, system and computer storage medium
CN217546084U (en) * 2022-04-01 2022-10-04 博泰车联网科技(上海)股份有限公司 Anti-interference test system of on-vehicle wiFi module
CN115168219A (en) * 2022-07-21 2022-10-11 中汽创智科技有限公司 Vehicle information safety testing method and device and storage medium
CN115396896A (en) * 2022-10-27 2022-11-25 中汽研软件测评(天津)有限公司 Vehicle WiFi information safety testing method and device

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
王冬海,雷璟,马进胜,彭武: "信息安全仿真验证技术", 31 December 2015, pages: 101 - 104 *

Similar Documents

Publication Publication Date Title
US9003519B2 (en) Verifying transactions using out-of-band devices
RU2680736C1 (en) Malware files in network traffic detection server and method
EP3061027B1 (en) Verifying the security of a remote server
US8966642B2 (en) Trust verification of a computing platform using a peripheral device
CN101621520B (en) Method and system for platform-based trust verification services for multi-party verification
WO2023151354A2 (en) Data transmission method and system, and first end, intermediate network device and control device
US9015481B2 (en) Methods and systems for access security for dataloading
US8826410B2 (en) Device API for securely monitoring and managing mobile broadband devices
US10152587B2 (en) Device pairing method
CN114499974B (en) Device detection method, device, computer device and storage medium
CN110768951A (en) Method and device for verifying system vulnerability, storage medium, and electronic device
WO2021128988A1 (en) Authentication method and device
CN111291372A (en) Method and device for detecting terminal equipment file based on software gene technology
CN115883170A (en) Network flow data monitoring and analyzing method and device, electronic equipment and storage medium
JP2010263310A (en) Wireless communication device, wireless communication monitoring system, wireless communication method, and program
US20240422014A1 (en) Tee-based method to establish trusted and secure channel between the user and public cloud environment, apparatus, computer device, and readable storage medium
KR101494329B1 (en) System and Method for detecting malignant process
CN101527636A (en) Platform recognition and management method suitable to ternary-equally recognizing credible network connecting architecture
WO2022021256A1 (en) Association control method and related apparatus
CN117177245A (en) Vehicle WIFI security testing methods, systems and equipment
CN108282786B (en) Method and equipment for detecting DNS spoofing attack in wireless local area network
CN118779924A (en) Equipment safety assessment method, device, equipment and medium
US8474046B1 (en) Systems and methods for identifying the spreading of sensitive data by a suspicious application
US10193899B1 (en) Electronic communication impersonation detection
CN114978544A (en) Access authentication method, device, system, electronic equipment and medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination