CN117494148A - Security detection method, security detection device, terminal equipment and computer readable storage medium - Google Patents
Security detection method, security detection device, terminal equipment and computer readable storage medium Download PDFInfo
- Publication number
- CN117494148A CN117494148A CN202410004052.XA CN202410004052A CN117494148A CN 117494148 A CN117494148 A CN 117494148A CN 202410004052 A CN202410004052 A CN 202410004052A CN 117494148 A CN117494148 A CN 117494148A
- Authority
- CN
- China
- Prior art keywords
- data
- sensitive information
- information
- target equipment
- acquiring
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000001514 detection method Methods 0.000 title claims abstract description 89
- 238000003860 storage Methods 0.000 title claims abstract description 14
- 230000006854 communication Effects 0.000 claims abstract description 54
- 238000004891 communication Methods 0.000 claims abstract description 54
- 238000000034 method Methods 0.000 claims abstract description 39
- 238000012795 verification Methods 0.000 claims abstract description 32
- 238000004590 computer program Methods 0.000 claims description 19
- 230000006870 function Effects 0.000 claims description 11
- 238000012545 processing Methods 0.000 claims description 10
- 238000010586 diagram Methods 0.000 description 14
- 230000008569 process Effects 0.000 description 7
- 230000035515 penetration Effects 0.000 description 6
- 238000011156 evaluation Methods 0.000 description 5
- 238000007726 management method Methods 0.000 description 5
- 230000005540 biological transmission Effects 0.000 description 4
- 238000005516 engineering process Methods 0.000 description 4
- 230000004044 response Effects 0.000 description 4
- 238000012360 testing method Methods 0.000 description 4
- 230000008878 coupling Effects 0.000 description 3
- 238000010168 coupling process Methods 0.000 description 3
- 238000005859 coupling reaction Methods 0.000 description 3
- 238000011161 development Methods 0.000 description 3
- 238000004422 calculation algorithm Methods 0.000 description 2
- 238000004519 manufacturing process Methods 0.000 description 2
- 238000010998 test method Methods 0.000 description 2
- 238000012546 transfer Methods 0.000 description 2
- 238000004458 analytical method Methods 0.000 description 1
- 238000013473 artificial intelligence Methods 0.000 description 1
- 230000007175 bidirectional communication Effects 0.000 description 1
- 238000013480 data collection Methods 0.000 description 1
- 238000013524 data verification Methods 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000009826 distribution Methods 0.000 description 1
- 239000003814 drug Substances 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 230000010354 integration Effects 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 239000000463 material Substances 0.000 description 1
- 235000012054 meals Nutrition 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000008439 repair process Effects 0.000 description 1
- 238000011160 research Methods 0.000 description 1
- 238000005070 sampling Methods 0.000 description 1
- 239000007787 solid Substances 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 238000010408 sweeping Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/03—Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
- G06F2221/034—Test or assess a computer or a system
Landscapes
- Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Computing Systems (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Storage Device Security (AREA)
- Debugging And Monitoring (AREA)
Abstract
The application is applicable to the technical field of security detection methods, and provides a security detection method, a device, a terminal device and a computer readable storage medium, comprising: acquiring first data, wherein the first data is detection data of target equipment obtained through a communication serial port; acquiring second data, wherein the second data is detection data of target equipment obtained through a universal serial bus; detecting sensitive information from the first data and the second data; obtaining vulnerability database information, wherein the vulnerability database information comprises standard data corresponding to the sensitive information; and performing vulnerability verification on the target equipment according to the sensitive information and the corresponding standard data thereof to obtain a verification result. By the method, part of tedious and repeated work can be automatically completed, and the efficiency of safety detection work is improved.
Description
Technical Field
The application belongs to the technical field of security detection methods, and particularly relates to a security detection method, a security detection device, terminal equipment and a computer readable storage medium.
Background
The global service robot breeds new development opportunities, forms an emerging growing point of the industry with a new scale, and promotes the rapid growth of the market scale. However, the service robots of various forms of manufacturers are faced with different functional structures, and safety detection needs to be carried out on the robots, so that stable and reliable services can be continuously provided.
At present, the method mainly adopted for safety evaluation of the service robot is a penetration type method, but because of complex interfaces and various protocols of the robot, the penetration type method needs to manually carry out a plurality of trivial and repeated works when the safety evaluation is carried out on the robot, so that the safety detection working efficiency is low.
Disclosure of Invention
The embodiment of the application provides a safety detection method, a safety detection device, terminal equipment and a computer readable storage medium, which can automatically complete part of tedious and repeated work and improve the efficiency of safety detection work.
In a first aspect, an embodiment of the present application provides a security detection method, including:
acquiring first data, wherein the first data is detection data of target equipment obtained through a communication serial port;
acquiring second data, wherein the second data is detection data of target equipment obtained through a universal serial bus;
detecting sensitive information from the first data and the second data;
obtaining vulnerability database information, wherein the vulnerability database information comprises standard data corresponding to the sensitive information;
and performing vulnerability verification on the target equipment according to the sensitive information and the corresponding standard data thereof to obtain a verification result.
In the embodiment of the application, the serial port module and the USB detection module are used for respectively collecting data information, namely detection data, of the target equipment, the collected detection data are matched according to a sensitive information base built in the system to obtain sensitive information, the sensitive information is the data of the target equipment, the vulnerability possibly exists, and finally the vulnerability is determined through a vulnerability verification method. By the method, partial tedious and repeated work of safety evaluation can be effectively and fully automatically completed, and the efficiency of safety detection work is improved.
In a possible implementation manner of the first aspect, the acquiring the first data includes:
establishing a serial communication interface between the target equipment and the target equipment;
configuring serial port parameters according to the serial port communication interface, wherein the serial port parameters comprise at least one of the following: baud rate, data bits, and flow control parameters;
and when the serial communication interface is started, performing function detection on the target equipment according to the serial parameters to acquire the first data.
In a possible implementation manner of the first aspect, the acquiring the second data includes:
establishing a debug bridge, wherein the debug bridge is a command line tool for establishing communication with the target equipment;
and acquiring the second data according to the debug bridge.
In a possible implementation manner of the first aspect, the detecting sensitive information according to the first data and the second data includes:
acquiring an operating system of a target device, wherein the operating system comprises any one of the following components: ubuntu, android and ROS;
obtaining matching library information, wherein the matching library information comprises standard parameters corresponding to various types of operating systems;
and determining sensitive information from the first data and the second data according to the matching library information and the operating system of the target device.
In a possible implementation manner of the first aspect, the determining, according to the matching library information and the operating system of the target device, sensitive information from the first data and the second data includes:
searching standard parameters corresponding to an operating system of the target equipment in the matching library information;
and respectively carrying out matching processing on the first data and the second data and the standard parameters to obtain the sensitive information.
In a possible implementation manner of the first aspect, after performing vulnerability verification according to the matching information to obtain a verification result, the method further includes:
and generating a security detection report according to the verification result.
In a second aspect, embodiments of the present application provide a security detection device, including:
the first acquisition module is used for acquiring first data, wherein the first data is detection data of target equipment obtained through a communication serial port;
the second acquisition module is used for acquiring second data, wherein the second data is detection data of target equipment obtained through a universal serial bus;
the detection module is used for detecting sensitive information according to the first data and the second data;
the third acquisition module is used for acquiring vulnerability database information, wherein the vulnerability database information comprises standard data corresponding to the sensitive information;
and the verification module is used for performing vulnerability verification on the target equipment according to the sensitive information and the corresponding standard data thereof to obtain a verification result.
In a second aspect, an embodiment of the present application provides a terminal device, including a memory, a processor, and a computer program stored in the memory and executable on the processor, where the processor implements the security detection method according to any one of the first aspects when the processor executes the computer program.
In a third aspect, embodiments of the present application provide a computer readable storage medium storing a computer program which, when executed by a processor, implements a security detection method as in any one of the first aspects above.
In a fourth aspect, embodiments of the present application provide a computer program product for, when run on a terminal device, causing the terminal device to perform the security detection method according to any one of the first aspects.
It will be appreciated that the advantages of the second to fourth aspects may be found in the relevant description of the first aspect and are not repeated here.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings that are required for the embodiments or the description of the prior art will be briefly described below, it being obvious that the drawings in the following description are only some embodiments of the present application, and that other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
Fig. 1 is a system flow diagram of a security detection method according to an embodiment of the present application;
FIG. 2 is a schematic diagram of acquiring first data according to an embodiment of the present application;
FIG. 3 is a schematic diagram of acquiring second data according to an embodiment of the present application;
FIG. 4 is a schematic diagram of detecting sensitive information provided by an embodiment of the present application;
FIG. 5 is a schematic diagram of a security detection method according to an embodiment of the present disclosure;
FIG. 6 is a schematic structural diagram of a security detection device according to an embodiment of the present disclosure;
fig. 7 is a schematic structural diagram of a terminal device provided in an embodiment of the present application.
Detailed Description
In the following description, for purposes of explanation and not limitation, specific details are set forth, such as particular system configurations, techniques, etc. in order to provide a thorough understanding of the embodiments of the present application. It will be apparent, however, to one skilled in the art that the present application may be practiced in other embodiments that depart from these specific details. In other instances, detailed descriptions of well-known systems, devices, circuits, and methods are omitted so as not to obscure the description of the present application with unnecessary detail.
It should be understood that the terms "comprises" and/or "comprising," when used in this specification and the appended claims, specify the presence of stated features, integers, steps, operations, elements, and/or components, but do not preclude the presence or addition of one or more other features, integers, steps, operations, elements, components, and/or groups thereof.
It should also be understood that the term "and/or" as used in this specification and the appended claims refers to any and all possible combinations of one or more of the associated listed items, and includes such combinations.
As used in this specification and the appended claims, the term "if" may be interpreted as "when..once" or "in response to a determination" or "in response to detection" depending on the context. Similarly, the phrase "if a determination" or "if a [ described condition or event ] is detected" may be interpreted in the context of meaning "upon determination" or "in response to determination" or "upon detection of a [ described condition or event ]" or "in response to detection of a [ described condition or event ]".
In addition, in the description of the present application and the appended claims, the terms "first," "second," "third," and the like are used merely to distinguish between descriptions and are not to be construed as indicating or implying relative importance.
Reference in the specification to "one embodiment" or "some embodiments" or the like means that a particular feature, structure, or characteristic described in connection with the embodiment is included in one or more embodiments of the application. Thus, appearances of the phrases "in one embodiment," "in some embodiments," "in other embodiments," and the like in the specification are not necessarily all referring to the same embodiment, but mean "one or more but not all embodiments" unless expressly specified otherwise.
With the rapid development of intelligent technology, intelligent robots have been widely used in high and new industries such as equipment manufacturing, new materials, biological medicine, intelligent new energy, etc. The development of the integration of robots with artificial intelligence technology, advanced manufacturing technology and internet technology has driven the revolution of human lifestyles. Especially to serve robots, has great potential. Service robots are widely used in various industries. However, the functional structure of service robots is different from each other in various forms for each manufacturer. Therefore, comprehensive safety detection is required for the service robot, and stable and reliable service can be continuously provided.
The security assessment aiming at the service robot mainly adopts a traditional penetration type test method, and the penetration type test method generally takes an operating system, a database, an application program and network equipment as objects, so that a series of mature and complete processes and methods of information collection, vulnerability scanning, vulnerability exploitation, authority improvement and the like are formed, and the security risk existing in a target system can be effectively detected. However, compared with the traditional IT system, the service robot serving as intelligent equipment integrating software and hardware has the structure and characteristics of the service robot, and the traditional penetration test means cannot be fully applied.
At present, the safety assessment aiming at the service robot is mainly based on manual testing, and the module of the robot, which possibly has safety risk, is tested by using various software and hardware tools and instruments in combination with the characteristics of the robot by referring to the thought of the traditional penetration test. Because of the complex robot interface and various protocols, the method can require a lot of manual and repeated work, and the efficiency and the result are not ideal.
In order to solve the problems in the prior art, the embodiment of the application provides a security detection method. According to the method, data information, namely detection data, of target equipment is collected through a serial port module and a USB detection module respectively, the collected detection data are subjected to matching processing according to a sensitive information base arranged in a system to obtain sensitive information, the sensitive information is data bits or other information which possibly has harm and is likely to have loopholes of the target equipment, and finally the existence of the loopholes is determined through a loophole verification determination method. By the method, partial tedious and repeated work of safety evaluation can be effectively and fully automatically completed, and the efficiency of safety detection work is improved.
Referring to fig. 1, a system flow diagram of a security detection method according to an embodiment of the present application is shown. By way of example, and not limitation, the method includes the steps of:
step S101, first data is acquired, wherein the first data is detection data of target equipment obtained through a communication serial port.
In the embodiment of the present application, the target device may be a device including a self-mobile auxiliary function, or may be a semi-autonomous or fully autonomous service robot device, for example, a service type device such as a meal delivery robot, a sweeping robot, or the like. The target devices of the present application are collectively referred to as service robots.
Because the service robots have different forms and functional structures, the service robots need to be comprehensively and safely detected, so that the service robots can continuously provide stable and reliable services. First, the service robot needs to collect information of the service robot before safety evaluation.
According to the service robot data, the data of the service robot are collected in two data collection modes. The first data such as serial port starting and port sensitive information are acquired by adopting a communication serial port.
The communication serial port is a serial port, which is simply called a "serial port", also called a "serial communication interface" or a "serial communication interface" (generally referred to as a COM port), and is an expansion interface adopting a serial communication method. The serial interface is a bit-by-bit sequential transfer of data. The communication line is simple, and two-way communication can be realized by only one pair of transmission lines.
In one embodiment, referring to fig. 2, a schematic diagram of acquiring first data according to an embodiment of the present application is provided. As shown in fig. 2, one implementation of step S101 includes:
step S201, a serial communication interface between the target device and the target device is established.
In the embodiment of the application, a serial communication interface for communicating with the service robot needs to be configured before the first data is collected, and the communication interface refers to an interface between the central processing unit and the standard communication subsystem.
Since data transfer between computers or between computers and terminal devices can be performed in both serial communication and parallel communication. Because the serial communication mode has the advantages of less used lines and low cost, the method avoids inconsistent characteristics of a plurality of lines and is widely adopted particularly in remote transmission. In serial communication, two parties of communication are required to adopt a standard interface so that different devices can be conveniently connected for communication. For example, an RS-232-C interface is the most commonly used serial communication interface, which is a standard serial interface with simple communication lines, and can perform point-to-point bidirectional communication with a host computer by only using one cross wire. The communication interface is mostly in an industrial personal computer and part of communication equipment.
Step S202, configuring serial port parameters according to the serial port communication interface, wherein the serial port parameters comprise at least one of the following: baud rate, data bits, and flow control parameters.
In the embodiment of the present application, serial ports are used for transmission of ASCLL code characters, and three first-completed, i.e., ground, transmitting and receiving, are typically used. Because serial communication is asynchronous, a port is able to send data on one line while receiving data on another line. In order to properly realize communication between serial ports, parameters of the serial ports must be set. Common serial parameters include baud rate, data bits, stop bits, check bits, and the like. Illustratively, the baud rate is a parameter that measures the rate of transmission, and represents the number of symbols transmitted per second, e.g., 300 baud rate represents 300 symbols transmitted per second. When we refer to the clock period, we refer to the baud rate, and if the protocol requires 4800 baud rate, then the clock is 4800HZ, meaning that the serial communication is at a sampling rate of 4800HZ on the data.
Step S203, when the serial communication interface is enabled, performing function detection on the target device according to the serial parameter, and obtaining first data.
In this embodiment of the present application, after the connection of the serial port is established, it is required to determine whether the serial port is enabled. If the serial port is enabled, the service robot risks the debug interface not being closed. At this time, the control system automatically performs functional detection such as enabling detection, sensitive information detection, identity verification, etc., and exemplary sensitive information detection, the sensitive information refers to important information such as technical data, customer data, database, etc. The data obtained through the function detection can be displayed on the monitoring page. The detected data is the first data.
In the method, the sensitive information such as the service robot port, serial port starting and the like can be acquired through the management of the communication serial port and the detection of the sensitive information.
Step S102, second data is acquired, wherein the second data is detection data of the target device obtained through the universal serial bus.
In the embodiment of the application, a universal serial bus (Universal Serial Bus, USB) is a data communication mode, which is used for standardizing the connection and communication between a computer and an external device. The data acquisition mode of this application falls into two kinds, and the sensitive information of service robot that above-mentioned first data of gathering obtained mainly through communication serial ports. After that, second data, which is data of an operating system such as a service robot system version, is required to be acquired. The second data is acquired mainly by a USB detection module, and after USB detection is performed from a USB port connected to the robot to the notebook computer, the module can automatically extract system information of the service robot and the like.
In one embodiment, referring to fig. 3, a schematic diagram of acquiring second data according to an embodiment of the present application is provided. As shown in fig. 3, one implementation of step S102 includes:
step S301, a debug bridge is established, where the debug bridge is a command line tool that establishes communication with the target device.
In an embodiment of the present application, the debug bridge (Android Debug Bridge, ADB) is a versatile command line tool that can communicate with devices. The ADB commands may be used to perform various device operations, such as installing and debugging applications. The ADB is firstly required to be established and the ADB is required to be debugged before the ADB command is adopted to access the service robot, the ADB command can be used to access the service robot after the debugging is successful,
step S302, obtaining the second data according to the debug bridge.
In the embodiment of the application, after the ADB connection is established, the Android system version of the service robot, the corresponding application program version, the hardware related information and the like can be acquired through the ADB command, and the acquired information is the second data.
Step S103, detecting sensitive information according to the first data and the second data.
In the embodiment of the application, detection of sensitive information is performed on the acquired data to determine information that may be at risk of data leakage. The detection method includes that the first data and the second data are matched with standard sensitive information respectively, or the first data and the second data are combined into third data, the third data are matched with standard parameters of a sensitive information database, and if the matching is successful, the risk of data leakage possibly exists in the data.
In one embodiment, referring to fig. 4, a schematic diagram of detecting sensitive information provided in an embodiment of the present application is shown. As shown in fig. 4, one implementation of step S103 includes:
step S401, acquiring an operating system of the target device, where the operating system includes any one of the following: ubuntu, android and ROS.
In the embodiment of the application, the operating system refers to the hardware and software resources of the whole computer system, and reasonably organizes and schedules the work of the computer and the allocation of the resources so as to provide a convenient interface and environment for users and other software, and is the most basic system software in the computer system.
For the robot field, since the robot is a multi-expertise intersecting discipline, it generally involves sensors, drivers, multi-machine communication, mechanical structures, algorithms, and the like, and thus an operation system of the robot is complicated. The operating system for the mainstream service robot includes Ubuntu, android and ROS. Illustratively, ROS (Robot Opetating System) is an open source system (strictly speaking, an operating system middleware) that operates the robot on a computer. It provides functionality similar to that provided by operating systems, including hardware abstraction, underlying driver management, execution of common functions, messaging between program components, program distribution package management, and it also provides tools and libraries for retrieving, building, writing, and running multi-machine integrated programs.
In the application, when detecting the sensitive information, it is first required to acquire which of the above operating systems of the service robot is and to detect the sensitive information in a targeted manner according to the characteristics of the system.
Step S402, obtaining matching library information, wherein the matching library information comprises standard parameters corresponding to various types of operating systems.
In the embodiment of the application, a matching library is arranged in the detection system, and the content in the matching library is standard data corresponding to all sensitive information of all the service robot systems, namely standard parameters. Its matching library is also called a database.
The database in which the data is typically stored is a relational database, and MySQL is an exemplary relational database management system, where the relational database stores data in different tables, instead of placing all data in one large repository, all standard contents of the database, i.e., the matching database, can be obtained by accessing the database through the SQL language. Further, if the database is a non-relational database, other script modes may be adopted to obtain the database.
Step S403, determining sensitive information from the first data and the second data according to the matching library information and the operating system of the target device.
In the embodiment of the application, the first data and the second data which are data detected and output from the serial port and the USB are collected and matched with the obtained operating system, the matching library information and the like of the service robot to determine the data possibly having information leakage risk. The sensitive information comprises information such as web service, port, hardware version, control instruction of robot, account number and the like.
In one embodiment, one implementation of step S403 includes:
searching standard parameters corresponding to an operating system of the target equipment in the matching library information;
and respectively carrying out matching processing on the first data and the second data and the standard parameters to obtain the sensitive information.
In this embodiment of the present application, after determining the operating system of the service robot, standard parameter information corresponding to the operating system may be determined from the matching library through a command statement.
For example, if the collected sensitive information in the first data is port information and the system version of the service robot collected by the second data is an Android system, all parameter information of the operating system, which is the Android system, needs to be selected from the matching database through command sentences. And the port data standard parameters are matched with the port data in the first data according to a certain rule, wherein the rule can be character matching and the like. Thereby determining sensitive information.
In the method, the data of the service robot can be initially screened out by comparing the data with the standard sensitive data, so that a foundation is further laid for judging the loopholes.
Step S104, obtaining vulnerability database information, wherein the vulnerability database information comprises standard data corresponding to the sensitive information.
In the embodiment of the application, the vulnerability database is a platform for collecting, maintaining and sharing information about discovered vulnerabilities.
The security vulnerability database is mainly designed and realized, and research, assignment and implementation of relevant national standards of the vulnerability are carried out, so that sharing of security vulnerability data information is realized, and related information of the security vulnerability can be quickly, even and accurately transmitted to various organizations and individuals. Therefore, the loophole library information can be acquired through the security loophole database, and the information in the security loophole database comprises the standard parameters corresponding to the sensitive information.
Step 105, performing vulnerability verification on the target device according to the sensitive information and the standard data corresponding to the sensitive information to obtain verification results,
sensitive information of the service robot, which possibly has vulnerability risk, obtained through vulnerability scanning is matched with standard parameter remembering in the vulnerability library information, and if the matching is successful, a corresponding POC module, namely a script module is further used for vulnerability verification, so that the existence of the vulnerability is determined.
In one embodiment, after performing vulnerability verification according to the matching information to obtain a verification result, the method further includes:
and generating a security detection report according to the verification result.
In the embodiment of the application, the software security test report is a detection document which can be generated after the security assessment work is finished, and the document finds out the defects and the loopholes of the software by carrying out integral assessment on the security quality of the software, so that a solid foundation is laid for a developer to repair the loopholes and improve the quality of the software.
Referring to fig. 5, which is a schematic structural diagram of a security detection method provided in an embodiment of the present application, as shown in fig. 5, the present application obtains basic data such as a port of a service robot, a system version hardware and the like through a communication serial port management module and a USB detection module, matches the data with sensitive information built in a system and determines sensitive information that may have a vulnerability, and finally matches and verifies the sensitive information that may have a vulnerability with vulnerability library data to determine the presence of the vulnerability. By the aid of the safety detection method adopting hardware access, data support, detection analysis and data verification, partial tedious and repeated work can be effectively and fully automatically completed, and efficiency of safety detection work is improved.
It should be understood that the sequence number of each step in the foregoing embodiment does not mean that the execution sequence of each process should be determined by the function and the internal logic of each process, and should not limit the implementation process of the embodiment of the present application in any way.
Fig. 6 is a block diagram of a security detection device according to an embodiment of the present application, corresponding to the security assessment method described in the above embodiment, and only a portion related to the embodiment of the present application is shown for convenience of explanation.
Referring to fig. 6, the apparatus includes:
the first obtaining module 61 is configured to obtain first data, where the first data is detection data of a target device obtained through a communication serial port;
a second acquiring module 62, configured to acquire second data, where the second data is detection data of the target device obtained through the universal serial bus;
a detection module 63 for detecting sensitive information from the first data and the second data;
a third obtaining module 64, configured to obtain vulnerability database information, where the vulnerability database information includes standard data corresponding to the sensitive information;
and the verification module 65 is configured to perform vulnerability verification on the target device according to the sensitive information and the corresponding standard data thereof, so as to obtain a verification result.
Optionally, the first obtaining module 61 is further configured to:
establishing a serial communication interface between the target equipment and the target equipment;
configuring serial port parameters according to the serial port communication interface, wherein the serial port parameters comprise at least one of the following: baud rate, data bits, and flow control parameters;
and when the serial communication interface is started, performing function detection on the target equipment according to the serial parameters to acquire the first data.
Optionally, the second obtaining module 62 is further configured to:
establishing a debug bridge, wherein the debug bridge is a command line tool for establishing communication with the target equipment;
and acquiring the second data according to the debug bridge.
Optionally, the detection module 63 is further configured to:
acquiring an operating system of a target device, wherein the operating system comprises any one of the following components: ubuntu, android and ROS;
obtaining matching library information, wherein the matching library information comprises standard parameters corresponding to various types of operating systems;
and determining sensitive information from the first data and the second data according to the matching library information and the operating system of the target device.
Optionally, the detection module 63 is further configured to:
searching standard parameters corresponding to an operating system of the target equipment in the matching library information;
and respectively carrying out matching processing on the first data and the second data and the standard parameters to obtain the sensitive information.
Optionally, the verification module 65 is further configured to:
and generating a security detection report according to the verification result.
It should be noted that, because the content of information interaction and execution process between the above devices/units is based on the same concept as the method embodiment of the present application, specific functions and technical effects thereof may be referred to in the method embodiment section, and will not be described herein again.
In addition, the security detection device shown in fig. 6 may be a software unit, a hardware unit, or a unit combining both of them, which are built in an existing terminal device, or may be integrated into the terminal device as an independent pendant, or may exist as an independent terminal device.
It will be apparent to those skilled in the art that, for convenience and brevity of description, only the above-described division of the functional units and modules is illustrated, and in practical application, the above-described functional distribution may be performed by different functional units and modules according to needs, i.e. the internal structure of the apparatus is divided into different functional units or modules to perform all or part of the above-described functions. The functional units and modules in the embodiment may be integrated in one processing unit, or each unit may exist alone physically, or two or more units may be integrated in one unit, where the integrated units may be implemented in a form of hardware or a form of a software functional unit. In addition, specific names of the functional units and modules are only for convenience of distinguishing from each other, and are not used for limiting the protection scope of the present application. The specific working process of the units and modules in the above system may refer to the corresponding process in the foregoing method embodiment, which is not described herein again.
Fig. 7 is a schematic structural diagram of a terminal device provided in an embodiment of the present application. As shown in fig. 7, the terminal device 7 of this embodiment includes: at least one processor 70 (only one shown in fig. 7), a memory 71, and a computer program 72 stored in the memory 71 and executable on the at least one processor 70, the processor 70 implementing the steps in any of the various security assessment method embodiments described above when executing the computer program 72.
The terminal equipment can be computing equipment such as a desktop computer, a notebook computer, a palm computer, a cloud server and the like. The terminal device may include, but is not limited to, a processor, a memory. It will be appreciated by those skilled in the art that fig. 7 is merely an example of the terminal device 7 and is not limiting of the terminal device 7, and may include more or fewer components than shown, or may combine certain components, or different components, such as may also include input-output devices, network access devices, etc.
The processor 70 may be a central processing unit (Central Processing Unit, CPU) and the processor 70 may be other general purpose processors, a digital signal processor (Digital Signal Processor, DSP), an application specific integrated circuit (Application Specific Integrated Circuit, ASIC), an off-the-shelf programmable gate array (Field-Programmable Gate Array, FPGA) or other programmable logic device, discrete gate or transistor logic, discrete hardware components, or the like. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like.
The memory 71 may in some embodiments be an internal storage unit of the terminal device 7, such as a hard disk or a memory of the terminal device 7. The memory 71 may in other embodiments also be an external storage device of the terminal device 7, such as a plug-in hard disk, a Smart Media Card (SMC), a Secure Digital (SD) Card, a Flash memory Card (Flash Card) or the like, which are provided on the terminal device 7. Further, the memory 71 may also include both an internal storage unit and an external storage device of the terminal device 7. The memory 71 is used for storing an operating system, application programs, boot Loader (Boot Loader), data, other programs, etc., such as program codes of the computer program. The memory 71 may also be used for temporarily storing data that has been output or is to be output
Embodiments of the present application also provide a computer readable storage medium storing a computer program, which when executed by a processor, may implement the steps in the above-described method embodiments.
The present embodiments provide a computer program product which, when run on a terminal device, causes the terminal device to perform steps that enable the respective method embodiments described above to be implemented.
The integrated units, if implemented in the form of software functional units and sold or used as stand-alone products, may be stored in a computer readable storage medium. Based on such understanding, the present application implements all or part of the flow of the method of the above embodiments, and may be implemented by a computer program to instruct related hardware, where the computer program may be stored in a computer readable storage medium, where the computer program, when executed by a processor, may implement the steps of each of the method embodiments described above. Wherein the computer program comprises computer program code which may be in source code form, object code form, executable file or some intermediate form etc. The computer readable medium may include at least: any entity or device capable of carrying computer program code to an apparatus/terminal device, recording medium, computer Memory, read-Only Memory (ROM), random access Memory (RAM, random Access Memory), electrical carrier signals, telecommunications signals, and software distribution media. Such as a U-disk, removable hard disk, magnetic or optical disk, etc. In some jurisdictions, computer readable media may not be electrical carrier signals and telecommunications signals in accordance with legislation and patent practice.
In the foregoing embodiments, the descriptions of the embodiments are emphasized, and in part, not described or illustrated in any particular embodiment, reference is made to the related descriptions of other embodiments.
Those of ordinary skill in the art will appreciate that the various illustrative elements and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware, or combinations of computer software and electronic hardware. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the solution. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present application.
In the embodiments provided in the present application, it should be understood that the disclosed apparatus/terminal device and method may be implemented in other manners. For example, the apparatus/terminal device embodiments described above are merely illustrative, e.g., the division of the modules or units is merely a logical function division, and there may be additional divisions in actual implementation, e.g., multiple units or components may be combined or integrated into another system, or some features may be omitted or not performed. Alternatively, the coupling or direct coupling or communication connection shown or discussed may be an indirect coupling or communication connection via interfaces, devices or units, which may be in electrical, mechanical or other forms.
The units described as separate units may or may not be physically separate, and units shown as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units may be selected according to actual needs to achieve the purpose of the solution of this embodiment.
The above embodiments are only for illustrating the technical solution of the present application, and are not limiting; although the present application has been described in detail with reference to the foregoing embodiments, it should be understood by those of ordinary skill in the art that: the technical scheme described in the foregoing embodiments can be modified or some technical features thereof can be replaced by equivalents; such modifications and substitutions do not depart from the spirit and scope of the technical solutions of the embodiments of the present application, and are intended to be included in the scope of the present application.
Claims (9)
1. A security detection method, comprising:
acquiring first data, wherein the first data is detection data of target equipment obtained through a communication serial port;
acquiring second data, wherein the second data is detection data of target equipment obtained through a universal serial bus;
detecting sensitive information from the first data and the second data;
obtaining vulnerability database information, wherein the vulnerability database information comprises standard data corresponding to the sensitive information;
and performing vulnerability verification on the target equipment according to the sensitive information and the corresponding standard data thereof to obtain a verification result.
2. The security detection method of claim 1, wherein the acquiring the first data comprises:
establishing a serial communication interface between the target equipment and the target equipment;
configuring serial port parameters according to the serial port communication interface, wherein the serial port parameters comprise at least one of the following: baud rate, data bits, and flow control parameters;
and when the serial communication interface is started, performing function detection on the target equipment according to the serial parameters to acquire first data.
3. The security detection method of claim 1, wherein the acquiring the second data comprises:
establishing a debug bridge, wherein the debug bridge is a command line tool for establishing communication with the target equipment;
and acquiring the second data according to the debug bridge.
4. The security detection method of claim 1, wherein detecting sensitive information from the first data and the second data comprises:
acquiring an operating system of a target device, wherein the operating system comprises any one of the following components: ubuntu, android and ROS;
obtaining matching library information, wherein the matching library information comprises standard parameters corresponding to various types of operating systems;
and determining sensitive information from the first data and the second data according to the matching library information and the operating system of the target device.
5. The security detection method of claim 4, wherein said determining sensitive information from said first data and said second data based on said match library information and an operating system of said target device comprises:
searching standard parameters corresponding to an operating system of the target equipment in the matching library information;
and respectively carrying out matching processing on the first data and the second data and the standard parameters to obtain the sensitive information.
6. The security detection method of claim 1, further comprising, after performing vulnerability verification to obtain a verification result:
and generating a security detection report according to the verification result.
7. A data processing apparatus, comprising:
the first acquisition module is used for acquiring first data, wherein the first data is detection data of target equipment obtained through a communication serial port;
the second acquisition module is used for acquiring second data, wherein the second data is detection data of target equipment obtained through a universal serial bus;
the detection module is used for detecting sensitive information according to the first data and the second data;
the third acquisition module is used for acquiring vulnerability database information, wherein the vulnerability database information comprises standard data corresponding to the sensitive information;
and the verification module is used for performing vulnerability verification on the target equipment according to the sensitive information and the corresponding standard data thereof to obtain a verification result.
8. A terminal device comprising a memory, a processor and a computer program stored in the memory and executable on the processor, characterized in that the processor implements the method according to any of claims 1 to 6 when executing the computer program.
9. A computer readable storage medium storing a computer program, characterized in that the computer program when executed by a processor implements the method according to any one of claims 1 to 6.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202410004052.XA CN117494148B (en) | 2024-01-03 | 2024-01-03 | Security detection method, security detection device, terminal equipment and computer readable storage medium |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202410004052.XA CN117494148B (en) | 2024-01-03 | 2024-01-03 | Security detection method, security detection device, terminal equipment and computer readable storage medium |
Publications (2)
Publication Number | Publication Date |
---|---|
CN117494148A true CN117494148A (en) | 2024-02-02 |
CN117494148B CN117494148B (en) | 2024-03-26 |
Family
ID=89680487
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202410004052.XA Active CN117494148B (en) | 2024-01-03 | 2024-01-03 | Security detection method, security detection device, terminal equipment and computer readable storage medium |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN117494148B (en) |
Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20170116878A1 (en) * | 2015-10-27 | 2017-04-27 | Thomas P. Shokite | Dynamic interface virtualization in a networked computing environment |
CN107577939A (en) * | 2017-09-12 | 2018-01-12 | 中国石油集团川庆钻探工程有限公司 | Data leakage prevention method based on keyword technology |
CN110147675A (en) * | 2019-05-22 | 2019-08-20 | 杭州安恒信息技术股份有限公司 | A kind of safety detection method and equipment of intelligent terminal |
US20210126926A1 (en) * | 2019-10-25 | 2021-04-29 | Paypal, Inc. | Detection of data leaks using targeted scanning |
CN114021142A (en) * | 2021-11-03 | 2022-02-08 | 广州链安科技有限公司 | Android application program vulnerability detection method |
CN115062309A (en) * | 2022-06-10 | 2022-09-16 | 国网江苏省电力有限公司电力科学研究院 | Vulnerability mining method based on equipment firmware simulation under novel power system and storage medium |
CN115640572A (en) * | 2022-10-12 | 2023-01-24 | 南京联创信息科技有限公司 | Safety detection and reinforcement method for iPhone end sandbox application |
CN115828251A (en) * | 2022-09-27 | 2023-03-21 | 太保科技有限公司 | Method and device for evaluating data risk |
-
2024
- 2024-01-03 CN CN202410004052.XA patent/CN117494148B/en active Active
Patent Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20170116878A1 (en) * | 2015-10-27 | 2017-04-27 | Thomas P. Shokite | Dynamic interface virtualization in a networked computing environment |
CN107577939A (en) * | 2017-09-12 | 2018-01-12 | 中国石油集团川庆钻探工程有限公司 | Data leakage prevention method based on keyword technology |
CN110147675A (en) * | 2019-05-22 | 2019-08-20 | 杭州安恒信息技术股份有限公司 | A kind of safety detection method and equipment of intelligent terminal |
US20210126926A1 (en) * | 2019-10-25 | 2021-04-29 | Paypal, Inc. | Detection of data leaks using targeted scanning |
CN114021142A (en) * | 2021-11-03 | 2022-02-08 | 广州链安科技有限公司 | Android application program vulnerability detection method |
CN115062309A (en) * | 2022-06-10 | 2022-09-16 | 国网江苏省电力有限公司电力科学研究院 | Vulnerability mining method based on equipment firmware simulation under novel power system and storage medium |
CN115828251A (en) * | 2022-09-27 | 2023-03-21 | 太保科技有限公司 | Method and device for evaluating data risk |
CN115640572A (en) * | 2022-10-12 | 2023-01-24 | 南京联创信息科技有限公司 | Safety detection and reinforcement method for iPhone end sandbox application |
Also Published As
Publication number | Publication date |
---|---|
CN117494148B (en) | 2024-03-26 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN103793326B (en) | Assembly test method and device | |
CN110502374A (en) | The traffic capture debugging tool of the basic reason of equipment fault when identification is tested automatically | |
CN113703868B (en) | Vehicle diagnosis software configuration method, electronic device and readable storage medium | |
CN109871368B (en) | Database detection method, database detection device, computer device and storage medium | |
US20210173010A1 (en) | Diagnostic tool for traffic capture with known signature database | |
CN105550529A (en) | Medical equipment state monitoring method and device | |
CN110851352A (en) | Fuzzy test system and terminal equipment | |
CN112445490A (en) | File sequence processing method and device, terminal equipment and storage medium | |
CN112216340A (en) | Hard disk test method and device, storage medium and electronic equipment | |
CN114238980B (en) | Industrial control equipment vulnerability mining method, system, equipment and storage medium | |
CN115827610A (en) | Method and device for detecting effective load | |
CN111693294A (en) | Vehicle detection method and device, terminal equipment and storage medium | |
CN108090352A (en) | Detection system and detection method | |
CN117494148B (en) | Security detection method, security detection device, terminal equipment and computer readable storage medium | |
CN116401113B (en) | Environment verification method, device and medium for heterogeneous many-core architecture acceleration card | |
CN114969759B (en) | Asset security assessment method, device, terminal and medium of industrial robot system | |
CN103095714A (en) | Trojan horse detection method based on Trojan horse virus type classification modeling | |
US20240160737A1 (en) | Methods and apparatus determining document behavior based on the reversing engine | |
CN115495363A (en) | Software testing method, electronic equipment and readable storage medium | |
CN112612663B (en) | Method for reversely solving 1553B bus ICD | |
CN112000579B (en) | Software interface testing method, system, equipment and medium | |
CN111222739B (en) | Nuclear power station task allocation method and nuclear power station task allocation system | |
CN114186242A (en) | Risk assessment method, device, equipment and medium for software development kit | |
US20220012345A1 (en) | History output apparatus, control method, and program | |
CN111932862A (en) | Communication method with lower computer, upper computer, computer system and storage medium |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |