CN117852048A - Multi-dimensional attack vector-based soft and hard combined Internet of vehicles shooting range construction method - Google Patents
Multi-dimensional attack vector-based soft and hard combined Internet of vehicles shooting range construction method Download PDFInfo
- Publication number
- CN117852048A CN117852048A CN202410263170.2A CN202410263170A CN117852048A CN 117852048 A CN117852048 A CN 117852048A CN 202410263170 A CN202410263170 A CN 202410263170A CN 117852048 A CN117852048 A CN 117852048A
- Authority
- CN
- China
- Prior art keywords
- target
- vulnerability
- deployment
- equipment
- vehicle
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 239000013598 vector Substances 0.000 title claims abstract description 46
- 238000010276 construction Methods 0.000 title claims description 10
- 238000013515 script Methods 0.000 claims abstract description 124
- 238000000034 method Methods 0.000 claims abstract description 50
- 230000006870 function Effects 0.000 claims description 45
- 230000000694 effects Effects 0.000 claims description 23
- 230000006855 networking Effects 0.000 claims description 10
- 238000004590 computer program Methods 0.000 claims description 8
- 230000008439 repair process Effects 0.000 claims description 6
- 230000007123 defense Effects 0.000 abstract description 18
- 238000011161 development Methods 0.000 abstract description 10
- 230000007547 defect Effects 0.000 abstract description 7
- 238000012360 testing method Methods 0.000 description 18
- 238000005516 engineering process Methods 0.000 description 13
- 238000013461 design Methods 0.000 description 11
- 230000008569 process Effects 0.000 description 9
- 238000012986 modification Methods 0.000 description 8
- 230000004048 modification Effects 0.000 description 8
- 238000010586 diagram Methods 0.000 description 6
- 238000007689 inspection Methods 0.000 description 5
- 238000004458 analytical method Methods 0.000 description 4
- 230000008901 benefit Effects 0.000 description 4
- 238000004891 communication Methods 0.000 description 3
- 238000012545 processing Methods 0.000 description 3
- 230000009286 beneficial effect Effects 0.000 description 2
- 230000015572 biosynthetic process Effects 0.000 description 2
- 238000009434 installation Methods 0.000 description 2
- 238000011160 research Methods 0.000 description 2
- 238000012549 training Methods 0.000 description 2
- 230000001960 triggered effect Effects 0.000 description 2
- 230000003044 adaptive effect Effects 0.000 description 1
- 239000000969 carrier Substances 0.000 description 1
- 238000013500 data storage Methods 0.000 description 1
- 238000011156 evaluation Methods 0.000 description 1
- 239000000835 fiber Substances 0.000 description 1
- 238000007429 general method Methods 0.000 description 1
- 230000010354 integration Effects 0.000 description 1
- 238000007726 management method Methods 0.000 description 1
- 239000000463 material Substances 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000002093 peripheral effect Effects 0.000 description 1
- 238000003672 processing method Methods 0.000 description 1
- 230000004224 protection Effects 0.000 description 1
- 238000011076 safety test Methods 0.000 description 1
- 239000004065 semiconductor Substances 0.000 description 1
- 238000004088 simulation Methods 0.000 description 1
- 239000007787 solid Substances 0.000 description 1
- 238000013456 study Methods 0.000 description 1
Landscapes
- Stored Programmes (AREA)
Abstract
The invention discloses a method for constructing a soft and hard combined internet of vehicles shooting range based on a multidimensional attack vector, which comprises the following steps: acquiring characteristic information and carrier information of a target vulnerability to generate a deployment script of the target vulnerability; selecting vehicle-mounted equipment meeting deployment conditions from all vehicle-mounted equipment of a vehicle-mounted system as target equipment; the deployment conditions comprise software and hardware conditions required by normal operation of the carrier of the target vulnerability and conditions required by execution of the deployment script; executing a deployment script on the target equipment to deploy a carrier of the target vulnerability in the target equipment, and injecting the target vulnerability into the carrier to obtain deployed target equipment; and constructing the Internet of vehicles shooting range combining software and hardware based on the deployed target equipment. The internet of vehicles target range constructed by the invention is closer to the real world attack scene, overcomes the defects of the traditional pure software virtual internet of vehicles attack and defense target range, and greatly reduces the development cost of the target range while ensuring the authenticity of the target range.
Description
Technical Field
The invention belongs to the technical field of network security and intelligent training, and particularly relates to a method for constructing a soft and hard combined internet of vehicles shooting range based on a multidimensional attack vector.
Background
The car networking security event is frequently generated, and researchers lack the condition of reproducing relevant loopholes, so that the cost of testing the common vehicles used as the target ranges is high, and the car networking attack and defense target range technology is developed. The internet of vehicles attack and defense target ranges are applied to research, study, test and evaluation of various security threats and protections in the internet of vehicles system by various units, scientific research institutions and the like, so that dependence of security test on real vehicles is avoided, and cost is effectively reduced.
However, the traditional internet of vehicles attack and defense target ranges adopt a pure software virtual scheme, and have the defects of lack of reality, high development cost and the like.
Disclosure of Invention
Aiming at the defects of the prior art, the invention aims to provide a soft and hard combined internet of vehicles target range construction method based on a multidimensional attack vector, which aims to solve the problems of lack of reality and high development cost of the existing internet of vehicles attack and defense target range.
In order to achieve the above purpose, the invention provides a method for constructing a soft and hard combined internet of vehicles target range based on a multidimensional attack vector, which comprises the following steps:
Step S110, obtaining characteristic information and carrier information of a target vulnerability to generate a deployment script of the target vulnerability;
step S120, selecting vehicle-mounted equipment meeting deployment conditions from all vehicle-mounted equipment of a vehicle-mounted system as target equipment; the deployment conditions comprise software and hardware conditions required by normal operation of the carrier of the target vulnerability and conditions required by execution of the deployment script;
step S130, executing a deployment script on the target equipment to deploy a carrier of the target vulnerability in the target equipment, and injecting the target vulnerability into the carrier to obtain the deployed target equipment;
and step 140, constructing a software and hardware combined internet of vehicles shooting range based on the deployed target equipment.
In an optional example, the target vulnerability includes vulnerabilities corresponding to attack vectors of one or more dimensions; the attack vectors of each dimension are various physical interfaces in the vehicle-mounted system.
In an alternative example, the carrier information includes a composition and a function of a carrier of the target vulnerability; the characteristic information comprises the cause of the target vulnerability, and the mode and effect of the vulnerability exploitation.
In an alternative example, step S140 further includes:
Step S150, in the environment of the Internet of vehicles shooting range combining software and hardware, performing functional integrity check on the carrier of the target vulnerability in the deployed target equipment;
step S160, after the functional integrity check is passed, executing an attack script on the target device, and checking whether the attack script triggers the target vulnerability and generates the vulnerability exploitation effect; the attack script is generated based on the vulnerability exploitation mode of the target vulnerability and the deployment script.
In an alternative example, step S160 further includes:
obtaining a repairing mode of the target loophole so as to repair the target loophole in the target equipment;
after the repairing, executing the attack script again on the target equipment, and checking whether the attack script triggers the target vulnerability and generates the vulnerability exploitation effect.
In an alternative example, step S140 specifically includes:
based on the topological structure among the vehicle-mounted devices, other vehicle-mounted devices related to the carrier function of the target vulnerability are determined;
and constructing the Internet of vehicles shooting range combining software and hardware based on the deployed target equipment and other vehicle-mounted equipment related to the functions of the target equipment.
In an alternative example, the carrier information and the feature information of the target vulnerability are specifically extracted from real-world internet of vehicles security event information.
In a second aspect, the present invention provides a system for constructing a soft and hard combined internet of vehicles shooting range based on a multidimensional attack vector, comprising:
the deployment script generation module is used for acquiring the characteristic information and the carrier information of the target vulnerability so as to generate a deployment script of the target vulnerability;
the target equipment selecting module is used for selecting the vehicle-mounted equipment meeting the deployment condition from the vehicle-mounted equipment of the vehicle-mounted system as target equipment; the deployment conditions comprise software and hardware conditions required by normal operation of the carrier of the target vulnerability and conditions required by execution of the deployment script;
the deployment script application module is used for executing a deployment script on the target equipment to deploy a carrier of the target vulnerability in the target equipment and injecting the target vulnerability into the carrier to obtain the deployed target equipment;
and the vehicle networking shooting range construction module is used for executing a deployment script on the target equipment on the basis of the vehicle-mounted system so as to construct the vehicle networking shooting range combining software and hardware.
In a third aspect, the present invention provides an electronic device comprising: at least one memory for storing a program; at least one processor for executing a memory-stored program, which when executed is adapted to carry out the method described in the first aspect or any one of the possible implementations of the first aspect.
In a fourth aspect, the present invention provides a computer readable storage medium storing a computer program which, when run on a processor, causes the processor to perform the method described in the first aspect or any one of the possible implementations of the first aspect.
In a fifth aspect, the invention provides a computer program product which, when run on a processor, causes the processor to perform the method described in the first aspect or any one of the possible implementations of the first aspect.
It will be appreciated that the advantages of the second to fifth aspects may be found in the relevant description of the first aspect, and are not described here again.
In general, the above technical solutions conceived by the present invention have the following beneficial effects compared with the prior art:
the invention provides a method for constructing a soft and hard combined Internet of vehicles shooting range based on a multidimensional attack vector, which constructs the Internet of vehicles shooting range by adopting a software and hardware combined mode, wherein a software part is the generation and deployment of a deployment script of a target vulnerability, and a hardware part is selected vehicle-mounted equipment, namely real vehicle equipment, which are combined with each other, so that the shooting range is more close to an attack scene in the real world, the problems of high cost and difficult deployment of vehicle network safety test are solved, and the defects of the traditional pure software virtual Internet of vehicles shooting range are overcome; and the software system in the original real vehicle equipment is reserved when the real vehicle equipment is used, so that the authenticity of the target range is ensured, and the development cost of the target range is greatly reduced.
Drawings
FIG. 1 is a flow diagram of a method for constructing a soft and hard combined Internet of vehicles shooting range based on a multidimensional attack vector;
FIG. 2 is a schematic diagram of a range technique provided by the present invention;
FIG. 3 is a process diagram of constructing vulnerability cases provided by the present invention;
FIG. 4 is a vulnerability case deployment process diagram of a target range provided by the invention;
fig. 5 is a framework diagram of a system for constructing a soft and hard combined internet of vehicles shooting range based on a multidimensional attack vector.
Detailed Description
The present invention will be described in further detail with reference to the drawings and examples, in order to make the objects, technical solutions and advantages of the present invention more apparent. It should be understood that the specific embodiments described herein are for purposes of illustration only and are not intended to limit the scope of the invention.
The term "and/or" herein is an association relationship describing an associated object, and means that there may be three relationships, for example, a and/or B may mean: a exists alone, A and B exist together, and B exists alone. The symbol "/" herein indicates that the associated object is or is a relationship, e.g., A/B indicates A or B.
In embodiments of the invention, words such as "exemplary" or "such as" are used to mean serving as an example, instance, or illustration. Any embodiment or design described herein as "exemplary" or "e.g." in an embodiment should not be taken as preferred or advantageous over other embodiments or designs. Rather, the use of words such as "exemplary" or "such as" is intended to present related concepts in a concrete fashion.
In the description of the embodiments of the present invention, unless otherwise specified, the meaning of "plurality" means two or more, for example, attack vectors of multiple dimensions means attack vectors of two or more dimensions, and the like; the plurality of vulnerabilities means two or more vulnerabilities and the like.
The prior art has the following problems: the cost of the common vehicle used as a target range for testing is high; the scene aiming at the Internet of vehicles is not lifelike, and a virtual target range is difficult to provide a physical interface which is real enough; the safety event of the internet of vehicles is frequently found, and researchers lack the condition of reproducing relevant loopholes. In this regard, the invention aims to provide a soft and hard combined internet of vehicles shooting range construction method based on a multidimensional attack vector, which is beneficial to solving the problems of high cost and difficult deployment of vehicle network security test, and simultaneously can enable the internet of vehicles security shooting range to be more realistic, thereby facilitating a user to test various attack surfaces of vehicles.
Fig. 1 is a flow chart of a method for constructing a soft and hard combined internet of vehicles shooting range based on a multidimensional attack vector, which is shown in fig. 1, and comprises the following steps:
step S110, obtaining characteristic information and carrier information of a target vulnerability to generate a deployment script of the target vulnerability;
Step S120, selecting vehicle-mounted equipment meeting deployment conditions from all vehicle-mounted equipment of a vehicle-mounted system as target equipment; the deployment conditions comprise software and hardware conditions required by normal operation of the carrier of the target vulnerability and conditions required by execution of the deployment script;
step S130, executing a deployment script on the target equipment to deploy a carrier of the target vulnerability in the target equipment, and injecting the target vulnerability into the carrier to obtain the deployed target equipment;
and step 140, constructing a software and hardware combined internet of vehicles shooting range based on the deployed target equipment.
Here, the target vulnerability is a vulnerability expected to be deployed in the internet of vehicles, and the internet of vehicles target range specifically refers to an internet of vehicles attack and defense target range, namely an internet of vehicles attack and defense platform in a real vulnerability environment is simulated. The target loopholes are deployed into the Internet of vehicles to form an Internet of vehicles shooting range, so that the reproduction of the target loopholes is realized, and students or Internet of vehicles security researchers can truly know the knowledge of loopholes of Internet of vehicles security events, the mode of loopholes utilization, harm, subsequent repair and the like. The carrier of the target loophole is the software component where the loophole is located.
Further, by analyzing the real-world vehicular system loopholes, the detailed information of the target loopholes can be extracted, and the detailed information can include characteristic information such as the cause of the target loopholes, the mode of the loopholes, the effect of the loopholes (such as obtaining the control right of a certain device, causing the sensitive information of a user to leak, disabling a certain function of a vehicle and the like), carrier information of the target loopholes, and information such as basic conditions for forming the target loopholes. By extracting the detailed information of the target vulnerability, a deployment script capable of deploying the target vulnerability in the target shooting range can be generated, and corresponding deployment conditions are analyzed. And the corresponding detail information, deployment conditions and deployment scripts of all the analyzed loopholes can be uniformly managed in advance to construct a loophole case base, and the detail information, deployment conditions and deployment scripts of the target loopholes can be directly obtained from the loophole case base.
The deployment script specifically refers to an automatic or semi-automatic script for migrating the real-world vehicular system vulnerability to the target device by performing certain modification (such as installation or modification of a specific program, modification of system configuration, and embedding of physical devices) on one or more target devices according to the detail information of the target vulnerability obtained by arrangement, so that the target vulnerability with the same characteristics in the target device is achieved. The deployment script does not necessarily restore the real state of the vulnerability (such as a specific vulnerability code), but needs to have the same characteristic information as the original target vulnerability. The deployment script is executed on the target device, so that the carrier required by the target vulnerability can be reproduced in the target device, namely, the function of the software where the target vulnerability is located is realized in the target device, and the deployment script also needs to inject the target vulnerability with the same characteristic into the target vulnerability carrier in the target device.
The software conditions required by the normal operation of the software where the target vulnerability is located generally comprise an operating system required by the operation of the software, a dependency library required by the software and the like, and the hardware conditions generally comprise hardware facilities carried in components of the vehicle-mounted system, such as a CPU architecture, USB, OBD and other hardware interfaces. In addition, since the deployment script generally needs to be modified to a certain extent, in order to be successfully executed, certain requirements are also generated on the target device, such as conditions required by the target device to allow the execution of the deployment script, such as writing a file into the target device, modifying the system configuration, and the like. And the deployment conditions of the target loopholes can be obtained by combining the two points.
The basic conditions of the vehicle-mounted equipment such as the vehicle-mounted information entertainment system, the vehicle-mounted gateway, the T-Box, the instrument panel and the like in the vehicle-mounted system are checked, and the vehicle-mounted equipment meeting the deployment conditions, namely the real vehicle equipment, can be selected as target equipment. On the premise of retaining the functions and physical interfaces of the original vehicle-mounted system, a deployment script is executed on the target equipment, and new functions and holes are introduced into the target equipment, so that a target range combining software and hardware is formed, and the target range is extremely close to the real world.
According to the method provided by the embodiment of the invention, the Internet of vehicles target range is constructed in a software-hardware combination mode, the software part is the generation and deployment of the deployment script of the target vulnerability, and the hardware part is the selected vehicle-mounted equipment, namely the real vehicle equipment, and the two are combined with each other, so that the target range is more close to the real-world attack scene, the problems of high cost and difficult deployment of the network security test of the vehicle are solved, and the defects of the traditional pure software virtual Internet of vehicles target range are overcome; and the software system in the original real vehicle equipment is reserved when the real vehicle equipment is used, so that the authenticity of the target range is ensured, and the development cost of the target range is greatly reduced.
Based on the above embodiment, the target vulnerability includes vulnerabilities corresponding to attack vectors of one or more dimensions; the attack vectors of each dimension are various physical interfaces in the vehicle-mounted system.
It can be understood that the vehicle-mounted device often has wireless interfaces such as bluetooth and Wifi, and wired interfaces such as OBD and USB, and these physical interfaces can be generally attack vectors of the vehicle networking device. For example, after a vulnerability corresponding to the OBD interface is deployed to the target device, the vulnerability can be attacked from the OBD interface.
It should be noted that, by taking various physical interfaces in the vehicle-mounted system as attack vectors of various dimensions, each physical interface can generate deployment scripts of corresponding vulnerabilities for deployment, so as to form a vehicle networking target range based on the multidimensional attack vectors, and the vulnerabilities deployed in the target range are all of modularized design, so that whether a certain vulnerability needs to be deployed can be adjusted according to requirements, the effect of flexibly controlling the vulnerabilities of the target range is achieved, and even a plurality of vulnerabilities deployed on the same target device can be separated independently.
The simulation of an interface in a virtual target range requires larger development quantity, and is difficult to construct a multidimensional attack vector, but the embodiment of the invention benefits from the characteristic that the target range technology can be used for real vehicle-mounted equipment, the attack vector involved in the target range can be easily covered on wireless attack vectors such as Bluetooth, wifi and the like, and the near-source attack vectors such as an OBD interface, USB and the like, have the attack vector coverage which is incomparable with the common virtual target range, and have low development cost. Holes deployed in the target range are of modular design, and can be flexibly changed according to the design requirements and the deployment targets of the target range.
Based on any of the above embodiments, the carrier information includes a composition and a function of a carrier of the target vulnerability; the characteristic information comprises the cause of the target vulnerability, and the mode and effect of the vulnerability exploitation.
It should be noted that, the conventional vulnerability database, such as a CNVD vulnerability database, has incomplete vulnerability details, and lacks information such as vulnerability exploitation modes and effects, and the embodiment of the invention generates a deployment script based on the obtained target vulnerability causes of the target vulnerabilities and the vulnerability exploitation modes and effects, so that the target vulnerabilities with the characteristic information can be reproduced, and the vulnerability reproduction is more vivid.
Based on any of the above embodiments, step S140 further includes:
step S150, in the environment of the Internet of vehicles shooting range combining software and hardware, performing functional integrity check on the carrier of the target vulnerability in the deployed target equipment;
step S160, after the functional integrity check is passed, executing an attack script on the target device, and checking whether the attack script triggers the target vulnerability and generates the vulnerability exploitation effect; the attack script is generated based on the vulnerability exploitation mode of the target vulnerability and the deployment script.
It should be noted that, in the process of applying the deployment script, new functions are often introduced into the target device or original functions are changed. Because of the difference among the target devices, the embodiment of the invention needs to check the integrity of the normal functions of the devices according to the detail information of the loopholes (the normal functions of the loopholes carrier) after the deployment is completed, and ensures that the function of the target range and the loopholes are successfully introduced.
After that, the availability check of the attack script can be performed, namely, malicious data is injected from the corresponding attack surface by using the attack script, whether the injected vulnerability can be normally triggered or not is tested, and whether the corresponding vulnerability utilization effect can be achieved or not is tested, so that the success of vulnerability introduction is further ensured. It will be appreciated that an attack itself is based on the cause and principle of the vulnerability and that if the corresponding attack script succeeds, it will essentially be able to demonstrate that the characteristics of the vulnerability deployed into the target device are consistent with expectations.
Based on any of the above embodiments, step S160 further includes:
obtaining a repairing mode of the target loophole so as to repair the target loophole in the target equipment;
after the repairing, executing the attack script again on the target equipment, and checking whether the attack script triggers the target vulnerability and generates the vulnerability exploitation effect.
It should be noted that, in the embodiment of the invention, the target loophole is repaired by obtaining the repairing mode of the target loophole from the real-world internet of vehicles security event information, so that students or internet of vehicles security researchers can truly know how to repair the loophole of the internet of vehicles security event. After the bug is repaired, the availability check of the attack script is carried out again, wherein the first test can be used for testing whether the repairing method is reasonable, and the second test can be used for further verifying whether the bug is successfully deployed.
Based on any of the above embodiments, step S140 specifically includes:
based on the topological structure among the vehicle-mounted devices, other vehicle-mounted devices related to the carrier function of the target vulnerability are determined;
and constructing the Internet of vehicles shooting range combining software and hardware based on the deployed target equipment and other vehicle-mounted equipment related to the functions of the target equipment.
When the target range is constructed, the topological structure and the communication relation among a plurality of physical devices are considered, and other vehicle-mounted devices related to the functions of the target device are added so as to adapt to vulnerability deployment under the condition that a single vulnerability affects a plurality of devices, and the soft-hard combined vehicle networking attack and defense target range is constructed.
For example, the carrier of the target vulnerability relates to a 4G function, and the Internet of vehicles target range can be realized only by connecting a gateway and a t-box during construction.
In addition, compared with a mode of directly constructing the internet-of-vehicles range combining software and hardware on the basis of the vehicle-mounted system, the method and the device can remove vehicle-mounted equipment irrelevant to the functions of target equipment, and can further reduce the construction cost of the internet-of-vehicles range.
Based on any one of the above embodiments, the carrier information and the feature information of the target vulnerability are specifically extracted from internet of vehicles security event information in the real world.
It should be noted that, the detailed information such as the carrier information and the feature information of the target vulnerability is extracted from the real-world internet of vehicles security event information, and the subsequent deployment script, deployment condition and attack script are obtained based on the detailed information, so that the constructed target range has more real training value.
Based on any embodiment, in order to enable the Internet of vehicles security attack and defense target range to have an effect of being closer to the Internet of vehicles security attack and defense in the real world, the invention provides an Internet of vehicles attack and defense target range technology based on combination of software and hardware of multidimensional attack vectors. The multi-dimensional attack vector refers to a plurality of attack vectors in a real-world internet of vehicles environment, the combination of software and hardware refers to the support of the target range technology by software components and hardware components, the software components are collection and deployment of vulnerability cases, the hardware components are target equipment and can be selected as real-vehicle hardware equipment, and the two are combined with each other to give consideration to the characteristics of flexibility and authenticity.
The traditional internet of vehicles attack and defense target range adopts a pure software virtual scheme, and has the defects of lack of authenticity, high development cost, narrow attack vector coverage and the like. In this regard, the technology of the target range provided by the invention adopts a mode of combining software and hardware, enhances the authenticity of the target range by introducing the hardware of real vehicle parts, modularly designs and multiplexes a software system carried in the original hardware so as to reduce the development cost, multiplexes the natural attack vector in the hardware so as to increase the coverage of the attack vector, and solves the defects of the original pure software virtual vehicle networking attack and defense target range.
The technical structure of the shooting range provided by the invention is shown in figure 2. The target range scheme provided by the invention mainly comprises two parts, wherein one part is the collection of the security vulnerability cases of the Internet of vehicles, and the other part is the deployment of the vulnerability cases. The core workflow of the target range technology is to form a vulnerability by collecting real-world vehicular system vulnerability cases, and deploy the vulnerability in controllable target equipment (including real-vehicle equipment, virtual equipment and the like) after adaptive processing so as to achieve the aim of constructing the Internet of vehicles attack and defense target range which is as close to reality as possible. When the target device is a plurality of devices, the target device may be a combination of a plurality of real vehicle devices, or may be a combination of a real vehicle device and a virtual device.
1. Internet of vehicles security vulnerability case collection
The shooting range is constructed by using the shooting range technology provided by the invention, and firstly, the collection of loopholes is needed. By analyzing the real-world vehicular system loopholes, extracting detailed information of the loopholes, analyzing corresponding deployment conditions, providing deployment scripts deployed in a target shooting range for the loopholes, providing attack scripts aiming at the loopholes, forming complete loopholes, and finally forming a loopholes case library, wherein the components comprise the loopholes details, the deployment conditions, the deployment scripts, the attack scripts and the like. The process of constructing the vulnerability case provided by the invention is shown in fig. 3.
Vulnerability details: the vulnerability details refer to information such as vehicle-mounted system vulnerabilities related to security events, analysis and arrangement of carriers (software components and functions of the software components) of the vulnerabilities, causes of the vulnerabilities, basic conditions (supporting hardware equipment, software systems and the like) of the vulnerability formation, vulnerability utilization methods, effects achieved by the vulnerability utilization, and methods for repairing the vulnerabilities by researching the security events of the real-world internet of vehicles. The vulnerability detail information reflects attack vectors, vulnerability utilization modes, vulnerability utilization effects and the like related to the vulnerability, and determines the design and writing of subsequent deployment scripts, deployment conditions and attack scripts.
Deployment conditions: certain conditions are needed for forming and triggering the loopholes of the vehicle-mounted system, and the loopholes can be deployed into the target equipment only when the target equipment meets the deployment conditions. When the vulnerability cases are arranged, basic conditions required by deploying the vulnerabilities need to be analyzed. The deployment condition of the vulnerability case at least comprises the software and hardware conditions required by the normal function of the software where the vulnerability is located, and also comprises the conditions required by the deployment script. The deployment condition of the vulnerability case can be integrated according to the conditions of the two aspects. The software conditions required by the normal functions of the software where the vulnerability is located generally comprise an operating system required by software operation, a dependency library required by the software and the like, and the hardware conditions generally comprise hardware facilities carried in parts of the vehicle-mounted system, such as a CPU architecture, a USB, an OBD and other hardware interfaces. The conditions required for deploying the script are described later.
Deployment script: deployment script is the most central part of the range technology. The deployment script is used for migrating the real-world vehicular system loopholes to an automatic or semi-automatic script of the target equipment by carrying out certain modification (such as installation or modification of a specific program, modification of system configuration and embedding of physical equipment) on one or more target equipment according to the loopholes detailed information obtained by arrangement, so that the loopholes with the same characteristics in the target equipment are realized. The deployment script does not necessarily restore the true state of the vulnerability (e.g., specific vulnerability code), but needs to have the same characteristics as the original vulnerability. The same features specifically mean that after the script is deployed by application, the target device should have a vulnerability with the same cause, the basic flow of the vulnerability is similar to that of the method, and the effect achieved by the vulnerability is the same (such as obtaining the control right of a certain device, causing the leakage of sensitive information of a user, disabling a certain function of a vehicle, etc.). The deployment script is written according to the vulnerability details. When the deployment script is compiled, firstly, according to the relevant information of the vulnerability carrier in the vulnerability details, the deployment script can reproduce the carrier required by the vulnerability in the target equipment, namely, the function of the software where the vulnerability is located is realized in the target equipment. In addition, the deployment script also needs to inject corresponding loopholes into the loopholes carrier in the target equipment according to the cause and principle of the loopholes, and the general method is that the deployment script modifies the codes of the software of the loopholes carrier to introduce the loopholes with the same cause. Since the deployment script generally needs to make a certain modification to the target device, in order to be able to be successfully executed, a certain requirement is also generated on the target device, for example, the target device allows writing a file into the target device, modifying a system configuration, and the like.
Attack script: one vulnerability case should provide the attack script in conjunction with the deployment script. The attack script is usually an automatic or semi-automatic program and is a combination of a series of operations, is written based on vulnerability details and deployment scripts, and is used for injecting malicious data into target equipment according to the vulnerability details, reproducing a vulnerability utilization method in the vulnerability details, triggering vulnerabilities introduced by the deployment scripts, and generating the same effects as those of the vulnerabilities in the original real world. The attack script is written according to the vulnerability exploiting method in the vulnerability details, the vulnerability exploiting method in the vulnerability details is taken as a prototype, and the actual situation of the vulnerability deployed in the target device by the deployment script is combined. After the deployment script is applied, the vulnerability software in the target device generally accepts input from one or more channels (USB, OBD, bluetooth, wifi, etc.), the attack script should construct malicious data according to the deployed vulnerability software, and inject from the corresponding channel, so as to form a threat of one or more attack vectors of the target device.
2. Target device selection
The shooting range technology provided by the invention can be applied to various vehicle-mounted equipment. The most important or interesting vehicle-mounted intelligent system devices such as a vehicle-mounted infotainment system, a vehicle-mounted gateway, a T-Box, a dashboard and the like can be generally selected without retaining the mechanical structure and unimportant electronic devices of the vehicle. These devices often have wireless interfaces such as bluetooth and Wifi, and wired interfaces such as OBD and USB, and these physical interfaces can generally become attack vectors of the internet of vehicles devices, but are difficult to be well realized in a pure software environment. On the premise of retaining the functions and physical interfaces of the original vehicle-mounted system, new functions and holes are introduced to form a target range combining software and hardware, and the target range is very close to the real world. The software system in the original real vehicle equipment is reserved when the real vehicle equipment is used, so that the authenticity of the target range is ensured, and the development cost of the target range is greatly reduced. The virtual vehicle-mounted system can also be constructed by using a virtualization technology, and the vulnerability is deployed in the same way so as to obtain a virtual attack and defense target range. Meanwhile, the two can be combined, part of equipment uses real vehicle equipment, the other part uses virtual equipment, and the vulnerability is deployed in the same way so as to obtain a virtual-real combined attack and defense target range. For the virtual equipment, the corresponding processing method is the same as that of the real vehicle equipment.
When selecting the target device, attention is paid to the topological structure among a plurality of physical devices, and the functional integrity of the selected target device is ensured. For example, 4G communication modules requiring an infotainment system are available, and it is often necessary to add gateway devices and T-Box devices. When vulnerabilities to be deployed affect multiple devices, it is also necessary to ensure that the devices all work properly.
3. Vulnerability case deployment
After the collection of the vulnerability cases is completed, the deployer of the target range can apply the sorted vulnerability cases to the deployment of the target range. When the deployment work of the vulnerability case is performed, the following steps are required to be completed: target device condition inspection, application deployment script, target range function integrity inspection, attack script availability inspection. The vulnerability case deployment process of the target range provided by the invention is shown in fig. 4. After completing the selection of the target device, the target field deployment body first selects a certain vulnerability (for example, vulnerability cases 1-3 in fig. 4) from the vulnerability case library as required, and then checks whether the target device meets the deployment condition of each vulnerability case according to the deployment condition of the vulnerability case. For the vulnerability cases meeting the deployment conditions, a deployment script can be executed to deploy the vulnerability cases to the target device. The target deployment body then performs a normal function test to test whether the functionality of the vulnerability carrier software is normal (as shown in fig. 4, if a vulnerability carrier uses Wifi functions, the function of the carrier needs to be tested through the Wifi interface). And finally, carrying out an attack script test, wherein the target range deployment main body executes the attack script to observe whether the expected attack effect recorded in the vulnerability details can be generated.
Target device condition inspection: the step performs enumeration checking on basic conditions of the target device, and the purpose of the step is to enumerate vulnerability cases available for deployment to the target device in a vulnerability case library. This step needs to check the physical interface type (whether having USB, OBD, ethernet interface, bluetooth, wifi, LTE module, etc.), hardware conditions and peripherals (processor frequency, memory size, network card characteristics, etc.), device topology (communication condition between target devices when multiple target devices are involved), software system version (operating system type and version running), software system configuration (system authority management configuration, hardware function configuration, etc.), etc. characteristics of the target devices. When a target device meets a case of the vulnerability case base, the case may be deployed on the target device.
Application deployment script: after the target equipment meets the deployment conditions of the case, deploying according to a preset vulnerability deployment script. The deployment of the loopholes is of a modularized design, and whether a certain loophole needs to be deployed can be adjusted according to the needs, so that the effect of flexibly controlling the loopholes of the shooting range is achieved.
Functional integrity inspection of the range: in the process of applying the deployment script, new functions are often introduced to the target device or original functions are changed. Due to the fact that differences exist among target devices, deployers of the target range need to check the integrity of the normal functions of the devices according to the detail information of the loopholes (the normal functions of software components where the loopholes are located) after the deployment is completed, and the success of the target range functions and the loopholes are guaranteed.
Attack script availability check: after deployment is completed, malicious data is injected from the corresponding attack surface by using an attack script, and a deployer of a target range tests whether the injected vulnerability can be normally triggered and whether the corresponding vulnerability utilization effect can be achieved.
Based on any of the above embodiments, the embodiments of the present invention illustrate the process of vulnerability case collection, target device selection, and vulnerability case deployment by building a simple target range as an example.
1. Vulnerability case collection
The embodiment of the invention is described with respect to the collection of a vulnerability case. To generate a vulnerability case, a real-world security event is first selected for analysis. The embodiment of the invention selects the loopholes in a public model as real world security events to be analyzed. The vulnerability appears in a USB software updating function in the vehicle type information entertainment system, the device supports software updating by using a USB interface, however, the software updater checks the integrity of files in the USB device in the process of software updating to have the vulnerability, and an attacker can execute any code in the information entertainment system by using the vulnerability to acquire the highest authority of the information entertainment system.
Firstly, extracting vulnerability details from the case. According to the related disclosure, a simple professional analysis can be performed to obtain that the carrier of the vulnerability is a USB software updater in the information entertainment system, the cause of the vulnerability is that the integrity check of files in the USB equipment is wrong, the basic condition of the vulnerability is a Linux operating system running in the information entertainment system, the vulnerability utilization method can be obtained from the published materials, namely an attacker constructs a malicious USB equipment, and any code can be executed in the information entertainment system by storing a malicious file in the malicious USB equipment. The exploit can achieve the effect that an attacker can execute arbitrary code in the infotainment system. The repair method is to perform proper integrity check on the files in the USB device.
After the collection of the vulnerability details is completed, the deployment conditions of the vulnerability cases need to be analyzed. Firstly, analyzing software and hardware conditions required by normal functions of software where the vulnerability is located, namely conditions required by a vulnerability carrier. The vulnerability carrier of the vulnerability is a USB software updater, the basic condition of vulnerability formation is a Linux operating system running in an information entertainment system, and meanwhile, the software uses the hardware characteristic of a USB interface, so that the deployment condition of the vulnerability comprises the software condition that a target device runs the Linux operating system and the hardware condition that the target device has the USB interface.
Deployment script writing is needed next. Deployment scripts require that the carrier of the vulnerability be first introduced into the target device. In order to introduce a bug carrier, i.e. a USB software updater, into a target device, a target deployment body is required to write a USB software updater, where the USB updater needs to implement the same function as in the bug case, i.e. support a user to use a USB interface to update software of an infotainment system, and meanwhile, the software updater needs to have a bug with incorrect integrity check, i.e. the bug causes the same bug as the bug recorded in the bug case. Then, the operation to be included in the deployment script is to upload the written USB software updater to the Linux system of the information entertainment system, and then execute the program. Since the deployment script includes operations to upload files to the infotainment system and execute the files, it is necessary to add the conditions to the deployment conditions. The deployment conditions at this time include: the target device runs a Linux operating system, has a USB interface and allows a user to upload and execute files.
The construction of the attack script is then also necessary. When the attack script is written, the attack script can be written from the original vulnerability utilization method in vulnerability details. The attack script is used for constructing a USB device with malicious files, and the specific method is to write the files in a specific path in the U disk, wherein the content of the files is the code which an attacker wants to execute. And the "specific path" depends on the path specified by the USB software updater written in the previous step. Thus, the resulting attack script includes the following operations: selecting a USB flash disk, constructing a code file which an attacker wants to execute, writing the code file into a specific path in the USB flash disk, and finally accessing the USB flash disk into a USB interface of an information entertainment system.
2. Target device selection
In this example, the embodiment of the invention selects an infotainment system of a certain vehicle type as the target device. The model is different from the original real-world mass model. After the equipment is electrified, the equipment can normally operate, and all physical interfaces (such as USB and OBD) on the equipment normally work. The infotainment system runs the Android (Linux) system.
3. Vulnerability case deployment
After the equipment is selected, the embodiment of the invention deploys the collected vulnerability cases to the equipment. Before deployment, the conditions required for deployment are first checked. According to the technical analysis of the manual operation of the target equipment, the target equipment runs a Linux operating system, the target equipment is provided with a USB interface, and the target equipment allows a user to upload files and execute the files to meet the conditions. Thus, deployment of vulnerability cases is possible.
And uploading the written USB updater to the target equipment and executing according to the steps in the deployment script. The completion of the steps in the deployment script is then considered deployment completion.
After deployment is completed, normal functions need to be tested. Because the carrier of the vulnerability is a USB updater, the embodiment of the invention is used as a target range deployment main body, and whether the function of the USB updater is normal after the deployment is tested according to the function of the compiled USB updater. The target range deployment main body constructs a normal USB device for USB software updating, and the device is connected into the target device to observe whether the software updating process can be normally performed. If it can proceed normally, the test passes.
And finally, testing the attack script. The target field deployment main body tests the target device from the view angle of an attacker, constructs a malicious USB device according to the compiled attack script, and accesses the malicious USB device into the target device. Because the vulnerability of the embodiment can allow an attacker to execute any code, in order to test whether the attack is successful, the infotainment system can be tried to execute a shutdown instruction, and if the infotainment system is successfully shutdown after the malicious USB equipment is accessed, the attack script is indicated to be available. The deployment of the target is successful.
It should be noted that the internet of vehicles attack and defense target range constructed by using the target range technology provided by the invention has the following advantages:
1) The method is closer to the real world attack scene, can be deployed based on real vehicle-mounted equipment such as a vehicle-mounted information entertainment system and the like, and constructs a software-hardware combined Internet of vehicles attack and defense target range; and meanwhile, a virtual target range convenient to migrate and debug can be constructed based on virtual system deployment.
2) The attack vector coverage is comprehensive. Thanks to the characteristic that the target range technology can be used for real vehicle-mounted equipment, the attack vectors involved in the target range can be easily covered on wireless attack vectors such as Bluetooth, wifi and the like, and the near-source attack vectors such as an OBD interface, USB and the like have attack vector coverage which is incomparable with that of a common virtual target range.
3) And a highly modular design. When the internet-of-vehicles shooting range is deployed according to the shooting range technology provided by the invention, the loopholes deployed in the shooting range are of modular design, and the loopholes can be flexibly changed according to the design requirements and the deployment targets of the shooting range.
Based on any one of the embodiments, the invention provides a system for constructing a soft and hard combined Internet of vehicles shooting range based on a multidimensional attack vector. Fig. 5 is a schematic diagram of a system for constructing a range of a soft and hard combined internet of vehicles based on a multidimensional attack vector, as shown in fig. 5, the system includes:
the deployment script generation module 510 is configured to obtain feature information and carrier information of the target vulnerability, so as to generate a deployment script of the target vulnerability;
the target device selecting module 520 is configured to select, from each vehicle device in the vehicle-mounted system, a vehicle-mounted device that meets the deployment condition as a target device; the deployment conditions comprise software and hardware conditions required by normal operation of the carrier of the target vulnerability and conditions required by execution of the deployment script;
a deployment script application module 530, configured to execute a deployment script on a target device, to deploy a carrier of a target vulnerability in the target device, and inject the target vulnerability into the carrier, to obtain a deployed target device;
And the internet of vehicles shooting range construction module 540 is used for executing a deployment script on the target equipment on the basis of the vehicle-mounted system so as to construct the internet of vehicles shooting range combining software and hardware.
It can be understood that the detailed functional implementation of each module may be referred to the description in the foregoing method embodiment, and will not be repeated herein.
Based on the method in the above embodiment, the embodiment of the invention provides an electronic device. The apparatus may include: at least one memory for storing programs and at least one processor for executing the programs stored by the memory. Wherein the processor is adapted to perform the method described in the above embodiments when the program stored in the memory is executed.
Based on the method in the above embodiment, the embodiment of the present invention provides a computer-readable storage medium storing a computer program, which when executed on a processor, causes the processor to perform the method in the above embodiment.
Based on the method in the above embodiments, an embodiment of the present invention provides a computer program product, which when run on a processor causes the processor to perform the method in the above embodiments.
It is to be appreciated that the processor in embodiments of the invention may be a central processing unit (central processing unit, CPU), other general purpose processor, digital signal processor (digital signal processor, DSP), application specific integrated circuit (application specific integrated circuit, ASIC), field programmable gate array (field programmable gate array, FPGA) or other programmable logic device, transistor logic device, hardware components, or any combination thereof. The general purpose processor may be a microprocessor, but in the alternative, it may be any conventional processor.
The steps of the method in the embodiment of the present invention may be implemented by hardware, or may be implemented by executing software instructions by a processor. The software instructions may be comprised of corresponding software modules that may be stored in random access memory (random access memory, RAM), flash memory, read-only memory (ROM), programmable ROM (PROM), erasable programmable PROM (EPROM), electrically erasable programmable EPROM (EEPROM), registers, hard disk, a removable disk, a CD-ROM, or any other form of storage medium known in the art. An exemplary storage medium is coupled to the processor such the processor can read information from, and write information to, the storage medium. In the alternative, the storage medium may be integral to the processor. The processor and the storage medium may reside in an ASIC.
In the above embodiments, it may be implemented in whole or in part by software, hardware, firmware, or any combination thereof. When implemented in software, may be implemented in whole or in part in the form of a computer program product. The computer program product includes one or more computer instructions. When loaded and executed on a computer, produces a flow or function in accordance with embodiments of the present invention, in whole or in part. The computer may be a general purpose computer, a special purpose computer, a computer network, or other programmable apparatus. The computer instructions may be stored in or transmitted across a computer-readable storage medium. The computer instructions may be transmitted from one website, computer, server, or data center to another website, computer, server, or data center by a wired (e.g., coaxial cable, fiber optic, digital Subscriber Line (DSL)), or wireless (e.g., infrared, wireless, microwave, etc.). The computer readable storage medium may be any available medium that can be accessed by a computer or a data storage device such as a server, data center, etc. that contains an integration of one or more available media. The usable medium may be a magnetic medium (e.g., a floppy disk, a hard disk, a magnetic tape), an optical medium (e.g., a DVD), or a semiconductor medium (e.g., a Solid State Disk (SSD)), or the like.
It will be appreciated that the various numerical numbers referred to in the embodiments of the present invention are merely for ease of description and are not intended to limit the scope of the embodiments of the present invention.
It will be readily appreciated by those skilled in the art that the foregoing description is merely a preferred embodiment of the invention and is not intended to limit the invention, but any modifications, equivalents, improvements or alternatives falling within the spirit and principles of the invention are intended to be included within the scope of the invention.
Claims (10)
1. A method for constructing a soft and hard combined internet of vehicles shooting range based on a multidimensional attack vector is characterized by comprising the following steps:
step S110, obtaining characteristic information and carrier information of a target vulnerability to generate a deployment script of the target vulnerability;
step S120, selecting vehicle-mounted equipment meeting deployment conditions from all vehicle-mounted equipment of a vehicle-mounted system as target equipment; the deployment conditions comprise software and hardware conditions required by normal operation of the carrier of the target vulnerability and conditions required by execution of the deployment script;
step S130, executing a deployment script on the target equipment to deploy a carrier of the target vulnerability in the target equipment, and injecting the target vulnerability into the carrier to obtain the deployed target equipment;
And step 140, constructing a software and hardware combined internet of vehicles shooting range based on the deployed target equipment.
2. The method of claim 1, wherein the target vulnerability comprises vulnerabilities corresponding to attack vectors of one or more dimensions; the attack vectors of each dimension are various physical interfaces in the vehicle-mounted system.
3. The method of claim 1, wherein the carrier information includes a composition and a function of a carrier of the target vulnerability; the characteristic information comprises the cause of the target vulnerability, and the mode and effect of the vulnerability exploitation.
4. The method of claim 3, further comprising, after step S140:
step S150, in the environment of the Internet of vehicles shooting range combining software and hardware, performing functional integrity check on the carrier of the target vulnerability in the deployed target equipment;
step S160, after the functional integrity check is passed, executing an attack script on the target device, and checking whether the attack script triggers the target vulnerability and generates the vulnerability exploitation effect; the attack script is generated based on the vulnerability exploitation mode of the target vulnerability and the deployment script.
5. The method of claim 4, further comprising, after step S160:
Obtaining a repairing mode of the target loophole so as to repair the target loophole in the target equipment;
after the repairing, executing the attack script again on the target equipment, and checking whether the attack script triggers the target vulnerability and generates the vulnerability exploitation effect.
6. The method according to claim 1, wherein step S140 specifically comprises:
based on the topological structure among the vehicle-mounted devices, other vehicle-mounted devices related to the carrier function of the target vulnerability are determined;
and constructing the Internet of vehicles shooting range combining software and hardware based on the deployed target equipment and other vehicle-mounted equipment related to the functions of the target equipment.
7. The method according to claim 1, wherein the carrier information and the feature information of the target vulnerability are specifically extracted from real-world internet of vehicles security event information.
8. A system for constructing a soft and hard combined internet of vehicles shooting range based on a multidimensional attack vector is characterized by comprising:
the deployment script generation module is used for acquiring the characteristic information and the carrier information of the target vulnerability so as to generate a deployment script of the target vulnerability;
the target equipment selecting module is used for selecting the vehicle-mounted equipment meeting the deployment condition from the vehicle-mounted equipment of the vehicle-mounted system as target equipment; the deployment conditions comprise software and hardware conditions required by normal operation of the carrier of the target vulnerability and conditions required by execution of the deployment script;
The deployment script application module is used for executing a deployment script on the target equipment to deploy a carrier of the target vulnerability in the target equipment and injecting the target vulnerability into the carrier to obtain the deployed target equipment;
and the vehicle networking shooting range construction module is used for executing a deployment script on the target equipment on the basis of the vehicle-mounted system so as to construct the vehicle networking shooting range combining software and hardware.
9. An electronic device, comprising:
at least one memory for storing a program;
at least one processor for executing the memory-stored program, which processor is adapted to perform the method of any of claims 1-7 when the memory-stored program is executed.
10. A computer readable storage medium storing a computer program, characterized in that the computer program, when run on a processor, causes the processor to perform the method according to any one of claims 1-7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202410263170.2A CN117852048B (en) | 2024-03-08 | Multi-dimensional attack vector-based soft and hard combined Internet of vehicles shooting range construction method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202410263170.2A CN117852048B (en) | 2024-03-08 | Multi-dimensional attack vector-based soft and hard combined Internet of vehicles shooting range construction method |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN117852048A true CN117852048A (en) | 2024-04-09 |
| CN117852048B CN117852048B (en) | 2024-06-07 |
Family
ID=
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105024990A (en) * | 2015-03-30 | 2015-11-04 | 清华大学 | Deployment method and device for network security attack and defense exercise environment |
| CN110401661A (en) * | 2019-07-29 | 2019-11-01 | 云南电网有限责任公司电力科学研究院 | A kind of network security target range system of electric power monitoring system |
| CN112153010A (en) * | 2020-08-31 | 2020-12-29 | 北京全路通信信号研究设计院集团有限公司 | Network security shooting range system and operation method thereof |
| CN112307482A (en) * | 2019-07-29 | 2021-02-02 | 北京奇虎科技有限公司 | Intrusion kernel detection method and device based on target range and computing equipment |
| CN113158180A (en) * | 2021-04-06 | 2021-07-23 | 中国汽车技术研究中心有限公司 | Automobile network security threat scene construction method, device, equipment and readable storage medium |
| CN116232753A (en) * | 2023-03-17 | 2023-06-06 | 鹏城实验室 | Network range tool deployment method, device, equipment and storage medium |
| CN117499151A (en) * | 2023-12-01 | 2024-02-02 | 中国农业银行股份有限公司 | Method and device for constructing network target range |
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105024990A (en) * | 2015-03-30 | 2015-11-04 | 清华大学 | Deployment method and device for network security attack and defense exercise environment |
| CN110401661A (en) * | 2019-07-29 | 2019-11-01 | 云南电网有限责任公司电力科学研究院 | A kind of network security target range system of electric power monitoring system |
| CN112307482A (en) * | 2019-07-29 | 2021-02-02 | 北京奇虎科技有限公司 | Intrusion kernel detection method and device based on target range and computing equipment |
| CN112153010A (en) * | 2020-08-31 | 2020-12-29 | 北京全路通信信号研究设计院集团有限公司 | Network security shooting range system and operation method thereof |
| CN113158180A (en) * | 2021-04-06 | 2021-07-23 | 中国汽车技术研究中心有限公司 | Automobile network security threat scene construction method, device, equipment and readable storage medium |
| CN116232753A (en) * | 2023-03-17 | 2023-06-06 | 鹏城实验室 | Network range tool deployment method, device, equipment and storage medium |
| CN117499151A (en) * | 2023-12-01 | 2024-02-02 | 中国农业银行股份有限公司 | Method and device for constructing network target range |
Non-Patent Citations (2)
| Title |
|---|
| 陈平等: "基于强化学习的车联网系统拟态防御设计研究", 《信息安全研究》, 30 June 2022 (2022-06-30) * |
| 黄本雄;易再尧;: "利用蜜罐技术架构网络战训练虚拟靶场环境", 华中科技大学学报(自然科学版), no. 01, 28 January 2006 (2006-01-28) * |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9465718B2 (en) | Filter generation for load testing managed environments | |
| CN112270149A (en) | Verification platform automation integration method and system, electronic equipment and storage medium | |
| CN102592084B (en) | A kind of leak repairs method of testing and the system of client logic | |
| US8271252B2 (en) | Automatic verification of device models | |
| CN111428431A (en) | Method and system for supporting automatic test and recording of EDA (electronic design automation) software | |
| CN107710166A (en) | Using checking after the silicon of the quick error detection of symbol and debug | |
| CN107707986A (en) | A kind of method and device that barrage message is simulated in the exploitation of live software | |
| Du et al. | TraceGen: User activity emulation for digital forensic test image generation | |
| CN110532182A (en) | A kind of automated testing method and device of virtual platform | |
| CN114117977B (en) | Method suitable for automatically verifying processor system scene | |
| CN112506785A (en) | Automatic testing method, device, equipment and medium for login of Html5 game page | |
| CN116719729B (en) | Universal verification platform, universal verification method, medium and electronic equipment | |
| CN117852048B (en) | Multi-dimensional attack vector-based soft and hard combined Internet of vehicles shooting range construction method | |
| US8327309B2 (en) | Verification of design information for controlling manufacture of a system on a chip | |
| CN117852048A (en) | Multi-dimensional attack vector-based soft and hard combined Internet of vehicles shooting range construction method | |
| CN116069635A (en) | SOC system testing method and device, computer equipment and storage medium | |
| US6813751B2 (en) | Creating standard VHDL test environments | |
| CN113378182B (en) | Method, device, equipment and medium for detecting right-raising loopholes | |
| CN115562931A (en) | Processor debugging module verification method and device, electronic equipment and storage medium | |
| CN116775202A (en) | Fuzzy test method, device, medium, electronic equipment and computer program product | |
| Spichkova et al. | Towards quality-oriented architecture: Integration in a global context | |
| CN111143227A (en) | Data operation method, device, terminal and storage medium | |
| Bartholomew et al. | Using combinatorial testing to reduce software rework | |
| CN117313650B (en) | Chip test verification method and application device thereof | |
| US20230137661A1 (en) | Verification method and verification system for information and communication safety protection mechanism |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant |