CN108197476A - The leak detection method and device of a kind of intelligent terminal - Google Patents
The leak detection method and device of a kind of intelligent terminal Download PDFInfo
- Publication number
- CN108197476A CN108197476A CN201711442204.0A CN201711442204A CN108197476A CN 108197476 A CN108197476 A CN 108197476A CN 201711442204 A CN201711442204 A CN 201711442204A CN 108197476 A CN108197476 A CN 108197476A
- Authority
- CN
- China
- Prior art keywords
- loophole
- intelligent terminal
- information
- detection
- use cases
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/03—Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
- G06F2221/034—Test or assess a computer or a system
Landscapes
- Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Computing Systems (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Debugging And Monitoring (AREA)
Abstract
The present invention provides the leak detection method and device of a kind of intelligent terminal, behavioural characteristic and loophole coverage information when being occurred by obtaining each loophole of intelligent terminal;The test use cases of the loophole are triggered according to the behavioural characteristic of loophole and loophole coverage message composition;Read the information of the detection of intelligent terminal to be detected;Judge each detection information whether the loophole coverage information matches with pending test use cases;If it does, then the implementation of test cases collection on matched detection, and obtain test result;Judge that intelligent terminal to be detected whether there is the method for loophole according to test result, the defects of solving in the prior art, the a variety of intelligent terminals of adaptation are realized, and with the advantageous effect for a variety of loopholes for fast and effectively being detected different detections automatically to intelligent terminal.
Description
Technical field
The present invention relates to Hole Detection technical field more particularly to the leak detection methods and dress of a kind of intelligent terminal
It puts.
Background technology
Intelligent terminal is the equipment directly interacted with user, and smart mobile phone is mainly reflected in mobile Internet,
But as Internet of Things, car networking, smart home etc. flourish, intelligent terminal shows more diversified type, function and knot
The characteristics of structure more complicates, this results in intelligent terminal fragmentation extremely serious, and identical loophole is in different equipment
Upper reparation situation not can determine that.So detect the loophole of intelligent terminal, be understand its safety important method and
Pinpoint the problems and repair and defend in time the important means of loophole attack.
The leak detection method of existing intelligent terminal is examined in a manner that installation and operation detects program APP
It surveys.One typical represents is Android VTS (Vulnerability Test Suite), is that a android system is put down
The APP applications of platform, user can detect their intelligent terminals with the presence or absence of loophole with the installation and operation APP, can be to intelligent end
Ten several loopholes in end equipment are detected.In addition, the more existing intelligent terminal for Android operation system
Leak detection method be with APK (Android Package) application form run install.
There are the defects of following several respects in the leak detection method of existing intelligent terminal:
1. the leak detection method of existing intelligent terminal be to the version number of current intelligent terminal system and component,
Update date is detected, and judges there is which loophole by version number and update date, that is, patch date.The defects of this method is
Do not have it is actually detected with the presence or absence of loophole, can not cope with developer whether revision number and update date, do not repair loophole
Situation;Meanwhile it can not also cope with developer and only repair loophole not more new version number and the situation of update date.
2. run application program install by APK, during to intelligent terminal progress Hole Detection, due to its
The interface and permission that can be accessed in android system are limited, it is impossible to which operating system and component to intelligent terminal carry out complete
The Hole Detection in face can only detect the interface for the system file that common application can touch.Lead to existing detection loophole side
Method detection be limited in scope, single APP application can not detection terminal equipment communicated by bluetooth, wifi module with other equipment
The loophole that could be triggered during interaction.
3. the prior art supports the intelligent terminal of detection to have unicity, the intelligent terminal to be detected of the prior art is only
Intelligent terminal is only smartwatch or is only intelligent navigation terminal, and none of these methods can be compatible with support inspection simultaneously
Survey a variety of intelligent terminals.But the leak detection method of existing intelligent terminal is primarily directed to single or multiple loopholes
The detection of set due to the diversity and complexity of intelligent terminal, leads to the leak detection method of existing intelligent terminal
All intelligent terminals cannot be adapted to, and effective Hole Detection is carried out to various intelligent terminals.
Therefore, how to realize and fast and effectively automatic detection is carried out to the loophole of a variety of intelligent terminals, be current urgent need solution
Certainly the technical issues of.
Invention content
To solve defect in the prior art, the present invention propose a kind of intelligent terminal leak detection method and
Device has and is adapted to a variety of intelligent terminals, and can be to the progress fast and effectively automatic vulnerability detection of intelligent terminal
Advantageous effect.
To achieve these goals, the embodiment of the present invention provides a kind of leak detection method of intelligent terminal, the party
Method includes:
Obtain the behavioural characteristic and loophole coverage information when each loophole of intelligent terminal occurs;
The test use cases of the loophole are triggered according to the behavioural characteristic of the loophole and loophole coverage message composition;
Read the information of the detection of intelligent terminal to be detected;
Judge each detection information whether the loophole coverage information matches with pending test use cases;
If it does, then performing the test use cases on matched detection, and obtain test result;
Judge that the intelligent terminal to be detected whether there is loophole according to the test result.
To achieve these goals, the embodiment of the present invention also provides a kind of Hole Detection device of intelligent terminal, packet
It includes:
Acquiring unit, for obtaining the behavioural characteristic and loophole coverage letter when each loophole of intelligent terminal occurs
Breath;
Unit is write, the loophole is triggered for the behavioural characteristic according to the loophole and loophole coverage message composition
Test use cases;
Reading unit, for reading the information of the detection of intelligent terminal to be detected;
First judging unit, for judging whether the information of each detection influences with the loopholes of pending test use cases
Range information matches;
Execution unit, for if it does, then performing the test use cases on matched detection, and obtain test
As a result;
Second judgment unit, for judging that the intelligent terminal to be detected whether there is according to the test result
Loophole.
To achieve these goals, the embodiment of the present invention also provides a kind of computer equipment, including memory, processor and
The computer program that storage is upper and can run on a processor is stored in, the processor realizes following walk when performing described program
Suddenly:
Obtain the behavioural characteristic and loophole coverage information when each loophole of intelligent terminal occurs;
The test use cases of the loophole are triggered according to the behavioural characteristic of the loophole and loophole coverage message composition;
Read the information of the detection of intelligent terminal to be detected;
Judge each detection information whether the loophole coverage information matches with pending test use cases;
If it does, then performing the test use cases on matched detection, and obtain test result;
Judge that the intelligent terminal to be detected whether there is loophole according to the test result.
To achieve these goals, the embodiment of the present invention also provides a kind of computer readable storage medium, is stored thereon with
Computer program, the program realize following steps when being executed by processor:
Obtain the behavioural characteristic and loophole coverage information when each loophole of intelligent terminal occurs;
The test use cases of the loophole are triggered according to the behavioural characteristic of the loophole and loophole coverage message composition;
Read the information of the detection of intelligent terminal to be detected;
Judge each detection information whether the loophole coverage information matches with pending test use cases;
If it does, then performing the test use cases on matched detection, and obtain test result;
Judge that the intelligent terminal to be detected whether there is loophole according to the test result.
The leak detection method and device of intelligent terminal provided by the invention, are respectively leaked by obtaining intelligent terminal
Behavioural characteristic and loophole coverage information when hole occurs;According to the behavioural characteristic of the loophole and loophole coverage information
Write the test use cases for triggering the loophole;Read the information of the detection of intelligent terminal to be detected;Judge each detection
Information whether the loophole coverage information matches with pending test use cases;If it does, then in matched inspection
It surveys on item and performs the test use cases, and obtain test result;The intelligence to be detected is judged according to the test result
Terminal device with the presence or absence of loophole method and by the corresponding acquiring unit of method, write unit, reading unit, first judge
The device of unit, execution unit and second judgment unit composition the defects of solving in the prior art, realizes a variety of intelligence of adaptation
Energy terminal device, and with a variety of loopholes for fast and effectively being detected different detections automatically to intelligent terminal
Advantageous effect.
Description of the drawings
In order to illustrate more clearly about the embodiment of the present invention or technical scheme of the prior art, to embodiment or will show below
There is attached drawing needed in technology description to be briefly described, it should be apparent that, the accompanying drawings in the following description is only this
Some embodiments of invention, for those of ordinary skill in the art, without creative efforts, can be with
Other attached drawings are obtained according to these attached drawings.
Fig. 1 is a kind of flow chart of the leak detection method of intelligent terminal of the application;
Fig. 2 is the structure diagram of the detection of the intelligent terminal of one embodiment of the application;
Fig. 3 is the flow chart of the leak detection method of the intelligent terminal of one embodiment of the application;
Fig. 4 is a kind of structure diagram of the Hole Detection device of intelligent terminal of the application;
Fig. 5 is the structure diagram of the first judging unit of one embodiment of the application;
Fig. 6 is the structure diagram of the Hole Detection device of the intelligent terminal of one embodiment of the application.
Specific embodiment
Below in conjunction with the attached drawing in the embodiment of the present invention, the technical solution in the embodiment of the present invention is carried out clear, complete
Site preparation describes, it is clear that described embodiment is only part of the embodiment of the present invention, instead of all the embodiments.It is based on
Embodiment in the present invention, those of ordinary skill in the art are obtained every other without making creative work
Embodiment shall fall within the protection scope of the present invention.
The present invention provides a kind of leak detection method of intelligent terminal, flow chart is as shown in Figure 1, this method packet
Include following steps:
S101:Obtain the behavioural characteristic and loophole coverage information when each loophole of intelligent terminal occurs;
S102:The test case of the loophole is triggered according to the behavioural characteristic of the loophole and loophole coverage message composition
Collection;
S103:Read the information of the detection of intelligent terminal to be detected;
S104:Judge each detection information whether the loophole coverage information with pending test use cases
Match;
S105:If it does, then performing the test use cases on matched detection, and obtain test result;
S106:Judge that the intelligent terminal to be detected whether there is loophole according to the test result.
Flow as shown in Figure 1 is it is found that a kind of leak detection method of intelligent terminal provided by the invention, by obtaining
Behavioural characteristic and loophole coverage information when taking each loophole of intelligent terminal to occur;According to the behavioural characteristic of the loophole
And loophole coverage message composition triggers the test use cases of the loophole;Read the detection of intelligent terminal to be detected
Information;Judge each detection information whether the loophole coverage information matches with pending test use cases;If
Matching, then perform the test use cases, and obtain test result on matched detection;Judged according to the test result
The intelligent terminal to be detected whether there is loophole.The defects of present invention is solved in the prior art realizes adaptation
A variety of intelligent terminals, and have and a variety of of different detections are fast and effectively detected automatically to intelligent terminal
The advantageous effect of loophole.
In above-mentioned steps S101, each loophole of intelligent terminal is known bugs, row when each known bugs occur
Be characterized also is known behavioural characteristic.Known bugs include:Buffer-overflow vulnerability, integer overflow loophole, out-of-bounds access loophole,
Format string loophole, data illegally distort loophole, memory destroys loophole, reuse and secondary release loophole, competition after release
Condition loophole, logical design loophole, type obscure loophole etc., and the present invention is not limited.Known behavioural characteristic includes:Buffering
Area is overflowed, data are illegally distorted, leakage of information, program perform throat floater, procedures/systems collapse and/or invalid result etc., this hair
It is bright to be not limited.Wherein each loophole at least has there are one behavioural characteristic, the behavioural characteristic of each loophole may it is identical may also
It is different.
In order to which those skilled in the art is made to be better understood by the present invention, with reference to specific embodiment, to the present invention
It is described further.
In one embodiment, as shown in Fig. 2, the detection of the intelligent terminal to be detected in S101 includes:Behaviour
Make system 201, kernel 202, application software 203, bluetooth module 204 and wifi module 205.The information of detection includes:Type
Information and version information.Loophole coverage information includes:Loophole, which influences Type Range information and loophole, influences version scope letter
Breath.
In one embodiment, S102 triggers the loophole according to the behavioural characteristic and loophole coverage message composition of loophole
Test use cases, including:
Behavioural characteristic and loophole coverage information when each loophole occurs according to known to all intelligent terminals,
The corresponding test use cases write for triggering the loophole.Wherein each loophole can have one or more behavior spy
Sign, writes at least one test case that can trigger corresponding loophole, by least one test case according to these behavioural characteristics
Corresponding test use cases are formed, which is used to trigger a corresponding loophole.
When it is implemented, influencing Type Range information and loophole according to behavioural characteristic buffer overflow, loophole influences version
Range information writes destination buffer A and the adjacent test use cases for detecting variable B that application is overflowed.Perform above-mentioned test
After set of uses case, direct output variable B or the content that variable B is checked by modes such as debuggers in case of changing, then show
There are corresponding loophole on the intelligent terminal of detection, otherwise it is not present.
Illegally distorted according to behavioural characteristic data, loophole influences Type Range information and loophole influences version scope information,
Write test use cases of the Data Position illegally distorted in controllable range.After performing above-mentioned test use cases, by defeated
Go out or check whether the data in controlled range change to judge to whether there is corresponding loophole on the intelligent terminal of detection, such as
Fruit changes, then shows otherwise to be not present there are corresponding loophole on the intelligent terminal of detection.
Leaked according to behavior characteristic information, loophole influences Type Range information and loophole influences version scope information, write
Export the test use cases of unexpected sensitive data.After performing above-mentioned test use cases, judge whether that sensitive number can be exported
According to if it can, then showing otherwise to be not present there are corresponding loophole on the intelligent terminal of detection.
Throat floater is performed according to behavioural characteristic program, loophole influences Type Range information and loophole influences version scope letter
Breath, the test use cases that the flow that writing causes program to perform can be abnormal according to loophole, and in abnormal execution flow
Middle setting observation point.After performing above-mentioned test use cases, judge that observing program operates in whether observation point meets loophole feature, such as
Fruit meets, then shows otherwise to be not present there are corresponding loophole on the intelligent terminal of detection.
Influencing Type Range information and loophole according to behavioural characteristic program or system crash, loophole influences version scope letter
Breath, writes the test use cases of trigger collapse, and records the contents such as the position of collapse, function call stack, register.It performs
After above-mentioned test use cases, judge whether the expected results for meeting loophole collapse, if met, show the intelligent terminal of detection
On there are corresponding loophole, be otherwise not present.
Influencing Type Range information and loophole according to behavioural characteristic invalid result, loophole influences version scope information, writes
Trigger the test use cases of invalid result.After performing above-mentioned test use cases, judge test use cases output result whether with
Program operation result there are loophole matches, if it does, then show on the intelligent terminal of detection there are corresponding loophole, it is no
Then it is not present.
In one embodiment, as shown in figure 3, S104 judge each detection information whether with pending test case
The loophole coverage information matches of collection, including:
S301:Whether judge the type information of each detection with the loopholes of pending test use cases influences Type Range
Information matches.
When it is implemented, after the type information for reading each detection, then judging the type information of each detection respectively is
The no loophole with currently performed test use cases influences Type Range information matches.If the type information of detection is not belonging to
When the loophole of currently performed test use cases influences the range of Type Range information, it is believed that mismatch;Otherwise it is assumed that matching.Its
Middle match condition includes:The loophole that the type information of detection belongs to currently performed test use cases influences Type Range letter
Situations such as in breath and detection without type information, the present invention is not limited.Unmatched situation is:The type of detection
Information does not influence Type Range information in the loophole of currently performed test use cases.Such as currently performed test use cases
It is Android or IOS types that loophole, which influences Type Range information, then when the type information of detection is Symbian, then not
Belonging to the loophole of Android or IOS types influences Type Range, belongs to mismatch case;When the type information of detection is
During Android, then belonging to the loophole of Android or IOS types influences Type Range, belongs to match condition, when the class of detection
When type information is empty, the loophole that the present invention is defined as belonging to Android or IOS types influences Type Range, also belongs to matching feelings
Condition, the present invention are not limited.
S302:Whether judge the version information of each detection with the loopholes of pending test use cases influences version scope
Information matches.
When it is implemented, after the version information for reading each detection, then judging the version information of each detection respectively is
The no loophole with currently performed test use cases influences version scope information matches.If the version information of detection is not belonging to
When the loophole of currently performed test use cases influences the range of version scope information, it is believed that mismatch;Otherwise it is assumed that matching.Its
Middle match condition includes:The loophole that the version information of detection belongs to currently performed test use cases influences version scope letter
Situations such as in breath and detection without version information, the present invention is not limited.Unmatched situation is:The version of detection
Information does not influence version scope information in the loophole of currently performed test use cases.Such as currently performed test use cases
It is 1.0-3.0 versions that loophole, which influences version scope information, then when the version information of detection is 5.0, is then not belonging to 1.0-3.0
The loophole of version influences version scope, belongs to mismatch case;When the version information of detection is 2.0, then belong to 1.0-3.0
The loophole of version influences version scope, belongs to match condition, and when the version information of detection is empty, the present invention is defined as belonging to
The loophole of 1.0-3.0 versions influences version scope, also belongs to match condition, the present invention is not limited.
Sequencing is not present in above-mentioned steps S301 and S302, first judges which is walked, and each detection is sentenced
Disconnected process is not also in sequencing.In step S105, current test case is performed respectively on matched each detection
Collection, is finished after current test use cases, and obtain the last of current test use cases on all matched detections
Test result.
In one embodiment, the leak detection method of a kind of intelligent terminal provided by the invention, further includes:
Communication interaction is carried out with bluetooth module;Or
Communication interaction is carried out with wifi module.
When it is implemented, the implementation of test cases collection on the bluetooth module 204 of intelligent terminal to be detected, is leaked
When hole is detected, (intelligent terminal to be detected need to be being opened with being tested in the state of the progress communication interaction of bluetooth module 204
The Bluetooth function state of equipment).The implementation of test cases collection in the wifi module 205 of intelligent terminal carries out Hole Detection
When, (it need to open intelligent terminal to be detected with being tested in the state of the progress communication interaction of wifi module 205
Wifi functional status), the present invention is not using the above first to limit.
In one embodiment, S106 judges whether the intelligent terminal to be detected is deposited according to the test result
In loophole, including:
Judge the test case whether occurs in the intelligent terminal to be detected according to the test result
Collect the corresponding behavioural characteristic;If it happens, then there are the test use cases in the intelligent terminal to be detected
Corresponding loophole;Otherwise, the corresponding loophole of the test use cases is not present in the intelligent terminal to be detected.
It is somebody's turn to do when it is implemented, judging that the intelligent terminal of current detection whether there is according to the test result that S105 is obtained
The corresponding loophole of test use cases.By the behavior for checking whether to occur the corresponding loophole of the test use cases in test result
Feature, in case of behavioural characteristic corresponding with loophole, then there are the test use cases in the intelligent terminal of current detection
Corresponding loophole, otherwise, there is no the corresponding loopholes of the test use cases.
In one embodiment, as shown in figure 3, the leak detection method of intelligent terminal provided by the invention, is also wrapped
It includes:
S107:For each loophole, after the test result judgement of the corresponding test use cases of the loophole, restore institute
Intelligent terminal to be detected is stated as original state, then performs the corresponding test use cases of next loophole.
When it is implemented, for each loophole in S101, to performing test in matched each detection in S106
After the test result of set of uses case judges, then each detection for restoring the intelligent terminal of detection is (initial for original state
State i.e. the test use cases perform before detection intelligent terminal state), then perform next loophole it is corresponding under
One test use cases.Each detection by the intelligent terminal for restoring detection is original state, ensures performing each loophole
Test environment before corresponding test use cases is consistent, avoids affecting one another between each loophole.
By above-mentioned analysis it is found that behavioural characteristic when being occurred by obtaining each loophole of intelligent terminal of the present invention and
Loophole coverage information writes the test use cases for triggering the loophole according to the two.When detecting, it reads first to be detected
The information of the detection of intelligent terminal, judge each detection information whether the loophole shadow with pending test use cases
Range information matching is rung, corresponding test use cases is performed on matched detection, and obtain test result, then passes through test
As a result intelligent terminal to be detected is judged with the presence or absence of corresponding loophole, and the intelligent terminal for restoring detection after judgement is set
Standby is original state, then perform the corresponding test use cases of next loophole.A kind of leakage of intelligent terminal provided by the invention
The defects of hole detection method is solved in the prior art realizes a variety of intelligent terminals of adaptation, and with to intelligent terminal
Equipment is fast and effectively detected the advantageous effect of a variety of loopholes of different detections automatically.
Conceived based on the application identical with the leak detection method of above-mentioned intelligent terminal, present invention also provides one kind
The Hole Detection device of intelligent terminal, as described in example below.Due to the Hole Detection device of the intelligent terminal
The principle solved the problems, such as is similar to the leak detection method of intelligent terminal, therefore the Hole Detection dress of the intelligent terminal
The implementation put may refer to the implementation of the leak detection method of intelligent terminal, and overlaps will not be repeated.
Fig. 4 is the structure diagram of the Hole Detection device of the intelligent terminal of the embodiment of the present invention, as shown in figure 4,
The Hole Detection device of the intelligent terminal includes:Acquiring unit 401 writes unit 402, the judgement of reading unit 403 first
Unit 404, execution unit 405 and second judgment unit 406.
Acquiring unit 401, for obtaining the behavioural characteristic and loophole coverage when each loophole of intelligent terminal occurs
Information;
Unit 402 is write, the leakage is triggered for the behavioural characteristic according to the loophole and loophole coverage message composition
The test use cases in hole;
Reading unit 403, for reading the information of the detection of intelligent terminal to be detected;
First judging unit 404, for judge the information of each detection whether the loophole with pending test use cases
Coverage information matches;
Execution unit 405, for if it does, then performing the test use cases on matched detection, and obtain
Test result;
Second judgment unit 406, for whether judging the intelligent terminal to be detected according to the test result
There are loopholes.
When it is implemented, the detection of intelligent terminal to be detected includes:Operating system, kernel, application software, indigo plant
Tooth module and wifi module;The information of detection includes:Type information and version information;Loophole coverage information includes:Leakage
Hole, which influences Type Range information and loophole, influences version scope information, and the present invention is not limited.
In one embodiment, the Hole Detection device of intelligent terminal provided by the invention, further includes:
Bluetooth communication interactive unit, for carrying out communication interaction with bluetooth module 204;
Wifi communication interaction units, for carrying out communication interaction with wifi module 205.
In one embodiment, as shown in figure 5, the first judging unit 404 includes:Type information judgment module 501 and version
This signal judgement module 502.
Type information judgment module 501, for judge the type information of each detection whether with pending test case
The loophole of collection influences Type Range information matches.
Version information judgment module 502, for judge the version information of each detection whether with pending test case
The loophole of collection influences version scope information matches.
In one embodiment, second judgment unit 406 is specifically used for:
Judge the test case whether occurs in the intelligent terminal to be detected according to the test result
Collect the corresponding behavioural characteristic;If it happens, then there are the test use cases in the intelligent terminal to be detected
Corresponding loophole;Otherwise, the corresponding loophole of the test use cases is not present in the intelligent terminal to be detected.
In one embodiment, as shown in fig. 6, the Hole Detection device of intelligent terminal provided in an embodiment of the present invention
It further includes:Recovery unit 407.
Recovery unit 407 has judged for the test result for each loophole, the corresponding test use cases of the loophole
Bi Hou restores the intelligent terminal to be detected as original state, then performs the corresponding test use cases of next loophole.
A kind of Hole Detection device of intelligent terminal provided by the invention, it is real the defects of solving in the prior art
The a variety of intelligent terminals of adaptation are showed, and have had and different detections are fast and effectively detected automatically to intelligent terminal
The advantageous effect of a variety of loopholes of item.
Conceived based on the application identical with the leak detection method of above-mentioned intelligent terminal, present invention also provides one kind
Computer equipment, as described in example below.The principle solved the problems, such as due to the computer equipment and the leakage of intelligent terminal
Hole detection method is similar, therefore the implementation of the computer equipment may refer to the reality of the leak detection method of intelligent terminal
It applies, overlaps will not be repeated.
The embodiment of the present invention additionally provides a kind of computer equipment, including memory, processor and is stored in storage simultaneously
The computer program that can be run on a processor, the processor realize following steps when performing described program:
Obtain the behavioural characteristic and loophole coverage information when each loophole of intelligent terminal occurs;
The test use cases of the loophole are triggered according to the behavioural characteristic of the loophole and loophole coverage message composition;
Read the information of the detection of intelligent terminal to be detected;
Judge each detection information whether the loophole coverage information matches with pending test use cases;
If it does, then performing the test use cases on matched detection, and obtain test result;
Judge that the intelligent terminal to be detected whether there is loophole according to the test result.
Conceived based on the application identical with the leak detection method of above-mentioned intelligent terminal, present invention also provides one kind
Computer readable storage medium, as described in example below.The principle solved the problems, such as due to the computer readable storage medium with
The leak detection method of intelligent terminal is similar, therefore the implementation of the computer readable storage medium may refer to intelligent terminal
The implementation of the leak detection method of equipment, overlaps will not be repeated.
The embodiment of the present invention additionally provides a kind of computer readable storage medium, is stored thereon with computer program, the journey
Following steps are realized when sequence is executed by processor:
Obtain the behavioural characteristic and loophole coverage information when each loophole of intelligent terminal occurs;
The test use cases of the loophole are triggered according to the behavioural characteristic of the loophole and loophole coverage message composition;
Read the information of the detection of intelligent terminal to be detected;
Judge each detection information whether the loophole coverage information matches with pending test use cases;
If it does, then performing the test use cases on matched detection, and obtain test result;
Judge that the intelligent terminal to be detected whether there is loophole according to the test result.
It should be understood by those skilled in the art that, the embodiment of the present invention can be provided as method, system or computer program
Product.Therefore, the reality in terms of complete hardware embodiment, complete software embodiment or combination software and hardware can be used in the present invention
Apply the form of example.Moreover, the computer for wherein including computer usable program code in one or more can be used in the present invention
The computer program production that usable storage medium is implemented on (including but not limited to magnetic disk storage, CD-ROM, optical memory etc.)
The form of product.
The present invention be with reference to according to the method for the embodiment of the present invention, the flow of equipment (system) and computer program product
Figure and/or block diagram describe.It should be understood that it can be realized by computer program instructions every first-class in flowchart and/or the block diagram
The combination of flow and/or box in journey and/or box and flowchart and/or the block diagram.These computer programs can be provided
The processor of all-purpose computer, special purpose computer, Embedded Processor or other programmable data processing devices is instructed to produce
A raw machine so that the instruction performed by computer or the processor of other programmable data processing devices is generated for real
The device of function specified in present one flow of flow chart or one box of multiple flows and/or block diagram or multiple boxes.
These computer program instructions, which may also be stored in, can guide computer or other programmable data processing devices with spy
Determine in the computer-readable memory that mode works so that the instruction generation being stored in the computer-readable memory includes referring to
Enable the manufacture of device, the command device realize in one flow of flow chart or multiple flows and/or one box of block diagram or
The function of being specified in multiple boxes.
These computer program instructions can be also loaded into computer or other programmable data processing devices so that counted
Series of operation steps are performed on calculation machine or other programmable devices to generate computer implemented processing, so as in computer or
The instruction offer performed on other programmable devices is used to implement in one flow of flow chart or multiple flows and/or block diagram one
The step of function of being specified in a box or multiple boxes.
It applies specific embodiment in the present invention to be expounded the principle of the present invention and embodiment, above example
Explanation be merely used to help understand the present invention method and its core concept;Meanwhile for those of ordinary skill in the art,
Thought according to the present invention, there will be changes in specific embodiments and applications, in conclusion in this specification
Appearance should not be construed as limiting the invention.
Claims (14)
1. a kind of leak detection method of intelligent terminal, which is characterized in that this method includes:
Obtain the behavioural characteristic and loophole coverage information when each loophole of intelligent terminal occurs;
The test use cases of the loophole are triggered according to the behavioural characteristic of the loophole and loophole coverage message composition;
Read the information of the detection of intelligent terminal to be detected;
Judge each detection information whether the loophole coverage information matches with pending test use cases;
If it does, then performing the test use cases on matched detection, and obtain test result;
Judge that the intelligent terminal to be detected whether there is loophole according to the test result.
2. the leak detection method of intelligent terminal according to claim 1, which is characterized in that the intelligence to be detected
The detection of energy terminal device includes:Operating system, kernel, application software, bluetooth module and wifi module;The detection
Information includes:Type information and version information;The loophole coverage information includes:Loophole influences Type Range information and leakage
Hole influences version scope information.
3. the leak detection method of intelligent terminal according to claim 2, which is characterized in that further include:
Communication interaction is carried out with the bluetooth module;Or
Communication interaction is carried out with the wifi module.
4. the leak detection method of intelligent terminal according to claim 2, which is characterized in that described to judge each detection
Information whether the loophole coverage information matches with pending test use cases, including:
Whether judge the type information of each detection with the loopholes of pending test use cases influences Type Range information matches;
Whether judge the version information of each detection with the loopholes of pending test use cases influences version scope information matches.
5. the leak detection method of intelligent terminal according to claim 1, which is characterized in that tied according to the test
Fruit judges that the intelligent terminal to be detected whether there is loophole, including:
Judge the test case set pair whether occurs in the intelligent terminal to be detected according to the test result
The behavioural characteristic answered;If it happens, then there are test use cases correspondences in the intelligent terminal to be detected
Loophole;Otherwise, the corresponding loophole of the test use cases is not present in the intelligent terminal to be detected.
6. the leak detection method of intelligent terminal according to claim 1, which is characterized in that further include:
For each loophole, after the test result judgement of the corresponding test use cases of the loophole, restore described to be detected
Intelligent terminal for original state, then perform the corresponding test use cases of next loophole.
7. a kind of Hole Detection device of intelligent terminal, which is characterized in that including:
Acquiring unit, for obtaining the behavioural characteristic and loophole coverage information when each loophole of intelligent terminal occurs;
Unit is write, the test of the loophole is triggered for the behavioural characteristic according to the loophole and loophole coverage message composition
Set of uses case;
Reading unit, for reading the information of the detection of intelligent terminal to be detected;
First judging unit, for judge the information of each detection whether the loophole coverage with pending test use cases
Information matches;
Execution unit, for if it does, then performing the test use cases on matched detection, and obtain test knot
Fruit;
Second judgment unit, for judging the intelligent terminal to be detected with the presence or absence of leakage according to the test result
Hole.
8. the Hole Detection device of intelligent terminal according to claim 7, which is characterized in that the intelligence to be detected
The detection of energy terminal device includes:Operating system, kernel, application software, bluetooth module and wifi module;The detection
Information includes:Type information and version information;The loophole coverage information includes:Loophole influences Type Range information and leakage
Hole influences version scope information.
9. the Hole Detection device of intelligent terminal according to claim 8, which is characterized in that further include:
Bluetooth communication interactive unit, for carrying out communication interaction with the bluetooth module;
Wifi communication interaction units, for carrying out communication interaction with the wifi module.
10. the Hole Detection device of intelligent terminal according to claim 8, which is characterized in that described first judges
Unit includes:
Type information judgment module, for judge the type information of each detection whether the loophole with pending test use cases
Influence Type Range information matches;
Version information judgment module, for judge the version information of each detection whether the loophole with pending test use cases
Influence version scope information matches.
11. the Hole Detection device of intelligent terminal according to claim 7, which is characterized in that described second judges
Unit is specifically used for:
Judge the test case set pair whether occurs in the intelligent terminal to be detected according to the test result
The behavioural characteristic answered;If it happens, then there are test use cases correspondences in the intelligent terminal to be detected
Loophole;Otherwise, the corresponding loophole of the test use cases is not present in the intelligent terminal to be detected.
12. the Hole Detection device of intelligent terminal according to claim 7, which is characterized in that further include:
Recovery unit, it is extensive after judging for the test result for each loophole, the corresponding test use cases of the loophole
The multiple intelligent terminal to be detected is original state, then perform the corresponding test use cases of next loophole.
13. a kind of computer equipment including memory, processor and is stored in the calculating that storage is upper and can run on a processor
Machine program, which is characterized in that the processor realizes following steps when performing described program:
Obtain the behavioural characteristic and loophole coverage information when each loophole of intelligent terminal occurs;
The test use cases of the loophole are triggered according to the behavioural characteristic of the loophole and loophole coverage message composition;
Read the information of the detection of intelligent terminal to be detected;
Judge each detection information whether the loophole coverage information matches with pending test use cases;
If it does, then performing the test use cases on matched detection, and obtain test result;
Judge that the intelligent terminal to be detected whether there is loophole according to the test result.
14. a kind of computer readable storage medium, is stored thereon with computer program, which is characterized in that the program is by processor
Following steps are realized during execution:
Obtain the behavioural characteristic and loophole coverage information when each loophole of intelligent terminal occurs;
The test use cases of the loophole are triggered according to the behavioural characteristic of the loophole and loophole coverage message composition;
Read the information of the detection of intelligent terminal to be detected;
Judge each detection information whether the loophole coverage information matches with pending test use cases;
If it does, then performing the test use cases on matched detection, and obtain test result;
Judge that the intelligent terminal to be detected whether there is loophole according to the test result.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201711442204.0A CN108197476B (en) | 2017-12-27 | 2017-12-27 | Vulnerability detection method and device for intelligent terminal equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201711442204.0A CN108197476B (en) | 2017-12-27 | 2017-12-27 | Vulnerability detection method and device for intelligent terminal equipment |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN108197476A true CN108197476A (en) | 2018-06-22 |
| CN108197476B CN108197476B (en) | 2020-12-08 |
Family
ID=62584475
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201711442204.0A Active CN108197476B (en) | 2017-12-27 | 2017-12-27 | Vulnerability detection method and device for intelligent terminal equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN108197476B (en) |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109711166A (en) * | 2018-12-17 | 2019-05-03 | 北京知道创宇信息技术有限公司 | Leak detection method and device |
| CN110572399A (en) * | 2019-09-10 | 2019-12-13 | 百度在线网络技术(北京)有限公司 | vulnerability detection processing method, device, equipment and storage medium |
| CN110674508A (en) * | 2019-09-23 | 2020-01-10 | 北京智游网安科技有限公司 | Android component detection processing method, detection terminal and storage medium |
| CN115080977A (en) * | 2022-05-06 | 2022-09-20 | 北京结慧科技有限公司 | Security vulnerability defense method, system, computer equipment and storage medium |
| CN115118498A (en) * | 2022-06-28 | 2022-09-27 | 北京中科微澜科技有限公司 | Vulnerability data analysis method and system based on relevance |
| CN115484081A (en) * | 2022-08-31 | 2022-12-16 | 中汽创智科技有限公司 | Host intrusion detection method, device, equipment and storage medium |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101847117A (en) * | 2009-03-23 | 2010-09-29 | 中兴通讯股份有限公司 | Unit testing method and device |
| CN107368417A (en) * | 2017-07-25 | 2017-11-21 | 中国人民解放军63928部队 | A kind of bug excavation technical testing model and method of testing |
-
2017
- 2017-12-27 CN CN201711442204.0A patent/CN108197476B/en active Active
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101847117A (en) * | 2009-03-23 | 2010-09-29 | 中兴通讯股份有限公司 | Unit testing method and device |
| CN107368417A (en) * | 2017-07-25 | 2017-11-21 | 中国人民解放军63928部队 | A kind of bug excavation technical testing model and method of testing |
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109711166A (en) * | 2018-12-17 | 2019-05-03 | 北京知道创宇信息技术有限公司 | Leak detection method and device |
| CN110572399A (en) * | 2019-09-10 | 2019-12-13 | 百度在线网络技术(北京)有限公司 | vulnerability detection processing method, device, equipment and storage medium |
| CN110674508A (en) * | 2019-09-23 | 2020-01-10 | 北京智游网安科技有限公司 | Android component detection processing method, detection terminal and storage medium |
| CN115080977A (en) * | 2022-05-06 | 2022-09-20 | 北京结慧科技有限公司 | Security vulnerability defense method, system, computer equipment and storage medium |
| CN115118498A (en) * | 2022-06-28 | 2022-09-27 | 北京中科微澜科技有限公司 | Vulnerability data analysis method and system based on relevance |
| CN115118498B (en) * | 2022-06-28 | 2023-11-28 | 北京中科微澜科技有限公司 | Vulnerability data analysis method and system based on relevance |
| CN115484081A (en) * | 2022-08-31 | 2022-12-16 | 中汽创智科技有限公司 | Host intrusion detection method, device, equipment and storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN108197476B (en) | 2020-12-08 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN108197476A (en) | The leak detection method and device of a kind of intelligent terminal | |
| CN104834859B (en) | The dynamic testing method of malicious act in a kind of Android applications | |
| CN103729595B (en) | A kind of Android application program private data leakage off-line checking method | |
| WO2020019484A1 (en) | Simulator recognition method, recognition device, and computer readable medium | |
| US9690945B2 (en) | Security analysis using relational abstraction of data structures | |
| CN107133174A (en) | Test case code automatically generating device and method | |
| CN104573524A (en) | Fuzz testing method based on static detection | |
| CN109062667B (en) | Simulator identification method, simulator identification equipment and computer readable medium | |
| CN106055983A (en) | Anti-debugging method of android application based on IDA communication | |
| CN105630659B (en) | The acquisition methods and device of application crashes daily record | |
| CN105069354A (en) | Attack tree model based Android software hybrid detection method | |
| CN105653946A (en) | Android malicious behavior detection system based on combined event behavior triggering and detection method of Android malicious behavior detection system | |
| CN106126423A (en) | The method of testing of game application, Apparatus and system | |
| CN104504337A (en) | Method for detecting malicious application disclosing Android data | |
| CN113497809A (en) | MIPS framework vulnerability mining method based on control flow and data flow analysis | |
| CN111753306A (en) | Intelligent contract vulnerability detection method and device, electronic equipment and storage medium | |
| CN102968367A (en) | Static detection method on basis of embedded software and system thereof | |
| KR20210061446A (en) | Safety-related data stream detection method | |
| CN107678833A (en) | Simulator detection method and device based on operation system information | |
| Gao et al. | Em-fuzz: Augmented firmware fuzzing via memory checking | |
| CN108021791A (en) | Data guard method and device | |
| CN108898012A (en) | The method and apparatus for detecting illegal program | |
| CN103049374A (en) | Automatic testing method and device | |
| CN110889116A (en) | Advertisement blocking method and device and electronic equipment | |
| CN108932199A (en) | A kind of automation stain analysis system based on user interface analysis |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |