Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Safety test system and method

A technology of security testing and fuzz testing, applied in transmission systems, digital transmission systems, data exchange networks, etc., can solve the problems of consuming machine resources, reducing business logic coverage, and consuming a lot of time, so as to reduce human resources and improve business Effect of logic coverage and reduction of time spent

Active Publication Date: 2013-04-03
ALIBABA GRP HLDG LTD
View PDF7 Cites 49 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] 1. It needs to crawl the link pages of online applications in the way of spiders, which will consume additional machine resources;
[0006] 2. Spider-style crawling will also capture a large number of useless pages, and the pages cannot be customized; in this way, using multiple vulnerability verification scripts will generate a large amount of garbage data on the functional points that have add, delete, and modify operations. And normal content will be deleted; this not only consumes a lot of time, but also reduces business logic coverage
[0007] Method 2. In order to avoid consuming additional machine resources, method 2 is based on the URL verification attack test recorded by manual operation behavior; but because it requires manual operation, it will consume a lot of human resources

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Safety test system and method
  • Safety test system and method
  • Safety test system and method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0050] In order to make the above objects, features and advantages of the present application more obvious and comprehensible, the present application will be further described in detail below in conjunction with the accompanying drawings and specific implementation methods.

[0051]One of the core concepts of the embodiments of the present application is to perform automated security testing based on log analysis for the problems of low business logic coverage and difficulty in manual execution of existing security testing methods. Access the characteristic data of the request, and use the fuzzy test script to carry out replay attacks on abnormal access requests.

[0052] Compared with the existing technology that needs to crawl the link pages of online applications in the way of spiders, grab a large number of useless pages, and cannot customize the pages, because the replay attack of the abnormal access request of this application is an exception in the access log record Th...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The application provides a safety test system and method. The system specifically comprises a visiting log recording device, a visiting log extraction device and a visiting test device, wherein the visiting log recording device aims at an on-line application program, the characteristic data of a user visiting request is preserved in a visiting log record, and the user visiting request comprises a normal visiting request and an abnormal request; the visiting log extraction device is used for extracting a visiting log record corresponding to the abnormal visiting request from the visiting log record of the on-line application program; and the visiting test device is used for using an obscuring test script to replay and attack the abnormal visit request and cam judge whether a loop hole exists according to the returned respondence. The safety test system and the method provided by the application can reduce the consumed substantive machine resources and manpower resources by safety test, and business logic coverage rate of the safety test is improved.

Description

technical field [0001] The present application relates to the technical field of safety testing, in particular to a safety testing system and method. Background technique [0002] At present, with the mature development of Internet and e-commerce technology, many online application programs provide various convenient and powerful functions (such as online shopping, online banking transactions, etc.) for users to use. The security of these online applications has also become extremely important when it comes to user data or transactions. Whether it is an online application program user or an online service program service provider, they all care about whether the provided functional services have sufficient security considerations. If these commonly used online applications are implanted with malicious programs by hackers, the user's private data will be stolen during the execution of the program, which will cause losses to the user and the service provider. In addition, if...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L12/26H04L29/06G06F21/56
Inventor 王会鹏
Owner ALIBABA GRP HLDG LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com