A method and system for detecting program vulnerabilities

A detection method and detection system technology, applied in error detection/correction, software testing/debugging, instruments, etc., can solve the problems of waste of manpower and system resources, single source of vulnerabilities, and easy misjudgment, so as to reduce workload and obtain The effect of enriching sources, improving efficiency and testing coverage

Active Publication Date: 2019-02-05
GUANGDONG OPPO MOBILE TELECOMM CORP LTD
View PDF3 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] In view of this, the purpose of the present invention is to provide a detection method and detection system for program loopholes, which can solve the problem of single source of loopholes in the prior art, easy misjudgment, and the need for human intervention and prediction after loopholes occur, thereby wasting a lot of manpower and technical issues with system resources

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A method and system for detecting program vulnerabilities
  • A method and system for detecting program vulnerabilities
  • A method and system for detecting program vulnerabilities

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0027] see figure 1 , is a schematic flowchart of a method for detecting a program vulnerability provided by an embodiment of the present invention.

[0028] The detection method of the program vulnerability includes:

[0029] In step S101, during testing, a monitoring thread is started, and the monitoring thread is used to monitor abnormal events in the program to be tested.

[0030] Wherein, the monitoring thread includes: an interface monitoring thread and a log monitoring thread. The interface monitoring thread is used to monitor the interface of the program to be tested, such as Figure 5A As shown, to analyze whether there is an abnormal event originating from the interface; the log monitoring thread monitors the log of the program to be tested, such as Figure 5B Shown to analyze whether there are abnormal events from logs.

[0031] The monitoring thread is also used to record the abnormal event and the source of the abnormal event, and the source includes: an inter...

Embodiment 2

[0045] see figure 2 , is a schematic flowchart of a method for detecting a program vulnerability provided by an embodiment of the present invention.

[0046] The detection method of the program vulnerability includes:

[0047] In step S201, a monitoring thread is started during testing, so as to monitor abnormal events in the program under test through the interface and logs.

[0048] Specifically, this step includes:

[0049] (1) Open monitoring thread during test, described monitoring thread comprises: interface monitoring thread and log monitoring thread, monitor simultaneously through interface and log, make the acquisition source of abnormal event abundant, accurate, and need not manual intervention;

[0050] (2) monitor the interface of the program under test through the interface monitoring thread, such as Figure 5A As shown, to analyze whether there is an abnormal event originating from the interface, for example: whether there is an error keyword in the interface...

Embodiment 3

[0082] see image 3 , is a block diagram of a program vulnerability detection system provided by an embodiment of the present invention.

[0083] The program vulnerability detection system 300 includes: a monitoring module 31 , a type module 32 , an interruption module 33 , and a vulnerability analysis module 34 .

[0084] The monitoring module 31 is used for starting a monitoring thread during testing, and the monitoring thread is used for monitoring abnormal events in the program to be tested.

[0085] Wherein, the monitoring thread 31 includes: an interface monitoring thread 311 and a log monitoring thread 312 .

[0086] Specifically, the interface monitoring thread 311 is used to monitor the interface of the program to be tested, such as Figure 5A Shown to analyze whether there are abnormal events originating from the interface. The log monitoring thread 312 monitors the log of the program to be tested, such as Figure 5B Shown to analyze whether there are abnormal ev...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The present invention provides a program vulnerability detection method and detection system. The method comprises the steps of starting a monitor thread in testing, wherein the monitor thread is used for monitoring an abnormal event in a to-be-tested program; acquiring the abnormal event, and analyzing types of the abnormal event, wherein the types include a program error item and a program incorrect item; determining whether the abnormal event causes test interruption; and if the test is interrupted or the test is finished, performing vulnerability analysis and processing on the abnormal event according to the types of the abnormal event. According the method, the types of the abnormal event include the program error item and the program incorrect item, and vulnerability analysis and processing are performed on the abnormal events of different types, so that the source for obtaining the abnormal event is rich and the abnormal event can be acquired accurately, manual intervene is not needed, vulnerability analysis workload is reduced, and the test efficiency and test range are improved.

Description

technical field [0001] The invention belongs to the technical field of software testing, in particular to a method and system for detecting program loopholes. Background technique [0002] Today, with the rapid development of information technology, more and more mobile phone manufacturers, operators, and developers have joined the camp of mobile phone platforms, bringing various beautification and institutional mobile phone systems. At the same time, the number of applications in the mobile phone market is growing rapidly. Testing is inseparable, and the need for testing is becoming more and more urgent. [0003] Automated testing can capture resource conflicts, multi-threading, deadlocks and other errors that are difficult to find by manual testing. It can efficiently complete a large number of mechanical and repetitive tests, and can simulate a large amount of data or a large number of concurrent users. Software testing cycle, improve the reliability and accuracy of test...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): G06F11/36
CPCG06F11/3644G06F11/366
Inventor 郑智超
Owner GUANGDONG OPPO MOBILE TELECOMM CORP LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap