Mobile application automation security testing platform

A technology for security testing and mobile applications, applied in software testing/debugging, error detection/correction, instrumentation, etc., can solve problems such as the slow development of mobile application security testing technology and the increase in the probability of application program being destroyed

Inactive Publication Date: 2016-09-07
云南电网有限责任公司信息中心
View PDF1 Cites 5 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

On the other hand, based on the characteristics of mobile applications that are not controlled by time and place, and the open source code of the Android system, the probability of its application program being damaged is greatly increased, and the focus of software security testing is still relatively mature. Web security research has led to the slow development of mobile application security testing technology

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Mobile application automation security testing platform
  • Mobile application automation security testing platform
  • Mobile application automation security testing platform

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0021] Combine below figure 1 The present invention is described in further detail:

[0022] Such as figure 1 , figure 2 , an automated security testing platform for mobile applications, the present invention is characterized in that it includes the following parts:

[0023] A. The console of mobile application automation security testing is the core part of the mobile application automation security testing platform, which runs on the PC side to realize the command input of testers and the output of final test results;

[0024] B. The agent program running on the Android device executes the commands entered in the console on the mobile terminal to realize the discovery of vulnerabilities, which is the basic part of the system;

[0025] C. The port for information interaction between the console and the agent, which is responsible for the data transmission between the console and the agent;

[0026] D. The JDK environment, as the basic part of the automated security testi...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

A mobile application automation security testing platform is used for detecting security of Android applications, so as to verify whether the Android applications coincide with security standards. The platform is capable of performing component analysis on an application installed on an Android system, and by means of an exposed component, determining an attack surface, carrying out a penetration test, and mining out a vulnerability of the application in depth, wherein a coverage of the test comprises an authentication bypass test, an SQL impregnation test, insecurity of data storage and reading of a file system and the like. During a test process, acquisition of a root permission of a mobile phone terminal is not required, and it can be ensured that the mobile phone terminal interacts with other application and operating systems as a common Android application. Different from an automated scanning tool of a web field, the testing platform is an interactive security testing platform, and during a use process, the user only needs to input a command on a working state (PC terminal) of the user, and the command is transferred to a proxy program on an Android device via a connection of a port and executed, so as to complete the whole security test.

Description

technical field [0001] The invention belongs to the field of software testing and relates to the technical field of automation. Background technique [0002] Mobile terminals and applications continue to be promoted in various business systems of enterprises, so that the office is no longer limited by time and place, which greatly improves work efficiency. While it brings many conveniences, the security of enterprise information is also paid more attention to. The business data and sensitive information contained in mobile APPs are facing more threats, and the security issues of mobile APPs are becoming more and more prominent, such as: mobile APPs are attacked by cross-site scripting during use, sensitive data is stolen, codes are illegally tampered with, and passwords are cracked Wait. In the face of these threats, it is very necessary to be able to find a fast and convenient mobile application security testing solution. [0003] For the security testing of mobile applic...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F11/36
CPCG06F11/3672G06F11/3696
Inventor 黄祖源周靖耿贞伟苏永东陈何雄薛永军彭晓平苏文伟段琳孙恒一郭威
Owner 云南电网有限责任公司信息中心
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap