Interactive application program security test method and system thereof

An application program and security testing technology, which is applied in software testing/debugging, error detection/correction, instruments, etc., can solve the problems of time-consuming scanning and low accuracy, so as to reduce false negative rate, high test accuracy, reduce The effect of human input

Inactive Publication Date: 2016-11-16
SECZONE TECH CO LTD
View PDF6 Cites 24 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, the above-mentioned scanning tools based on static source code security analysis have the following disadvantages when performing security vulnerability testing: (1) special personnel are required to operate, and scanning is very time-consuming; (2) the accuracy is not high

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Interactive application program security test method and system thereof
  • Interactive application program security test method and system thereof
  • Interactive application program security test method and system thereof

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0035] Embodiments of the present invention will now be described with reference to the drawings, in which like reference numerals represent like elements.

[0036] In order to better understand the present invention, first its working principle is described as follows:

[0037] Aspect-oriented programming technology enables security testing platform to embed security analysis when the program is running. Object-oriented languages ​​provide interfaces to enable aspect-oriented programming. For example, JVMTI (Java Virtual Machine Tool Interface) is a set of local programming interfaces provided by the Java virtual machine for JVM-related tools. Using JVMTI, developers can build an application-independent agent (Agent) to monitor and assist programs running on the JVM, and even replace and modify the definition of certain classes. With such a function, developers can implement more flexible runtime virtual machine monitoring and Java class operations. Based on this, the pres...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses an interactive application program security test method. The method comprises the following steps of: installing a test server side and deploying a target tested program; deploying a probe at the test server side; running the target test program and collecting analysis data through the probe; and sending the analysis data to the test server side by the probe and analyzing the analysis data by the test server side, thereby obtaining a loophole result. Compared with the prior art, the test method disclosed by the invention does not need special operations, and can be used for completing function test and loophole security test in a process of running the target tested program, so that the human input of the security test is decreased. Meanwhile, the method can be used for obtaining real data through the probe when the target tested program is operated, so that the test accuracy which is higher than that of traditional static source code analysis tools can be realized and the missing report rate can be reduced. The invention furthermore discloses an interactive application program security test system.

Description

technical field [0001] The present invention relates to the technical field of software safety testing, and more particularly to an interactive application program safety testing method and system thereof. Background technique [0002] In the process of software development, software security testing is a test to check whether the existing software security measures in the software are effective. It is an important means to ensure system security. It generally includes two aspects: security function testing and security vulnerability testing. [0003] Currently, analysis tools based on static source code security analysis technology are widely used for security vulnerability testing. Among them, the principle of static source code security analysis technology is as follows: first create a huge data DOM tree, and then scan the program code through lexical analysis, syntax analysis, control flow, data flow analysis and other technologies without running the code . Existing s...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F11/36
CPCG06F11/3688
Inventor 王颉包悦忠徐瑞祝曾张帆万振华
Owner SECZONE TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap