Method for detecting unauthorized access vulnerability of power mobile application

A mobile application and unauthorized access technology, which is applied to electrical components, electrical digital data processing, instruments, etc., can solve the problem that unauthorized access cannot be found

Active Publication Date: 2017-05-24
STATE GRID JIANGSU ELECTRIC POWER CO ELECTRIC POWER RES INST +1
View PDF6 Cites 17 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] In order to overcome the deficiencies in existing automated security testing tools and improve the security of mobile applications, the present invention proposes a method for detecting unauthorized access vulnerabilities in power mobile applications, which solves the problem that existing autom

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for detecting unauthorized access vulnerability of power mobile application
  • Method for detecting unauthorized access vulnerability of power mobile application
  • Method for detecting unauthorized access vulnerability of power mobile application

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0043] (1) Determine the different user types that exist in the mobile application, ensure the comprehensiveness of the user types, and obtain the number of users corresponding to each user type;

[0044] (2) Construct http requests of different users belonging to the same user type for the same operation, modify the http request of one of the users, and send the modified request to the server, and analyze the execution results to detect parallel unauthorized access vulnerabilities;

[0045] (3) Construct the http requests of different users belonging to different user types, and modify the http requests that users belonging to some user types can execute but other types of users cannot perform operations, send the modified request to the server, analyze the execution results and Detect unauthorized access vulnerabilities;

[0046] (4) Integrating the vulnerabilities detected in step (2) and step (3), complete the detection of unauthorized access vulnerabilities in power mobil...

Embodiment 2

[0068] The present invention will be further described below in conjunction with the accompanying drawings and the specific mobile application of "handheld vehicle management (abbreviation: handheld vehicle management)". The following examples are only used to illustrate the technical solution of the present invention more clearly, but not to limit the protection scope of the present invention.

[0069] refer to figure 1 As shown, a method for detecting unauthorized access vulnerabilities of power mobile applications in the present invention includes four steps of determining the user type of the mobile application, parallel unauthorized access vulnerability detection, unauthorized access vulnerability detection, and summarizing test results.

[0070] Determining the different types of users that exist in a mobile application includes the following steps:

[0071] (1a) According to the actual business of the mobile application, determine the user type that exists in the mobil...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a method for detecting an unauthorized access vulnerability of a power mobile application. The method comprises the steps of obtaining and storing all the user types of the mobile application and the user number corresponding to each user type; constructing http requests aiming at the same operation of different users in the same user type, modifying the http request of one user, sending the modified request to a server-side and analyzing an execution result to detect parallel unauthorized access vulnerabilities; constructing http requests of different users in different user types, modifying the http requests which can be executed by users in certain user types, but cannot be executed by users in other types, sending the modified requests to the server-side, and analyzing the execution results to detect the unauthorized access vulnerabilities; and comprehensively detecting the discovered vulnerabilities and finishing the unauthorized access vulnerability detection. The method for detecting the unauthorized access vulnerability of the power mobile application is used for performing safety assessment on the mobile application in an integrated testing stage and provides support for reducing the safety risk of the mobile application and improving the safety of the mobile application.

Description

technical field [0001] The invention belongs to the technical field, and in particular relates to a method for detecting an unauthorized access vulnerability of an electric power mobile application. Background technique [0002] In recent years, under the background of the rapid development of Internet information technologies such as the Internet of Things and cloud computing, power mobile applications have entered a stage of comprehensive construction. At present, in various fields such as power marketing, on-site operations, data collection, and mobile office, mobile applications are being constructed and promoted to reduce operating costs and improve work efficiency. [0003] With the rapid development of mobile applications, its information security issues have also received more and more attention. If the security vulnerabilities generated in the process of requirements, design, and development of mobile applications are not found and rectified during the integration t...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06H04L29/08G06F21/57
CPCH04L63/10H04L63/1433G06F21/577H04L67/60
Inventor 姜海涛周超朱道华王黎明王梓莹黄伟郭静陈锦铭郭雅娟李岩王小波李斌
Owner STATE GRID JIANGSU ELECTRIC POWER CO ELECTRIC POWER RES INST
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap