Security vulnerability detection method and device

A vulnerability detection and vulnerability technology, applied in the field of security vulnerability detection, can solve the problems of undetectable data file security, insecure data files, user information security threats, etc., to achieve the effect of improving security and practicability and reducing threats

Inactive Publication Date: 2017-10-10
TENCENT TECH (SHENZHEN) CO LTD
View PDF3 Cites 30 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] However, the security of data files generated during the running of iOS applications cannot be detected through the existing security audit framework, and in actual applications, iOS applications will generate unsafe data files during running, and these unsafe data files will constitute Threats to User Information Security

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Security vulnerability detection method and device
  • Security vulnerability detection method and device
  • Security vulnerability detection method and device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0048] Embodiments of the present invention provide a method and device for detecting security vulnerabilities, which are used to detect vulnerabilities in generated data files during the running of application programs, thereby greatly reducing the impact of insecure data files on user information security. The threats it poses improve the security and practicality of the solution.

[0049] The terms "first", "second", "third", "fourth", etc. (if any) in the description and claims of the present invention and the above drawings are used to distinguish similar objects, and not necessarily Used to describe a specific sequence or sequence. It is to be understood that the data so used are interchangeable under appropriate circumstances such that the embodiments of the invention described herein are, for example, capable of practice in sequences other than those illustrated or described herein. Furthermore, the terms "comprising" and "having", as well as any variations thereof, a...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The embodiment of the invention discloses a security vulnerability detection method. The method comprises the steps that a to-be-detected application program is determined; the to-be-detected application program is installed to a detection terminal connected with a server so that the detection terminal can run the to-be-detected application program; a data file generated in the running process of the to-be-detected application program is acquired; target key information is extracted from the data file of the application program; whether the target key information meets a preset vulnerability confirmation condition is judged; and if yes, the server determines that the to-be-detected application program has a security vulnerability. The embodiment of the invention furthermore provides the server. According to the embodiment, vulnerability detection can be performed on the generated data file in the running process of the application program, therefore, threat of unsecure data files on user information security is greatly lowered, and the security and practicability of the scheme are improved.

Description

technical field [0001] The invention relates to the field of application program testing, in particular to a method and device for detecting security loopholes. Background technique [0002] With the popularization of mobile Internet and smart phones, the security of mobile client applications is becoming more and more important. The operating system developed by Apple (full English name: iphone Operation System, English abbreviation: iOS) currently nearly occupies the domestic smart phone operating system. 30% of the share, generally speaking, the security of iOS applications is higher than that of Android applications, but many iOS users will use jailbreak tools to obtain the highest authority of the mobile phone, which will lead to a series of security problems. [0003] At present, the tools used by the industry to study iOS application vulnerability auditing are mainly the open source application program (English full name: Application, English abbreviation: APP) securi...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/56G06F21/57
CPCG06F21/562G06F21/566G06F21/577G06F2221/033
Inventor 伍惠宇林桠泉马传雷胡珀
Owner TENCENT TECH (SHENZHEN) CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap