Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Security test method and device, computer equipment and storage medium

A technology for security testing and computer programs, applied in the field of information security, can solve the problems of low security detection efficiency, inability to detect security, and inability to obtain APP traffic smoothly, and achieve the effect of improving security testing efficiency and reducing difficulty and complexity.

Active Publication Date: 2022-02-11
INDUSTRIAL AND COMMERCIAL BANK OF CHINA
View PDF7 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] However, with the continuous improvement of the security resistance capabilities of user terminals, more and more APPs have adopted security measures against intermediate agent detection tools (for example, user terminals usually directly use message encryption, secure tunnels, etc. to communicate with the server communication without forwarding traffic through an intermediate agent), the intermediate agent detection tool cannot successfully obtain the unencrypted APP traffic of the user terminal, and thus cannot perform security detection on the APP installed on the user terminal, resulting in low efficiency of security detection

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Security test method and device, computer equipment and storage medium
  • Security test method and device, computer equipment and storage medium
  • Security test method and device, computer equipment and storage medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0051] In order to make the purpose, technical solution and advantages of the present application clearer, the present application will be further described in detail below in conjunction with the accompanying drawings and embodiments. It should be understood that the specific embodiments described here are only used to explain the present application, and are not intended to limit the present application.

[0052] The security testing method provided by this application can be applied to such as figure 1 shown in the application environment. Wherein, the user terminal 10 communicates with the server 20 through the network. Wherein, the user terminal 10 can be but not limited to various personal computers, notebook computers, smart phones, tablet computers and portable wearable devices; multiple application programs 101 to be tested are installed in the user terminal 10, and in the user terminal 10 A virtual server program is also provided, and the virtual server program is ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to a security test method and device, computer equipment and a storage medium. The method relates to the technical field of information security, and comprises the following steps: generating a simulation network message according to an input parameter of a to-be-tested application program, and transmitting the simulation network message to a virtual server program in a user terminal; intercepting the analog network message in the process of transmitting the analog network message to the virtual server program; processing the analog network message, and performing a security test based on the processed analog network message. That is, in the embodiment of the invention, the simulation network environment can be established locally at the user terminal, the problem that the security test cannot be carried out due to the fact that the man-in-the-middle test module cannot acquire the input parameters due to direct interaction between the application program and the server can be avoided, and the simulation network message is generated through the simulation network environment; and the security test on the to-be-tested application program is realized by processing the simulation network message, so that the security test efficiency is improved.

Description

technical field [0001] The present application relates to the technical field of information security, in particular to a security testing method, device, computer equipment and storage medium. Background technique [0002] With the popularization of smart terminals, a large amount of mobile phone software (application, APP for short) emerges in the application market for downloading and using by user terminals. In order to ensure the security of the APP installed on the user terminal, before the APP is released, it is necessary to conduct a security inspection on the APP to identify vulnerabilities. [0003] In traditional technologies, security detection is usually performed through an intermediary agent. The intermediary agent method refers to hijacking the APP traffic of the user terminal through an intermediary agent detection tool, and analyzing the hijacked APP traffic to achieve security detection. [0004] However, with the continuous improvement of the security re...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L9/40
CPCH04L63/20
Inventor 牟天宇范鑫禹金驰吕博良
Owner INDUSTRIAL AND COMMERCIAL BANK OF CHINA
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com