Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Security testing method, apparatus, computer equipment and storage medium

A technology of security testing and computer programs, which is applied in the field of information security, can solve problems such as low security testing efficiency, inability to detect security, and inability to obtain APP traffic smoothly, so as to improve the efficiency of security testing and reduce difficulty and complexity.

Active Publication Date: 2022-08-09
INDUSTRIAL AND COMMERCIAL BANK OF CHINA
View PDF0 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] However, with the continuous improvement of the security resistance capabilities of user terminals, more and more APPs have adopted security measures against intermediate agent detection tools (for example, user terminals usually directly use message encryption, secure tunnels, etc. to communicate with the server communication without forwarding traffic through an intermediate agent), the intermediate agent detection tool cannot successfully obtain the unencrypted APP traffic of the user terminal, and thus cannot perform security detection on the APP installed on the user terminal, resulting in low efficiency of security detection

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Security testing method, apparatus, computer equipment and storage medium
  • Security testing method, apparatus, computer equipment and storage medium
  • Security testing method, apparatus, computer equipment and storage medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0051] In order to make the purpose, technical solutions and advantages of the present application more clearly understood, the present application will be described in further detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are only used to explain the present application, but not to limit the present application.

[0052] The safety testing method provided in this application can be applied to such as figure 1 in the application environment shown. The user terminal 10 communicates with the server 20 through the network. Wherein, the user terminal 10 can be, but is not limited to, various personal computers, notebook computers, smart phones, tablet computers and portable wearable devices; the user terminal 10 is installed with a plurality of application programs 101 to be tested, and in the user terminal 10 A virtual server program is also provided, and the virtual server progra...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The present application relates to a security testing method, apparatus, computer equipment and storage medium. The method relates to the technical field of information security, and the method includes: generating a simulated network message according to input parameters of an application to be tested, and transmitting the simulated network message to a virtual server program in a user terminal; In the process of transmission to the virtual server program, the simulated network message is intercepted; the simulated network message is processed, and a security test is performed based on the processed simulated network message. That is, in the embodiment of the present application, a simulated network environment can be established locally on the user terminal, which can avoid the problem that the application program directly interacts with the server, so that the man-in-the-middle test module cannot obtain the input parameters and thus cannot perform the security test. The network message is processed, and the security test of the application to be tested is realized by processing the simulated network message, so as to improve the security test efficiency.

Description

technical field [0001] The present application relates to the technical field of information security, and in particular, to a security testing method, apparatus, computer equipment and storage medium. Background technique [0002] With the popularization of intelligent terminals, a large number of mobile phone software (application, APP for short) have emerged in the application market for user terminals to download and use. In order to ensure the security of the APP installed on the user terminal, before the APP is released, the APP needs to be checked for security to identify vulnerabilities. [0003] In traditional technologies, security detection is usually performed by means of a man-in-the-middle agent, which means that the APP traffic of the user terminal is hijacked by an intermediary agent detection tool, and the hijacked APP traffic is analyzed to realize security detection. [0004] However, with the continuous improvement of the security confrontation ability o...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L9/40
CPCH04L63/20
Inventor 牟天宇范鑫禹金驰吕博良
Owner INDUSTRIAL AND COMMERCIAL BANK OF CHINA
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products