Software security testing method, device, equipment and medium

Abstract

This application discloses a software security testing method, apparatus, device, and medium. The method includes: acquiring a constraint model and an adversarial model corresponding to the security testing of the software under test, wherein the constraint model is used to determine the constraints between the inputs and outputs of the software under test, and the adversarial model is used to simulate the malicious attack behavior of an attacker; generating test cases based on the constraint model and the adversarial model; and executing the test cases using the software under test to obtain security test results.

Description

Technical Field

[0001] This application relates to the field of software engineering, specifically to a software security testing method, apparatus, device, and medium. Background Technology

[0002] With the rapid development of information technology, software has been widely used in various fields. However, this has also brought about increasingly prominent issues related to software security. Malicious attackers constantly seek vulnerabilities and weaknesses in software systems, attempting to gain illegal profits or disrupt the normal operation of the system. Therefore, ensuring the security of software systems has become a crucial task.

[0003] Existing software security testing methods primarily employ dynamic testing. This method detects security issues by simulating real-world operating environments and attack scenarios.

[0004] Existing dynamic testing methods rely on test cases generated by testers based on their experience, making it difficult to cover all possible attack scenarios and resulting in incomplete software security testing. Summary of the Invention

[0005] This application provides a software security testing method, apparatus, device, and medium to address the problem of vulnerability detection in existing software security testing processes.

[0006] In a first aspect, embodiments of this application provide a software security testing method, the method comprising:

[0007] Obtain the constraint model and adversarial model corresponding to the security test of the software under test, wherein the constraint model is used to determine the constraints between the input and output of the software under test, and the adversarial model is used to simulate the malicious attack behavior of the attacker;

[0008] Based on the constraint model and the adversarial model, test cases are generated;

[0009] The test cases are executed using the software under test to obtain security test results.

[0010] Secondly, embodiments of this application provide a software security testing apparatus, the apparatus comprising:

[0011] The constraint and adversarial model acquisition module is used to acquire the constraint model and adversarial model corresponding to the security test of the software under test. The constraint model is used to determine the constraint conditions between the input and output of the software under test, and the adversarial model is used to simulate the malicious attack behavior of the attacker.

[0012] The test case generation module is used to generate test cases based on the constraint model and the adversarial model.

[0013] The testing module is used to execute the test cases using the software under test and obtain security test results.

[0014] Thirdly, embodiments of this application provide an electronic device, including: one or more processors; and a storage device having one or more programs stored thereon, wherein when the one or more programs are executed by the one or more processors, the one or more processors implement the method as described in any embodiment of the first aspect.

[0015] Fourthly, embodiments of this application provide a computer-readable medium having a computer program stored thereon that, when executed by a processor, implements the method as described in any embodiment of the first aspect.

[0016] The software security testing method, apparatus, device, and medium provided in this application can generate test cases based on constraint models and adversarial models. This makes the test cases more comprehensive and avoids the problem of test cases being generated by testers based on their testing experience, which often fails to cover all possible attack scenarios, leading to incomplete testing and vulnerabilities. The constraint model can perform constraint analysis on the software under test and extract key test constraints, while the adversarial model can simulate malicious attack behaviors. Therefore, the technical solution provided in this application can comprehensively test the security of the software under test, and the efficiency of generating test cases through the constraint model and adversarial model is higher, thereby improving the efficiency of software security testing. Attached Figure Description

[0017] Other features, objects, and advantages of this application will become more apparent from the following detailed description of non-limiting embodiments with reference to the accompanying drawings:

[0018] Figure 1 This is a flowchart of an embodiment of the software security testing method of this application;

[0019] Figure 2 yes Figure 1 The flowchart shown is a modeling method for the constraint model in the software security testing method of this application;

[0020] Figure 3 yes Figure 1 The flowchart shown is a modeling method for the adversarial model in the software security testing method of this application;

[0021] Figure 4 This is a flowchart of an embodiment of the software security testing method of this application;

[0022] Figure 5 This is a flowchart of an embodiment of the software security testing method of this application;

[0023] Figure 6 This is a schematic diagram of the structure of one embodiment of the software security testing apparatus of this application;

[0024] Figure 7 This is a schematic diagram of the structure of an electronic device used to implement the embodiments of this application. Detailed Implementation

[0025] All actions involving the acquisition of signals, information, or data in this application are carried out in accordance with the relevant data protection laws and policies of the country where the application is located, and with the authorization of the owner of the relevant device.

[0026] The present application will now be described in further detail with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the invention and not intended to limit it. Furthermore, it should be noted that, for ease of description, only the parts relevant to the invention are shown in the accompanying drawings.

[0027] It should be noted that, unless otherwise specified, the embodiments and features described in this application can be combined with each other. This application will now be described in detail with reference to the accompanying drawings and embodiments.

[0028] Please refer to Figure 1 This document illustrates a flowchart 100 of an embodiment of the software security testing method according to this application. This software security testing method can be applied to various electronic devices with data processing capabilities. For example, the aforementioned electronic devices may include, but are not limited to, cloud servers, physical servers, etc. The executing entity of this software security testing method may be a processor in the aforementioned electronic device.

[0029] like Figure 1 As shown, the software security testing method includes the following steps:

[0030] Step 101: Obtain the constraint model and adversarial model corresponding to the security test of the software under test. The constraint model is used to determine the constraints between the input and output of the software under test, and the adversarial model is used to simulate the malicious attack behavior of the attacker.

[0031] In this embodiment, the constraints between the inputs and outputs of the software under test can include mathematical constraints and logical constraints. Specifically, mathematical modeling methods can be used to formally describe the inputs, outputs, and relationships between them of the software under test. For example, formal tools such as mathematical equations and logical expressions can be used to represent the constraints. Simultaneously, constraint information can also be extracted by analyzing existing test cases and sample data.

[0032] For example, such as Figure 2 As shown, the modeling methods for constraint models can include:

[0033] Step 201: Obtain the security feature information of the software to be tested.

[0034] In this embodiment, step 201 can obtain security feature information using statistical methods, such as variance selection, chi-square test, and mutual information.

[0035] For example, the security characteristics of network communication software may include, but are not limited to:

[0036] Packet-level features: Features can be extracted from captured network traffic packets, such as packet length: the number of bytes in each packet, which may be related to data transmission volume, security threats, etc.

[0037] Protocol type: Common protocols include TCP, UDP, HTTP, HTTPS, DNS, etc. Different protocols have different characteristics and security risks.

[0038] Data packet time interval: The time difference between consecutive packets, which can be used to analyze traffic patterns or detect abnormal behavior.

[0039] Source / destination IP address and port number: can help identify specific communication endpoints or attack sources.

[0040] Flags in data packets, such as TCP flags (SYN, ACK, etc.), can be used to analyze the connection status and control information of the data flow.

[0041] Traffic characteristics:

[0042] 1. Traffic volume: The amount of data transmitted, such as bytes per second, can reflect the density of traffic.

[0043] 2. Connection duration and number of connections: These are session-related features that can help analyze connection stability and identify any abnormal connection patterns.

[0044] 3. Flow direction: Whether the flow is unidirectional or bidirectional may be helpful for security assessment, especially the ratio of inbound to outbound flow.

[0045] 4. Application layer characteristics:

[0046] 4.1 URL and Domain Requests: For Web communication software, access patterns can be analyzed by extracting the requested URL or the accessed domain.

[0047] 4.2 HTTP header information: such as User-Agent, Host, etc., can be used to analyze user behavior patterns.

[0048] 4.3 SSL / TLS Certificate Information: This allows analysis of the encryption strength and certificate validity used in communication.

[0049] It should be noted that the security features may vary depending on the type of software being tested, and each case will not be described in detail here.

[0050] Optionally, in this embodiment, step 201 may also preprocess the security feature information, including: cleaning out data packets with outliers and processing missing security feature information, so as to ensure the accuracy and reliability of the input data.

[0051] Step 202: Determine the constraints corresponding to the security feature information.

[0052] For example, when the security feature information is the data packet length, the constraint can be that the data packet length should be within a certain range; or when the security feature information is the protocol type, the constraint can be that the protocol type must comply with the prescribed standards, etc., which will not be elaborated here.

[0053] It should be noted that, in order to make the constraint model more accurate and reliable, step 202 should exhaustively list the constraint conditions as much as possible.

[0054] Step 203: Train the mathematical model of Support Vector Machines (SVM) using the first dataset to obtain the constrained model. The first dataset contains data with security features and that meets the constraints.

[0055] Optionally, after step 203, the following may also be included:

[0056] Step 204: Evaluate the constraint model using cross-validation and obtain the constraint model evaluation results.

[0057] In this embodiment, the cross-validation method is only a specific example. In actual use, step 204 can also evaluate the constraint model using other algorithms. Each case will not be described in detail here.

[0058] Step 205: Optimize the constraint model based on the evaluation results of the constraint model.

[0059] For example, the kernel function parameters of SVM can be optimized, but each case will not be elaborated here.

[0060] Steps 204 and 205 above can ensure the accuracy and performance of the constraint model in describing constraint conditions.

[0061] In this embodiment, the construction process of the adversarial model needs to take into account different types of attack scenarios and threat patterns. Appropriate adversarial model structures can be selected to address different security testing needs. Furthermore, existing security vulnerability analysis techniques and tools can be leveraged to improve the efficiency and accuracy of adversarial model construction.

[0062] For example, such as Figure 3 As shown, the modeling methods for adversarial models can include:

[0063] Step 301: Determine the attack scenario and attack target of the software to be tested.

[0064] For example, information theft, denial of service, etc. Step 301 needs to consider various real-world attack scenarios to ensure comprehensive testing of the software under test.

[0065] Step 302: Train the Generative Adversarial Network (GAN) using the second dataset to obtain the adversarial model. The data in the second dataset is obtained based on the attack scenario and the attack target.

[0066] Optionally, after step 302, the following may also be included:

[0067] Step 303: Generate an attack strategy with target constraints, where the target constraints are one of the constraints.

[0068] Step 304: Evaluate the adversarial model using an attack strategy and obtain the adversarial model evaluation results;

[0069] Step 305: Optimize the adversarial model based on the evaluation results.

[0070] For example, adjusting the generator and discriminator structures of GANs; each case will not be elaborated on here.

[0071] Steps 303-305 above can be used to evaluate the trained adversarial model, ensuring its accuracy and performance in simulating attack behavior. Based on the evaluation results, the model is then optimized.

[0072] Step 102: Generate test cases based on the constraint model and the adversarial model.

[0073] In this embodiment, step 102 may specifically include:

[0074] Input constraint parsing: Using the constraint model, constraints are transformed into specific data ranges and formats.

[0075] Adversarial model guidance: Using adversarial models, the behavior of attackers is simulated to guide the generation of challenging test cases.

[0076] Test Case Generation: Based on the processing in the first two steps, test cases are generated. These test cases will include normal data that meets the constraints and malicious data that violates the constraints.

[0077] Step 103: Execute test cases using the software under test and obtain security test results.

[0078] In this embodiment, step 103 may specifically include:

[0079] Test Case Execution: The generated test cases are input into the software under test to simulate the actual operating environment and trigger the system's response to security vulnerabilities. Simultaneously, input and output information during the test is recorded, including the response time and resource utilization of the software under test. This step comprehensively evaluates the performance of the software under test under different test scenarios.

[0080] Results Collection and Analysis: Collect data generated during test execution, including the responses of the software under test and potential error messages. In-depth analysis of this data can identify potential security vulnerabilities and assess the system's security performance. It can also uncover possible abnormal behaviors and error patterns, providing a reference for subsequent security optimization.

[0081] The software security testing method provided in this application can generate test cases based on constraint models and adversarial models, making the test cases more comprehensive. This avoids the problem of test cases being generated by testers based on their testing experience, which often fails to cover all possible attack scenarios, leading to incomplete testing and vulnerabilities. The constraint model can perform constraint analysis on the software under test and extract key test constraints, while the adversarial model can simulate malicious attack behaviors. Therefore, the technical solution provided in this application can comprehensively test the security of the software under test, and the efficiency of generating test cases through the constraint model and adversarial model is higher, thereby improving the efficiency of software security testing.

[0082] Please refer to Figure 4This document illustrates a flow 100 of another embodiment of the software security testing method according to this application. This software security testing method can be applied to various electronic devices with data processing capabilities. For example, the aforementioned electronic devices may include, but are not limited to, cloud servers, physical servers, etc. The executing entity of this software security testing method may be a processor in the aforementioned electronic device.

[0083] like Figure 4 As shown, this software security testing method is similar to... Figure 1 The two are basically the same, except that the following are also included:

[0084] Step 104: Monitor the running status of the test cases executed by the software under test in real time and obtain the real-time monitoring results.

[0085] Step 105: If the real-time monitoring results are abnormal or incorrect, send an alarm message.

[0086] It should be noted that this embodiment is only described with the example that steps 104 and 105 occur after step 103. In actual use, steps 104 and 105 may also occur in other locations, which will not be elaborated here.

[0087] The software security testing method provided in this embodiment achieves [the desired outcome]. Figure 1 Based on the beneficial effects of the technical solution shown, it is possible to monitor the running status of the test cases executed by the software under test in real time, and send alarm signals in the event of abnormalities or errors, thereby notifying the system administrator and security team to take corresponding measures to fix the discovered security vulnerabilities and adjust the testing strategy.

[0088] Please refer to Figure 5 This document illustrates a flow 100 of another embodiment of the software security testing method according to this application. This software security testing method can be applied to various electronic devices with data processing capabilities. For example, the aforementioned electronic devices may include, but are not limited to, cloud servers, physical servers, etc. The executing entity of this software security testing method may be a processor in the aforementioned electronic device.

[0089] like Figure 5 As shown, this software security testing method is similar to... Figure 1 The two are basically the same, except that the following are also included:

[0090] Step 106: Obtain the execution result data of the test cases executed by the software under test.

[0091] Step 107: Optimize the constraint model and / or adversarial model based on the execution result data.

[0092] It should be noted that this embodiment is only described with the example that steps 106 and 107 occur after step 103. In actual use, steps 106 and 107 may also occur in other locations, which will not be elaborated here.

[0093] The software security testing method provided in this embodiment achieves [the desired outcome]. Figure 1 Based on the beneficial effects of the technical solution shown, the constraint model and / or adversarial model can be optimized according to the execution result data of the test cases executed by the software under test, thereby further ensuring the comprehensiveness and accuracy of software security testing.

[0094] Please refer to Figure 6 As an implementation of the methods shown in the figures, this application provides an embodiment of a software security testing device, which corresponds to the methods shown in the above embodiments, and can be specifically applied to various electronic devices.

[0095] like Figure 6 As shown, the software security testing apparatus 600 of this embodiment includes:

[0096] The constraint and adversarial model acquisition module 601 is used to acquire the constraint model and adversarial model corresponding to the security test of the software under test. The constraint model is used to determine the constraint conditions between the input and output of the software under test, and the adversarial model is used to simulate the malicious attack behavior of the attacker.

[0097] In this embodiment, the constraints between the inputs and outputs of the software under test can include mathematical constraints and logical constraints. Specifically, mathematical modeling methods can be used to formally describe the inputs, outputs, and relationships between them of the software under test. For example, formal tools such as mathematical equations and logical expressions can be used to represent the constraints. Simultaneously, constraint information can also be extracted by analyzing existing test cases and sample data.

[0098] In this embodiment, the construction process of the adversarial model needs to take into account different types of attack scenarios and threat patterns. Appropriate adversarial model structures can be selected to address different security testing needs. Furthermore, existing security vulnerability analysis techniques and tools can be leveraged to improve the efficiency and accuracy of adversarial model construction.

[0099] The test case generation module 602 is used to generate test cases based on the constraint model and the adversarial model.

[0100] In this embodiment, the test case generation module 602 can be implemented through the following steps:

[0101] Input constraint parsing: Using the constraint model, constraints are transformed into specific data ranges and formats.

[0102] Adversarial model guidance: Using adversarial models, the behavior of attackers is simulated to guide the generation of challenging test cases.

[0103] Test Case Generation: Based on the processing in the first two steps, test cases are generated. These test cases will include normal data that meets the constraints and malicious data that violates the constraints.

[0104] The test module 603 is used to execute the test cases using the software under test and obtain security test results.

[0105] In this embodiment, the test module 603 can be implemented through the following steps:

[0106] Test Case Execution: The generated test cases are input into the software under test to simulate the actual operating environment and trigger the system's response to security vulnerabilities. Simultaneously, input and output information during the test is recorded, including the response time and resource utilization of the software under test. This step comprehensively evaluates the performance of the software under test under different test scenarios.

[0107] Results Collection and Analysis: Collect data generated during test execution, including the responses of the software under test and potential error messages. In-depth analysis of this data can identify potential security vulnerabilities and assess the system's security performance. It can also uncover possible abnormal behaviors and error patterns, providing a reference for subsequent security optimization.

[0108] Optionally, the software security testing apparatus 600 of this embodiment may further include:

[0109] The constraint modeling module is used to acquire security feature information of the software under test; determine the constraint conditions corresponding to the security feature information; and train the mathematical model of the support vector machine (SVM) using a first dataset to obtain the constraint model, wherein the first dataset contains data that has the security feature information and meets the constraint conditions.

[0110] In this embodiment, the constraint modeling module can obtain security feature information through statistical methods, such as variance selection, chi-square test, and mutual information.

[0111] For example, the security characteristics of network communication software may include, but are not limited to:

[0112] Packet-level features: Features can be extracted from captured network traffic packets, such as packet length: the number of bytes in each packet, which may be related to data transmission volume, security threats, etc.

[0113] Protocol type: Common protocols include TCP, UDP, HTTP, HTTPS, DNS, etc. Different protocols have different characteristics and security risks.

[0114] Data packet time interval: The time difference between consecutive packets, which can be used to analyze traffic patterns or detect abnormal behavior.

[0115] Source / destination IP address and port number: can help identify specific communication endpoints or attack sources.

[0116] Flags in data packets, such as TCP flags (SYN, ACK, etc.), can be used to analyze the connection status and control information of the data flow.

[0117] Traffic characteristics:

[0118] 1. Traffic volume: The amount of data transmitted, such as bytes per second, can reflect the density of traffic.

[0119] 2. Connection duration and number of connections: These are session-related features that can help analyze connection stability and identify any abnormal connection patterns.

[0120] 3. Flow direction: Whether the flow is unidirectional or bidirectional may be helpful for security assessment, especially the ratio of inbound to outbound flow.

[0121] 4. Application layer characteristics:

[0122] 4.1 URL and Domain Requests: For Web communication software, access patterns can be analyzed by extracting the requested URL or the accessed domain.

[0123] 4.2 HTTP header information: such as User-Agent, Host, etc., can be used to analyze user behavior patterns.

[0124] 4.3 SSL / TLS Certificate Information: This allows analysis of the encryption strength and certificate validity used in communication.

[0125] It should be noted that the security features may vary depending on the type of software being tested, and each case will not be described in detail here.

[0126] Optionally, the constraint modeling module is further configured to evaluate the constraint model using cross-validation to obtain constraint model evaluation results; and optimize the constraint model based on the constraint model evaluation results.

[0127] In this embodiment, the cross-validation method is only a specific example. In actual use, the constraint modeling module can also evaluate the constraint model using other algorithms. Each case will not be described in detail here.

[0128] Optionally, the software security testing apparatus 600 of this embodiment may further include:

[0129] The adversarial model modeling module is used to determine the attack scenario and attack target of the software under test; and to train the generative adversarial network (GAN) using a second dataset to obtain an adversarial model, wherein the data contained in the second dataset is obtained based on the attack scenario and the attack target.

[0130] Optionally, the adversarial model modeling module is further configured to generate an attack strategy for target constraints, wherein the target constraints are one of the constraints; evaluate the adversarial model using the attack strategy to obtain an adversarial model evaluation result; and optimize the adversarial model based on the adversarial model evaluation result.

[0131] Optionally, the software security testing apparatus 600 of this embodiment may further include:

[0132] The real-time monitoring module is used to monitor the running status of the software under test executing the test cases in real time, obtain real-time monitoring results, and send alarm information if the real-time monitoring results are abnormal or erroneous.

[0133] Optionally, the software security testing apparatus 600 of this embodiment may further include:

[0134] An optimization module is used to obtain the execution result data of the test cases executed by the software under test; and to optimize the constraint model and / or the adversarial model based on the execution result data.

[0135] The specific implementation method of the software security testing device provided in this application embodiment can be found in the software security testing method provided in the above embodiments, and will not be repeated here.

[0136] The software security testing apparatus provided in this application can generate test cases based on constraint models and adversarial models, making the test cases more comprehensive. This avoids the problem of test cases being generated by testers based on their testing experience, which often fails to cover all possible attack scenarios, leading to incomplete testing and vulnerabilities. The constraint model can perform constraint analysis on the software under test and extract key test constraints, while the adversarial model can simulate malicious attack behaviors. Therefore, the technical solution provided in this application can comprehensively test the security of the software under test, and the efficiency of generating test cases through the constraint model and adversarial model is higher, thereby improving the efficiency of software security testing.

[0137] The following is for reference. Figure 7 It shows a schematic diagram of the structure of an electronic device used to implement some embodiments of this application. Figure 7 The electronic device shown is merely an example and should not be construed as limiting the functionality and scope of the embodiments of this application.

[0138] like Figure 7 As shown, the electronic device 700 may include a processing unit (e.g., a central processing unit, a graphics processor, etc.) 701, which can perform various appropriate actions and processes according to a program stored in a read-only memory (ROM) 702 or a program loaded from a storage device 708 into a random access memory (RAM) 703. The RAM 703 also stores various programs and data required for the operation of the electronic device 700. The processing unit 701, ROM 702, and RAM 703 are interconnected via a bus 704. An input / output (I / O) interface 705 is also connected to the bus 704.

[0139] Typically, the following devices can be connected to I / O interface 705: input devices 706 including, for example, touchscreens, touchpads, keyboards, mice, cameras, microphones, accelerometers, gyroscopes, etc.; output devices 707 including, for example, liquid crystal displays (LCDs), speakers, vibrators, etc.; storage devices 708 including, for example, disks, hard disks, etc.; and communication devices 709. Communication device 709 allows electronic device 700 to communicate wirelessly or wiredly with other devices to exchange data. Although Figure 7 An electronic device 700 with various devices is shown; however, it should be understood that it is not required to implement or possess all of the devices shown. More or fewer devices may be implemented or possessed alternatively. Figure 4 Each box shown can represent a device or multiple devices as needed.

[0140] In particular, according to some embodiments of this application, the processes described above with reference to the flowcharts can be implemented as computer software programs. For example, some embodiments of this application include a computer program product comprising a computer program carried on a computer-readable medium, the computer program containing program code for performing the methods shown in the flowcharts. In such embodiments, the computer program can be downloaded and installed from a network via communication device 709, or installed from storage device 708, or installed from ROM 702. When the computer program is executed by processing device 701, it performs the functions defined above in the methods of some embodiments of this application.

[0141] It should be noted that the computer-readable medium described in some embodiments of this application may be a computer-readable signal medium or a computer-readable storage medium, or any combination thereof. A computer-readable storage medium may be, for example,—but not limited to—an electrical, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination thereof. More specific examples of a computer-readable storage medium may include, but are not limited to: an electrical connection having one or more wires, a portable computer disk, a hard disk, random access memory (RAM), read-only memory (ROM), erasable programmable read-only memory (EPROM or flash memory), optical fiber, portable compact disk read-only memory (CD-ROM), optical storage device, magnetic storage device, or any suitable combination thereof. In some embodiments of this application, a computer-readable storage medium may be any tangible medium containing or storing a program that can be used by or in conjunction with an instruction execution system, apparatus, or device. In some embodiments of this application, a computer-readable signal medium may include a data signal propagated in baseband or as part of a carrier wave, carrying computer-readable program code. Such propagated data signals may take various forms, including but not limited to electromagnetic signals, optical signals, or any suitable combination thereof. A computer-readable signal medium can be any computer-readable medium other than a computer-readable storage medium, which can send, propagate, or transmit a program for use by or in connection with an instruction execution system, apparatus, or device. The program code contained on the computer-readable medium can be transmitted using any suitable medium, including but not limited to: wires, optical fibers, RF (radio frequency), etc., or any suitable combination thereof.

[0142] In some implementations, clients and servers can communicate using any currently known or future-developed network protocol, such as HTTP (Hypertext Transfer Protocol), and can interconnect with digital data communication (e.g., communication networks) of any form or medium. Examples of communication networks include local area networks (“LANs”), wide area networks (“WANs”), the Internet (e.g., the Internet of Things), and peer-to-peer networks (e.g., ad hoc peer-to-peer networks), as well as any currently known or future-developed networks.

[0143] The aforementioned computer-readable medium may be included in the aforementioned electronic device; or it may exist independently and not assembled into the electronic device. The aforementioned computer-readable medium carries one or more programs, which, when executed by the electronic device, cause the electronic device to: acquire a constraint model and an adversarial model corresponding to a security test of the software under test, wherein the constraint model is used to determine the constraints between the inputs and outputs of the software under test, and the adversarial model is used to simulate malicious attack behavior of an attacker; generate test cases based on the constraint model and the adversarial model; and execute the test cases using the software under test to obtain security test results.

[0144] Computer program code for performing operations of some embodiments of this application can be written in one or more programming languages ​​or a combination thereof, including object-oriented programming languages ​​such as Java, Smalltalk, and C++; and conventional procedural programming languages ​​such as the "C" language or similar programming languages. The program code can be executed entirely on the user's computer, partially on the user's computer, as a standalone software package, partially on the user's computer and partially on a remote computer, or entirely on a remote computer or server. In cases involving remote computers, the remote computer can be connected to the user's computer via any type of network, or it can be connected to an external computer (e.g., via the Internet using an Internet service provider), including local area networks (LANs) or wide area networks (WANs).

[0145] The flowcharts and block diagrams in the accompanying drawings illustrate the architecture, functionality, and operation of possible implementations of systems, methods, and computer program products according to various embodiments of this application. In this regard, each block in a flowchart or block diagram may represent a module, segment, or portion of code containing one or more executable instructions for implementing a specified logical function. It should also be noted that in some alternative implementations, the functions indicated in the blocks may occur in a different order than those indicated in the drawings. For example, two consecutively indicated blocks may actually be executed substantially in parallel, and they may sometimes be executed in reverse order, depending on the functions involved. It should also be noted that each block in the block diagrams and / or flowcharts, and combinations of blocks in the block diagrams and / or flowcharts, can be implemented using a dedicated hardware-based system that performs the specified function or operation, or using a combination of dedicated hardware and computer instructions.

[0146] The units described in some embodiments of this application can be implemented in software or hardware. The described units can also be housed in a processor; for example, a processor may be described as including a first determining unit, a second determining unit, a selecting unit, and a third determining unit. The names of these units do not necessarily limit the specific unit itself.

[0147] The functions described above in this document can be performed, at least in part, by one or more hardware logic components. For example, exemplary types of hardware logic components that can be used, without limitation, include: Field Programmable Gate Arrays (FPGAs), Application-Specific Integrated Circuits (ASICs), Application Standard Products (ASSPs), System-on-Chip (SoCs), Complex Programmable Logic Devices (CPLDs), and so on.

[0148] The above description is merely a selection of preferred embodiments of this application and an explanation of the technical principles employed. Those skilled in the art should understand that the scope of the invention involved in the embodiments of this application is not limited to technical solutions formed by specific combinations of the above-described technical features, but should also cover other technical solutions formed by arbitrary combinations of the above-described technical features or their equivalents without departing from the above-described inventive concept. For example, technical solutions formed by substituting the above-described features with (but not limited to) technical features with similar functions disclosed in the embodiments of this application.

Claims

1. A software security testing method characterized by comprising: The method includes: Obtain the constraint model and adversarial model corresponding to the security test of the software under test, wherein the constraint model is used to determine the constraints between the input and output of the software under test, and the adversarial model is used to simulate the malicious attack behavior of the attacker; Based on the constraint model and the adversarial model, test cases are generated; The test cases are executed using the software under test to obtain security test results; The modeling method for the constraint model includes: Obtain the security characteristics information of the software under test; Determine the constraints corresponding to the security feature information; The mathematical model of the support vector machine (SVM) is trained using the first dataset to obtain a constrained model, wherein the data in the first dataset contains data that has the security feature information and meets the constraint conditions. The modeling method for the adversarial model includes: Determine the attack scenarios and targets of the software under test; The Generative Adversarial Network (GAN) is trained using the second dataset to obtain an adversarial model, wherein the data in the second dataset is obtained based on the attack scenario and the attack target.

2. The method of claim 1, wherein, After training the mathematical model of the Support Vector Machine (SVM) using the first dataset to obtain the constrained model, the process further includes: The constraint model is evaluated using cross-validation to obtain the constraint model evaluation results. Based on the evaluation results of the constraint model, the constraint model is optimized.

3. The method of claim 1, wherein, After training the Generative Adversarial Network (GAN) using the second dataset to obtain the adversarial model, the process further includes: An attack strategy that generates target constraints, wherein the target constraints are one of the constraints; The attack strategy is used to evaluate the adversarial model, and the evaluation result of the adversarial model is obtained; Based on the evaluation results of the adversarial model, the adversarial model is optimized.

4. The method of claim 1, wherein, The method further includes: The running status of the test cases executed by the software under test is monitored in real time, and the real-time monitoring results are obtained. If the real-time monitoring results are abnormal or erroneous, an alarm message will be sent.

5. The method of claim 1, wherein, The method includes: Obtain the execution result data of the test cases executed by the software under test; Based on the execution result data, the constraint model and / or the adversarial model are optimized.

6. A software security testing device, characterized in that, The device includes: The constraint and adversarial model acquisition module is used to acquire the constraint model and adversarial model corresponding to the security test of the software under test. The constraint model is used to determine the constraint conditions between the input and output of the software under test, and the adversarial model is used to simulate the malicious attack behavior of the attacker. The test case generation module is used to generate test cases based on the constraint model and the adversarial model. The testing module is used to execute the test cases using the software under test and obtain security test results; The constraint modeling module is used to acquire the security feature information of the software under test; determine the constraint conditions corresponding to the security feature information; and train the mathematical model of the support vector machine (SVM) using a first dataset to obtain the constraint model, wherein the first dataset contains data that has the security feature information and meets the constraint conditions. The adversarial model modeling module is used to determine the attack scenario and attack target of the software under test; and to train the generative adversarial network (GAN) using a second dataset to obtain an adversarial model, wherein the data contained in the second dataset is obtained based on the attack scenario and the attack target.

7. An electronic device, comprising: include: One or more processors; Storage device, on which one or more programs are stored, When the one or more programs are executed by the one or more processors, the one or more processors implement the method as described in any one of claims 1-5.

8. A computer readable medium having stored thereon a computer program, characterized in that, When the program is executed by the processor, it implements the method as described in any one of claims 1-5.

Images