CN104933368B - A kind of detection method and device of cyberspace vulnerability - Google Patents
A kind of detection method and device of cyberspace vulnerability Download PDFInfo
- Publication number
- CN104933368B CN104933368B CN201410108152.3A CN201410108152A CN104933368B CN 104933368 B CN104933368 B CN 104933368B CN 201410108152 A CN201410108152 A CN 201410108152A CN 104933368 B CN104933368 B CN 104933368B
- Authority
- CN
- China
- Prior art keywords
- code
- application program
- bug
- source
- source code
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Landscapes
- Debugging And Monitoring (AREA)
- Stored Programmes (AREA)
Abstract
The present invention is suitable for network technique field, provides a kind of detection method and device of cyberspace vulnerability, including:Application program installation kit is parsed, obtains the source code of the application program;According to the line number for the bug code being pre-stored in bug code storehouse, the source code of the application program and every section of pre-stored bug code are compared one by one, the bug code includes meeting the code of default loophole rule;Judged to whether there is and any matched code segment of bug code in the source code of the application program according to comparison result;If exist and any matched code segment of bug code in the source code of the application program, it is determined that there are cyberspace vulnerabilities for the application program.In the present invention, in the entire detection process for being automatically completed the cyberspace vulnerability detection to application program from the background, without additional artificially configuration detection environment or Monitor detection data again, the detection efficiency that cyberspace vulnerability detects is greatly increased.
Description
Technical field
The invention belongs to network technique field more particularly to a kind of detection method and device of cyberspace vulnerability.
Background technology
With the rapid development of mobile Internet, the application program run on Mobile operating system be almost required for
Different degrees of network communication is carried out between server, and the related data of network communication may relate to privacy of user, because
This, for userspersonal information it is safe the considerations of, it will usually used in the related applications such as transaction payment, instant messaging
Safer Hyper text transfer security protocol(Hyper Text Transfer Protocol Secure, HTTPS), to protect
The private data of barrier user is not intercepted and captured illegally.
HTTPS is Hypertext Transport Protocol(Hyper Text Transfer Protocol, HTTP)With Secure Socket Layer/
Transport Layer Security(Secure Sockets Layer/Transport Layer Security, SSL/TLS)Combination, carry
Identification for coded communication and to server identity judges the service with application program progress network communication by digital certificate
Whether device is credible.However, during actual development, since developer is lack of standardization to the use of correlation system interface, Hen Duoshi
The detection that the digital certificate validity provided server is provided is waited, there are network security leakages so as to cause in application program
The leakage of privacy of user data during HTTPS coded communications has been triggered in hole.
At present, can only be carried out for the detection of HTTPS security breaches in application program by way of manual audit, and
It has to additionally establish network packet capturing environment, monitors the intercepting and capturing situation of network packet by setting agency, cause to detect
Journey inefficiency.
The content of the invention
The embodiment of the present invention is designed to provide a kind of detection method of cyberspace vulnerability, solves current network peace
The problem of leak detection method detection efficiency is low entirely.
The embodiment of the present invention is achieved in that a kind of detection method of cyberspace vulnerability, including:
Application program installation kit is parsed, obtains the source code of the application program;
According to the line number for the bug code being pre-stored in bug code storehouse, by the source code of the application program with prestoring
Every section of bug code of storage is compared one by one, and the bug code includes meeting the code of default loophole rule;
Judged to whether there is in the source code of the application program according to comparison result and be matched with any bug code
Code segment;
If exist and any matched code segment of bug code in the source code of the application program, it is determined that described
There are cyberspace vulnerabilities for application program.
The another object of the embodiment of the present invention is to provide a kind of detection device of cyberspace vulnerability, including:
Acquiring unit for parsing application program installation kit, obtains the source code of the application program;
Matching unit, for the line number according to the bug code being pre-stored in bug code storehouse, by the application program
Source code compared one by one with every section of pre-stored bug code, the bug code, which includes meeting default loophole, advises
Code then;
Judging unit, for judged according to comparison result in the source code of the application program whether there is with it is any described
The matched code segment of bug code;
Determination unit, if for existing and any matched code of bug code in the source code of the application program
Section, it is determined that there are cyberspace vulnerabilities for the application program.
In embodiments of the present invention, decompiling is carried out to the installation kit of application program, by thus obtained application program
Source code is compared one by one with the bug code in the bug code storehouse pre-established, so as to be automatically completed from the background to this
The entire detection process of the cyberspace vulnerability detection of application program, without additional artificially configuration detection environment or monitoring again
Data are detected, greatly increase the detection efficiency of cyberspace vulnerability detection.
Description of the drawings
Fig. 1 is the realization flow chart of the detection method of cyberspace vulnerability provided in an embodiment of the present invention;
Fig. 2 is the specific implementation flow chart of the detection method S101 of cyberspace vulnerability provided in an embodiment of the present invention;
Fig. 3 is the specific implementation flow chart of the detection method S102 of cyberspace vulnerability provided in an embodiment of the present invention;
Fig. 4 is the realization flow diagram of the detection method S102 of cyberspace vulnerability provided in an embodiment of the present invention;
Fig. 5 is the structure diagram of the detection device of cyberspace vulnerability provided in an embodiment of the present invention;
Fig. 6 is the hardware block diagram of the detection device of cyberspace vulnerability provided in an embodiment of the present invention.
Specific embodiment
In order to make the purpose , technical scheme and advantage of the present invention be clearer, with reference to the accompanying drawings and embodiments, it is right
The present invention is further elaborated.It should be appreciated that the specific embodiments described herein are merely illustrative of the present invention, and
It is not used in the restriction present invention.
In embodiments of the present invention, decompiling is carried out to the installation kit of application program, by thus obtained application program
Source code is matched one by one with the bug code in the bug code storehouse pre-established, so as to be automatically completed from the background to this
The entire detection process of the cyberspace vulnerability detection of application program, without additional artificially configuration detection environment or monitoring again
Data are detected, greatly increase the detection efficiency of cyberspace vulnerability detection.
It should be noted that it is next detected as with carrying out security breaches to the application program under android system
Example, is illustrated the detection method and device of cyberspace vulnerability provided in an embodiment of the present invention, it is contemplated that base
Identical realization principle can also be used to carry out the detection of cyberspace vulnerability in application program under other operating systems(Bag
Include the decompiling to installation kit, the source generation to being concluded there may be the feature of the code of cyberspace vulnerability and decompiling obtains
Code and the matching logic for the loophole rule summarized), do not repeat one by one herein.
Fig. 1 shows the detection method of cyberspace vulnerability provided in an embodiment of the present invention, and details are as follows:
In S101, application program installation kit is parsed, obtains the source code of the application program.
In embodiments of the present invention, reverse-engineering can be passed through(Reverse Engineering), reverse engineering is also,
Installation kit based on application software goes to infer its data structure, architecture and programming letter in a manner of dis-assembling
Breath, so as to get the source code of the application program.For the APK form installation kits of android system, pass through reverse work
Journey parses it, mainly includes correlation step as shown in Figure 2:
In S201, the installation kit of the application program is decompressed, gets executable file therein.
It is typically to be packaged into application program APMB package for the application program installation kit of android system
(application package file)Form, i.e. APK installation kits install for APK existing in the form of compressed file
Bag unzips it, it is necessary to first according to normal decompression flow, to obtain installation as defined in android system
The prerequisite installation file of institute in bag, wherein, include the executable file where the code that application program is compiled(I.e.
Classes.dex files).Since android system is a development environment based on Java, it is got in S201
Classes.dex files, be Java files compiling after again by dx instruments packing form.
In S202, the executable file is converted into Java archive file.
Use decompiling instrument(Such as dex2jar), executable file can be converted to Java archive file, wherein,
Java archive file(Java Archive)That is .jar files allow many files being combined into a compressed file, not only
For compressing and issuing, but also for disposing and encapsulating storehouse, component and plug-in card program, and can be as compiler and Java Virtual Machine
Such instrument directly uses.For android system, above-mentioned transfer process is to be converted to classes.dex files
The process of classes_dex2jar.jar files.
In S203, the Java archive file is decompressed, obtains the set of java class file.
In S204, the set of java class file described in batch decompiling obtains the set of Java source files.
After the set of java class file is obtained, various Java decompiling instruments can be passed through(Such as windows platforms
The JAD instruments used), batch decompiling is carried out to the set of java class file, to decompile into the set of Java source files, by
This just realizes the acquisition to application source code.
In S102, according to the line number for the bug code being pre-stored in bug code storehouse, by the source of the application program
Code is compared one by one with every section of pre-stored bug code, and the bug code includes meeting default loophole rule
Code.
In the present embodiment, it is necessary to pre-establish bug code storehouse before performing S102, and it is pre- in the bug code storehouse
Storage meets the bug code of default loophole rule.
For android system, HTTPS network encryptions transmission verification interface is provided, for digital certificate
And host domain name is verified.Wherein:
The verification of digital certificate is realized by X509TrustManager classes, core verification is located at
CheckServerTrusted interfaces;
The verification of host domain name is realized by setHostnameVerifier interfaces, including java class storehouse
Javax.net.ssl.HttpsURLConnection.setHostnameVerifier and apache class libraries
Org.apache.http.conn.ssl.SSLSocketFactory.setHostnameVer ifier, and wherein different ginsengs
Number options correspond to different safety check ranks respectively, for example, parameter options ALLOW_ALL_HOSTNAME_VERIFIER or
New AllowAllHostnameVerifier represent that host domain name need not be verified.
Typically, HTTPS security breaches it is much be due to developer in X509TrustManager classes or
SetHostnameVerifier interfaces are realized not caused by strictly verification, and based on this, process is established in bug code storehouse
In, for developer in the development process of application program may to above-mentioned class or interface realization not verify strictly it is various
Coding situation is collected, and is formed corresponding loophole rule, and according to corresponding loophole rule, will be met these loopholes rule
Code is stored in bug code storehouse, as bug code in order to which subsequent detection is in the process by the source generation of application program one by one
Code is matched one by one in the bug code storehouse with these bug codes, so as to detect whether the source code of application program is deposited
In HTTPS security breaches.
Wherein, the loophole rule met required for the bug code that is stored in the bug code storehouse pre-established is included but not
It is limited to following several:
1st, the customized interface for being used to carry out digital certificate verification.
Include the checkServerTrusted interfaces of self-defined X509TrustManager classes.
For example, the empty real of the interface is showed:
public void checkClientTrusted(X509Certificate ax509certificate[],
String s)
{
}
Above-mentioned empty real can not now realize the stringent verification to digital certificate.
2nd, for set in the interface of host domain name verification the parameter options of dangerous verification.
Parameter including setHostnameVerifier interfaces is arranged to dangerous verification option.
It is set for example, carrying out following parameter options:
MySSLSocketFactory mysslsocketfactory=new MySSLSocketFactory();
mysslsocketfactory.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_H
OSTNAME_VERIFIER);
The setting of above-mentioned parameter option can not realize the verification to host domain name.
3rd, for carry out defined in the interface of host domain name verification can not be to class that host domain name is strictly verified.
Parameter definition including setHostnameVerifier interfaces is HostnameVerifier classes, and
SetHostnameVerifier interfaces can not realize the stringent verification to host domain name.
For example, true is directly returned to the calling of setHostnameVerifier interfaces:
The above-mentioned definition to setHostnameVerifier interfaces can not realize the stringent verification to host domain name.
In the present embodiment, the source code by the application program and every section of loophole in default bug code storehouse
Code is compared one by one, is referred to for each section of bug code in bug code storehouse, will be in the source code of application program
All code segments in units of a line or multirow, be compared respectively with this section of bug code successively, to judge whether to deposit
In the code segment to match with this section of bug code.
As shown in figure 3, the specific implementation flow of S102 is as follows:
In S301, it is big to obtain the line number a, a of the bug code currently compared in the bug code storehouse
In or equal to 1 integer.
In S302, by the continuous a-1 rows after every a line of the source code of the application program and its row with it is described
The bug code currently compared is compared line by line.
For example, when the line number for the bug code for currently needing to be compared in bug code storehouse is 1, then it should by traversal
With every a line of the source code of program, every a line of the source code of application program is compared one by one with the bug code respectively
It is right;
In another example when the line number for the bug code for currently needing to be compared in bug code storehouse is 3, then first should
It is compared with continuous 2 row after the 1st row of program source code and its row with the bug code, then by the application program
Continuous 2 row after 2nd row of source code and its row is compared with the bug code ... ... and so on, realize application
Continuous 2 row after every 1 row of the source code of program and its row carries out line by line with the bug code currently compared
It compares.
As a kind of concrete implementation mode, when being stored respectively in bug code storehouse corresponding to above-mentioned three loophole rules
Bug code when, the comparison flow of S102 is as shown in Figure 4:
In S401, i=1 is initialized, reads the code content of the i-th row of source code of the application program, afterwards i=i+1.
In S402, the lines of code a of detection loophole rule 1, by the i-th row of source code of the application program to the i-th+a-
The code content of 1 row is compared with loophole rule 1, judges whether to match.If judging result is matching, S405 is performed, if not
Matching performs S403.
In S403, the lines of code b of detection loophole rule 2, by the i-th row of source code of the application program to the i-th+b-
The code content of 1 row is compared with loophole rule 2, judges whether to match.If judging result is matching, S405 is performed, if not
Matching performs S404.
In S404, the lines of code c of detection loophole rule 3, by the i-th row of source code of the application program to the i-th+c-
The code content of 1 row is compared with loophole rule 3, judges whether to match.If judging result is matching, S405 is performed, if not
Matching performs S406.
In S405, the code segment to match with the loophole rule being currently compared is marked.
In S406, judge the i-th row whether be the application program source code tail row, be terminate compare flow,
Output have passed through the code segment of mark, otherwise returns and performs S401.
The interrelated logic of above-mentioned comparison flow is implemented for single source code file, all source code files of application program
Search and comparing connect by the find (function_ptr, dir_path) under Perl language file systematic search modules Find
It mouthful realizes, implements the comparison logic in function_ptr methods successively to the source code file under dir_path automatically.
It should be noted that it is only to be carried out between the source code of application program and loophole rule that flow is compared shown in Fig. 4
A kind of logic realization compared one by one, it is contemplated that the comparison flow, example can also be realized by other logics
Such as, code segment all in the source code of application program has first been compared specifically for loophole rule 1, then specifically for loophole rule
2 perform identical comparison flow, and so on.Other logic implementations are not illustrated one by one herein.
In S103, judged to whether there is and any loophole in the source code of the application program according to comparison result
The code segment of code matches.
In S104, if in the source code of the application program exist with any matched code segment of bug code,
Then determine that there are cyberspace vulnerabilities for the application program.
The comparison result exported after being finished based on S102, it may be determined that current to carry out answering for cyberspace vulnerability detection
With program with the presence or absence of security breaches, for there are the application program of cyberspace vulnerability, exporting the comparison result in S102,
That is, by have passed through mark, export with the matched code segment of any bug code, so as to complete to the application program network
The automatic detection of security breaches, and clearly mark and export position of the code segment in the source code of application program, with side
Just developer carries out code revision in time, and the safety for eliminating application program existing leaking data during network communication is hidden
Suffer from.
In the present embodiment, complete and corresponding testing result is detected and outputed to the cyberspace vulnerability of application program
Afterwards, further, the temporary files such as the Java archive file, java class file and Java source files that are generated in S101 are carried out
It deletes, with releasing memory, continues to execute the detection of the cyberspace vulnerability to next application program.
Fig. 5 shows the structure diagram of the detection device of cyberspace vulnerability provided in an embodiment of the present invention, which uses
In the detection method for running the cyberspace vulnerability described in Fig. 1 to Fig. 4 embodiment of the present invention.For convenience of description, illustrate only
Part related to the present embodiment.
With reference to Fig. 5, which includes:
Acquiring unit 51 parses application program installation kit, obtains the source code of the application program.
Matching unit 52, according to the line number for the bug code being pre-stored in bug code storehouse, by the application program
Source code is compared one by one with every section of pre-stored bug code, and the bug code includes meeting default loophole rule
Code.
Judging unit 53 judges to whether there is and any leakage in the source code of the application program according to comparison result
The code segment of hole code matches.
Determination unit 54, if existing and any matched code of bug code in the source code of the application program
Section, it is determined that there are cyberspace vulnerabilities for the application program.
Optionally, the default loophole rule includes:
The customized interface for being used to carry out digital certificate verification.
Optionally, the default loophole rule includes:
For set in the interface of host domain name verification the parameter options of dangerous verification.
Optionally, the default loophole rule includes:
For carry out defined in the interface of host domain name verification can not be to class that host domain name is strictly verified.
Optionally, the matching unit 52 includes:
Subelement is obtained, the line number a, a for obtaining the bug code currently compared in the bug code storehouse are
Integer more than or equal to 1.
Comparison subunit, by the continuous a-1 rows after every a line of the source code of the application program and its row and institute
The bug code currently compared is stated to be compared line by line.
Optionally, described device further includes:
Output unit, for exporting the matched code segment of described and any bug code and exporting the code segment
Position in the source code of the application program.
Optionally, described device further includes:
Unit is deleted, for deleting the temporary file generated during the parsing application program installation kit.
Optionally, the acquiring unit 51 includes:
First decompression unit decompresses the installation kit of the application program, gets executable file therein.
The executable file is converted to Java archive file by conversion subunit.
Second decompression unit decompresses the Java archive file, obtains the set of java class file;.
Decompiling subelement, the set of java class file described in batch decompiling, obtains the set of Java source files.
Fig. 6 shows the hardware block diagram of the detection device of cyberspace vulnerability provided in an embodiment of the present invention, the dress
Put to run the detection method of the cyberspace vulnerability described in Fig. 1 to Fig. 4 embodiment of the present invention.For convenience of description, only show
Part related to the present embodiment is gone out.
With reference to Fig. 6, which includes:
Processor 601, memory 602 and bus 603, wherein, processor 601 and memory 602 are carried out by bus 603
Mutual communication, for storing program, processor 601 is used to perform the program stored in memory 602, institute memory 602
It states program when executed, is used for:
Application program installation kit is parsed, obtains the source code of the application program;
According to the line number for the bug code being pre-stored in bug code storehouse, by the source code of the application program with prestoring
Every section of bug code of storage is compared one by one, and the bug code includes meeting the code of default loophole rule;
Judged to whether there is in the source code of the application program according to comparison result and be matched with any bug code
Code segment;
If exist and any matched code segment of bug code in the source code of the application program, it is determined that described
There are cyberspace vulnerabilities for application program.
Optionally, the default loophole rule includes:
The customized interface for being used to carry out digital certificate verification.
Optionally, the default loophole rule includes:
For set in the interface of host domain name verification the parameter options of dangerous verification.
Optionally, the default loophole rule includes:
For carry out defined in the interface of host domain name verification can not be to class that host domain name is strictly verified.
Optionally, the basis is pre-stored in the line number of the bug code in bug code storehouse, by the application program
Source code and every section of pre-stored bug code compared one by one including:
The line number a, a for obtaining the bug code currently compared in the bug code storehouse are more than or equal to 1
Integer;
Continuous a-1 rows after every a line of the source code of the application program and its row are currently compared with described
The bug code is compared line by line.
Optionally, described program is additionally operable to:
It exports the matched code segment of described and any bug code and exports the code segment in the application program
Source code in position.
Optionally, described program is additionally operable to:
Delete the temporary file generated during the parsing application program installation kit.
Optionally, the parsing application program installation kit, obtaining the source code of the application program includes:
The installation kit of the application program is decompressed, gets executable file therein;
The executable file is converted into Java archive file;
The Java archive file is decompressed, obtains the set of java class file;
The set of java class file described in batch decompiling, obtains the set of Java source files.
In embodiments of the present invention, decompiling is carried out to the installation kit of application program, by thus obtained application program
Source code is matched one by one with the bug code in the bug code storehouse pre-established, so as to be automatically completed from the background to this
The entire detection process of the cyberspace vulnerability detection of application program, without additional artificially configuration detection environment or monitoring again
Data are detected, greatly increase the detection efficiency of cyberspace vulnerability detection.
The foregoing is merely illustrative of the preferred embodiments of the present invention, is not intended to limit the invention, all essences in the present invention
All any modification, equivalent and improvement made within refreshing and principle etc., should all be included in the protection scope of the present invention.
Claims (14)
1. a kind of detection method of cyberspace vulnerability, which is characterized in that including:
Application program installation kit is parsed, obtains the source code of the application program;
According to the line number for the bug code being pre-stored in bug code storehouse, by the source code of the application program with it is pre-stored
Every section of bug code is compared one by one, and the bug code includes meeting the code of default loophole rule;
Judged to whether there is and any bug code matched generation in the source code of the application program according to comparison result
Code section;
If exist and any matched code segment of bug code in the source code of the application program, it is determined that the application
There are cyberspace vulnerabilities for program;
Wherein, the basis is pre-stored in the line number of the bug code in bug code storehouse, by the source code of the application program
With the pre-stored every section bug code compared one by one including:
It is whole more than or equal to 1 to obtain the line number a, a of the bug code currently compared in the bug code storehouse
Number;
By the continuous a-1 rows after every a line of the source code of the application program and its row with it is described currently compare described in
Bug code is compared line by line.
2. the method as described in claim 1, which is characterized in that the default loophole rule includes:
The customized interface for being used to carry out digital certificate verification.
3. the method as described in claim 1, which is characterized in that the default loophole rule includes:
For set in the interface of host domain name verification the parameter options of dangerous verification.
4. the method as described in claim 1, which is characterized in that the default loophole rule includes:
For carry out defined in the interface of host domain name verification can not be to class that host domain name is strictly verified.
5. the method as described in claim 1, which is characterized in that the method further includes:
It exports the matched code segment of described and any bug code and exports the code segment in the source of the application program
Position in code.
6. the method as described in claim 1, which is characterized in that the method further includes:
Delete the temporary file generated during the parsing application program installation kit.
7. the method as described in claim 1, which is characterized in that the parsing application program installation kit obtains described using journey
The source code of sequence includes:
The installation kit of the application program is decompressed, gets executable file therein;
The executable file is converted into Java archive file;
The Java archive file is decompressed, obtains the set of java class file;
The set of java class file described in batch decompiling, obtains the set of Java source files.
8. a kind of detection device of cyberspace vulnerability, which is characterized in that including:
Acquiring unit for parsing application program installation kit, obtains the source code of the application program;
Matching unit, for the line number according to the bug code being pre-stored in bug code storehouse, by the source of the application program
Code is compared one by one with every section of pre-stored bug code, and the bug code includes meeting default loophole rule
Code;
Judging unit, for being judged to whether there is and any loophole in the source code of the application program according to comparison result
The code segment of code matches;
Determination unit, if in the source code of the application program exist with any matched code segment of bug code,
Then determine that there are cyberspace vulnerabilities for the application program;
Wherein, the matching unit includes:
Subelement is obtained, line number a, a for obtaining the bug code currently compared in the bug code storehouse are
Integer more than or equal to 1;
Comparison subunit, for by the continuous a-1 rows after every a line of the source code of the application program and its row and institute
The bug code currently compared is stated to be compared line by line.
9. device as claimed in claim 8, which is characterized in that the default loophole rule includes:
The customized interface for being used to carry out digital certificate verification.
10. device as claimed in claim 8, which is characterized in that the default loophole rule includes:
For set in the interface of host domain name verification the parameter options of dangerous verification.
11. device as claimed in claim 8, which is characterized in that the default loophole rule includes:
For carry out defined in the interface of host domain name verification can not be to class that host domain name is strictly verified.
12. device as claimed in claim 8, which is characterized in that described device further includes:
Output unit, for exporting the matched code segment of described and any bug code and exporting the code segment in institute
State the position in the source code of application program.
13. device as claimed in claim 8, which is characterized in that described device further includes:
Unit is deleted, for deleting the temporary file generated during the parsing application program installation kit.
14. device as claimed in claim 8, which is characterized in that the acquiring unit includes:
First decompression unit for decompressing the installation kit of the application program, gets executable file therein;
Conversion subunit, for the executable file to be converted to Java archive file;
Second decompression unit for decompressing the Java archive file, obtains the set of java class file;
Decompiling subelement for the set of java class file described in batch decompiling, obtains the set of Java source files.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410108152.3A CN104933368B (en) | 2014-03-21 | 2014-03-21 | A kind of detection method and device of cyberspace vulnerability |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410108152.3A CN104933368B (en) | 2014-03-21 | 2014-03-21 | A kind of detection method and device of cyberspace vulnerability |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN104933368A CN104933368A (en) | 2015-09-23 |
| CN104933368B true CN104933368B (en) | 2018-05-22 |
Family
ID=54120531
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410108152.3A Active CN104933368B (en) | 2014-03-21 | 2014-03-21 | A kind of detection method and device of cyberspace vulnerability |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104933368B (en) |
Families Citing this family (16)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106856473B (en) * | 2015-12-09 | 2021-04-20 | 阿里巴巴集团控股有限公司 | Vulnerability detection method and device |
| CN108459954B (en) * | 2017-02-22 | 2022-08-26 | 腾讯科技(深圳)有限公司 | Application program vulnerability detection method and device |
| CN106911694B (en) * | 2017-02-28 | 2020-08-25 | 广东电网有限责任公司信息中心 | Automatic updating method based on ANDROID vulnerability knowledge base |
| CN108629182B (en) * | 2017-03-21 | 2022-11-04 | 腾讯科技(深圳)有限公司 | Vulnerability detection method and vulnerability detection device |
| CN107357717B (en) * | 2017-06-07 | 2020-06-09 | 阿里巴巴集团控股有限公司 | Method, device and equipment for detecting configuration errors |
| CN108446232A (en) * | 2018-03-19 | 2018-08-24 | 五八有限公司 | Introducing method, device, computing device and the storage medium of self-defined detected rule |
| CN108595960A (en) * | 2018-04-11 | 2018-09-28 | 郑州云海信息技术有限公司 | It is a kind of that based on third party software, there are the detection methods of loophole and system |
| CN109040039B (en) * | 2018-07-20 | 2021-06-15 | 西安四叶草信息技术有限公司 | Vulnerability detection method, device and system |
| CN109063490A (en) * | 2018-08-31 | 2018-12-21 | 北京梆梆安全科技有限公司 | A kind of method, device and equipment detecting host name loophole |
| CN109450883B (en) * | 2018-10-26 | 2021-08-27 | 北京梆梆安全科技有限公司 | Method and device for detecting cracking risk of digital certificate |
| CN109538299A (en) * | 2018-11-28 | 2019-03-29 | 徐州江煤科技有限公司 | A kind of automatic detection check device of mine safety |
| CN111310190A (en) * | 2018-12-11 | 2020-06-19 | 中国航天科工集团六院情报信息研究中心 | Method for detecting network security vulnerability |
| CN111045686B (en) * | 2019-12-16 | 2023-05-30 | 北京智游网安科技有限公司 | Method for improving decompilation speed of application, intelligent terminal and storage medium |
| CN111046388B (en) * | 2019-12-16 | 2022-09-13 | 北京智游网安科技有限公司 | Method for identifying third-party SDK in application, intelligent terminal and storage medium |
| CN111625272A (en) * | 2020-06-08 | 2020-09-04 | 成都信息工程大学 | Automatic source code auditing and developing method |
| CN111753330B (en) * | 2020-06-18 | 2023-08-29 | 百度在线网络技术(北京)有限公司 | Determination method, apparatus, device and readable storage medium for data leakage main body |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101710378A (en) * | 2009-10-10 | 2010-05-19 | 北京理工大学 | Software security flaw detection method based on sequential pattern mining |
| CN102955914A (en) * | 2011-08-19 | 2013-03-06 | 百度在线网络技术(北京)有限公司 | Method and device for detecting security flaws of source files |
| CN103473509A (en) * | 2013-09-30 | 2013-12-25 | 清华大学 | Android platform malware automatic detecting method |
Family Cites Families (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN100461132C (en) * | 2007-03-02 | 2009-02-11 | 北京邮电大学 | Software safety code analyzer based on static analysis of source code and testing method therefor |
| CN101442412B (en) * | 2008-12-18 | 2011-04-06 | 西安交通大学 | Method for prewarning aggression based on software defect and network aggression relation excavation |
| KR101122650B1 (en) * | 2010-04-28 | 2012-03-09 | 한국전자통신연구원 | Apparatus, system and method for detecting malicious code injected with fraud into normal process |
| US8584243B2 (en) * | 2011-11-09 | 2013-11-12 | Kaprica Security, Inc. | System and method for bidirectional trust between downloaded applications and mobile devices including a secure charger and malware scanner |
-
2014
- 2014-03-21 CN CN201410108152.3A patent/CN104933368B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101710378A (en) * | 2009-10-10 | 2010-05-19 | 北京理工大学 | Software security flaw detection method based on sequential pattern mining |
| CN102955914A (en) * | 2011-08-19 | 2013-03-06 | 百度在线网络技术(北京)有限公司 | Method and device for detecting security flaws of source files |
| CN103473509A (en) * | 2013-09-30 | 2013-12-25 | 清华大学 | Android platform malware automatic detecting method |
Also Published As
| Publication number | Publication date |
|---|---|
| CN104933368A (en) | 2015-09-23 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN104933368B (en) | A kind of detection method and device of cyberspace vulnerability | |
| CN106534160B (en) | Identity authentication method and system based on block chain | |
| CN102880456B (en) | Plug-in loading method and system | |
| CN105320535B (en) | A kind of method of calibration of installation kit, client, server and system | |
| CN107148010B (en) | Multi-operator implementation method, device, storage medium and computer equipment | |
| CN103561006B (en) | Application authentication method and device and application authentication server based on Android | |
| CN104216830B (en) | Method and system for detecting consistency of equipment software | |
| CN111625782B (en) | Access authority control method and device for source code, computer equipment and storage medium | |
| CN103530534A (en) | Android program ROOT authorization method based on signature verification | |
| CN106559223B (en) | Application signature method and device | |
| US10263980B2 (en) | Network node, device and methods for providing an authentication module | |
| CN105243314A (en) | USB-key based security system and usage method therefor | |
| CN105721154B (en) | Encryption protection method based on Android platform communication interface | |
| CN105765941A (en) | Illegal access server prevention method and device | |
| KR20170089352A (en) | Firmware integrity verification for performing the virtualization system | |
| US11139987B2 (en) | Compact security certificate | |
| CN110069415B (en) | Software integrity checking and software testing method used in software testing process | |
| CN111865557A (en) | Check code generation method and device | |
| CN109495500A (en) | A kind of double factor authentication method based on smart phone | |
| CN108292997B (en) | Authentication control system and method, server device, client device, authentication method, and recording medium | |
| CN101795268B (en) | Method and device for enhancing security of user-based security model | |
| US20240193270A1 (en) | Automatic detection of malware families and variants without the presence of malware files based on structure presentation | |
| KR100453504B1 (en) | Method and system for authenticating a software | |
| CN114584291B (en) | Key protection method, device, equipment and storage medium based on HMAC algorithm | |
| CN111079140A (en) | Method, device and system for preventing cheating |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20190731 Address after: Shenzhen Futian District City, Guangdong province 518044 Zhenxing Road, SEG Science Park 2 East Room 403 Co-patentee after: Tencent cloud computing (Beijing) limited liability company Patentee after: Tencent Technology (Shenzhen) Co., Ltd. Address before: Shenzhen Futian District City, Guangdong province 518044 Zhenxing Road, SEG Science Park 2 East Room 403 Patentee before: Tencent Technology (Shenzhen) Co., Ltd. |
|
| TR01 | Transfer of patent right |