CN110381035A - Network security test method, device, computer equipment and readable storage medium storing program for executing - Google Patents
Network security test method, device, computer equipment and readable storage medium storing program for executing Download PDFInfo
- Publication number
- CN110381035A CN110381035A CN201910558331.XA CN201910558331A CN110381035A CN 110381035 A CN110381035 A CN 110381035A CN 201910558331 A CN201910558331 A CN 201910558331A CN 110381035 A CN110381035 A CN 110381035A
- Authority
- CN
- China
- Prior art keywords
- data flow
- host computer
- message
- under test
- equipment under
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000010998 test method Methods 0.000 title claims abstract description 26
- 238000012360 testing method Methods 0.000 claims abstract description 87
- 238000001514 detection method Methods 0.000 claims abstract description 11
- 230000015654 memory Effects 0.000 claims description 21
- 238000000034 method Methods 0.000 claims description 14
- 238000004891 communication Methods 0.000 claims description 3
- 230000002159 abnormal effect Effects 0.000 abstract description 11
- 238000009412 basement excavation Methods 0.000 description 7
- 238000012545 processing Methods 0.000 description 7
- 230000006870 function Effects 0.000 description 5
- 230000001052 transient effect Effects 0.000 description 5
- 238000010586 diagram Methods 0.000 description 3
- 230000008569 process Effects 0.000 description 3
- 230000005540 biological transmission Effects 0.000 description 2
- 230000003993 interaction Effects 0.000 description 2
- 238000005259 measurement Methods 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 230000009471 action Effects 0.000 description 1
- 238000004590 computer program Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 239000007787 solid Substances 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention discloses a kind of network security test method, device, computer equipment and readable storage medium storing program for executing, network security test method includes: to obtain data flow to be transmitted, and data flow includes five-tuple information;According to five-tuple information determine data flow corresponding to the first host computer and the first equipment under test;Data flow is sent to not corresponding second host computer of data flow and/or the second equipment under test according to definitive result;Receive the data that the second host computer and/or the second equipment under test are fed back according to data flow;Whether there is exception according to the second host computer of Data Detection and/or the second equipment under test.By analyzing the data flow of acquisition, determine the first host computer and the first equipment under test corresponding to data flow, and then data flow can be sent to not corresponding second host computer of data flow and/or the second equipment under test, the second host computer can be tested and/or the second equipment under test receives the tolerance level of abnormal data stream.
Description
Technical field
The present invention relates to technical field of industrial control, and in particular to a kind of network security test method, device, computer are set
Standby and readable storage medium storing program for executing.
Background technique
Currently, with the continuous mixing together of industrialization and IT application process, more and more information technology applications are arrived
Industrial circle.At the same time, since general software and hardware and the network facilities, industrial control system is widely used in industrial control system
It is integrated with management information system in enterprise, cause industrial control system more and more open, industrial control system and corporate intranet, even
It is that can produce data exchange with internet, but a large amount of IT loophole is introduced into industrial control system while data exchange,
So industrial control system needs to open industry control bug excavation.Mainly industry control is assisted for the bug excavation of industrial control system
View carries out bug excavation, and current test method is carried out by direct-connected mode, the test data of this test method
Generation be a kind of mode from scratch, be suitble to disclosed known protocol, for unknown protocol, test effect is bad.
Summary of the invention
In view of this, the embodiment of the invention provides a kind of network security test method, device, computer equipments and readable
Storage medium is suitble to disclosed known protocol to solve the existing test method of industrial control system bug excavation, for unknown
The ineffective problem of protocol test.
According in a first aspect, the embodiment of the invention provides a kind of network security test methods, comprising: obtain to be transmitted
Data flow, data flow include five-tuple information;According to five-tuple information determine data flow corresponding to the first host computer and first
Equipment under test;Data flow is sent to not corresponding second host computer of data flow and/or the second equipment under test according to definitive result;
Receive the data that the second host computer and/or the second equipment under test are fed back according to data flow;According to the second host computer of Data Detection and/
Or second equipment under test whether there is exception.
Optionally, data flow further includes message, according to five-tuple information determine data flow corresponding to the first host computer
After the first equipment under test, further includes: message is made a variation according to preset rules, and the message after variation is sent to number
According to corresponding first host computer of stream or the first equipment under test.
Optionally, message is made a variation according to preset rules, comprising: divided message according to the first preset rules
Class;The message classified is made a variation according to the second preset rules.
Optionally, message is classified according to the first preset rules, comprising: according to the length of message or message predetermined word
The data information of section classifies message.
Optionally, the message classified is made a variation according to the second preset rules, comprising: by according to the length of message into
The message of row classification is truncated and/or is increased load;Or the report that will classify according to the data information of message preset field
The data information of the preset field of text is distorted.
Optionally, five-tuple information includes: source IP, source port, destination IP, destination port, protocol type.
According to second aspect, the embodiment of the invention provides a kind of network security test devices, including obtain module, are used for
Data flow to be transmitted is obtained, data flow includes five-tuple information;Determining module, for determining data flow according to five-tuple information
Corresponding the first host computer and the first equipment under test;Sending module, for data flow to be sent to data according to definitive result
Flow not corresponding second host computer and/or the second equipment under test;Receiving module, for receiving the second host computer and/or the second quilt
The data that measurement equipment is fed back according to data flow;Detection module, for being set according to the second host computer of Data Detection and/or second are tested
It is standby whether exception occur.
According to the third aspect, the embodiment of the invention provides a kind of computer equipments, comprising: at least one processor;With
And the memory being connect at least one processor communication;Wherein, memory is stored with the instruction that can be executed by a processor,
Instruction is executed by least one processor, so that at least one processor executes above-mentioned first aspect or first aspect is arbitrarily implemented
Network security test method in mode.
According to fourth aspect, the embodiment of the invention provides a kind of computer readable storage mediums, which is characterized in that calculates
Machine readable storage medium storing program for executing is stored with computer instruction, and computer instruction is for making computer execute above-mentioned first aspect or first party
Network security test method in any embodiment in face.
Network security test method, device, computer equipment and readable storage medium storing program for executing provided in an embodiment of the present invention, pass through
The data flow of acquisition is analyzed, determines the first host computer and the first equipment under test corresponding to data flow, and then can incite somebody to action
Data flow is sent to not corresponding second host computer of data flow and/or the second equipment under test, tests the second host computer and/or second
Equipment under test receives the tolerance level of abnormal data stream, simple and easy, can not only test the host computer of known protocol and be tested
Equipment can also test the host computer and equipment under test of unknown protocol.
Detailed description of the invention
It, below will be to specific in order to illustrate more clearly of the specific embodiment of the invention or technical solution in the prior art
Embodiment or attached drawing needed to be used in the description of the prior art be briefly described, it should be apparent that, it is described below
Attached drawing is some embodiments of the present invention, for those of ordinary skill in the art, before not making the creative labor
It puts, is also possible to obtain other drawings based on these drawings.
Fig. 1 is the flow chart of network security test method according to an embodiment of the present invention;
Fig. 2 is the structural block diagram of network security test device according to an embodiment of the present invention;
Fig. 3 is computer equipment connection schematic diagram according to an embodiment of the present invention;
Fig. 4 is the structural schematic diagram of industry control bug excavation platform according to an embodiment of the present invention.
Specific embodiment
In order to make the object, technical scheme and advantages of the embodiment of the invention clearer, below in conjunction with the embodiment of the present invention
In attached drawing, technical scheme in the embodiment of the invention is clearly and completely described, it is clear that described embodiment is
A part of the embodiment of the present invention, instead of all the embodiments.Based on the embodiments of the present invention, those skilled in the art are not having
Every other embodiment obtained under the premise of creative work is made, shall fall within the protection scope of the present invention.
According in a first aspect, the embodiment of the invention provides a kind of network security test methods, as shown in Figure 1, comprising:
S101. data flow to be transmitted is obtained, data flow includes five-tuple information.
In embodiments of the present invention, a computer equipment, the calculating can be set between host computer and equipment under test
Machine equipment serves as the function of bridge between host computer and equipment under test, i.e., the computer equipment is to equipment under test and host computer
Interaction data stream is forwarded, and in case there is a need, is forwarded again after first can carrying out intercepting and capturing backup to data stream, the calculating
For machine equipment at least there are three network interface, wherein one or more network interfaces connect equipment under test, and remaining network interface connects
Host computer is connect, by the computer equipment, available data flow to be transmitted, data flow includes five-tuple information, five-tuple
Information includes: source IP, source port, destination IP, destination port, protocol type.
S102. according to five-tuple information determine data flow corresponding to the first host computer and the first equipment under test.
In embodiments of the present invention, the equipment for sending and receiving the data flow can be determined according to five-tuple information, namely
Determine the first host computer and the first equipment under test corresponding to the data flow.
S103. data flow is sent to by not corresponding second host computer of data flow according to definitive result and/or second be tested
Equipment.
In embodiments of the present invention, it is determined that the first host computer and the first equipment under test corresponding to data flow, so that it may
Data flow is sent to not corresponding second host computer of the data flow and/or the second equipment under test, test the second host computer and/or
Second equipment under test receives the tolerance level of abnormal data stream, which can issue the second host computer and second simultaneously and tested set
It is standby, it can also only issue the second host computer or the second equipment under test.
S104. the data that the second host computer and/or the second equipment under test are fed back according to data flow are received.
It in embodiments of the present invention, can root after the second host computer and/or the second equipment under test receive abnormal data flow
It is acted according to the data flow of data flow, and result is fed back into computer equipment.
S105. whether exception is occurred according to the second host computer of Data Detection and/or the second equipment under test.
In embodiments of the present invention, it may determine that the second host computer according to the data of feedback and/or the second equipment under test be
No appearance is abnormal, for example, the data of feedback show error message/exception information/execution failure information indicate the second host computer and/
Or second equipment under test without abnormal, there is certain tolerance level for abnormal data stream, if the data of feedback are shown correctly
Information/normal information/information that runs succeeded indicates that the second host computer and/or the second equipment under test have exception, for abnormal data
Flow no tolerance level.
Network security test method provided in an embodiment of the present invention determines number by analyzing the data flow of acquisition
According to stream corresponding the first host computer and the first equipment under test, and then data flow can be sent to data flow not corresponding second
Host computer and/or the second equipment under test, test the second host computer and/or the second equipment under test receives the tolerance of abnormal data stream
Degree, it is simple and easy, the host computer and equipment under test of known protocol can be not only tested, the host computer of unknown protocol can also be tested
And equipment under test.
In an alternate embodiment of the invention, data flow further includes message, is determined corresponding to data flow according to five-tuple information
After first host computer and the first equipment under test, the network security test method of the embodiment of the present invention further include: according to default rule
Then message is made a variation, and the message after variation is sent to corresponding first host computer of data flow or the first equipment under test.
Wherein, message is made a variation according to preset rules, comprising: message is classified according to the first preset rules;
The message classified is made a variation according to the second preset rules.
Specifically, message is classified according to the first preset rules, comprising: according to the length of message or message predetermined word
The data information of section classifies message.
Specifically, the message classified is made a variation according to the second preset rules, comprising: by according to the length of message into
The message of row classification is truncated and/or is increased load;Or the report that will classify according to the data information of message preset field
The data information of the preset field of text is distorted.In the present embodiment, the first host computer corresponding to data flow is being determined
After the first equipment under test, it can also make a variation to the message in the data flow, and then test corresponding to the data flow
The tolerance level of first host computer or the first equipment under test to variation message.For example, according to five-tuple information can determine transmission and
The equipment for receiving the data flow, if the equipment for sending the data flow is the first host computer, the equipment for receiving the data flow is the
One equipment under test, then computer equipment is after the data flow for receiving the transmission of the first host computer, according to the length or message of message
The data information of preset field classifies the message in data flow, the message that then will classify according to the length of message
It is truncated and/or is increased load, or by the preset field for the message classified according to the data information of message preset field
Data information distorted, so that normal message is become the message of variation, be sent to the first equipment under test, and receive the first quilt
The information of measurement equipment feedback, may determine that whether the first equipment under test exception occurs according to the information of feedback.If sending the number
Equipment according to stream is the first equipment under test, and the equipment for receiving the data flow is the first host computer, then computer equipment is receiving
It, will be in data flow according to the data information of the length of message or message preset field after the data flow that first equipment under test is sent
Message is classified, and is then truncated and/or is increased load for the message classified according to the length of message, or will be according to
The data information of the preset field for the message that the data information of message preset field is classified is distorted, and normal message is made
The message for becoming variation, is sent to the first host computer, and receives the information of the first host computer feedback, can be with according to the information of feedback
Judge whether the first host computer exception occurs.
According to second aspect, the embodiment of the invention provides a kind of network security test devices, as shown in Figure 2, comprising: obtain
Modulus block 21, for obtaining data flow to be transmitted, data flow includes five-tuple information;Detailed content can be found in above method reality
Apply the associated description of the step S101 of example;Determining module 22, for according to five-tuple information determine data flow corresponding to first
Host computer and the first equipment under test;Detailed content can be found in the associated description of the step S102 of above method embodiment;Send mould
Block 23, for data flow to be sent to not corresponding second host computer of data flow and/or the second equipment under test according to definitive result;
Detailed content can be found in the associated description of the step S103 of above method embodiment;Receiving module 24, it is upper for receiving second
The data that machine and/or the second equipment under test are fed back according to data flow;Detailed content can be found in the step of above method embodiment
The associated description of S104;Detection module 25, for whether being occurred according to the second host computer of Data Detection and/or the second equipment under test
It is abnormal;Detailed content can be found in the associated description of the step S105 of above method embodiment.
Network security test device provided in an embodiment of the present invention determines number by analyzing the data flow of acquisition
According to stream corresponding the first host computer and the first equipment under test, and then data flow can be sent to data flow not corresponding second
Host computer and/or the second equipment under test, test the second host computer and/or the second equipment under test receives the tolerance of abnormal data stream
Degree, it is simple and easy, the host computer and equipment under test of known protocol can be not only tested, the host computer of unknown protocol can also be tested
And equipment under test.
The embodiment of the invention provides a kind of computer equipment, which fills between host computer and equipment under test
When the function of bridge, i.e., the computer equipment is forwarded the interaction data stream of equipment under test and host computer, in need
In the case of, it being forwarded again after first can carrying out intercepting and capturing backup to data stream, at least there are three network interfaces for the computer equipment, wherein
One or more network interfaces connect equipment under tests, and remaining network interface connects host computer, as shown in figure 3, the present embodiment with
The computer equipment is that industry control bug excavation platform and having is illustrated for 5 network interfaces, two of them network interface point
Two different host computers are not connected, and the other three network interface is separately connected three different equipment under tests, and equipment under test can
To be dcs (DCS) or programmable logic controller (PLC) (PLC).
Industry control bug excavation platform, as shown in Figure 4, comprising: at least one processor 71;And at least one processor
The memory 72 of communication connection;In Fig. 4 by taking a processor 71 as an example.
Computer equipment can also include: input unit 73 and output device 74.
Processor 71, memory 72, input unit 73 and output device 74 can be connected by bus or other modes,
In Fig. 4 for being connected by bus.
Processor 71 can be central processing unit (Central Processing Unit, CPU).Processor 71 can be with
For other general processors, digital signal processor (Digital Signal Processor, DSP), specific integrated circuit
(Application Specific Integrated Circuit, ASIC), field programmable gate array (Field-
Programmable Gate Array, FPGA) either other programmable logic device, discrete gate or transistor logic,
The combination of the chips such as discrete hardware components or above-mentioned all kinds of chips.General processor can be microprocessor or the processing
Device is also possible to any conventional processor etc..
Memory 72 is used as a kind of non-transient computer readable storage medium, can be used for storing non-transient software program, non-
Transient computer executable program and module, as the corresponding program of network security test method in the embodiment of the present application refers to
Order/module.Non-transient software program, instruction and the module that processor 71 is stored in memory 72 by operation, to hold
The various function application and data processing of row server, i.e. realization above method embodiment network security test method.
Memory 72 may include storing program area and storage data area, wherein storing program area can storage program area,
Application program required at least one function;Storage data area can store the use of the processing unit according to user terminal operations
The data etc. created.In addition, memory 72 may include high-speed random access memory, it can also include non-transient storage
Device, for example, at least a disk memory, flush memory device or other non-transient solid-state memories.In some embodiments,
Optional memory 72 includes the memory remotely located relative to processor 71, these remote memories can pass through network connection
To image detection, processing unit.The example of above-mentioned network includes but is not limited to internet, intranet, local area network, moves and lead to
Letter net and combinations thereof.
Input unit 73 can receive the number or character information of input, and generate the use with the processing unit of user terminal
Family setting and the related key signals input of function control.Output device 74 may include that display screen etc. shows equipment.
One or more module is stored in memory 72, when being executed by one or more processor 71, is executed
Method as shown in Figure 1.
It is that can lead to it will be understood by those skilled in the art that realizing all or part of the process in above-described embodiment method
Computer program is crossed to instruct relevant hardware and complete, the program can be stored in a computer-readable storage medium
In, the program is when being executed, it may include such as the process of the embodiment of above-mentioned each method.Wherein, the storage medium can for magnetic disk,
CD, read-only memory (Read-Only Memory, ROM), random access memory (Random Access
Memory, RAM), flash memory (Flash Memory), hard disk (Hard Disk Drive, abbreviation: HDD) or solid state hard disk
(Solid-State Drive, SSD) etc.;The storage medium can also include the combination of the memory of mentioned kind.
Although being described in conjunction with the accompanying the embodiment of the present invention, those skilled in the art can not depart from the present invention
Spirit and scope in the case where various modifications and variations can be made, such modifications and variations are each fallen within by appended claims institute
Within the scope of restriction.
Claims (9)
1. a kind of network security test method characterized by comprising
Data flow to be transmitted is obtained, the data flow includes five-tuple information;
The first host computer and the first equipment under test corresponding to the data flow are determined according to the five-tuple information;
The data flow is sent to not corresponding second host computer of the data flow according to definitive result and/or second tested is set
It is standby;
Receive the data that second host computer and/or the second equipment under test are fed back according to the data flow;
Whether the second host computer and/or the second equipment under test according to the Data Detection there is exception.
2. network security test method according to claim 1, which is characterized in that the data flow further includes message,
It is described according to the five-tuple information determine the first host computer and the first equipment under test corresponding to the data flow it
Afterwards, further includes:
The message is made a variation according to preset rules, and it is corresponding that the message after variation is sent to the data flow
First host computer or the first equipment under test.
3. network security test method according to claim 2, which is characterized in that it is described according to preset rules by the report
Text makes a variation, comprising:
The message is classified according to the first preset rules;
The message classified is made a variation according to the second preset rules.
4. network security test method according to claim 3, which is characterized in that it is described according to the first preset rules by institute
Message is stated to classify, comprising:
The message is classified according to the data information of the length of the message or the message preset field.
5. network security test method according to claim 4, which is characterized in that described to be divided according to the second preset rules
The good message of class makes a variation, comprising:
The message classified according to the length of the message is truncated and/or is increased load;Or
By the data information of the preset field for the message classified according to the data information of the message preset field into
Row is distorted.
6. network security test method described in -5 any one according to claim 1, which is characterized in that the five-tuple letter
Breath includes:
Source IP, source port, destination IP, destination port, protocol type.
7. a kind of network security test device characterized by comprising
Module is obtained, for obtaining data flow to be transmitted, the data flow includes five-tuple information;
Determining module, for determining that the first host computer corresponding to the data flow and first is tested according to the five-tuple information
Equipment;
Sending module, for the data flow to be sent to not corresponding second host computer of the data flow according to definitive result
And/or second equipment under test;
Receiving module, the data fed back for receiving second host computer and/or the second equipment under test according to the data flow;
Whether detection module there is exception for the second host computer according to the Data Detection and/or the second equipment under test.
8. a kind of computer equipment characterized by comprising
At least one processor;And the memory being connect at least one described processor communication;Wherein, the memory is deposited
Contain the instruction that can be executed by one processor, described instruction is executed by least one described processor so that it is described extremely
A few processor executes network security test method as claimed in any one of claims 1 to 6.
9. a kind of computer readable storage medium, which is characterized in that the computer-readable recording medium storage has computer to refer to
It enables, the computer instruction is for making the computer perform claim require network security test side described in 1-6 any one
Method.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910558331.XA CN110381035A (en) | 2019-06-25 | 2019-06-25 | Network security test method, device, computer equipment and readable storage medium storing program for executing |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910558331.XA CN110381035A (en) | 2019-06-25 | 2019-06-25 | Network security test method, device, computer equipment and readable storage medium storing program for executing |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN110381035A true CN110381035A (en) | 2019-10-25 |
Family
ID=68249454
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910558331.XA Pending CN110381035A (en) | 2019-06-25 | 2019-06-25 | Network security test method, device, computer equipment and readable storage medium storing program for executing |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN110381035A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111988289A (en) * | 2020-08-04 | 2020-11-24 | 厦门理工学院 | EPA industrial control network security test system and method |
| CN113556350A (en) * | 2021-07-26 | 2021-10-26 | 浙江木链物联网科技有限公司 | Network security device robustness testing method, system and readable storage medium |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101677277A (en) * | 2008-09-17 | 2010-03-24 | 许昌开普电器检测研究院 | MODBUS-RTU protocol conformance test method |
| CN106657018A (en) * | 2016-11-11 | 2017-05-10 | 北京匡恩网络科技有限责任公司 | Industrial control network vulnerability discovering method, apparatus and system |
| CN106656657A (en) * | 2016-11-11 | 2017-05-10 | 北京匡恩网络科技有限责任公司 | Adaptive vulnerability mining framework based on industrial control protocol |
| CN106789156A (en) * | 2016-11-11 | 2017-05-31 | 北京匡恩网络科技有限责任公司 | A kind of industry control network method of testing, apparatus and system |
| CN107835102A (en) * | 2017-10-19 | 2018-03-23 | 北京威努特技术有限公司 | One kind decomposes and decomposed fuzz testing method for protocol characteristic |
| CN108616400A (en) * | 2018-05-09 | 2018-10-02 | 国家计算机网络与信息安全管理中心 | A kind of fragility inspection method and device for industrial control system |
| CN109698841A (en) * | 2019-03-06 | 2019-04-30 | 成都明得科技有限公司 | The unknown bug excavation system and method for industry control based on video monitoring |
-
2019
- 2019-06-25 CN CN201910558331.XA patent/CN110381035A/en active Pending
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101677277A (en) * | 2008-09-17 | 2010-03-24 | 许昌开普电器检测研究院 | MODBUS-RTU protocol conformance test method |
| CN106657018A (en) * | 2016-11-11 | 2017-05-10 | 北京匡恩网络科技有限责任公司 | Industrial control network vulnerability discovering method, apparatus and system |
| CN106656657A (en) * | 2016-11-11 | 2017-05-10 | 北京匡恩网络科技有限责任公司 | Adaptive vulnerability mining framework based on industrial control protocol |
| CN106789156A (en) * | 2016-11-11 | 2017-05-31 | 北京匡恩网络科技有限责任公司 | A kind of industry control network method of testing, apparatus and system |
| CN107835102A (en) * | 2017-10-19 | 2018-03-23 | 北京威努特技术有限公司 | One kind decomposes and decomposed fuzz testing method for protocol characteristic |
| CN108616400A (en) * | 2018-05-09 | 2018-10-02 | 国家计算机网络与信息安全管理中心 | A kind of fragility inspection method and device for industrial control system |
| CN109698841A (en) * | 2019-03-06 | 2019-04-30 | 成都明得科技有限公司 | The unknown bug excavation system and method for industry control based on video monitoring |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111988289A (en) * | 2020-08-04 | 2020-11-24 | 厦门理工学院 | EPA industrial control network security test system and method |
| CN111988289B (en) * | 2020-08-04 | 2021-07-23 | 厦门理工学院 | EPA Industrial Control Network Security Testing System and Method |
| CN113556350A (en) * | 2021-07-26 | 2021-10-26 | 浙江木链物联网科技有限公司 | Network security device robustness testing method, system and readable storage medium |
| CN113556350B (en) * | 2021-07-26 | 2023-03-24 | 浙江木链物联网科技有限公司 | Network security equipment robustness testing method and system and readable storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111538539B (en) | Storage system starting method and device and computer readable storage medium | |
| US10284444B2 (en) | Visual representation of end user response time in a multi-tiered network application | |
| US9612937B2 (en) | Determining relevant events in source code analysis | |
| CN109408338B (en) | Method, device, equipment and system for grabbing trace of NVME (network video management entity) hard disk | |
| CN103313289B (en) | WAP system automation test macro and method | |
| CN108683562A (en) | Abnormality detection localization method, device, computer equipment and storage medium | |
| US20080276129A1 (en) | Software tracing | |
| CN108519933A (en) | Board card testing method and device, readable storage medium and computer equipment | |
| CN105912086A (en) | Power module fault diagnosis method, power module and whole cabinet server | |
| CN109032867A (en) | A kind of method for diagnosing faults, device and equipment | |
| CN111198797B (en) | Operation monitoring method and device and operation analysis method and device | |
| US10528415B2 (en) | Guided troubleshooting with autofilters | |
| CN110381035A (en) | Network security test method, device, computer equipment and readable storage medium storing program for executing | |
| CN115250225A (en) | A network health monitoring method, device and medium based on fault domain detection | |
| CN115687026A (en) | Multi-node server fault early warning method, device, equipment and medium | |
| US8880957B2 (en) | Facilitating processing in a communications environment using stop signaling | |
| CN115118646B (en) | Data interaction method, device and electronic equipment of switch test system | |
| CN115633044B (en) | Message processing methods, devices, electronic equipment and storage media | |
| CN114742143B (en) | Method, device, and system for constructing a secure training model based on federated learning | |
| CN116302758A (en) | Power-down test method, device, communication device and readable storage medium | |
| CN116319475A (en) | A signal analysis method, device, equipment and storage medium | |
| CN111261271B (en) | Service availability diagnosis method and device for video monitoring environment | |
| CN115567372A (en) | A data backup method, device, storage medium and electronic equipment | |
| CN113259198A (en) | Method for monitoring network, forwarding plane device, storage medium and system | |
| US12360875B2 (en) | Systems, apparatuses, methods, and computer program products for generating one or more monitoring operations |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20191025 |
|
| RJ01 | Rejection of invention patent application after publication |