检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
机构地区:[1]太原理工大学计算机科学与技术学院,山西太原030024
出 处:《计算机应用与软件》2014年第12期29-32,共4页Computer Applications and Software
基 金:山西省自然科学基金项目(2009011022-2);山西省留学基金项目(2009-28)
摘 要:渗透测试技术大多局限于对传统操作系统及网络的测试评估,并未涉及移动互联网环境下安全问题。为此实现一种移动互联网环境下针对移动智能终端的渗透测试方案。该方案利用实际的移动互联网络环境搭建测试平台,通过模拟多种网络攻击对Android智能手机在吞吐量、网页响应时间、CPU使用率以及能耗等性能变化进行测试。结果表明,针对链路层的拒绝服务攻击,会话截取以及中间人攻击都能成功对Android系统实施攻击,对Android系统造成威胁。此外,泛洪类拒绝服务攻击对移动智能终端的电量的消耗非常明显。此研究成果为Android系统安全的检测和防御提供了依据。Penetration testing technology is mostly confined to testing and evaluating traditional operating systems and networks, but does not address the security issues in mobile internet environment.And for that, in the paper we implement a penetration testing scheme for intelligent mobile terminals in mobile internet environment. The scheme constructs the test platform using practical mobile internet environment, and tests the performances variation of Android-based smartphone in terms of throughput, webpage response time, CPU utilisation and power consumption, etc., by simulating multiple networks attacks.Results show that the attacks targeted at link-layer including the denial-of-service attack, man-in-the-middle attack and session hijacking attack are all success in attacking the Android system and cause menace on the system.Besides, the flooding type of DoS attack is very detrimental to power consumption of the smartphone.This research outcome provides a basis for the detection and prevention of Android system security.
分 类 号:TP309[自动化与计算机技术—计算机系统结构]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.13
