Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

WEB vulnerability scanning method and vulnerability scanner based on fingerprint recognition technology

A technology of fingerprint identification technology and scanning method, which is applied in the direction of electrical components, transmission systems, platform integrity maintenance, etc., can solve problems such as poor accuracy, users cannot add vulnerability information, and poor scalability of the scanning system, achieving high efficiency and accuracy High, convenient system expansion effect

Inactive Publication Date: 2013-04-24
SICHUAN UNIV
View PDF3 Cites 83 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] The above-mentioned website vulnerability detection method does not perform fingerprint identification on the target website, does not distinguish between different website programs, but only performs fool-like vulnerability scanning according to the strategy, and adopts the exact same vulnerability scanning process for all websites, so it cannot be used according to different websites. Adapt to vulnerability scanning, which leads to low efficiency and poor accuracy of vulnerability scanning
[0006] At the same time, due to the great differences between different website building systems, the above-mentioned vulnerability detection methods cannot perform fingerprint identification, so the existing website vulnerability scanning systems generally only detect some general vulnerabilities such as injection vulnerabilities and cross-site scripting vulnerabilities. etc., while ignoring the unique vulnerabilities of each website building system template, resulting in insufficient vulnerability scanning results
[0007] Existing website vulnerability scanning systems are generally released in the form of a single software, and the vulnerability library is integrated into the system. Users cannot customize and add the latest vulnerability information. They can only wait for the vulnerability scanning system to be upgraded to update the latest vulnerabilities. information, resulting in poor scalability of the scanning system
[0008] Therefore, there are many defects in the existing website vulnerability scanning system, which cannot fully meet the user's website vulnerability scanning needs.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • WEB vulnerability scanning method and vulnerability scanner based on fingerprint recognition technology
  • WEB vulnerability scanning method and vulnerability scanner based on fingerprint recognition technology

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0028] The present invention will be further described below in conjunction with accompanying drawings and examples. The present invention aims to provide a tool for scanning security loopholes of websites, which can automatically and efficiently check loopholes and potential safety hazards existing in web application programs, and conduct evaluation tests on system security.

[0029] The present invention mainly improves the loophole scanning method of the traditional WEB server, and the method is as follows: adopt the loophole scanner, and the scanner structure includes a user end, a browser, a scanning host and four parts of the WEB server, such as figure 1 As shown, the scanning host includes a control module, a scanning parameter setting module, a scanning engine module, a WEB fingerprint library module and a WEB vulnerability library module, and the user sets scanning parameters in the scanning parameter setting module through the control platform, and the scanning engine...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a WEB vulnerability scanning method and a vulnerability scanner based on fingerprint recognition technology. Since a feature library based security scanning scheme is used to replace a common site security vulnerability scanning scheme based on fully crawling, the scanner is improved in terms of accuracy of vulnerability scanning, flexibility of further processing after detecting vulnerabilities, efficiency of discovering vulnerabilities, and the like, and accordingly a new scheme is provided for the system security scanning and the network vulnerability scanning. The scanner comprises a user side, a browser, a scanning host and a WEB server. According to the abstract appended drawing, the scanning host comprises a control module, a scan parameter setting module, a scan engine module, a WEB fingerprint library module and a WEB vulnerability library module. The user sets scanning parameters in the scan parameter setting module through the control module, the scanning engine is firstly used for fingerprint recognition on the basis of sent parameters, and finally, the vulnerability library is used for testing site vulnerabilities and sending a test report. The scanner is capable of accurately and rapidly helping users to test and analyze vulnerability of the target website, and directly perform corresponding operations on the browser with no need of installation of client side software.

Description

technical field [0001] The invention relates to a WEB loophole scanning method and a loophole scanner based on fingerprint identification technology, belonging to computer network technology. Background technique [0002] With the continuous development of the network, the number of websites has increased rapidly year by year. According to the CNNIC report, as of June 2012, there were 2.5 million websites in China alone. Correspondingly, the issue of website security has become more and more prominent, especially since the large-scale password leakage incidents of websites such as CSDN, website security has attracted more and more attention. [0003] With a large number of beautiful and practical open source or paid various types of website building program templates on the Internet, website builders mostly use ready-made website building template programs to build them based on cost and convenience considerations. For example, blog websites generally use WordPress to build,...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/57
CPCH04L63/1433
Inventor 方勇刘亮黄诚张钊何良何鹏程季凡许承文
Owner SICHUAN UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com