Unlock instant, AI-driven research and patent intelligence for your innovation.

A Web Vulnerability Scanning Method Based on Web Page Template Matching

A vulnerability scanning and web page template technology, which is applied to electrical components, transmission systems, etc., can solve problems such as excessive scanning time, and achieve the effect of simple equipment requirements, good stability, and high accuracy of vulnerability detection

Active Publication Date: 2016-05-18
JINHUA BIQI NETWORK TECH
View PDF3 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

In the process of scanning web vulnerabilities, it is necessary to capture all web pages of the website, and then analyze and test them. Although this method can obtain high scanning accuracy, it will lead to excessively high scanning time for large websites.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A Web Vulnerability Scanning Method Based on Web Page Template Matching

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0020] The invention provides an efficient loophole scanning solution based on network template matching. This solution maintains a directory tree of scanned websites during the webpage crawling process, each node of the directory tree is a directory, and the directory can include subdirectories and web pages in the directory. Vulnerability scanning When a web page is crawled, the web page is stored in the corresponding directory node according to the URL address of the web page. When the number of web pages in a directory node reaches the specified value, template matching is performed on the web page in the directory to calculate The similarity of web pages, if the similarity reaches a certain threshold, it can be judged that the web pages in this directory are generated by the same template, and other web pages in this directory do not need to be crawled. Finally, the solution will perform injection detection on the extracted web pages in the directory tree.

[0021] The p...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a web vulnerability scanning method based on webpage template matching. The method comprises the steps that the structural similarity between a webpage and a template webpage is computed and detected; whether the webpage needs to be captured and whether vulnerability scanning needs to be conducted on the webpage are judged. The web vulnerability scanning method based on webpage template matching has simple requirements for equipment, is high in vulnerability detection accuracy rate, and shows good stability in application.

Description

technical field [0001] The invention relates to the fields of information security and web page architecture, in particular to a web vulnerability scanning method based on web page template matching. Background technique [0002] Web applications are oriented to a large number of Web users, and once serious loopholes appear, the harm will be very great. There are many kinds of vulnerabilities in web applications, which make them vulnerable to attacks. Among them, SQL injection attack (SQLinjection) is one of the mainstream web attack methods at present. SQL injection attackers use the web application to fail to judge the legality of user input data, and insert special characters and instructions with carefully constructed SQL statements through the input area of ​​the web page (such as URL, form, etc.), thereby attacking the back-end database. Attack to gain administrator privileges. [0003] The basic principle of SQL injection vulnerability detection is to use a simulate...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06
Inventor 池水明周苏杭陈勤孙斌张旻方晓波
Owner JINHUA BIQI NETWORK TECH