Method and system for detecting Web application

A web application and function point technology, applied in the field of computer networks, can solve problems such as missing web pages, missing web pages, and inability to accurately identify loopholes

Active Publication Date: 2015-12-09
CHINA UNIONPAY
View PDF4 Cites 20 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, the use of crawler technology may cause some Web pages to be missed. For example, when a Web site lacks links to Web pages, due to relying on links, crawler technology alone will miss the Web page.
On the other hand, the current web vulnerability scanner cannot accurately identify vulnerabilities due to the single analysis data source

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and system for detecting Web application
  • Method and system for detecting Web application

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0021] figure 1 is a flowchart of a method for detecting a Web application according to one aspect of the present invention. As shown in the figure, the method for detecting a web application includes one or more of the following processes. In process 101, a web application is pre-analyzed. In this process, information related to function points of the web application and / or a set of vulnerability templates for the web application are determined, where the vulnerability template is a script for detecting a specific vulnerability. In process 102, Web application function points are analyzed. In this process, a subset of vulnerability templates applicable to the function point of the web application is determined from the set of vulnerability templates. In process 103, web vulnerabilities are analyzed and verified. In this process, the second device analyzes and verifies web vulnerabilities according to the HTTP response and / or monitoring information.

[0022] In one embodi...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The present invention provides a method and a system for detecting a Web application. The method comprises one or more of the following procedures. In the procedure of 101, the Web application is subjected to pre-analysis. In the procedure, a Web application function point related information and / or the vulnerability template set for the Web application is determined, and the vulnerability template is a script for detecting a specific vulnerability. In the procedure of 102, the Web application function point is analyzed. In the procedure, a vulnerability template sub set suitable for the Web application function point is determined from the vulnerability template set. In the procedure of 103, Web vulnerabilities are analyzed and verified. In the procedure, a second device analyzes and analyzes the Web vulnerabilities according to HTTP response and / or monitoring information.

Description

technical field [0001] The present invention relates to computer network technology, and in particular to a method and system for detecting Web applications. Background technique [0002] In order to improve the security of the web application, in the web application testing phase, a web vulnerability scanner is usually used to scan the web application and patch the discovered vulnerabilities. [0003] Usually, a web vulnerability scanner uses a crawler technology to submit data according to the characteristics of a web page to perform a fuzz test on a web application to analyze vulnerabilities in the web page. However, the use of crawler technology may cause some Web pages to be missed. For example, when a Web site lacks a link to a Web page, the Web page will be missed by using crawler technology alone due to the dependence on the link. On the other hand, current web vulnerability scanners cannot accurately identify vulnerabilities due to the single analysis data source. ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/08
Inventor 王明博华锦芝
Owner CHINA UNIONPAY
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap