Web application reverse analysis method oriented to XSS (Cross Site Scripting) vulnerability detection

A vulnerability detection and reverse analysis technology, applied in special data processing applications, network data retrieval, other database retrieval, etc., can solve problems such as redundant information, insufficient expression ability of Web application functions, and lack of navigation information
CN106951784AActive Publication Date: 2017-07-14NANJING UNIV OF AERONAUTICS & ASTRONAUTICS
3 Cites 9 Cited by

Patent Information

Authority / Receiving Office
CN ยท China
Current Assignee / Owner
NANJING UNIV OF AERONAUTICS & ASTRONAUTICS
Publication Date
2017-07-14

Smart Images

  • Figure 1
    Figure 1
  • Figure 2
    Figure 2
  • Figure 3
    Figure 3
Patent Text Reader

Abstract

The invention discloses a web application reverse analysis method oriented to XSS (Cross Site Scripting) vulnerability detection. A microscopic state is added into a Web application model to express a navigation relationship in the Web application; in a Web application model deduction process, a state change detection algorithm and a navigation function are adopted to finish initial Web application model construction; a page clustering algorithm and a state reduction algorithm are adopted to simplify the Web application model; and finally, an experiment proves that the model is favorable for improving the effect and the efficiency of the XSS vulnerability detection. According to the method, an existing Web application model is improved, the concept of the microscopic state is added, a hierarchical Web application model representing method is put forward, so that the hierarchical Web application model representing method can describe a transition relationship between Web application states, and the navigation relationship in the Web application can be presented.
Need to check novelty before this filing date? Find Prior Art

Description

technical field

[0001] The invention relates to an automatic reverse analysis method of a Web application model oriented to XSS loophole detection, and belongs to the field of computer information security. Background technique

[0002] With the continuous growth of Internet users and the number of websites, Web applications have been widely used in various fields, such as e-commerce, social networking, and online payment. In 2015, the total number of domain names in my country reached 31.02 million. At the same time, the security issues of Web application systems are becoming more and more prominent. According to the statistics of the China Vulnerability Database, in 2015, among the security vulnerabilities included in the China Vulnerability Database, the number of web application vulnerabilities ranked second. Among them, the XSS vulnerability is one of the most influential web application vulnerabilities, ranking among the top three in the latest ranking of web applica...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More