Eureka AIR delivers breakthrough ideas for toughest innovation challenges, trusted by R&D personnel around the world.

A Web application security vulnerability prediction method based on execution flow graph

A web application and vulnerability technology, applied in the field of network security, can solve the problems of not being intuitive enough, heavy workload, etc., and achieve the effect of intuitive expression, small generation and calculation workload

Active Publication Date: 2018-12-28
BEIJING INSTITUTE OF TECHNOLOGYGY
View PDF6 Cites 6 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0014] However, the second method directly analyzes all the program statements in the program slice. The main disadvantage is that the workload is too large and it is not intuitive enough.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A Web application security vulnerability prediction method based on execution flow graph
  • A Web application security vulnerability prediction method based on execution flow graph
  • A Web application security vulnerability prediction method based on execution flow graph

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0041] The present invention provides a web application security loophole prediction method based on the execution flow graph. The basic idea is: combine the data dependency graph and the control dependency graph to construct the execution flow graph EFG of the program; extract security-sensitive statements from the EFG Where the node S k as the end point, with node S k The associated user input node U I is the subgraph of the starting point, and extracts the metric element for each subgraph; the specific value of the metric element of the subgraph is used as input, and the S corresponding to the subgraph is k With or without vulnerabilities as the output, a vulnerability prediction model is constructed to realize the prediction of web application security vulnerabilities.

[0042] Such as figure 1 As shown, the method includes the following steps:

[0043] Step 1. Define the security attribute of the program statement.

[0044] Describe various security properties relate...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a Web application security vulnerability prediction method based on an execution flow graph. The execution flow graph EFG is constructed according to the data dependency relationship and the control dependency relationship of the Web application; a sub-graph is extracted from the EFG with the node Sk where the security sensitive statement is located as an end point and theuser inputs node UI associated with the Sk as a starting point, and a metric element is extracted for each sub-graph; the concrete value of the metric element of the sub-graph is taken as the input and the Sk vulnerability of the corresponding sub-graph is taken as the output, the vulnerability prediction model is constructed, so as to realize the security vulnerability prediction of Web application. The invention comprises a judging node on the extraction of the metric element, and the workload is greatly reduced compared with the analysis of the program slice directly.

Description

technical field [0001] The invention relates to the technical field of network security, in particular to a method for predicting Web application security vulnerabilities based on an execution flow graph. Background technique [0002] Web applications have been widely used in all aspects of our daily life, such as social networks, online shopping, email, order systems, registration systems, etc. Most of these systems are developed based on the web. In these systems, a large number of security loopholes have been found. Attackers can easily gain system root privileges by exploiting these loopholes, causing sensitive information to leak and causing great harm. [0003] Software vulnerability prediction can know in advance the possibility, quantity or specific types of vulnerabilities existing in software source code modules. According to the prediction results, software manufacturers can invest limited time and funds in a targeted manner to those vulnerabilities with high prob...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/57
CPCG06F21/577G06F2221/033
Inventor 危胜军钟浩单纯胡昌振
Owner BEIJING INSTITUTE OF TECHNOLOGYGY
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Eureka Blog
Learn More
PatSnap group products