Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Storage type XSS vulnerability detection system based on genetic algorithm

A genetic algorithm and vulnerability detection technology, applied in the field of computer software, can solve the problems of lack of meaning and directivity of data, and achieve the effect of improving crawler speed, efficiency and detection speed

Inactive Publication Date: 2019-07-09
BEIJING UNIV OF TECH
View PDF2 Cites 1 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Due to the lack of clear meaning and directivity of these randomly generated data, there is a large blindness

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Storage type XSS vulnerability detection system based on genetic algorithm
  • Storage type XSS vulnerability detection system based on genetic algorithm
  • Storage type XSS vulnerability detection system based on genetic algorithm

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0032] The principle of this system is to generate and optimize attack vectors based on genetic algorithm, use crawler technology to quickly obtain source code, analyze and obtain injection points for interaction with the background by parsing web pages, and then use selenium to implement form submission, and finally dynamically determine whether there is stored XSS on the web page. Vulnerability. This system is mainly divided into three modules: network crawler and injection point analysis module, attack vector generation module, and vulnerability detection module. The specific system architecture is as follows: figure 2 shown.

[0033] 5.1 Web crawler and injection point analysis module

[0034] This module mainly realizes the functions of searching web links and finding injection points through page parsing technology. The search page link uses the breadth-first crawler algorithm, which only searches the pages under the same domain name. The algorithm description is show...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to a storage type XSS vulnerability detection system. The system comprises a web crawler and injection point analysis module, an attack vector generation module and a vulnerability detection module. The method comprises the following steps of: analyzing and analyzing each webpage by crawling a link from a website, and searching a form in the webpage; and meanwhile, a normal probe is submitted to the form and is used for determining the output page and position of the injection point. And then generating an attack vector suitable for the website by utilizing a genetic algorithm. And finally, in the vulnerability detection module, simulating an attack according to the injection point information and the attack vectors recorded by the first two modules, then judging whether the attack vector is contained in a display page of the vulnerability detection module or not, and judging whether the attack vector is successfully executed or not. And if the attack vector is successfully executed, indicating that a vulnerability exists. According to the method, deep research is carried out on the storage type XSS vulnerabilities, a detection system is realized, and the method has very good practical significance on XSS vulnerability detection.

Description

technical field [0001] The invention relates to a storage type XSS vulnerability detection system based on a genetic algorithm, and belongs to the field of computer software. Background technique [0002] With the rapid development of Internet technology, various Web applications emerge one after another, and at the same time, due to the uneven skills of developers, more and more Web security problems have emerged one after another. According to the statistics of the National Information Security Vulnerability Database, Cross Site Script Execution (XSS) ranks third, accounting for 20%. The details are as follows: figure 1 shown. According to the top ten application security risks announced by the non-profit organization OWASP (the Open Web Application Security Project), XSS vulnerabilities have always been among them, which shows that XSS vulnerabilities have become one of the common vulnerabilities that various web applications need to face. . [0003] The essential reas...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L29/08
CPCH04L63/1433H04L63/1466H04L67/02
Inventor 王丹秦亚芬林九川
Owner BEIJING UNIV OF TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com