Java Web framework vulnerability attack general detection and positioning method and system

A general-purpose detection and vulnerability detection technology, applied in transmission systems, digital transmission systems, data exchange networks, etc., can solve the problems of difficulty in vulnerability attack detection and detailed positioning, inability to identify unknown vulnerabilities, and high detection false positive rate, achieving high efficiency and accuracy. Vulnerability detection and detail localization, good practicability and scalability, and the effect of improving detection efficiency

Active Publication Date: 2019-09-20
WUHAN UNIV
View PDF6 Cites 21 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

For the protection of Java Web framework vulnerability attacks, the industry mostly uses the WAF (Web Application Firewall, Web Application Firewall) solution, but this solution relies on manual analysis to extract vulnerability characteristics and formulate pattern matching rules. Therefore, the detection and details of vulnerability attacks Positioning is more difficult
At the same time, because the detection results are affected by the quality of the matching rules, the access is identified outside the application, and if it is suspicious, the access is blocked, resulting in a high false positive rate of detection, and the unknown vulnerability attack cannot be identified.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Java Web framework vulnerability attack general detection and positioning method and system
  • Java Web framework vulnerability attack general detection and positioning method and system
  • Java Web framework vulnerability attack general detection and positioning method and system

Examples

Experimental program
Comparison scheme
Effect test

specific Embodiment approach

[0051] figure 1 Shown is the system framework diagram of the method provided by the present invention. The specific implementation of the present invention is as follows:

[0052] 1. According to the typical vulnerabilities of the Java Web framework, analyze the key steps and principles in the vulnerability attack, summarize the common points in the attack process, and establish a set of general vulnerability exploitation rules.

[0053] 2. According to the set of vulnerability exploitation rules established in step 1, the "context information collection module" deploys RASP probe codes at each key level of the application to obtain key context data such as parameter information of related sensitive functions. The specific operations are as follows:

[0054] 21) Extract the key function points from the set of exploit rules. Along the path between the entry point that the vulnerability attack must pass through to the sink point where the attack effect is finally realized, the "context...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a Java Web framework vulnerability attack general detection and positioning method and system, and the system comprises: a context information collection module which is used for deploying a probe code of an RASP at each key level of an application program, and obtaining key context data such as parameter information of a related sensitive function; a vulnerability judgment module which is used for constructing an attack detection rule matching algorithm according to the established vulnerability utilization rule set, namely the representation characteristics of different vulnerability attack types in each level of the Web program; and a vulnerability alarm module which is used for receiving a judgment result of the vulnerability judgment module and outputting feedback information which comprises a judgment result of vulnerability attacks suffered by the program. The collected context information application rules in the program can be directly matched, meanwhile, the detection rule set can be expanded along with expansion of vulnerability attack types analyzed in the early stage, the operation state in the program can be monitored in real time, unknown vulnerability defense is achieved, and effectiveness and practicability are achieved.

Description

Technical field [0001] The invention relates to the field of computer network security, in particular to a method and system for general detection and positioning of Java Web framework vulnerability attacks. Background technique [0002] For rapid development, developers will choose to use Java Web frameworks to quickly build programs, but inevitably, these frameworks will have varying degrees of security flaws. For Java Web frameworks, there are often many vulnerabilities and a high risk ratio. For the protection of Java Web framework vulnerability attacks, most of the industry uses the WAF (Web Application Firewall) solution, but this solution relies on manual analysis to extract the vulnerability characteristics to formulate pattern matching rules, so the detection and details of the vulnerability attacks Positioning is more difficult. At the same time, because the detection results are affected by the quality of the matching rules, the access is identified outside the appli...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L29/08H04L12/24
CPCH04L41/069H04L63/1433H04L63/306H04L67/025H04L67/34
Inventor 彭国军胡岸琪邱若男
Owner WUHAN UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap