Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Web application vulnerability detection method and related device

A detection method and technology for loopholes, applied in computer security devices, instruments, electrical digital data processing, etc., can solve the problems of high development costs

Pending Publication Date: 2021-04-09
北京安全共识科技有限公司
View PDF0 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] At present, the vulnerability detection logic of web applications can be developed in the web middleware running web applications, but there is a problem of high development costs

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Web application vulnerability detection method and related device
  • Web application vulnerability detection method and related device
  • Web application vulnerability detection method and related device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0046] The following will clearly and completely describe the technical solutions in the embodiments of the application with reference to the drawings in the embodiments of the application. Apparently, the described embodiments are only some of the embodiments of the application, not all of them. Based on the embodiments in this application, all other embodiments obtained by persons of ordinary skill in the art without making creative efforts belong to the scope of protection of this application.

[0047] figure 1 A method for detecting a web application vulnerability provided in the embodiment of the present application may include the following steps:

[0048] S101. The web middleware loads a preset hook point.

[0049] In this embodiment, web middleware refers to Java web middleware, and Java web middleware loads a pre-defined hook point when a Java virtual machine (Java virtual machine, JVM) starts, that is, loads a preset hook point. In this embodiment, the preset hook po...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a web application vulnerability detection method and a related device, and the method applied to a server comprises the steps: receiving a method set of http requests; wherein the http request method set refers to a set formed by target methods in the hook point triggering method in the process that the web application responds to the http request; the target method refers to a method starting from a source point method, and the output data of the previous method is the input data of the next method; determining a method call graph of a method set of the http requests; and under the condition that the call chain meeting the preset condition exists in the method call graph, determining that the web application has a vulnerability. The vulnerability detection of the web application is realized through the server, and the vulnerability detection is realized based on the method call graph and the vulnerability detection strategy. The vulnerability detection logic, written by the server, of the web applications in different languages is the same, so that the problem of high development cost caused by the fact that the web applications developed in different languages need to adopt different languages to develop the vulnerability detection logic is avoided.

Description

technical field [0001] This application relates to the field of vulnerability detection and processing, in particular to a detection method and related devices for web application vulnerabilities. Background technique [0002] With the development of technologies such as the Internet, 5G, and cloud, the Internet of Everything formed by the Internet of Vehicles and the Internet of Things will become the mainstream in the future, and a large number of web applications will appear in the Internet of Everything, and different data will be collected and stored. The security (whether there are vulnerabilities) of web applications that process data will rise again. [0003] At present, the vulnerability detection logic of the web application can be developed in the web middleware running the web application, but there is a problem of high development cost. Contents of the invention [0004] This application provides a method for detecting vulnerabilities in web applications and ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/57
CPCG06F21/577G06F2221/033
Inventor 董志勇邬迪卢中阳
Owner 北京安全共识科技有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com