Unlock instant, AI-driven research and patent intelligence for your innovation.

Method and device for detecting WEB service based on HTML (Hypertext Markup Language) structure fingerprints

A technology of WEB service and detection method, which is applied in the field of active scanning of network assets, can solve problems such as the decline in success rate, and achieve the effect of improving accuracy and strong versatility

Inactive Publication Date: 2022-04-26
北京威努特技术有限公司
View PDF0 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0006] 2. Some special content such as the banner information in the WEB server response message is easy to be modified or deleted. If the modification occurs, the written feature regular fingerprint may become invalid, and the detection success rate will be greatly reduced.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and device for detecting WEB service based on HTML (Hypertext Markup Language) structure fingerprints
  • Method and device for detecting WEB service based on HTML (Hypertext Markup Language) structure fingerprints
  • Method and device for detecting WEB service based on HTML (Hypertext Markup Language) structure fingerprints

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0038] Such as figure 1 As shown, Embodiment 1 of the present application provides a method for detecting WEB services based on HTML structural fingerprints, including:

[0039] Step 1. Obtain the HTTP message information returned by the WEB server through HTTP message capture, obtain special characters or character strings as features according to the special position of the HTTP message, and write regular fingerprints;

[0040] For example, the following table 1 shows the captured HTTP message information and its simple regular fingerprint:

[0041]

[0042]

[0043] Step 2. Start scanning to obtain HTTP message information, try to scan the entire WEB network through the written regular fingerprint, and mark the HTTP message information that can match the regular fingerprint;

[0044] Specifically, through the simple fingerprint information obtained in the first step, try to scan the entire WEB network on ports 80, 8080, etc. of the entire network; after enabling the ...

Embodiment 2

[0079] Such as figure 2 As shown, Embodiment 2 of the present invention provides a detection device for WEB services based on HTML structure fingerprints, including a regular fingerprint module, a scanning module, an HTML structure feature extraction module, and an HTML structure fingerprint module; The method for detecting web services by structural fingerprints specifically includes a structural fingerprint training stage and a structural fingerprint application stage.

[0080] Structural fingerprint training phase:

[0081] The regular fingerprint module stores a small number of regular feature fingerprints manually written; the scanning module performs WEB scanning on ports 80, 8080, and 443 to obtain the scanning results; data is marked according to the written regular features, and the marked data is sent to the HTML structure feature extraction module ;The HTML structure feature extraction module filters the marked data, processes the HTML DOM structure through the pr...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a WEB service detection method and device based on HTML (Hypertext Markup Language) structure fingerprints. The method comprises the steps that HTTP message information returned by a WEB server is obtained through HTTP message packet capture, and regular fingerprints are written according to HTTP messages; starting scanning to obtain HTTP message information, trying to scan the whole WEB network through the written regular fingerprint, and marking the HTTP message information which can be matched with the regular fingerprint; webpage structure information is described through two dimensions of a DOM tree structure of an HTTP webpage and jump connection in the HTTP webpage, a data model is constructed, webpage structure information processing is carried out on marked HTTP message information, a node path array and a link array are obtained, the node path array and the link array are used for training the data model, and trained HTML structure fingerprints are obtained; and when WEB service detection needs to be carried out, matching is carried out by using the trained HTML structure fingerprint, and web asset information is detected. A large amount of regular fingerprint writing work can be omitted, and the universality is high.

Description

technical field [0001] The invention relates to the technical field of active scanning of network assets, in particular to a method for detecting WEB services based on HTML structure fingerprints. Background technique [0002] In recent years, benefiting from the rapid development of information network technology, the degree of global informatization is getting higher and higher. With the continuous extension and popularization of various information networks, the security threats from the network are also increasing exponentially. Driven by various political, military, and economic interests, various types of network attacks emerge in an endless stream, and the network attack methods are also becoming more and more complicated. , diversification, and more targeted, the network security situation is becoming more and more severe. In order to be able to detect the enemy first and prevent problems before they happen, information network users should pay more attention to the...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L67/51H04L67/02G06F16/958G06V40/12G06V10/74G06V10/774G06K9/62
CPCH04L67/02G06F16/958G06F18/22G06F18/214
Inventor 李晨星
Owner 北京威努特技术有限公司