Web应用程序漏洞检测与防护技术研究

发布时间：2019-05-07 05:31

【摘要】：近年来,因Web应用漏洞而引发的安全事件频繁发生,Web应用漏洞对网络安全的威胁越来越大,跨站脚本(Cross Site Script,XSS)漏洞就是最为常见的Web应用漏洞,攻击者能够利用跨站脚本漏洞对用户进行信息窃取,会话挟持、钓鱼欺骗等攻击。而现有的Web漏洞检测方案及工具一般都不完善,存在着效率低、漏检率高、误报率高等各种缺陷。因此对于XSS漏洞的检测与防御技术需要进行进一步的深入研究。设计一款高性能的XSS漏洞检测系统有利于预防Web应用的跨站脚本攻击,减少Web安全事件的发生。在对XSS漏洞的利用过程以及现有的检测技术深入学习研究的基础上,详细分析了漏洞检测系统的需求,设计并实现了一种针对Web应用中的跨站脚本漏洞检测系统。该系统在现有Web漏洞检测技术与检测工具的基础上,添加了验证码识别功能,解决了检测期间需要输入验证码后才可向服务器提交数据的问题,并根据现有Web漏洞检测工具的不足,对系统的网络爬虫进行改进,同时根据服务器对于XSS代码的过滤规则,构造出更多能够绕过服务器过滤的XSS代码。测试结果表明,所构建的系统具有低漏检率、低误报率并且改进的网络爬虫具有较高的效率。通过添加验证码识别功能和构造可绕过服务器过滤规则的XSS代码,能够深度挖掘跨站脚本漏洞,降低系统的漏检率。高效的、能够准确提取页面交互点信息的网络爬虫提高了漏洞检测的正确性和效率。
[Abstract]:In recent years, security events caused by Web application vulnerability occur frequently, and Web application vulnerability is more and more serious to network security. Cross-site script (Cross Site Script,XSS (cross-site script vulnerability) vulnerability is the most common Web application vulnerability. Attackers can exploit cross-site scripting vulnerabilities to exploit information theft, session hijacking, phishing spoofing and other attacks. But the existing Web vulnerability detection schemes and tools are generally not perfect, there are many defects such as low efficiency, high miss rate, high false alarm rate and so on. Therefore, the XSS vulnerability detection and defense technology needs to be further in-depth research. Designing a high-performance XSS vulnerability detection system is helpful to prevent cross-site scripting attacks of Web applications and reduce the occurrence of Web security events. Based on the in-depth study on the exploitation process of XSS vulnerability and the existing detection techniques, the requirements of the vulnerability detection system are analyzed in detail, and a cross-station script vulnerability detection system for Web applications is designed and implemented. Based on the existing Web vulnerability detection technology and detection tools, the system adds the function of authentication code recognition, which solves the problem that the data can be submitted to the server only after the authentication code is inputted during the detection period. According to the deficiency of the existing Web vulnerability detection tools, the network crawler of the system is improved, and more XSS codes that can bypass the server filtering are constructed according to the filtering rules of the server to the XSS code. The test results show that the proposed system has low miss detection rate, low false positive rate and high efficiency of the improved network crawler. By adding the authentication code recognition function and constructing the XSS code which can bypass the server filtering rules, the cross-station script vulnerability can be deeply excavated and the miss detection rate of the system can be reduced. An efficient web crawler that can accurately extract the information of page interaction points improves the correctness and efficiency of vulnerability detection.
【学位授予单位】：南京邮电大学
【学位级别】：硕士
【学位授予年份】：2017
【分类号】：TP393.08

【参考文献】