| With the rapid development of Internet technology, Web applications provide more and more rich network services for people. But the security problems brought by technological innovation are endless, which not only affects the normal use of Web applications, but also threatens the interests of the user's personal. With the importance of network security, the vulnerability detection and security of Web application system has become the most important two directions of the current Web security research.In the process of system vulnerability detection, the black box vulnerability detection scheme has been favored because of its advantages. But with the application of firewall security protection method, black box vulnerability detection scheme of the conventional has low efficiency, lack of pertinence and other issues, so the thing how to efficiently carry black holes in the safety protection detection has become urgent needs. In this paper, through in-depth analysis of the application of firewall filtering rules, research and design of the corresponding bypass rules, and put forward the Web application system of the XSS application system of the existence of the application system of the automatic detection scheme based on bypassing rules.Around the above research topic, this paper mainly in the following aspects to start the related work: the author has investigated the development situation of Web application firewall and its security hidden risks, especially in the domestic and foreign research status of safety; the author summarizes the principle, classification and detection methods of XSS vulnerabilities, and discusses the common Web security attacks and protection strategies, and focuses on the application of firewall technology to the analysis; the author deeply analyzes the filtering rules of Web application firewall, and the author combines the XSS leak detection technology and the manual penetration testing technology to re classify the filtering rules, then uses discriminant matrix to realize the automatic judgment of the effective rule, after that, combines the XSS vulnerability detection method based on the attack position to generate the specific test cases, all the things provide core support for the design of this paper; based on the above analysis and research, the author combines the Web crawler technology and vulnerability automated testing and other related technologies, uses scripting language to design and develop a XSS vulnerability detection system.The main innovation of this paper is to provide a new way to detect the vulnerability of the Web application system with security protection.Based on the application of firewall filtering rules of the input control is the current mainstream of security solutions. The traditional vulnerability detection scheme is to generate test cases for a comprehensive test, but a large part of the test cases are invalid because of Web application firewall.This is caused by the passive detection of the most fundamental problems of low efficiency. In this paper, passive generation test cases are changed into active detection filter rules and test cases are generated relatively.Thus greatly improving the detection efficiency, this detection idea can also be the role of other vulnerabilities in the same environment on the detection.In order to verify the design of the detection system can achieve the desired objectives, the paper designs the environment for the test at last,through the different application of the firewall to detect the vertical contrast and the horizontal contrast with other detection tools, to ensure the feasibility and efficiency of the detection scheme. |
PDF Full Text Request