Design And Implementation Of Detection Tools In Security Vulnerabilities Of Web Application Based On HTML5

With the development of computer technology, Web system has been widely used in every field, Web application page service also turned the simple and static services into a dynamic complex interactive services.With the emergence of HTML5, the form of the Web system has been more rich and efficient. The Web Application system has been attacked by hackers at present, according to the statistics, 75% of information security attacks occurred in the application layer, the attacks on Web system rises sharply followed by immature HTML5. Leak detection technology based on HTML5 is standing on the ground of an attacker,Leak detection system will filter out all suspected leak first, and then determine the authenticity of each suspected leak by attacking of the hacker, ensure the safety of application system.With the analysis and simulation mode of attack with HTML5, on the basis of principle in XSS, SQL injection attacks and so on, the paper mastered the attack mode of XSS and SQL injection, and through a lot of exercise and understand to design a more comprehensive attack rules library. On the basis of plenty of rule base. Through the experiment of Web site, the paper gets the results of the Web application security vulnerabilities, this result would give a guiding significance for the development of the Web site.The work of this paper are as follows:1. This paper introduced the leak detection and the key technology research, research background and development present situation on vulnerability detection are reviewed.2. Studyed various Web application attacks bases on HTML5, sumed up the principles and techniques of various kinds of attacks.3. Through the study of various attacks, completed architectural design of testing system on basis of understand and study in the leak detection tools, at the same time completed the design of the system module in the function of the system planning.4. Based on the overall architecture of the system and design strategy of each module, seted up the whole system function module and runned leak detection system,according to the testing results to improve correctness and reliability of system, thus design a perfect Web application security testing system.