Research And Implementation Of The XSS Vulnerability Detection Model Based On Web Crawler

With the development of Internet,Web applications have become An integral part of people's life,Web application vulnerabilitie has become one of the most serious potential security problems on the Internet.At many Application vulnerabilities,XSS vulnerability is a harmful Web application vulnerabilities which has broad influences.Commercial leak detection tools on the market is expensive,small and medium-sized enterprises can't affort these tools.The commonly used Web application vulnerabilities detection tools have shortages like low operational efficiency.After fully studied the theory of XSS vulnerability and analysised the uses of Web Crawler technology in XSS vulnerability detection,this paper designes and implementes a XSS vulnerability detection system based on Web Crawler technology.In this paper,the main research work mainly includes the following aspects.Firstly,This paper analysises the concept,types,characteristics and harm of the XSS vulnerability,describes the related technologies and problems of web crawler.on this basis,we focuse on the analysis of the workflow of HTTP and how to get the information of web pages through the analysis technology of web page structure.Secondly,This paper designes a structure of XSS vulnerability detection model based on web crawler.According to the overall structure design,The XSS vulnerability detection model is divided into crawler crawler module,page download module,page analysis module,XSS vulnerability detection module and introduce the design ideas of each module.Furthermore,This paper introduces the realization of XSS vulnerability detection model based on Web Crawler.Based on the design of the XSS vulnerability detection model and the workflow of each module of the model,this paper describes the implementation process of each module.Based on the analysis of the above modules,we realize the XSS vulnerability detection model.Finally,Based on the design and implementation of the XSS vulnerability detection model,this paper completed a specific XSS vulnerability detection system and designes a set of vulnerability detection experiments for target Web applications.We take the running time,detection rate,false alarm rate and underreporting rate as the measurement indexes compare with the commonly used vulnerability testing tools.The experimental results show the effectiveness of the proposed XSS vulnerability detection system,and it is better than the existing vulnerability detection system.