| With the vigorous development of network technology in the information age,computer network has gradually become an indispensable part of the general public's study,work and life.Web application system also affects all aspects of our life.Therefore,securing the Web application system can protect the Web system from being attacked,and effectively reduce user losses caused by hacking.As a dynamic developing language,PHP language has good characteristics and has been one of the most commonly used development languages for Web site developers.Therefore,it is necessary to detect the source code of the website before it is developed by PHP to detect possible potential risks as soon as possible,and to promptly fix potential security risks and provide a protective shield in advance for the website's defense system.In order to find out the potential security risks as much as possible before the site deployment,this paper studied and designed a PHP source code automatic detection tools based on static analysis.First of all,this paper analyzed the characteristics of PHP language and the common vulnerability principle in PHP,which lays a good foundation for the design of PHP static inspection tool.This paper also reviewed the existing PHP source static inspection tools,analyzed the advantages and disadvantages of them and had a brief introduction of the existing static analysis technology.Secondly,the data flow analysis technology and the stain analysis technology were studied in depth.In the research of data flow analysis technology,this paper adopt grid-based data flow analysis framework because of the high detection accuracy of it.In the research of stain analysis technology,this paper proposed a stain analysis method based on effective path.The scheme can effectively detect the security flaws caused by character encoding,such as wide byte injection.After that,this paper designed and implemented a PHP source automated defect detection tool based on static analysis technology called "MyPHPScan" in detail.By comparing with the experimental data of the same type of static detection tool,it was found that the tool can effectively detect the stain type Loopholes,and had lower false negative rate and false positive rate.Finally,this paper studied the existing PHP source static detection tools and found common shortcomings.Based on the analysis,this paper proposed a PHP source detection optimization scheme based on statistical analysis,which integrates multiple PHP source static detection tools.Through the analysis of experimental theory and data,it was proved that the scheme can effectively reduce the false negative rate and false negative rate of PHP source defect detection.This paper focused on the detection of blemish vulnerability in the research of static analysis technology.The proposed algorithm for stain analysis can detect smudge-type vulnerabilities more efficiently.Finally,the proposed optimization scheme based on statistic analysis of PHP source static detection also effectively improved the deficiency of static detection technology in source code defect detection,which has good reference value for Web site developers and operators. |
PDF Full Text Request