Research On Web Vulnerability Mining Algorithm Based On Improved Fuzzy Test

Nowadays,Now,with the rapid development of Web technology and the popularity of the Internet,this has made Web applications a major target for hacker attacks,and hundreds of millions of economic property losses caused by the security problems of Web applications.Therefore,it has very important theoretical and practical value to design a Web vulnerability mining mechanism with low false alarm rate and low false alarm rate and high detection accuracy and high stability,and to effectively scan the security loopholes in the Web application to be detected,thus reducing the probability of Web application system being attacked by the network.The research content of this paper is the application of fuzzy testing technology in the field of Web vulnerability mining,and the shortcomings of fuzzy testing technology are improved.The main research work in this paper includes the following two aspects:(1)This paper analyzes the shortcomings of the network crawler module in the traditional fuzzy testing technology.In order to solve the problem of low crawl coverage,the network crawler model based on page state is introduced to improve the validity of the vulnerability test point in the fuzzy test technology.In this algorithm,the target Web application is modeled and the page model is classified and screened to avoid the crawling of the web crawler with similar structure of URL and form injection point,and to prevent the crawling from climbing the dead cycle.By trying to change the status of the target page,web crawlers can get more vulnerability test points under the same page.The experimental results show that the state recognition based web crawler can effectively enhance the test coverage of fuzzy testing technology.(2)In view of the existing problems in the steps of generating test cases in fuzzy testing technology,genetic algorithm is introduced to improve fuzzy testing technology.The algorithm implemented in this paper first uses gray code to code the test case individual,and uses the fitness function designed in this paper to filter and filter the evolutionary results.Through the selection of individual population,adaptive crossover and adaptive mutation,the optimization of test cases is realized.The experimental results show that the method designed in this paper can improve the average fitness of the individual in the test case population,and reduce the false alarm rate and false alarm rate by improving the attack of test cases.