Research On Web Security Automation Testing Technology For S-SDLC

The rapid development of Internet technology has brought a series of network security issues,which have attracted people's attention.In order to improve the security of software,the International OWASP Organization proposed that the research of software security should be filled into the various stages of the Software Development Life Cycle.So,the S-SDLC has come into being.This article has completed the following research jobs around the concept of S-SDLC.1)Combined with the concept of S-SDLC,this paper analyzes and optimizes the traditional test model and designs a new security software testing model which interprets the specific workflow of software testing.Compared with the traditional testing process,this model can not only be applied to new Internet products that are constantly updated and iterated,but also emphasizes that functional testing and security testing should be implemented concurrently to ensure the security of the software.2)For the system testing phase in the optimized model,this paper deeply explores the automatic detection technology of SQL injection attacks and proposes a convolutional neural network(CNN)classification algorithm based on the SQL syntax parse tree.Different from the traditional CNN classification algorithm,the data used in this paper is not a natural language text but a SQL computer language.Therefore,the following two aspects are mainly studied.The first is the data preprocessing section,which parses the SQL sample into an SQL syntax tree and generates an embedded language.The second part is the training part,which is based on tree-shaped convolution and tree K-Max dynamic pooling methods.Finally,the algorithm is verified and analyzed.Firstly,the feasibility of SQL embedded vector is verified,then the classification training based on SQL embedded vector is implemented and the overall testing of the algorithm is performed.The performance of the algorithm is compared with the performance of two SQL injection detection algorithms based on SVM and ANN.The experimental results show that the proposed detection algorithm has a higher detection accuracy rate under the premise that the data set this article used not only contains the traditional algorithms' but also be more than them.