Research On Security Vulnerabilities Of Webcast Platform

With the rapid development of the Internet,the number of netizens participating in live webcast activities has increased dramatically.The live webcast platform has played an important role in the entertainment,work,and study of users.However,while webcasting platforms provide convenience to users' work and life,they also face many security issues,which threaten the legitimate rights and interests of users and live broadcast manufacturers at all times.There are many existing researches on webcasting platforms,but there are few researches on the security issues of webcasting platforms.Based on the systematic research on security vulnerabilities of the webcasting platform,this article puts forward two innovative and universal security vulnerabilities-the security vulnerabilities of the anchor promotion based on the stranger chat function and the common contact function.The group user relationship leaked security vulnerabilities,and conducted an in-depth analysis of it.At the same time,two mainstream live broadcast platforms,YY and Douyin,were used as the research objects.These two security vulnerabilities were experimentally verified,their hazards were analyzed,and solutions were proposed.The main work and innovations of this paper are as follows:(1)Through the security analysis of a large number of webcast software,a security problem was discovered in the user's chat function using stranger chat function to promote illegal anchors.This article first analyzes the security of the user chat function of some popular social media software,and then selects YY webcast(one of the largest webcast platforms in China)as the research object,and studies the user chat through the YY webcast platform The method of user promotion for the security loopholes in the function.A preference learning method based on the host's impression tag is proposed,which is used to screen target users and send live broadcast links to selected users in batches.The experimental results show that the method of using the user chat function to send live room links to strangers in batches is practical and feasible,and has a good anchor promotion effect.The security vulnerabilities in the promotion of anchors can lead to malicious competition between anchors and endanger the legitimate interests of live broadcast manufacturers and legitimate anchors.In order to reduce the harm,this article also proposes a corresponding vulnerability repair fix.(2)Through the analysis of the common contact function of some social software(including some live broadcast software),a security vulnerability of group user relationship leakage based on the common contact function was discovered.Taking China's most well-known short video software and live broadcast software "Tik Tok" as the research object,this paper analyzes the security problem of leaking user privacy in its common contact function.A method of exploiting and attacking vulnerabilities for group users is proposed,so that the function of certain users in the group is not allowed to find themselves through the mobile phone number.Inner contact to obtain the Douyin accounts of these users.After the attacker obtains the Douyin accounts of as many users in the group as possible,they can collect the following information,address book information,video likes and comments between these users,and use this information to calculate the group users The relationship between them can provide some assistance for launching further effective attacks.Two indicators describing user relationships-intimacy and group activity are proposed,and the calculation methods of these two indicators are given.Through experiments on real groups in real society,the validity of user relationship calculation is verified,the security threats to users are analyzed,and security prevention suggestions are given.