Research And Implementation Of Web Service Security Detection Based On Fingerprint

With the continuous development of network space,more and more Web services appear on the network.While Web services bring convenience to people's lives,they also bring many hidden dangers to security.Nowadays,more and more web services have been targeted by hackers,and many website operators and users have suffered great losses.In order to maintain the security of cyberspace,it is extremely urgent to conduct security inspections on Web services in cyberspace.At present,traditional Web service security detection has the following shortcomings: 1.Web service identification relies on a large number of manual assistance,and a complete fingerprint library can be collected and constructed to achieve accurate Web service identification.2.The traditional vulnerability detection script lacks integrity and versatility,and lacks the way to deal with non-echoed information.The thesis proposes a fingerprint-based Web service security detection scheme.By accurately identifying the type and version of the web service,it completes the targeted security detection of the web service and improves the accuracy of the security detection.The specific research work of the thesis is as follows:1.This thesis proposes a web service fingerprint identification scheme,which automatically obtains the information of the target website through a web crawler,compares the website information with the existing open source fingerprint library,and realizes the web service of the website through the machine learning algorithm Accurate recognition.This solution greatly reduces manual assistance and improves the scalability of Web fingerprint recognition.Compared with the traditional Web fingerprint recognition technology,this solution is no longer limited to the integrity and comprehensiveness of the fingerprint database,and can identify more unknown services,and then provide more fine-grained information for vulnerability security detection,thereby improving security.The accuracy and efficiency of sex testing.2.This thesis proposes a set of ideas for writing vulnerability detection scripts,which makes the vulnerability detection scripts more random and universal for security detection of targets,thereby reducing the redundancy of the vulnerability database and vulnerability detection schemes.At the same time,the thesis exploratively proposes and verifies a method for obtaining return information without echo,using DNS tunnels to obtain return information from vulnerability detection scripts without echo,so that the vulnerability detection program can be more comprehensively detected.The security of Web services improves the comprehensiveness of vulnerability detection.3.The thesis designs and implements a prototype system for the fingerprint-based Web service security detection scheme.The system includes four parts: data collection module,Web fingerprint recognition module,vulnerability detection module,and visual interface.The thesis has carried out detailed design and implementation of these four parts.In the Web fingerprint recognition module,the fingerprint features are analyzed and selected,and the fingerprint recognition algorithm is analyzed and researched;in the vulnerability detection module,the vulnerability script writing method is standardized and designed,and the information returned by the diversified vulnerability scripts is designed.Researched and realized.The thesis verifies the system from the function and proves the feasibility of the scheme.