Research On Csrf Vulnerability Detection Method Based On Dangerous Request And Ensemble Learning

CSRF is an attack proposed by foreign network security workers in the early 21 st century,but it has been paid less attention to in China.Although there are many ways to detect and defend against CSRF vulnerabilities,there are still a large number of web applications that cannot protect against such attacks.Unable to balance efficiency and security is the main bottleneck of current CSRF attacks,this paper proposes a CSRF vulnerability detection method based on dangerous request and ensemble learning,which mainly includes a feature dataset generation method based on request hazard analysis and a CSRF vulnerability detection model based on ensemble learning and request replay.Firstly,the CSRF attack principle is analyzed,the definition of HTTP request danger for CSRF attack is proposed,and a dangerous request marking method is formulated.Then,according to the static and dynamic characteristics existing in the web application,the request and session parameter information in the web application are analyzed,and the request feature space including structural characteristics,keyword characteristics,and attribute characteristics is designed.Finally,based on HTTP request crawling and request parsing,the feature dataset based on request danger is constructed.Secondly,for the constructed feature dataset,a dangerous request classification model based on ensemble learning algorithm is proposed,which uses logistic regression,decision tree,and support vector machine as individual classifiers and random forest as metaclassifiers to classify requests for request feature vectors in feature datasets,effectively classify dangerous requests and security requests,and improve CSRF vulnerability detection efficiency.Thirdly,based on the dangerous requests classified by the request classification algorithm,a CSRF vulnerability detection method based on request replay is designed,which forges CSRF attack requests according to different types of dangerous requests and attack generation methods,and uses request replay technology to generate CSRF simulation attacks.Then,a CSRF vulnerability determination strategy is formulated to determine the vulnerability of the generated CSRF simulation attack to determine whether CSRF vulnerabilities exist in web applications.Finally,the proposed method is experimented on the test dataset,and the experimental results are analyzed to verify the effectiveness of the proposed method.