| 基于RASP的Web安全检测方法 |
| |
| 引用本文: | 余航,王帅,金华敏.基于RASP的Web安全检测方法[J].电信科学,2020,36(11):113-120. |
| |
| 作者姓名: | 余航 王帅 金华敏 |
| |
| 作者单位: | 中国电信股份有限公司研究院,广东 广州 510630 |
| |
| 摘 要: | 目前,传统的Web安全检测方法作用于程序输入输出端,不能防范经变形混淆后绕过检测进入程序内部执行的恶意代码,难以满足当前Web应用安全防护新需求。本方法基于对传统数据流监控方法风险的深入分析,结合RASP技术特性,提出了基于RASP的Web安全检测方法,在Web应用程序内部的权限判别函数参数、系统命令执行函数参数、数据库操作函数参数处埋下 RASP 探针,在代码解释器层面实时检测数据流的变化。本方法基于Java语言进行了实现,在实验室证明该方法在准确率和检测时间上优于传统的Web安全检测方法,并在最后分析提出了本方法的部署和应用场景。
|
| 关 键 词: | Web应用程序 网络安全 RASP 安全监测 |
RASP based Web security detection method |
| |
| Hang YU,Shuai WANG,Huamin JIN.RASP based Web security detection method[J].Telecommunications Science,2020,36(11):113-120. |
| |
| Authors: | Hang YU Shuai WANG Huamin JIN |
| |
| Affiliation: | Research Institute of China Telecom Co.,Ltd.,Guangzhou 510630,China |
| |
| Abstract: | At present,the traditional Web security detection methods act on the input and output of the program,which can not prevent malicious code entering the program after being distorted and confused,and it is difficult to meet the new requirements of Web application security protection.Based on the in-depth analysis of the risk of traditional data flow monitoring methods,combined with the technical characteristics of rasp,a Web security detection method based on rasp was proposed.The rasp probe was embedded in the parameters of authority discrimination function,system command execution function and database operation function in Web application,and the change of data flow was detected in real-time at the code interpreter level.This method was implemented based on Java language.It was proved in the laboratory that this method is better than the traditional Web security detection method in accuracy and detection time.Finally,the deployment and application scenarios of this method were analyzed and proposed. |
| |
| Keywords: | Web application network security RASP security monitoring |
|
| 点击此处可从《电信科学》浏览原始摘要信息 |
|
点击此处可从《电信科学》下载全文 |
|
