| Web应用程序安全性测试平台关键技术研究简 |
| |
| 作者姓名: | 孙熠 粱栋云 王文杰 |
| |
| 作者单位: | 北京邮电大学,北京100876 |
| |
| 基金项目: | 国家自然科学基金资助项目(61179029). |
| |
| 摘 要: | 随着Web应用的不断深化和推广,对应的Web漏洞和恶意攻击层出不穷,使得高效、准确地测试评估Web应用程序的安全性尤为重要。本文对Web应用安全测试技术,构建插件式、可扩展的安全测试技术框架,以及未知漏洞智能发掘方法和支持自定义的测试工具集成方法等关键技术进行了研究。在Web应用运行前和运行时,采用平台对其进行安全扫描和风险发现,可加强Web应用的安全检测,确保Web应用的安全可靠运行。
|
| 关 键 词: | Web应用程序 安全测试 插件 集成框架 漏洞挖掘 |
Research on Key Technologies of Web Application Security Detection Platform |
| |
| Authors: | Sun Yi Liang Dong-yun Wang Wen-jie |
| |
| Affiliation: | Sun Yi Liang Dong-yun Wang Wen-jie (School of Computer, Beijing University of Posts and Communications Beijing 100876) |
| |
| Abstract: | Along with the development of Web application, it is urgent to test and evaluate the security of Web application efficiently to withstand the vulnerabilities. In this paper, key technologies like the detection framework with plug-ins ,methods for discovering unknown vulnerabilities and mode of detection tools integration by user-defined are researched. Applying these technologies, the platform is able to scan and discover the vulnerabilities efficiently for Web application before and on running to insure its security. |
| |
| Keywords: | web application security detection plug-ins integrated framework vulnerability discovering |
| 本文献已被 CNKI 维普 等数据库收录! |
