Permission vulnerability detection method and device

Abstract

The invention provides a permission vulnerability detection method and device, and the method comprises the steps of carrying out the same type uniform resource positioning conformity normalization processing of all traffic data according to a pre-configured permission parameter, and carrying out the sampling to obtain deduplicated traffic data; classifying the de-duplicated traffic data according to the affiliated function module by utilizing a lifting tree model to obtain interface data under different function module types; according to the interface data under different functional module types, scanning the interfaces under each functional module type one by one, and determining a scanning result of the permission vulnerability; and receiving a vulnerability correction instruction, and correcting the scanning result of the permission vulnerability to obtain a permission vulnerability detection result. The detection efficiency is improved by removing the repeated flow data; and the vulnerability correction instruction is used for further correction, and long-time communication between developers and a security test team is not needed, so that the detection efficiency is improved, and the detection accuracy is improved. The invention is applied to the field of network security.

Description

technical field [0001] The invention relates to the technical field of network security, in particular to a method and device for detecting authority loopholes. Background technique [0002] At present, in the detection of security vulnerabilities, permission issues are the most important thing in detection, because once there is a problem with permissions, it is likely to lead to large-scale sensitive information leakage, and the consequences are worse than one or two cross-site scripting attacks (XSS, Cross SiteScript) Much more serious. Since the permission vulnerability is a kind of vulnerability that is highly related to the business, and security testers do not participate in the development of production tasks, business understanding mainly relies on manual communication between developers and the security test team, resulting in the need for communication between developers and security testers. Multiple rounds of communication require high time and cost but low det...

AI Technical Summary

Problems solved by technology

[0002] At present, in the detection of security vulnerabilities, permission issues are the most important thing in detection, because once there is a problem with permissions, it is likely to lead to large-scale sensitive information leakage, and the consequences are worse than one or two cross-site scripting attacks (XSS, Cross SiteScript) much more serious

Since the permission vulnerability is a kind of vulnerability that is highly related to the business, and security testers do not participate in the development of production tasks, business understanding mainly relies on manual communication between developers and the security test team, resulting in the need for communication between developers and security testers. Multiple rounds of communication require high time and cost but low detection efficiency; and the permissions of each system are highly correlated, and security testers are not familiar with the business, resulting in scene omissions or false positives during the detection process, resulting in low detection accuracy

Images