Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Cross-site script vulnerability detection method and system

A technology for cross-site scripting vulnerabilities and detection methods, which is applied in website content management, network data retrieval, other database retrieval, etc. , the narrowing effect

Pending Publication Date: 2022-06-03
BEIJING UNIV OF TECH
View PDF0 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] At present, the XSS vulnerability detection technology is divided into the web crawler module and the XSS vulnerability detection module. The web crawler module mainly focuses on the research of webpage deduplication technology. In fact, there are still a large number of pages with similar structures after URL deduplication. The processing logic is basically the same for pages with high precision, so repeated detection of such pages cannot dig out more vulnerabilities, and seriously reduces the efficiency of vulnerability detection

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Cross-site script vulnerability detection method and system
  • Cross-site script vulnerability detection method and system
  • Cross-site script vulnerability detection method and system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0065] In order to make the purposes, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present invention. Obviously, the described embodiments These are some embodiments of the present invention, but not all embodiments. Based on the embodiments of the present invention, all other embodiments obtained by those of ordinary skill in the art without creative work fall within the protection scope of the present invention.

[0066] Below in conjunction with accompanying drawing, the present invention is described in further detail:

[0067] A detection method for cross-site scripting vulnerabilities, such as figure 1 As shown, the detection method includes:

[0068] Step S1: Obtain the URL of the URL to be detected.

[0069] Step S2: Obtaining the URLs in the U...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a cross-site script vulnerability detection method and system, and belongs to the technical field of vulnerability detection.The detection method comprises the steps that a website to be detected is obtained; obtaining websites in the website page to be detected, and obtaining a website set; clustering the website set to obtain one or more class clusters; selecting one or more websites from the class cluster to obtain a first website; and detecting the first website by adopting an attack vector. Clustering the website sets, and taking the websites with relatively high similarity as the same class of clusters; the structures of the same class of clusters are similar, the attribute similarity is high, one or more websites are adopted for vulnerability detection, the range of XSS vulnerability detection is narrowed, repeated detection of the same class of websites or pages is avoided, and therefore the vulnerability detection efficiency is improved.

Description

technical field [0001] The invention relates to the technical field of vulnerability detection, in particular to a method and system for detecting a cross-site scripting vulnerability. Background technique [0002] With the rapid development of the Internet, various Web sites have emerged, and people use Web applications on the sites to carry out a series of activities. While these sites provide people with convenience, they also have certain security risks. Among them, cross-site scripting attacks ( XSS attack) is one of the most dangerous vulnerabilities. Because XXS vulnerabilities are simple to inject and spread quickly, they have become one of the most harmful and influential vulnerabilities in Web sites. Especially with the development of Ajax technology, XSS attacks have become more widespread. Today's network security problems are not only personal It is related to the stability of society and the whole country, so it is of great practical significance to study XSS ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/57G06F16/958
CPCG06F21/577G06F16/958
Inventor 何泾沙范阿凤朱娜斐宋国正戴衍
Owner BEIJING UNIV OF TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com