Please Login >
English| 简体中文

  • Complex
  • Title
  • Keyword
  • Abstract
  • Scholars
  • Journal
  • ISSN
  • Conference
搜索

Advanced Search

Author:

王丹 (王丹.) | 刘立家 (刘立家.) | 付利华 (付利华.) | 杜晓林 (杜晓林.) | 苏航 (苏航.) | 赵文兵 (赵文兵.)

Indexed by:

incoPat zhihuiya

Abstract:

一种基于状态转换图的XSS漏洞动态检测方法,该方法包括Crawler模块、Fuzzing模块和Report模块以及封装浏览器操作的Browser层。Browser层对Selenium API进一步封装,被其他三大模块调用,实现页面执行动作、执行脚本和判断页面状态等功能。Crawler模块对Web应用动态构造状态转换图并挖掘注入点,相对于传统挖掘方法具有更高的覆盖率。Fuzzing模块使用攻击向量对注入点进行模拟攻击,并对攻击结果进行动态判定。Report模块收集结果信息,总和汇总成漏洞报告。系统采用java语言开发,具有可移植性强、可维护性好等特点,对XSS漏洞扫描甚至网站抓取的研究具有重要价值。

Keyword:

Reprint Author's Address:

Email:

Show more details

Related Keywords:

Related Article:

Patent Info :

Type: 发明申请

Patent No.: CN201710036839.4

Filing Date: 2017-01-18

Publication Date: 2017-06-13

Pub. No.: CN106845248A

Applicants: 北京工业大学

Legal Status: 驳回

Cited Count:

WoS CC Cited Count: 0

SCOPUS Cited Count:

ESI Highly Cited Papers on the List: 0 Unfold All

WanFang Cited Count:

Chinese Cited Count:

30 Days PV: 8

Affiliated Colleges:

学院待认领

Get Patent

Library Discovery Baidu Scholar Search incoPat Download Full text
Online/Total:394/10601425
Address:BJUT Library(100 Pingleyuan,Chaoyang District,Beijing 100124, China Post Code:100124) Contact Us:010-67392185
Copyright:BJUT Library Technical Support:Beijing Aegean Software Co., Ltd.