Yongzhen Li,Gaolong Wang

DOI: https://doi.org/10.1109/ISAIEE57420.2022.00089

2022-12-01

Abstract:With the rapid development of the internet in China, we are dealing with web sites all the time, but with this comes the increasing vulnerability of various web applications. The vulnerability of web applications can be used to steal information, account theft and fraud, threatening the security of web applications. Therefore, the security detection of web applications is particularly important. This paper introduces the background of today's web application scanning technology, analyses the importance of securing web sites, and focuses on the history and future development trends of web application vulnerability scanning at home and abroad. The system is based on the OWASP Top 10 vulnerabilities of SQL injection and XSS, which have a large impact. By analysing the risks and principles of these two vulnerabilities, a scanning system is designed to run on the Windows platform.

Computer Science

Yang Zhong-yi

Abstract:Network Vulnerability Scanner has become an indispensable tool for security administrators.Based on the current network vulnerability scanning tools inadequate,the paper gives the Web-based network vulnerability scanning system that is more adapt to security administrators.

Engineering,Computer Science

Jingxia Chen,Xiuling Chen,Bo Yu

DOI: https://doi.org/10.1051/matecconf/202133608010

2021-01-01

MATEC Web of Conferences

Abstract:The vulnerability scanner designed in this paper completed the collection of information and scanning of vulnerability, including six parts: input assets, asset collection, vulnerability profile, plug-in upload, single case detection and report display. The framework of vue realized the front end that included six pages, and the framework of gin realized the back end. The interface completed the separation of the front and back end. The database using MySQL designed seven tables. This scanner can avoid tedious and repetitive work, it can realize automatic scanning and testing of network vulnerabilities.

朱辉,沈明星,李善平

DOI: https://doi.org/10.3969/j.issn.1000-3428.2010.10.059

2010-01-01

Abstract:This paper studies the code injection vulnerabilities of Web application,modifies and expands the definition of this kind of vulnerabilities with summarizing and analyzing the features of them,and transforms the causes of vulnerabilities into two kinds of coding errors to present a new test method based on testing the two kinds of coding errors.Experimental result shows that the test method can test all the code injection vulnerabilities of Web application effectively with less test workload.

耿哲,王秀美,王继龙,于洪奎

DOI: https://doi.org/10.3969/j.issn.1006-2475.2004.11.010

2004-01-01

Abstract:This paper analyzes the importance of network vulnerabilities scanner in the field of network security and its principles of implementation.The strong points of free network vulnerabilities scanner Nessus outgoing other products are presented.Also,the design and implementation of Web-based network vulnerabilities scan system based-on Nessus are given.

Hui Yuan,Lei Zheng,Liang Dong,Xiangli Peng,Yan Zhuang,Guoru Deng

DOI: https://doi.org/10.1007/978-3-030-15235-2_66

2019-04-25

Abstract:With the rapid development of Internet technology, Web applications are widely used in all walks of life, and their security requirements are increasing. Unfortunately, at present, the development of Web security technology still lags behind the development of Web application technology itself. The Web application itself and its operating environment are still relatively fragile, and its operating environment is easily forged or modified, making Web applications gradually become malicious. The object of the attack is frequently attacked. This paper investigates and analyzes the common vulnerabilities in web applications, deeply studies the basic characteristics of these vulnerabilities, and understands the principles and solutions of vulnerabilities. The static analysis method is used to analyze the vulnerabilities, and the static analysis methods are used to solve the security vulnerabilities in the Java web project.

Juanjuan Zhao,Changhua Liu

DOI: https://doi.org/10.1088/1742-6596/1575/1/012094

2020-06-01

Journal of Physics: Conference Series

Abstract:Abstract According to the “Top Ten Security Vulnerabilities List” (OWASPTop 10) released by OWASP in 2017, SQL injection attacks are still at the top of the list, and there are many ways of SQL injection attacks, which cause great harm. Although there are many vulnerability scanning tools, there is still a high rate of false negatives. Aiming at the current problems of SQL injection vulnerability detection, this paper proposes a scanning tool for SQL injection vulnerabilities. First, use the crawler framework scrapy to obtain the URL associated with the form and the a tag, and segment the URL based on the improved simhash algorithm. Deduplicate the link, then analyze the injection point to modify the URL parameter value injection test, and determine whether there is a vulnerability based on the response result of the server. The experimental results show that the detection method achieves a 96.50% URL deduplication rate in the crawler module, which greatly reduces the rate of false negatives. It is more suitable for detecting whether a website has a SQL injection vulnerability.

Emre Erturk,Angel Rajan

DOI: https://doi.org/10.48550/arXiv.1706.08017

2017-06-25

Cryptography and Security

Abstract:Cloud security is one of the biggest concerns for many companies. The growth in the number and size of websites increases the need for better securing those websites. Manual testing and detection of web vulnerabilities can be very time consuming. Automated Web Vulnerability Scanners (WVS) help with the detection of vulnerabilities in web applications. Acunetix is one of the widely used vulnerability scanners. Acunetix is also easy to implement and to use. The scan results not only provide the details of the vulnerabilities, but also give information about fixing the vulnerabilities. AcuSensor and AcuMonitor (technologies used by Acunetix) help generate more accurate potential vulnerability results. One of the purposes of this paper is to orient current students of computer security with using vulnerability scanners. Secondly, this paper provides a literature review related to the topic of security vulnerability scanners. Finally, web vulnerabilities are addressed from the mobile device and browser perspectives.

Lijiu Zhang,Qing Gu,Shushen Peng,Xiang Chen,Haigang Zhao,Daoxu Chen

DOI: https://doi.org/10.1109/icsea.2010.85

2010-01-01

Abstract:Finding effective approaches to detect vulnerabilities is important to guarantee the security of Web applications. Web application security issues are mostly related to malicious input data and Web forms are the main interface to input these data. According to the above observation, we propose a novel approach to detect Web application vulnerabilities. In our approach, given a URL, we get a target Web form. After analyzing characteristics of this Web form, we assign a set of test values to each field in this form. Then we propose a method to generate test suites taking the weight of each test value into account. Finally, we execute these test suites and analyze corresponding result based on HTTP response code and response HTML. We implement our approach into a tool called D-WAV and choose several Web applications as benchmarks to conduct empirical studies. Final results show that our approach can automatically and effectively discover Web application vulnerabilities such as cross-site scripting and SQL injection.

Yongjun Xia,jin Wang,Chang Liu,Kaiming Yu

DOI: https://doi.org/10.1088/1755-1315/440/4/042031

2020-02-01

IOP Conference Series: Earth and Environmental Science

Abstract:Abstract This paper analyses the current status of the intelligent substation industrial control system network and the main problems of security protection methods. Based on the analysis of the characteristics of intelligent substation industrial control network, a vulnerability scanning system based on OpenVAS is designed. The vulnerability scanning system is superior to the original vulnerability scanning system in performance and functionality, which effectively improves the security performance of the entire system and reduces system risk.

Zijing Yin,Yiwen Xu,Fuchen Ma,Haohao Gao,Lei Qiao,Yu Jiang

DOI: https://doi.org/10.1145/3517036

IF: 3.685

2023-01-31

ACM Transactions on Software Engineering and Methodology

Abstract:Scanners are commonly applied for detecting vulnerabilities in web applications. Various scanners with different strategies are widely in use, but their performance is challenged by the increasing diversity of target applications that have more complex attack surfaces (i.e., website paths) and covert vulnerabilities that can only be exploited by more sophisticated attack vectors (i.e., payloads). In this paper, we propose Scanner++, a framework that improves web vulnerability detection of existing scanners through combining their capabilities with attack intent synchronization. We design Scanner++ as a proxy-based architecture while using a package-based intent synchronization approach. Scanner++ first uses a purification mechanism to aggregate and refine attack intents, consisting of attack surfaces and attack vectors extracted from the base scanners’ request packets. Then, Scanner++ uses a runtime intent synchronization mechanism to select relevant attack intents according to the scanners’ detection spots to guide their scanning process. Consequently, base scanners can expand their attack surfaces, generate more diverse attack vectors and achieve better vulnerability detection performance. For evaluation, we implemented and integrated Scanner++ together with four widely used scanners, BurpSuite, AWVS, Arachni, and ZAP, testing it on ten benchmark web applications and three well-tested real-world web applications of a critical financial platform from our industry partner. Working under the Scanner++ framework helps BurpSuite, AWVS, Arachni, and ZAP cover 15.26%, 37.14%, 59.21%, 68.54% more pages, construct 12.95×, 1.13×, 15.03×, 52.66× more attack packets, and discover 77, 55, 77, 176 more bugs, respectively. Furthermore, Scanner++ detected eight serious previously unknown vulnerabilities on real-world applications, while the base scanners only found three of them.

computer science, software engineering

SONG Hai-Ling,WEN Wei-Ping

DOI: https://doi.org/10.3969/j.issn.1671-1122.2011.08.024

2011-01-01

Abstract:This paper makes a comprehensive analysis and summary of the existing Web loophole mining technology and tools, to open source Web vulnerability scanning tool Paros Proxy as the research object, the Paros Proxy crawler module and a detection module for in-depth research and analysis, and its improvement. After the test, the improved Paros crawler module supports the JavaScript URLs analytical and crawling, can extract more webpage link, and the improved detection module, the vulnerability detection performance and efficiency can be improved significantly.

Osejobe Ehichoya,Chinwuba Christian Nnaemeka

DOI: https://doi.org/10.48550/arXiv.2212.12308

2022-12-13

Cryptography and Security

Abstract:Web services are becoming business-critical components, often deployed with critical software bugs that can be maliciously explored. Web vulnerability scanners allow the detection of security vulnerabilities in web services by stressing the service from the point of view of an attacker. However, research and practice show that different scanners perform differently in vulnerability detection. This paper presents a qualitative evaluation of security vulnerabilities found in web applications. Some well-known vulnerability scanners have been used to identify security flaws in web service implementations. Many vulnerabilities have been observed, which confirms that many services are deployed without proper security testing. Additionally, having reviewed and considered several articles, the differences in the vulnerabilities detected and the high number of false positives observed highlight the limitations of web vulnerability scanners in detecting security vulnerabilities in web services. Furthermore, this work will discuss the static analysis approach for discovering security vulnerabilities in web applications and complimenting it with proven research findings or solutions. These vulnerabilities include broken access control, cross-site scripting, SQL injections, buffer overflow, unrestricted file upload, broken authentications, etc. Web applications are becoming mission-essential components for businesses, potentially risking having several software vulnerabilities that hackers can exploit maliciously. A few Vulnerability scanners have been used to detect security weaknesses in web service applications, and many vulnerabilities have been discovered, thus confirming that many online apps are launched without sufficient security testing.

Meng Sun,Qi Wang,Jue He,Huailin Huang,Yu Huang,Xiaojie Shen,Yaohui Xiao,Suchun Fan

DOI: https://doi.org/10.1088/1742-6596/2290/1/012036

2022-01-01

Journal of Physics Conference Series

Abstract:Abstract Power system network is an important guarantee for the smooth operation of power enterprises. Considering the current automatic network vulnerability scanning method of power system, the detection rate of network vulnerability scanning is low due to its poor scheduling ability. Therefore, this paper designs a new automatic scanning method for network vulnerabilities in power system. According to the infrastructure of power system network vulnerability scanner, the power system web page interaction behavior recognition model is constructed to complete the power system web page interaction behavior recognition. On this basis, the power system network scanning scheduling algorithm is designed. Combined with genetic algorithm, the variation process of power system network vulnerabilities is determined, the power system network security situation is determined, the power system network scanning scheduling and vulnerability mining are realized, and the design of power system network leakage automatic scanning method is completed. The experimental link is constructed to verify this method. The verification shows that this method can effectively improve the detection rate of network vulnerability scanning and the efficiency of vulnerability scanning to a certain extent.

Marc Rennhard,Malte Kushnir,Olivier Favre,Damiano Esposito,Valentin Zahnd

DOI: https://doi.org/10.1007/s42979-022-01271-1

2022-07-16

SN Computer Science

Abstract:The importance of automated and reproducible security testing of web applications is growing, driven by increasing security requirements, short software development cycles, and constraints with respect to time and budget. Existing automated security testing tools are already well suited to detect some types of vulnerabilities, e.g., SQL injection or cross-site scripting vulnerabilities. However, other vulnerability types are much harder to uncover in an automated way. One important representative of this type are access control vulnerabilities, which are highly relevant in practice as they can grant unauthorized users access to security-critical data or functions in web applications. In this paper, a practical solution to automatically detect HTTP GET request-based access control vulnerabilities in web applications is presented. The solution is based on previously proposed ideas, which are extended with novel approaches to enable completely automated access control testing with minimal configuration effort, which in turn enables frequent and reproducible testing. An evaluation with seven web applications based on different technologies demonstrates the general applicability of the solution and that it can automatically uncover most access control vulnerabilities while keeping the number of false positives low.

Xiuzhen Chen,Qinghua Zheng,Xiaohong Guan

DOI: https://doi.org/10.1007/s10796-008-9111-6

2008-01-01

Information Systems Frontiers

Abstract:Many security problems are caused by vulnerabilities hidden in enterprise computer networks. It is very important for system administrators to have knowledge about the security vulnerabilities. However, current vulnerability assessment methods may encounter the issues of high false positive rates, long computational time, and requirement of developing attack codes. Moreover, they are only capable of locating individual vulnerabilities on a single host without considering correlated effect of these vulnerabilities on a host or a section of network with the vulnerabilities possibly distributed among different hosts. To address these issues, an active vulnerability assessment system NetScope with C/S architecture is developed for evaluating computer network security based on open vulnerability assessment language instead of simulating attacks. The vulnerabilities and known attacks with their prerequisites and consequences are modeled based on predicate logic theory and are correlated so as to automatically construct potential attack paths with strong operation power of relational database management system. The testing results from a series of experiments show that this system has the advantages of a low false positive rate, short running periods, and little impact on the performance of audited systems and good scalability. The security vulnerabilities, undetectable if assessed individually in a network, are discovered without the need to simulate attacks. It is shown that the NetScope system is well suited for vulnerability assessment of large-scale computer networks such as campus networks and enterprise networks. Moreover, it can also be easily integrated with other security tools based on relational databases.

Qian Wang,Jinan Sun,Chen Wang,Shikun Zhang,Sisi Xuanyuan,Bin Zheng

DOI: https://doi.org/10.1109/bigdatasecurity-hpsc-ids49724.2020.00016

2020-01-01

Abstract:In this paper we review the research progress of the mainstream approaches of detecting access control vulnerabilities and classify them based on the key techniques for web application components. And we compare different detection methods, analyze their advantages and flaws. Then we discuss the experimental results of relevant detection tools for realistic usage. Finally, we summarize the general framework of detection method and provide future research directions in this area.

Yogesh Handge,

DOI: https://doi.org/10.55041/ijsrem30497

2024-04-10

INTERANTIONAL JOURNAL OF SCIENTIFIC RESEARCH IN ENGINEERING AND MANAGEMENT

Abstract:The increasing dependence on web applications amplifies the importance of protecting them against cyber threats. Vulnerability scanners are of utmost importance in this process, as they periodically detect vulnerabilities within network infras- tructures. This tool automates vulnerability detection, eliminating the need for manual intervention. This paper introduces a vulnerability scanner tool that determines probable threats to a web application by utilizing technologies such as header analysis, port scanning, and comparison against a database of known vulnerabilities(CVEs),thereby providing a robust solution Index Terms—Vulnerability Scanning, Header Analysis, Port Scanning, CVEs, Web Crawling,Socket Programming, Automation

Jinfeng Li

DOI: https://doi.org/10.33166/AETiC.2020.03.001

2020-07-04

Abstract:The delivery of a framework in place for secure application development is of real value for application development teams to integrate security into their development life cycle, especially when a mobile or web application moves past the scanning stage and focuses increasingly on the remediation or mitigation phase based on static application security testing (SAST). For the first time, to the author's knowledge, the industry-standard Open Web Application Security Project (OWASP) top 10 vulnerabilities and CWE/SANS top 25 most dangerous software errors are synced up in a matrix with Checkmarx vulnerability queries, producing an application security framework that helps development teams review and address code vulnerabilities, minimise false positives discovered in static scans and penetration tests, targeting an increased accuracy of the findings. A case study is conducted for vulnerabilities scanning of a proof-of-concept mobile malware detection app. Mapping the OWASP/SANS with Checkmarx vulnerabilities queries, flaws and vulnerabilities are demonstrated to be mitigated with improved efficiency.

Cryptography and Security,Software Engineering

Xiang Li,Jinfu Chen,Zhechao Lin,Lin Zhang,Zibin Wang,Minmin Zhou,Wanggen Xie

DOI: https://doi.org/10.1109/cbd.2017.58

2017-08-01

Abstract:Software vulnerability remains a serious challenge to the software engineering domain over the past decade as a result of the recent technological advancement in information systems. The rapid development in software applications and failure on the part of system developers to properly analyze program codes before been released to the market increases the chance for data breaches. It is a known fact that most system failures are as a result of bugs and errors detected in software applications. Although code errors significantly affect software quality, there is no effective method that can be used in eliminating software errors to improve its reliability. Data Mining and its related algorithms are an active area which can successfully be applied in analyzing software vulnerability. However the concept of applying data mining techniques has not been empirically proven as an effective method for obtaining the essential characteristics of software vulnerability. To investigate this effect, we propose a vulnerability mining algorithm to analyze and obtain the essential characteristics of Software vulnerability based data mining techniques. We first extracted and preprocessed the software vulnerabilities using data mining techniques and common vulnerability database. We evaluate the proposed technique using the Common Vulnerability and Exposure (CVE) Database, Common Weakness Enumeration (CWE) Database, National Vulnerability Database (NVD) datasets. Empirical results show that the proposed vulnerability mining algorithm has a remarkable improvement in the vulnerability mining process. The most interesting finding is that, we observed that across all the three projects, recall was around 70% and precision was approximately 60%.