CN101916340A - Static detection method of incredible variables in PHP (Professional Hypertext Preprocessor) language Web application - Google Patents
Static detection method of incredible variables in PHP (Professional Hypertext Preprocessor) language Web application Download PDFInfo
- Publication number
- CN101916340A CN101916340A CN2010102264608A CN201010226460A CN101916340A CN 101916340 A CN101916340 A CN 101916340A CN 2010102264608 A CN2010102264608 A CN 2010102264608A CN 201010226460 A CN201010226460 A CN 201010226460A CN 101916340 A CN101916340 A CN 101916340A
- Authority
- CN
- China
- Prior art keywords
- php
- file
- incredible
- variables
- variable
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 230000003068 static effect Effects 0.000 title claims abstract description 22
- 238000001514 detection method Methods 0.000 title claims abstract description 20
- 238000000034 method Methods 0.000 claims abstract description 48
- 238000004458 analytical method Methods 0.000 claims abstract description 13
- 230000006870 function Effects 0.000 claims description 25
- 230000008569 process Effects 0.000 claims description 9
- 230000009471 action Effects 0.000 claims description 7
- 230000010354 integration Effects 0.000 claims description 6
- 239000000284 extract Substances 0.000 claims description 4
- 230000008878 coupling Effects 0.000 claims description 3
- 238000010168 coupling process Methods 0.000 claims description 3
- 238000005859 coupling reaction Methods 0.000 claims description 3
- 238000000605 extraction Methods 0.000 abstract 1
- 238000012545 processing Methods 0.000 description 8
- 230000000694 effects Effects 0.000 description 5
- 238000012360 testing method Methods 0.000 description 5
- 230000008520 organization Effects 0.000 description 2
- 230000015572 biosynthetic process Effects 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 238000002474 experimental method Methods 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 230000003446 memory effect Effects 0.000 description 1
Images
Landscapes
- Stored Programmes (AREA)
Abstract
The invention discloses a static detection method of incredible variables in a PHP (Professional Hypertext Preprocessor) language Web application, which comprises the following steps of: (1) recognizing all entry files of PHP Web application; (2) extracting PHP codes starting from the entry files, avoiding the interference of HTML codes, and integrating all related PHP files and codes by using an iterative method; (3) based on the unit of integrated functional modules, recognizing the incredible variables by using a static analysis method; and (4) summarizing the extraction results of all the modules, generating reports, and recording the PHP files and the specific position of each incredible variable. Compared with the prior art, the static detection method has simple realization, high recognition rate and good expandability; the problem that the incredible variables are difficult to be detected in the Web application programmed in weak type language and typeless language in the prior art.
Description
Technical field
The present invention relates to cause in the Web application Static Detection of the incredible variables of safety problem, special in the PHP language that is widely used in the Web application programming, by the PHP code structure of extracting, adopt the method for static analysis to locate the incredible variables that may exist in the Web application fast, the problem that incredible variables was difficult to detect during the Web that type and typeless language are write a little less than effectively solving used.
Background technology
Now, the increasing social activities of people is used by Web and is finished, and as shopping, financing, office and instant messaging etc., this requires the Web application to have high reliability and security.Web uses reliability and the security that the input data that receive will directly have influence on system.Compare with the input data that derive from local data base and file, especially be difficult to control by the data that the user is input in the Web application system, cause safety issue and Web application and trouble easily by user interaction process.This class user input data is called insincere data, and can receive and carry the variable of insincere data, is exactly incredible variables.
The method that is used to detect incredible variables at present mainly comprises two big classes: based on the detection of dynamic (being called for short the HTTP method) of http protocol, and based on the Static Detection (being called for short the PF method) of parametric function PF (ParameterFunction).The HTTP method can load a module in Web uses, dynamically recording is sent to the variable<name of server end, value〉right.The realization that HTTP method and Web use is irrelevant; Its shortcoming is: this method can only limit to the variable that the tester has access to by detected variable, if some hiding incredible variables do not use in test process, will stay potential safety hazard to system; And hiding incredible variables can occur in casual design and programming process, also might be the back door that system reserves.
During Web uses, the PF function be used to obtain variable<name, value〉right.The PF method is searched the incredible variables that exists in the Web application by all PF functions of Static Detection.The PF method is not easy to omit the incredible variables of explicit definition, if the Web application programming is followed the mode that all variablees adopt explicit definition, the PF method is effective.Ubiquity some " skills " can continue the new variable of definition by the value of existing variable during but at present a large amount of Web used, and it is very common that the Web of PHP language compilation uses this situation; Processing can make program small and exquisite and powerful like this, but problem is so to handle new variables to equal to have walked around the PF function, thereby makes the PF method lose the detection effect.
Summary of the invention
Fundamental purpose of the present invention is at the easy incredible variables that causes safety problem in the Web application of PHP language compilation, a kind of modular structure by the PHP code of extracting is proposed, the method that adopts static program analysis to come incredible variables in the recognition function module, auxiliary Web application and development and maintainer's fast detecting security breaches, the relative existing techniques in realizing of this method is simple, discrimination is higher, and be with good expansibility, can effectively solve existing method is difficult to effectively detect incredible variables in the Web that weak type and typeless language are write uses problem.
For achieving the above object, the present invention adopts following step:
1) all inlet files of identification PHPWeb application;
2) set out by the inlet file, the PHP code of each functional module that the PHP Web that extracts uses is avoided the interference of HTML code simultaneously, integrates all relevant PHP file and codes by (include/require) statement employing comprising in code alternative manner;
3) functional module of using with each PHPWeb after integrating is a unit, adopts the method identification incredible variables wherein of static analysis;
4) gather the analysis result of all modules, the analysis result of each module all is the set of an incredible variables, get each union of sets collection when gathering and generate report, in the report each incredible variables is all write down PHP file under it and the particular location in the file.
Above-mentioned steps 1) inlet file identification process is: use master catalogue from Web, the All Files item constitutes set W under the traversal catalogue; At each file item among the W,, then travel through under this catalogue the All Files item and add among the set W if file item is catalogue (file); If file item is a file, and be the PHP file, judge then whether this document has the inlet file characteristic: if the inlet file then adds it in the inlet file set; Otherwise ignore this document.Traversal and identification All Files item are empty up to set W, obtain the inlet file set that Web uses at last.
Above-mentioned steps 2) functional module integration process is: at an inlet file f, the PHP code that at first obtains wherein constitutes code set C
fInitialization files set I is used to write down the file that has comprised then; Next obtain code set C
fIn all comprise statement and form S set; Comprise statement s at each bar in the S set, at first determine the file i that quotes among the statement s
sIf the file i that quotes
sDo not appear among the initialization files set I, perhaps comprising instruction is not once to comprise, and then reads in file i
s, wherein the PHP code of extracting is in order to replace code set C
fIn comprise the appearance position of statement s; Next with file i
sBe recorded into set initialization files I, and add to the statement that comprises that may occur in its PHP code in the S set again; If statement s once comprises, and file i
sIn initialization files set I, then statement s is left in the basket, code set C
fMiddle correspondence position replaces with empty string; All processed and no longer include the new statement that comprises and add by this circulation all statements that comprise in S set; Code set C after obtaining after disposing integrating
fRepresent a complete functional module.
The identifying of the incredible variables of above-mentioned steps 3 is: at first all variablees are classified as three types: class variable (class_var), defined variable (defined_var) and incredible variables (untrusted_var), based on the functional module of each the PHP Web application after integrating, code set C extracts at every turn then
fIn three speech, according to the semanteme of speech identification determine incredible variables in this code set (functional module).The semanteme identification of speech is divided into 5 kinds of situations, to determine incredible variables, comprising:
The variable name that situation 1. " v " indicates, explanation is a variable;
Situation 2. " new " operational symbol, the speech of closelying follow thereafter is a class variable (class_var);
Situation 3. by " function name of (" symbology, explanation are function calls, then enter function body and obtain all variablees of overall importance;
The character string that situation 4. has been drawn together by quotation marks is then obtained all variablees of overall importance in character string;
Situation 5. " list " key word is considered as defined variable with all variablees that wherein occur;
Wherein: for situation 1,3 and 4, determine whether to the step of incredible variables to be: if this variable is to occur for the first time, and be the appearance of definition property, then variable is defined variable (defined_var), insert the defined variable set, and the scope of a variable of storage of variables; If usability occurs, then this variable is incredible variables (untrusted_var);
And whether for the first time decision variable step occurs and is: with this variable coupling defined variable set, if can mate and in action scope, then ignore this variable; If can not mate or outside action scope, then this variable is to occur for the first time.
The inventive method is used at the Web of the PHP language compilation of weak type, proposes from the inlet file identification, obtains the Web applied function module based on each inlet file; Be that unit adopts the method for static code analysis to resolve incredible variables then with the module.The inventive method is compared with existing method, has to realize simply, and superior performance does not disturb Web to use advantages such as actual operation performance.The experimental result comparison of using based on large-scale PHP Web shows, the incredible variables during the inventive method can efficient detection Web be used.This method can also be extended to other weak type easily or not have type Web application programming language, is with good expansibility.
Description of drawings
Fig. 1 is the overall framework that Web uses static detection method of incredible variables,
Fig. 2 is the corresponding relation figure of user's HTTP request with inlet file (webpage),
Fig. 3 is the processing flow chart of inlet file identification,
Fig. 4 is the organization chart of functional module during PHPWeb uses,
Fig. 5 is a processing flow chart of integrating the Web applied function module,
Fig. 6 is the processing flow chart that detects incredible variables in the individual module.
Embodiment
Figure 1 shows that the technological frame of static detection method of incredible variables in the application of PHP language Web.The input of framework is a PHP Web Application Server end file; Output is the incredible variables summary report.Technological frame is divided into four main modular: the inlet file that identification PHP Web uses; Integrate the functional module that PHP Web uses; The incredible variables of analytical capabilities module; Gather the incredible variables testing result.
At first discern all inlet files that PHP Web uses.Consider the PHP Web application file of server end, a Web uses a group of file set, the i.e. W={f that can be considered under the master catalogue (file)
1, f
2..., f
n.Wherein a part of PHP file is the inlet file that Web uses, as " index.php " file commonly used.The inlet file is directly corresponding with user's HTTP request usually, is the inlet that calls one group/class Web application function.Figure 2 shows that the corresponding relation figure of user's HTTP request with the inlet file.The corresponding same inlet file of a plurality of HTTP request possibilities calls different Web application functions by different parameter settings.
The feature of inlet file is relevant with concrete Web application programming, generally can first cited system common file, promptly comprise the PHP file of general utility functions or (as configuration) of overall importance variable; But not the inlet file generally has the disable access sign.Figure 3 shows that the processing flow chart of identification inlet file.The inlet file must be the PHP file; And the file that Web uses is under the different catalogues usually, needs all sub-directories under the visit master catalogue of recurrence, and is all accessed up to All Files.
The identifying of inlet file was during Web used: use master catalogue from Web, the All Files item constitutes set W under the traversal catalogue; At each file item among the W,, then travel through under this catalogue the All Files item and add among the set W if file item is catalogue (file); If file item is a file, and be the PHP file, judge then whether this document has the inlet file characteristic: if the inlet file then adds it in the inlet file set; Otherwise ignore this document.Traversal and identification All Files item are empty up to set W, obtain the inlet file set that Web uses at last.
Next integrates the functional module that PHP Web uses.Consider that from the functions of use angle PHP Web uses the set that can be considered one group of functional module, i.e. W={m
1, m
2..., m
t.The present invention defines a functional module and is set out by an inlet file, is the closure collection of all PHP files of related layer by layer (quoting), and the PHP code of extracting in the integration process is avoided the interference of HTML code.Integrate all relevant PHP file and codes by (include/require) statement employing comprising in code alternative manner; Need distinguish when processing comprises statement and disposablely comprise and repeatedly comprise.Figure 4 shows that the organization chart of functional module in the PHP Web application.As shown in the figure, a functional module is set out by an inlet file, comprises and quotes layer by layer and one group of related PHP file.A public or shared PHP file may belong to a plurality of functional modules simultaneously.
Figure 5 shows that the processing flow chart of integrating the Web applied function module.Only consider the PHP code in the integration process, avoid the interference of HTML code.Integrate all relevant PHP file and codes by (include/require) statement employing comprising in code alternative manner.Wherein need to distinguish and once comprise instruction (include_once ()/require_once ()) and repeatedly comprise instruction (include ()/require ()).
Press Fig. 5, at an inlet file f, the PHP code that at first obtains wherein constitutes c
fInitialization files set I is used to write down the file that has comprised then; Next obtain C
fIn all comprise statement and form set (formation) S.Comprise statement s at each bar in the S set, at first determine the file i that quotes among the statement s
sIf i
sDo not appear among the set I, perhaps comprising instruction is not once to comprise, and then reads in file i
s, wherein the PHP code of extracting is in order to replace C
fIn comprise the appearance position of statement s; Next with i
sBe recorded into set I, and the statement that comprises that may occur in its PHP code is added in the S set again.If s once comprises, and i
sIn set I, then statement s is left in the basket, C
fMiddle correspondence position replaces with empty string.All processed and no longer include the new statement that comprises and add by this circulation all statements that comprise in S set.The integration code C that obtains after disposing
fRepresent a complete functional module.
Resolve the incredible variables in each functional module once more.The definition of variable and initialization are generally carried out simultaneously in the PHP code, and the initialization of variable can be thought the definition appearance of variable.If when a variable occurs, directly being to use property appearance, system can determine this type of variables dynamically, and composes and give a corresponding initial value.It is exactly that usability occurs that a variable with overall effect occurs first, can think that so this variable is an incredible variables.Could be definite fully after the scope whether variable has overall effect and effect thereof need be integrated code.Incredible variables just directly is not used before having initialization, and its initial value is uncertain; Exist under the situation of attacking, can bring security threat for Web uses.
Resolve incredible variables with each PHP functional module after integrating (the one group/class function that corresponding Web uses) C
fBe unit, adopt the method for static analysis to discern the incredible variables that wherein may exist.Figure 6 shows that the processing flow chart that detects incredible variables in the individual module, input is the integration code C of individual module
f, output is to resolve incredible variables set U in the module that obtains.The present invention is classified as three types with the PHP variable: class variable (class_var), defined variable (defined_var) and incredible variables (untrusted_var).Read three speech (word) in the code during analysis, the semanteme of identification speech divides following 5 kinds of situations at every turn:
The variable name that situation 1. " $ " indicates, explanation is a variable.Need judge whether it is to occur for the first time, and be that definition property occurs or usability occurs.Under the situation that occurs for the first time, if the appearance of definition property, then variable is defined variable (defined_var), is added into the defined variable set, and the effective range of storage of variables (being action scope) information.If usability occurs, then this variable is incredible variables (untrusted_var).
Judge whether to be needing to occur the set of coupling defined variable for the first time, if can mate and in action scope, then ignore this variable; If can not mate or outside action scope, then this variable is to occur for the first time.
Situation 2. " new " operational symbol, the speech of closelying follow thereafter is a class variable (class_var);
Situation 3. is by " function name of (" symbology, explanation are function calls.Function or generic function, or the member function of class variable.Need enter function body and check incredible variables this moment;
The character string that situation 4. has been drawn together by quotation marks, need check incredible variables this moment in character string;
For situation 3 and situation 4, only need identification variable of overall importance wherein, and determine incredible variables or defined variable.
Situation 5. " list " key word is considered as defined variable with all variablees that wherein occur, and is added into defined variable set and memory action domain information.
The analysis result that gathers all modules at last generates Web and uses the incredible variables examining report.The analysis result of each functional module all is the set of an incredible variables, simply gets each union of sets collection when gathering.Even wherein note having incredible variables of the same name, they still represent different variablees.Each incredible variables is write down PHP file under it and the particular location in the file.
6.0.0 as experimental subjects. System is invalid substantially.Compare with the inventive method and dynamic HTTP method in the experiment. The comparison data of 10 the most frequently used functional modules (inlet file) testing result in the system, wherein the HTTP method is the detection data that operation continuously obtained in 12 days.
Functional module | The inventive method | The HTTP method | Improve ratio |
register.php | 91 | 86 | 5(6%) |
post.php | 159 | 109 | 50(46%) |
logging.php | 55 | 60 | -5(-8%) |
viewthread.php | 79 | 65 | 14(22%) |
forumdisplay.php | 61 | 68 | -7(-10%) |
redirect.php | 82 | 36 | 46(128%) |
index.php | 54 | 37 | 17(46%) |
tag.php | 44 | 44 | 0(0%) |
space.php | 53 | 32 | 21(66%) |
attachment.php | 45 | 13 | 32(246%) |
Can find that by data in the table in most of the cases the testing result of the inventive method is better than the HTTP method. System has 36 functional modules, and HTTP method operation was continuously only found the wherein incredible variables of 29 modules in 12 days, and wherein 26 module the inventive method testing results are more excellent; The inventive method also detects the incredible variables of 7 modules of residue in addition.The HTTP method need load detection module in Web uses, therefore can produce certain influence to the Web application performance; The HTTP method needs longer a period of time of continuous service can find abundant incredible variables in addition.There are not these problems in the inventive method.In addition, the inventive method also can be extended to other weak type easily or not have type Web application programming language, is with good expansibility.
Claims (6)
1. the static detection method of incredible variables during a PHP language Web is used is characterized in that may further comprise the steps:
1) all inlet files of identification PHP Web application;
2) set out by the inlet file, the PHP code of each functional module that the PHP Web that extracts uses is avoided the interference of HTML code simultaneously, integrates all relevant PHP file and codes by (include/require) statement employing comprising in code alternative manner;
3) functional module of using with each the PHP Web after integrating is a unit, adopts the method identification incredible variables wherein of static analysis;
4) gather the analysis result of all modules, the analysis result of each module all is the set of an incredible variables, get each union of sets collection when gathering and generate report, in the report each incredible variables is all write down PHP file under it and the particular location in the file.
2. the static detection method of incredible variables during PHP language Web according to claim 1 is used is characterized in that the inlet file identification process of step 1) is: use master catalogue from Web, the All Files item constitutes set W under the traversal catalogue; At each file item among the W,, then travel through under this catalogue the All Files item and add among the set W if file item is a catalogue; If file item is a file, and be the PHP file, judge then whether this document has the inlet file characteristic: if the inlet file then adds it in the inlet file set; Otherwise ignore this document.Traversal and identification All Files item are empty up to set W, obtain the inlet file set that Web uses at last.
3. the static detection method of incredible variables is characterized in that step 2 during PHP language Web according to claim 1 and 2 was used) the functional module integration process be: at an inlet file f, the PHP code that at first obtains wherein constitutes code set C
fInitialization files set I is used to write down the file that has comprised then; Next obtain code set C
fIn all comprise statement and form S set; Comprise statement s at each bar in the S set, at first determine the file i that quotes among the statement s
sIf the file i that quotes
sDo not appear among the initialization files set I, perhaps comprising instruction is not once to comprise, and then reads in file i
s, wherein the PHP code of extracting is in order to replace code set C
fIn comprise the appearance position of statement s; Next with file i
sBe recorded into set initialization files I, and add to the statement that comprises that may occur in its PHP code in the S set again; If statement s once comprises, and file i
sIn initialization files set I, then statement s is left in the basket, code set C
fMiddle correspondence position replaces with empty string; All processed and no longer include the new statement that comprises and add by this circulation all statements that comprise in S set; Code set C after obtaining after disposing integrating
fRepresent a complete functional module.
4. the static detection method of incredible variables during PHP language Web according to claim 3 is used, the identifying that it is characterized in that the incredible variables of step 3) is: at first all variablees are classified as three types: class variable (class_var), defined variable (defined_var) and incredible variables (untrusted_var), based on the functional module of each the PHP Web application after integrating, code set C extracts at every turn then
fIn three speech, according to the semanteme of speech identification determine incredible variables in this code set (functional module).
5. the static detection method of incredible variables during PHP language Web according to claim 4 is used, it is characterized in that the semanteme identification of speech and incredible variables determine be divided into 5 kinds of situations, comprising:
The variable name that situation 1. " $ " indicates, explanation is a variable;
Situation 2. " new " operational symbol, the speech of closelying follow thereafter is a class variable (class_var);
Situation 3. is by " function name of (" symbology, explanation are function calls, then enter function body and obtain all variablees of overall importance;
The character string that situation 4. has been drawn together by quotation marks is then obtained all variablees of overall importance in character string;
Situation 5. " list " key word is considered as defined variable with all variablees that wherein occur;
Wherein, for situation 1,3 and 4, determine whether to the step of incredible variables to be: if this variable is to occur for the first time, and be the appearance of definition property, then variable is defined variable (defined_var), inserts the defined variable set, and the scope of a variable of storage of variables; If the appearance of being to use property occurs for the first time, then this variable is incredible variables (untrusted_var).
6. the static detection method of incredible variables in using according to the PHP language Web of claim 5, it is characterized in that whether decision variable step occurs for the first time and be: with this variable coupling defined variable set, if can mate and in action scope, then ignore this variable; If can not mate or outside action scope, then this variable is to occur for the first time.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN2010102264608A CN101916340A (en) | 2010-07-14 | 2010-07-14 | Static detection method of incredible variables in PHP (Professional Hypertext Preprocessor) language Web application |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN2010102264608A CN101916340A (en) | 2010-07-14 | 2010-07-14 | Static detection method of incredible variables in PHP (Professional Hypertext Preprocessor) language Web application |
Publications (1)
Publication Number | Publication Date |
---|---|
CN101916340A true CN101916340A (en) | 2010-12-15 |
Family
ID=43323850
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN2010102264608A Pending CN101916340A (en) | 2010-07-14 | 2010-07-14 | Static detection method of incredible variables in PHP (Professional Hypertext Preprocessor) language Web application |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN101916340A (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104899016A (en) * | 2014-03-07 | 2015-09-09 | 腾讯科技(深圳)有限公司 | Call stack relationship obtaining method and call stack relationship obtaining device |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20040181677A1 (en) * | 2003-03-14 | 2004-09-16 | Daewoo Educational Foundation | Method for detecting malicious scripts using static analysis |
WO2006081459A2 (en) * | 2005-01-25 | 2006-08-03 | Whitehat Security, Inc. | System for detecting vulnerabilities in web applications using client-side application interfaces |
CN101661543A (en) * | 2008-08-28 | 2010-03-03 | 西门子(中国)有限公司 | Method and device for detecting security flaws of software source codes |
-
2010
- 2010-07-14 CN CN2010102264608A patent/CN101916340A/en active Pending
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20040181677A1 (en) * | 2003-03-14 | 2004-09-16 | Daewoo Educational Foundation | Method for detecting malicious scripts using static analysis |
WO2006081459A2 (en) * | 2005-01-25 | 2006-08-03 | Whitehat Security, Inc. | System for detecting vulnerabilities in web applications using client-side application interfaces |
CN101661543A (en) * | 2008-08-28 | 2010-03-03 | 西门子(中国)有限公司 | Method and device for detecting security flaws of software source codes |
Non-Patent Citations (2)
Title |
---|
《E-Business and Information System Security》 20090524 Peng Shushen等 Static Detection of Un-Trusted Variables in PHP Web Applications , * |
《计算机应用》 20041031 王洪 PHP网站建设的安全性研究 第24卷, 第10期 2 * |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104899016A (en) * | 2014-03-07 | 2015-09-09 | 腾讯科技(深圳)有限公司 | Call stack relationship obtaining method and call stack relationship obtaining device |
CN104899016B (en) * | 2014-03-07 | 2018-10-09 | 腾讯科技(深圳)有限公司 | Allocating stack Relation acquisition method and device |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN109582861B (en) | Data privacy information detection system | |
CN103559235B (en) | A kind of online social networks malicious web pages detection recognition methods | |
CN107659570A (en) | Webshell detection methods and system based on machine learning and static and dynamic analysis | |
CN109753800A (en) | Merge the Android malicious application detection method and system of frequent item set and random forests algorithm | |
WO2021017735A1 (en) | Smart contract formal verification method, electronic apparatus and storage medium | |
CN102831345A (en) | Injection point extracting method in SQL (Structured Query Language) injection vulnerability detection | |
CN106572117A (en) | Method and apparatus for detecting WebShell file | |
CN105335655A (en) | Android application safety analysis method based on sensitive behavior identification | |
CN101751530B (en) | Method for detecting loophole aggressive behavior and device | |
CN106570399B (en) | A kind of detection method of across App inter-module privacy leakage | |
US20120239540A1 (en) | Systems, devices and methods for automatic detection and masking of private data | |
CN104966031A (en) | Method for identifying permission-irrelevant private data in Android application program | |
CN107169351A (en) | With reference to the Android unknown malware detection methods of dynamic behaviour feature | |
CN107341399A (en) | Assess the method and device of code file security | |
CN103412882A (en) | Method and device for distinguishing consumption intention | |
CN102542201A (en) | Detection method and system for malicious codes in web pages | |
CN106294222A (en) | A kind of method and device determining PCIE device and slot corresponding relation | |
CN102541937A (en) | Webpage information detection method and system | |
US20070239653A1 (en) | User interface morph based on permissions | |
CN109543410A (en) | One kind being based on the associated malicious code detecting method of Semantic mapping | |
CN109146625B (en) | Content-based multi-version App update evaluation method and system | |
CN112149124A (en) | Android malicious program detection method and system based on heterogeneous information network | |
CN106503266A (en) | Document Classification Method and device | |
CN104252447A (en) | File behavior analysis method and device | |
CN101895517B (en) | Method and device for extracting script semantics |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C02 | Deemed withdrawal of patent application after publication (patent law 2001) | ||
WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20101215 |