CN116055218A - User login request identification method and system for web application security detection - Google Patents

User login request identification method and system for web application security detection Download PDF

Info

Publication number
CN116055218A
CN116055218A CN202310205160.9A CN202310205160A CN116055218A CN 116055218 A CN116055218 A CN 116055218A CN 202310205160 A CN202310205160 A CN 202310205160A CN 116055218 A CN116055218 A CN 116055218A
Authority
CN
China
Prior art keywords
characteristic value
web application
request data
weight
request
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202310205160.9A
Other languages
Chinese (zh)
Other versions
CN116055218B (en
Inventor
刘海涛
万振华
王颉
李华
董燕
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Seczone Technology Co Ltd
Original Assignee
Seczone Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Seczone Technology Co Ltd filed Critical Seczone Technology Co Ltd
Priority to CN202310205160.9A priority Critical patent/CN116055218B/en
Publication of CN116055218A publication Critical patent/CN116055218A/en
Application granted granted Critical
Publication of CN116055218B publication Critical patent/CN116055218B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/02Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D10/00Energy efficient computing, e.g. low power processors, power management or thermal management

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Power Engineering (AREA)
  • Computer And Data Communications (AREA)

Abstract

The invention discloses a user login request identification method and a system for web application security detection, wherein the method comprises the following steps: inserting a web application through an inserting tool, and weaving tracking logic into the web application; acquiring all request data entering the web application and a data stream of the request data; judging whether the current request data is positioned in a preset request library or not, and returning a corresponding first characteristic value according to a judging result; judging whether new session information is generated and used in the web application or not according to the current request data, and returning a corresponding second characteristic value according to a judging result; calculating the sum of the first characteristic value and the second characteristic value to obtain a comprehensive characteristic value; when the comprehensive characteristic value exceeds a threshold value, defining the current request data as a login request; the method can complete quick and accurate identification of the user login request, and achieves the purposes of reducing manual operation and hiding login addresses by an identification program.

Description

User login request identification method and system for web application security detection
Technical Field
The invention relates to the technical field of web application security detection, in particular to a user login request identification method and system used in web application security detection.
Background
With the continuous evolution of application programs from a client to a browser, people are increasingly accustomed to data interaction at a webpage end, and before the data interaction, a common site can require that people input a user name and a password to carry out identity login verification before the data interaction. Thus, the problems of whether a login request can be normally used, whether a web application contains an unknown unsafe login entry, and the like are important parts for influencing the service functions of the web application. The security issues that exist with the login request itself are also particularly significant. However, since the address and description of the login request interface of each web application are different, how to quickly and accurately locate the login request interface in the security detection of the web application by the security detection tool is a difficult problem. Currently, security detection tools on the market generally determine the similarity of keywords of a request address, such as/logic,/sine, etc., and if a developer changes a login request address to/in,/dl, the security detection tools generally have difficulty identifying the login request address as a login request. In addition, detection and identification of some business logic vulnerabilities (override and flow bypass) need to locate user information of the current operation, but in the execution process of the request, we can only obtain session or token information of the request, and it is difficult to reverse to the login user name of the user. When such business logic vulnerability problems occur, it is often inconvenient to add login user information to print by modifying codes of affected applications, or manually specify login request addresses in a security detection tool. And it may also happen that the developer of the application program hides the second login request, which may cause a hidden danger of leaving behind the program back door.
Disclosure of Invention
The invention aims to provide a user login request identification method and system for web application security detection, which can rapidly and accurately locate login requests.
To achieve the above object, the present invention discloses a user login request identification method for use in web application security detection, which includes:
inserting a web application through an inserting tool, and weaving tracking logic into the web application;
acquiring all request data and data streams of the request data entering the web application based on the tracking logic;
judging whether the current request data is positioned in a preset request library or not, and returning a corresponding first characteristic value according to a judging result;
judging whether new session information is generated and used in the web application or not according to the current request data, and returning a corresponding second characteristic value according to a judging result;
respectively giving different weights to the first characteristic value and the second characteristic value, wherein the weight of the first characteristic value is larger than that of the second characteristic value, and calculating the sum of the first characteristic value and the second characteristic value to obtain a comprehensive characteristic value;
when the integrated characteristic value crosses a threshold value, the request data is defined as a login request.
Preferably, according to the current data flow of the request data, judging whether the request data trigger a known login verification function in the web application, returning a third characteristic value according to a judging result, giving weight to the third characteristic value, wherein the weight of the third characteristic value is smaller than the weight of the first characteristic value and the weight of the second characteristic value, and calculating the sum of the first characteristic value, the second characteristic value and the third characteristic value to obtain the comprehensive characteristic value.
Preferably, according to the current data flow of the request data, whether a user name and a password verification process exist or not is judged, a fourth characteristic value is returned according to a judging result, weight is given to the fourth characteristic value, the weight of the fourth characteristic value is smaller than the weight of the first characteristic value and the weight of the second characteristic value, and the sum of the first characteristic value, the second characteristic value and the fourth characteristic value is calculated to obtain the comprehensive characteristic value.
Preferably, the method for judging whether the current request data has new session information generated and used in the web application comprises the following steps:
judging whether new session information is generated in the request data through a session function, if so, storing the session information, and tracking the return information of the request data;
and judging whether response information of the request data has a response header field and whether the response header field has the session information.
The invention also discloses a user login request identification system used in web application security detection, which comprises:
a instrumentation module for instrumentation of a web application by an instrumentation tool to incorporate tracking logic into the web application, the tracking logic for obtaining a data stream of request data into the web application;
a data stream acquisition module for acquiring all request data and data streams of the request data entering the web application based on the tracking logic;
the first judging module is used for judging whether the current request data is positioned in a preset request library or not and returning a corresponding first characteristic value according to a judging result;
the second judging module is used for judging whether new session information is generated and used in the web application or not according to the current request data, and returning a corresponding second characteristic value according to a judging result;
a calculation module for giving different weights to the first feature value and the second feature value, respectively, wherein the weight of the first feature value is larger than that of the second feature value, and calculating the sum of the first feature value and the second feature value to obtain a comprehensive feature value;
and the confirmation module is used for defining the current request data as a login request when the comprehensive characteristic value exceeds a threshold value.
Preferably, the system further comprises a third judging module, wherein the third judging module is used for judging whether the request data trigger a known login verification function in the web application currently and returning a third characteristic value according to a judging result;
the calculation module further assigns a weight to the third feature value, wherein the weight of the third feature value is smaller than the weight of the first feature value and the weight of the second feature value, and calculates the sum of the first feature value, the second feature value and the third feature value to obtain the comprehensive feature value.
Preferably, the system further comprises a fourth judging module, wherein the fourth judging module is used for judging whether a user-defined user name and password verification process exists or not and returning a fourth characteristic value according to a judging result;
the computing module assigns a weight to the fourth characteristic value, wherein the weight of the fourth characteristic value is smaller than the weight of the first characteristic value and the weight of the second characteristic value, and calculates the sum of the first characteristic value, the second characteristic value and the fourth characteristic value to obtain the comprehensive characteristic value.
Preferably, the second judging module comprises a preparing module and a judging module; the preparation module is used for storing the session information and tracking the return information of the request data when the new session information is confirmed to be generated in the request data through the session function; the judging module is used for judging whether the response information of the request data has a response header field and whether the response header field has the session information.
The invention also discloses another user login request identification system, which comprises:
one or more processors;
a memory;
and one or more programs, wherein the one or more programs are stored in the memory and configured to be executed by the one or more processors, the programs including instructions for performing the user login request identification method for use in web application security detection as described above.
The invention also discloses a computer readable storage medium comprising a computer program executable by a processor to perform the user login request identification method for use in web application security detection as described above.
Compared with the prior art, the technical scheme of the invention judges whether the current request data is positioned in the preset request library or not and judges whether new session information is generated and used in the web application or not by tracking the data flow of the request data in the web application through the pile insertion of the web application, calculates the comprehensive characteristic value according to the judging result, and further determines whether the current request data is defined as a login request according to the comparison of the comprehensive characteristic value and the preset threshold value so as to fulfill the purposes of quickly and accurately identifying the login request of the user, reducing manual operation and hiding the login address of an identification program.
Drawings
Fig. 1 is a flowchart of a method for identifying a user login request according to an embodiment of the present invention.
Detailed Description
In order to describe the technical content, the constructional features, the achieved objects and effects of the present invention in detail, the following description is made in connection with the embodiments and the accompanying drawings.
The embodiment discloses a user login request identification method for identifying and positioning login request data in web application security detection, as shown in fig. 1, the identification method comprises the following steps:
s1: based on IAST technology, the web application is instrumented by an instrumentation tool, and tracking logic is woven into the web application.
S2: all request data and data streams of the request data entering the web application are acquired based on the tracking logic.
S3: judging whether the current request data is positioned in a preset request library or not, and returning a corresponding first characteristic value according to a judging result. In this embodiment, the request library is a login request experience library constructed in advance, in which a plurality of request set information, such as request set information a { "loginUri": "/login", "loginUserKey": [ "name", "pwd" ] }, are recorded. The request set information in the request library can be manually input by a user, and the subsequently identified login request information can also be automatically added.
S4: and judging whether new session information is generated and used in the web application or not according to the current request data, and returning a corresponding second characteristic value according to a judging result.
In this embodiment, the first feature value and the second feature value are both 0 or 1, that is, in step S3, if the request data is currently located in the preset request library, the returned first feature value is 1, otherwise, is 0. In step S4, if the request data currently has new session information generated and used in the web application, the returned second feature value is 1, otherwise, is 0.
S5: and respectively giving different weights to the first characteristic value and the second characteristic value, wherein the weight of the first characteristic value is larger than that of the second characteristic value, and calculating the sum of the first characteristic value and the second characteristic value to obtain a comprehensive characteristic value.
S6: when the integrated characteristic value crosses a threshold value, the request data is defined as a login request.
According to the identification method, the data flow of the request data in the web application is tracked through the pile insertion of the web application, so that whether the request data are currently located in a preset request library or not is judged, whether new session information is generated and used in the web application or not is judged, a comprehensive characteristic value is calculated according to a judgment result, whether the current request data are defined as login requests or not is judged according to comparison of the comprehensive characteristic value and a preset threshold value, quick and accurate identification of the user login requests is completed, and the purposes of reducing manual operation and hiding login addresses of identification programs are achieved.
Further, the obtaining of the comprehensive characteristic value is further perfected, that is, according to the current data flow of the request data, whether the request data trigger a known login verification function in the web application is judged, a third characteristic value is returned according to a judging result, weight is given to the third characteristic value, the weight of the third characteristic value is smaller than the weight of the first characteristic value and the weight of the second characteristic value, and the sum of the first characteristic value, the second characteristic value and the third characteristic value is calculated to obtain the comprehensive characteristic value. In this embodiment, if the current request data triggers a login verification function known in the web application, the returned third feature value is 1, otherwise, is 0.
Further, the obtaining of the comprehensive characteristic value is perfected again, that is, according to the current data flow of the request data, whether a user-defined user name and password verification process exists is judged, a fourth characteristic value is returned according to a judging result, weight is given to the fourth characteristic value, the weight of the fourth characteristic value is smaller than the weight of the first characteristic value and the weight of the second characteristic value, and the sum of the first characteristic value, the second characteristic value and the fourth characteristic value is calculated to obtain the comprehensive characteristic value. In this embodiment, if there is a user-defined user name and password verification flow, the returned fourth feature value is 1, otherwise, it is 0.
For the authentication flow of user name and password, there are two usage scenarios in the current web application, scenario 1 is: inquiring the corresponding password from the database according to the user name, and comparing the password with the password input by the user, wherein the execution program is as follows:
String userName = request.getParameter(“name”);
String passWord = request.getParameter(“pwd”);
try {
class.forname ("com.mysql.jdbc.driver");// load driver
String url= "jdbc: mysql:// localhost:3306/test"; definition String url test is the database name
Connection conn=drivermnager.getconnection (url, "root")// Connection to database
The usernames in the String sqlStr= "select name, sex, password from users where name =" +username;// sql statement come from user input
Statement st = conn.createStatement();
ResultSet rs = st.executeQuery(sqlStr);
String pwd = rs.getResult(“password”):
If(SecurityUtils.addSalt(passWord).equals(pwd){
log.info(“login success”);
}
rs. Close ()// close resources
st.close ();// close resources
conn close ();// close resources
} catch (Exception e) {
e.printStackTrace();
}。
The scenario 2 is that the user name and the password are compared with the information in the database as a whole, and the execution program is as follows:
String userName = request.getParameter(“name”);
String passWord = request.getParameter(“pwd”);
try {
class.forname ("com.mysql.jdbc.driver");// load driver
String url= "jdbc: mysql:// localhost:3306/test"; definition String url test is the database name
Connection conn=drivermnager.getconnection (url, "root")// Connection to database
String sqlStr= "select name, sex from users where name =" +userName+ "and password=" +password = ", passWord from user input in the/(sql) sentence
Statement st = conn.createStatement();
ResultSet rs = st.executeQuery(sqlStr);
rs. Close ()// close resources
st.close ();// close resources
conn close ();// close resources
} catch (Exception e) {
e.printStackTrace();
}。
And when judging whether a user name and password verification flow exists, for the scene 1, tracking the data flow of the data returned by the query, and judging whether logic for performing equal function comparison with the data input by the user exists. For scenario 2, it is determined whether there is information (user, name, pwd, username, password, etc.) in the query sentence that is similar to the data entered by the user, corresponding to the table field name for which the data was entered by the user.
In summary, the weight given to the first eigenvalue X1 is a, the weight given to the second eigenvalue X2 is b, the weight given to the third eigenvalue X3 is c, and the weight given to the fourth eigenvalue X4 is d, wherein a+b+c+d=1.
When X1 is 1, X2 is 1, X3 is 0, and X4 is 0, z=0.6 is greater than a threshold value of 0.5, the request data is defined as a login request, and address information of the login request is recorded so as to facilitate searching.
Further, the method for judging whether the new session information is generated and used in the web application according to the request data comprises the following steps:
judging whether new session information is generated in the request data through a session function, if so, storing the session information, tracking the return information of the request data, further judging whether a response header field (Set-Cookie) exists in the response information of the request data, and judging whether the session information exists in the response header field, if so, indicating that the new session information is generated in the current request data.
The invention also discloses a user login request identification system used in web application security detection, which comprises:
a instrumentation module for instrumentation of a web application by an instrumentation tool to incorporate tracking logic into the web application, the tracking logic for obtaining a data stream of request data into the web application;
a data stream acquisition module for acquiring all request data and data streams of the request data entering the web application based on the tracking logic;
the first judging module is used for judging whether the current request data is positioned in a preset request library or not and returning a corresponding first characteristic value according to a judging result;
the second judging module is used for judging whether new session information is generated and used in the web application or not according to the current request data, and returning a corresponding second characteristic value according to a judging result;
a calculation module for giving different weights to the first feature value and the second feature value, respectively, wherein the weight of the first feature value is larger than that of the second feature value, and calculating the sum of the first feature value and the second feature value to obtain a comprehensive feature value;
and the confirmation module is used for defining the current request data as a login request when the comprehensive characteristic value exceeds a threshold value.
Preferably, the system further comprises a third judging module, wherein the third judging module is used for judging whether the request data trigger a known login verification function in the web application currently and returning a third characteristic value according to a judging result;
the calculation module further assigns a weight to the third feature value, wherein the weight of the third feature value is smaller than the weight of the first feature value and the weight of the second feature value, and calculates the sum of the first feature value, the second feature value and the third feature value to obtain the comprehensive feature value.
Preferably, the system further comprises a fourth judging module, wherein the fourth judging module is used for judging whether a user-defined user name and password verification process exists or not and returning a fourth characteristic value according to a judging result;
the computing module assigns a weight to the fourth characteristic value, wherein the weight of the fourth characteristic value is smaller than the weight of the first characteristic value and the weight of the second characteristic value, and calculates the sum of the first characteristic value, the second characteristic value and the fourth characteristic value to obtain the comprehensive characteristic value.
Preferably, the second judging module comprises a preparing module and a judging module; the preparation module is used for storing the session information and tracking the return information of the request data when the new session information is confirmed to be generated in the request data through the session function; the judging module is used for judging whether the response information of the request data has a response header field and whether the response header field has the session information.
The working principle and working manner of the user login request identification system in this embodiment are detailed in the above-mentioned user login request identification method, and are not described here again.
The present invention also discloses another user login request identification system comprising one or more processors, a memory and one or more programs, wherein one or more programs are stored in the memory and configured to be executed by the one or more processors, the programs comprising instructions for performing the user login request identification method as described above. The processor may be a general-purpose central processing unit (Central Processing Unit, CPU), microprocessor, application specific integrated circuit (Application Specific Integrated Circuit, ASIC), or one or more integrated circuits for executing related programs to implement the functions required to be performed by the modules in the user login request identification system of the embodiments of the present application, or perform the user login request identification method of the embodiments of the present application.
The invention also discloses a computer readable storage medium comprising a computer program executable by a processor to perform the user login request identification method as described above. The computer readable storage medium may be any available medium that can be accessed by a computer or a data storage device such as a server, data center, etc. that contains an integration of one or more available media. The usable medium may be a read-only memory (ROM), or a random-access memory (random access memory, RAM), or a magnetic medium, for example, a floppy disk, a hard disk, a magnetic tape, a magnetic disk, or an optical medium, for example, a digital versatile disk (digital versatile disc, DVD), or a semiconductor medium, for example, a Solid State Disk (SSD), or the like.
The present application also discloses a computer program product or a computer program comprising computer instructions stored in a computer readable storage medium. The processor of the electronic device reads the computer instructions from the computer-readable storage medium, and the processor executes the computer instructions so that the electronic device performs the user login request identification method described above.
The foregoing description of the preferred embodiments of the present invention is not intended to limit the scope of the claims, which follow, as defined in the claims.

Claims (10)

1. A method for identifying a user login request in web application security detection, comprising:
inserting a web application through an inserting tool, and weaving tracking logic into the web application;
acquiring all request data and data streams of the request data entering the web application based on the tracking logic;
judging whether the current request data is positioned in a preset request library or not, and returning a corresponding first characteristic value according to a judging result;
judging whether new session information is generated and used in the web application or not according to the current request data, and returning a corresponding second characteristic value according to a judging result;
respectively giving different weights to the first characteristic value and the second characteristic value, wherein the weight of the first characteristic value is larger than that of the second characteristic value, and calculating the sum of the first characteristic value and the second characteristic value to obtain a comprehensive characteristic value;
when the integrated characteristic value crosses a threshold value, the request data is defined as a login request.
2. The method according to claim 1, wherein determining whether the request data trigger a known login verification function in the web application according to a data flow of the request data, returning a third feature value according to a determination result, giving a weight to the third feature value, wherein the weight of the third feature value is smaller than the weight of the first feature value and the weight of the second feature value, and calculating a sum of the first feature value, the second feature value and the third feature value to obtain the integrated feature value.
3. The method for identifying a user login request in web application security detection according to claim 1, wherein whether a user name and password verification process is customized is judged according to a current data flow of the request data, a fourth characteristic value is returned according to a judgment result, weight is given to the fourth characteristic value, the weight of the fourth characteristic value is smaller than the weight of the first characteristic value and the weight of the second characteristic value, and the sum of the first characteristic value, the second characteristic value and the fourth characteristic value is calculated to obtain the comprehensive characteristic value.
4. The method for identifying a user login request in web application security detection according to claim 1, wherein the method for determining whether the request data currently has new session information generated and used in the web application comprises:
judging whether new session information is generated in the request data through a session function, if so, storing the session information, and tracking the return information of the request data;
and judging whether response information of the request data has a response header field and whether the response header field has the session information.
5. A user login request identification system for use in web application security detection, comprising:
a instrumentation module for instrumentation of a web application by an instrumentation tool to incorporate tracking logic into the web application, the tracking logic for obtaining a data stream of request data into the web application;
a data stream acquisition module for acquiring all request data and data streams of the request data entering the web application based on the tracking logic;
the first judging module is used for judging whether the current request data is positioned in a preset request library or not and returning a corresponding first characteristic value according to a judging result;
the second judging module is used for judging whether new session information is generated and used in the web application or not according to the current request data, and returning a corresponding second characteristic value according to a judging result;
a calculation module for giving different weights to the first feature value and the second feature value, respectively, wherein the weight of the first feature value is larger than that of the second feature value, and calculating the sum of the first feature value and the second feature value to obtain a comprehensive feature value;
and the confirmation module is used for defining the current request data as a login request when the comprehensive characteristic value exceeds a threshold value.
6. The system for identifying a user login request in web application security detection according to claim 5, further comprising a third judging module for judging whether the request data currently triggers a known login verification function in the web application, and returning a third feature value according to a judgment result;
the calculation module further assigns a weight to the third feature value, wherein the weight of the third feature value is smaller than the weight of the first feature value and the weight of the second feature value, and calculates the sum of the first feature value, the second feature value and the third feature value to obtain the comprehensive feature value.
7. The system for identifying a user login request in web application security detection according to claim 5, further comprising a fourth judging module, wherein the fourth judging module is configured to judge whether a user name and password verification process exists, and return a fourth feature value according to a judging result;
the computing module assigns a weight to the fourth characteristic value, wherein the weight of the fourth characteristic value is smaller than the weight of the first characteristic value and the weight of the second characteristic value, and calculates the sum of the first characteristic value, the second characteristic value and the fourth characteristic value to obtain the comprehensive characteristic value.
8. The user login request identification system for use in web application security detection according to claim 5, wherein said second judgment module comprises a preparation module and a judgment module; the preparation module is used for storing the session information and tracking the return information of the request data when the new session information is confirmed to be generated in the request data through the session function; the judging module is used for judging whether the response information of the request data has a response header field and whether the response header field has the session information.
9. A user login request identification system, comprising:
one or more processors;
a memory;
and one or more programs, wherein the one or more programs are stored in the memory and configured to be executed by the one or more processors, the programs including instructions for performing the user login request identification method for use in web application security detection as recited in any of claims 1 to 4.
10. A computer readable storage medium comprising a computer program executable by a processor to perform the user login request identification method for use in web application security detection as recited in any one of claims 1 to 4.
CN202310205160.9A 2023-03-06 2023-03-06 User login request identification method and system for web application security detection Active CN116055218B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202310205160.9A CN116055218B (en) 2023-03-06 2023-03-06 User login request identification method and system for web application security detection

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202310205160.9A CN116055218B (en) 2023-03-06 2023-03-06 User login request identification method and system for web application security detection

Publications (2)

Publication Number Publication Date
CN116055218A true CN116055218A (en) 2023-05-02
CN116055218B CN116055218B (en) 2023-06-23

Family

ID=86123948

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202310205160.9A Active CN116055218B (en) 2023-03-06 2023-03-06 User login request identification method and system for web application security detection

Country Status (1)

Country Link
CN (1) CN116055218B (en)

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2017076412A (en) * 2016-11-21 2017-04-20 インテル・コーポレーション Test, verification, and program and method of debug architecture
CN109165507A (en) * 2018-07-09 2019-01-08 深圳开源互联网安全技术有限公司 Cross-site scripting attack leak detection method, device and terminal device
US10467419B1 (en) * 2018-10-31 2019-11-05 Capital One Services, Llc Methods and systems for determining software risk scores
CN112906011A (en) * 2021-05-07 2021-06-04 北京安普诺信息技术有限公司 Vulnerability discovery method, testing method, security testing method, related device and platform
CN115186274A (en) * 2022-09-14 2022-10-14 深圳开源互联网安全技术有限公司 IAST-based security test method and device
CN115687115A (en) * 2022-10-31 2023-02-03 上海计算机软件技术开发中心 Automatic testing method and system for mobile application program

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2017076412A (en) * 2016-11-21 2017-04-20 インテル・コーポレーション Test, verification, and program and method of debug architecture
CN109165507A (en) * 2018-07-09 2019-01-08 深圳开源互联网安全技术有限公司 Cross-site scripting attack leak detection method, device and terminal device
US10467419B1 (en) * 2018-10-31 2019-11-05 Capital One Services, Llc Methods and systems for determining software risk scores
CN112906011A (en) * 2021-05-07 2021-06-04 北京安普诺信息技术有限公司 Vulnerability discovery method, testing method, security testing method, related device and platform
CN115186274A (en) * 2022-09-14 2022-10-14 深圳开源互联网安全技术有限公司 IAST-based security test method and device
CN115687115A (en) * 2022-10-31 2023-02-03 上海计算机软件技术开发中心 Automatic testing method and system for mobile application program

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
沈科;叶晓俊;刘孝男;李斌;: "基于API调用分析的Android应用行为意图推测", 清华大学学报(自然科学版), no. 11 *

Also Published As

Publication number Publication date
CN116055218B (en) 2023-06-23

Similar Documents

Publication Publication Date Title
US10587612B2 (en) Automated detection of login sequence for web form-based authentication
US20080091650A1 (en) Augmented Search With Error Detection and Replacement
CN110602029B (en) Method and system for identifying network attack
WO2015117560A1 (en) Web page recognizing method and apparatus
TW201629821A (en) System and method for user identity verification, and client and server by use thereof
CN110096303B (en) Code detection method and device
CN111641588A (en) Webpage analog input detection method and device, computer equipment and storage medium
CN113157854A (en) Sensitive data leakage detection method and system of API
JP7254925B2 (en) Transliteration of data records for improved data matching
US11899770B2 (en) Verification method and apparatus, and computer readable storage medium
CN110532461B (en) Information platform pushing method and device, computer equipment and storage medium
CN107305615B (en) Data table identification method and system
CN116055218B (en) User login request identification method and system for web application security detection
WO2017080183A1 (en) Network novel chapter list evaluation method and device
CN111338958A (en) Parameter generation method and device of test case and terminal equipment
JP2023053925A (en) Computer-implemented method, computer program and system for optimally performing stress test of big data management systems (workload generation for optimal stress test of big data management systems)
CN115801455A (en) Website fingerprint-based counterfeit website detection method and device
CN116094849A (en) Application access authentication method, device, computer equipment and storage medium
US10693855B1 (en) Fraud detection
CN115357899A (en) Method and system for detecting storage type loophole based on IAST technology
US11030082B1 (en) Application programming interface simulation based on declarative annotations
CN116521511A (en) Risk code pre-detection method, device, equipment and storage medium
US10515219B2 (en) Determining terms for security test
KR102448784B1 (en) Method for providing weighting using device fingerprint, recording medium and device for performing the method
CN115935359B (en) File processing method, device, computer equipment and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant