CN111797407B - 一种基于深度学习模型优化的xss漏洞检测方法 - Google Patents
一种基于深度学习模型优化的xss漏洞检测方法 Download PDFInfo
- Publication number
- CN111797407B CN111797407B CN202010935454.3A CN202010935454A CN111797407B CN 111797407 B CN111797407 B CN 111797407B CN 202010935454 A CN202010935454 A CN 202010935454A CN 111797407 B CN111797407 B CN 111797407B
- Authority
- CN
- China
- Prior art keywords
- xss
- attack
- attack vector
- xss attack
- vector
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06N—COMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N3/00—Computing arrangements based on biological models
- G06N3/02—Neural networks
- G06N3/04—Architecture, e.g. interconnection topology
- G06N3/045—Combinations of networks
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06N—COMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N3/00—Computing arrangements based on biological models
- G06N3/02—Neural networks
- G06N3/08—Learning methods
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- General Physics & Mathematics (AREA)
- Computing Systems (AREA)
- General Health & Medical Sciences (AREA)
- Evolutionary Computation (AREA)
- Molecular Biology (AREA)
- Data Mining & Analysis (AREA)
- Computational Linguistics (AREA)
- Biophysics (AREA)
- Mathematical Physics (AREA)
- Biomedical Technology (AREA)
- Artificial Intelligence (AREA)
- Life Sciences & Earth Sciences (AREA)
- Health & Medical Sciences (AREA)
- Devices For Executing Special Programs (AREA)
- Computer And Data Communications (AREA)
Abstract
Description
Claims (1)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202010935454.3A CN111797407B (zh) | 2020-09-08 | 2020-09-08 | 一种基于深度学习模型优化的xss漏洞检测方法 |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202010935454.3A CN111797407B (zh) | 2020-09-08 | 2020-09-08 | 一种基于深度学习模型优化的xss漏洞检测方法 |
Publications (2)
Publication Number | Publication Date |
---|---|
CN111797407A CN111797407A (zh) | 2020-10-20 |
CN111797407B true CN111797407B (zh) | 2021-05-07 |
Family
ID=72834297
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202010935454.3A Active CN111797407B (zh) | 2020-09-08 | 2020-09-08 | 一种基于深度学习模型优化的xss漏洞检测方法 |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN111797407B (zh) |
Families Citing this family (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112632549B (zh) * | 2021-01-06 | 2022-07-12 | 四川大学 | 一种基于语境分析的Web攻击检测方法 |
CN113596007B (zh) * | 2021-07-22 | 2023-04-14 | 广东电网有限责任公司 | 一种基于深度学习的漏洞攻击检测方法和设备 |
CN113676460B (zh) * | 2021-07-28 | 2022-07-22 | 清华大学 | 一种Web应用漏洞集成扫描方法、系统、电子设备及存储介质 |
CN114297079B (zh) * | 2021-12-30 | 2024-04-02 | 北京工业大学 | 基于时间卷积网络的xss模糊测试用例生成方法 |
CN114567459B (zh) * | 2022-01-29 | 2023-04-14 | 贵州多彩宝互联网服务有限公司 | 一种内网xss平台攻击向量自动生成系统及方法 |
CN114866279B (zh) * | 2022-03-24 | 2023-07-25 | 中国科学院信息工程研究所 | 基于http请求有效负载的漏洞攻击流量检测方法和系统 |
CN117574393B (zh) * | 2024-01-16 | 2024-03-29 | 国网浙江省电力有限公司 | 一种信息终端漏洞挖掘方法、装置、设备及存储介质 |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108491717A (zh) * | 2018-03-28 | 2018-09-04 | 四川长虹电器股份有限公司 | 一种基于机器学习的xss防御系统及其实现方法 |
CN108769081A (zh) * | 2018-07-11 | 2018-11-06 | 中国人民解放军国防科技大学 | 一种检测xss攻击的方法、装置及计算机可读存储介质 |
CN108769079A (zh) * | 2018-07-09 | 2018-11-06 | 四川大学 | 一种基于机器学习的Web入侵检测技术 |
CN109257393A (zh) * | 2018-12-05 | 2019-01-22 | 四川长虹电器股份有限公司 | 基于机器学习的xss攻击防御方法及装置 |
CN109886018A (zh) * | 2019-01-25 | 2019-06-14 | 北京工业大学 | 一种基于遗传算法的存储型xss攻击向量优化方法 |
CN110266675A (zh) * | 2019-06-12 | 2019-09-20 | 成都积微物联集团股份有限公司 | 一种基于深度学习的xss攻击自动化检测方法 |
Family Cites Families (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108830083B (zh) * | 2018-05-24 | 2022-04-12 | 东南大学 | 一种基于输出点语境的xss漏洞检测参数自动生成方法 |
CN109240927B (zh) * | 2018-09-12 | 2021-11-12 | 合肥工业大学 | 基于gde3的多阶段动态多目标测试资源分配方法 |
-
2020
- 2020-09-08 CN CN202010935454.3A patent/CN111797407B/zh active Active
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108491717A (zh) * | 2018-03-28 | 2018-09-04 | 四川长虹电器股份有限公司 | 一种基于机器学习的xss防御系统及其实现方法 |
CN108769079A (zh) * | 2018-07-09 | 2018-11-06 | 四川大学 | 一种基于机器学习的Web入侵检测技术 |
CN108769081A (zh) * | 2018-07-11 | 2018-11-06 | 中国人民解放军国防科技大学 | 一种检测xss攻击的方法、装置及计算机可读存储介质 |
CN109257393A (zh) * | 2018-12-05 | 2019-01-22 | 四川长虹电器股份有限公司 | 基于机器学习的xss攻击防御方法及装置 |
CN109886018A (zh) * | 2019-01-25 | 2019-06-14 | 北京工业大学 | 一种基于遗传算法的存储型xss攻击向量优化方法 |
CN110266675A (zh) * | 2019-06-12 | 2019-09-20 | 成都积微物联集团股份有限公司 | 一种基于深度学习的xss攻击自动化检测方法 |
Non-Patent Citations (2)
Title |
---|
《一种基于攻击向量自动生成的XSS漏洞渗透测试方法》;顾明昌等;《软件导刊》;20160731;第15卷(第7期);第173-177页 * |
《基于机器学习的跨站脚本攻击检测研究》;洪镇宇;《中国优秀硕士学位论文全文数据库_信息科技辑》;20190715(第7期);第48-57页 * |
Also Published As
Publication number | Publication date |
---|---|
CN111797407A (zh) | 2020-10-20 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN111797407B (zh) | 一种基于深度学习模型优化的xss漏洞检测方法 | |
Leotta et al. | ROBULA+: An algorithm for generating robust XPath locators for web testing | |
Nedelkoski et al. | Self-supervised log parsing | |
US10620945B2 (en) | API specification generation | |
Saxena et al. | A symbolic execution framework for javascript | |
CN104881608B (zh) | 一种基于模拟浏览器行为的xss漏洞检测方法 | |
Choudhary et al. | Crosscheck: Combining crawling and differencing to better detect cross-browser incompatibilities in web applications | |
CN111459799B (zh) | 一种基于Github的软件缺陷检测模型建立、检测方法及系统 | |
CN104881607B (zh) | 一种基于模拟浏览器行为的xss漏洞检测系统 | |
Nguyen et al. | Auto-locating and fix-propagating for HTML validation errors to PHP server-side code | |
CN110581864B (zh) | 一种sql注入攻击的检测方法及装置 | |
CN112989348B (zh) | 攻击检测方法、模型训练方法、装置、服务器及存储介质 | |
US11263062B2 (en) | API mashup exploration and recommendation | |
Sacramento et al. | Web application model generation through reverse engineering and UI pattern inferring | |
CN107862039B (zh) | 网页数据获取方法、系统和数据匹配推送方法 | |
Erwig et al. | Explanations for regular expressions | |
Oz et al. | On the use of generative deep learning approaches for generating hidden test scripts | |
CN115269427A (zh) | 针对web注入漏洞的中间语言表示方法及系统 | |
CN111124937B (zh) | 基于插桩函数辅助提高生成测试用例效率的方法及系统 | |
CN110719344B (zh) | 域名获取方法、装置、电子设备及存储介质 | |
Lu et al. | A GAN-based method for generating SQL injection attack samples | |
Poulding et al. | The automated generation of humancomprehensible XML test sets | |
Cui et al. | The generation of XSS attacks developing in the detect detection | |
Khan | LL-XSS: End-to-End Generative Model-based XSS Payload Creation | |
Ge et al. | Design and Implementation of System of the Web Vulnerability Detection Based on Crawler and Natural Language Processing |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
CB02 | Change of applicant information |
Address after: Room 2004, building 2, juhuiyuan, 108 Xuanwu Avenue, Xuanwu District, Nanjing City, Jiangsu Province Applicant after: Jiangsu Kaibo Technology Co.,Ltd. Address before: Room 2004, building 2, juhuiyuan, 108 Xuanwu Avenue, Xuanwu District, Nanjing City, Jiangsu Province Applicant before: Jiangsu Kaibo Technology Co.,Ltd. |
|
CB02 | Change of applicant information | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
TR01 | Transfer of patent right |
Effective date of registration: 20210601 Address after: Room 2004, building 2, juhuiyuan, 108 Xuanwu Avenue, Xuanwu District, Nanjing City, Jiangsu Province Patentee after: Jiangsu Kaibo Technology Co.,Ltd. Patentee after: Nanjing Kaibo Xinda Technology Co.,Ltd. Address before: Room 2004, building 2, juhuiyuan, 108 Xuanwu Avenue, Xuanwu District, Nanjing City, Jiangsu Province Patentee before: Jiangsu Kaibo Technology Co.,Ltd. |
|
TR01 | Transfer of patent right | ||
CP03 | Change of name, title or address |
Address after: Building C18-2, Zidong International Creative Park, No. 2, Zidong Road, Maqun Street, Qixia District, Nanjing, Jiangsu, 210000 Patentee after: Jiangsu Kaibo Technology Co.,Ltd. Patentee after: Nanjing Yuyan Safety Technology Co.,Ltd. Address before: Room 2004, building 2, juhuiyuan, 108 Xuanwu Avenue, Xuanwu District, Nanjing City, Jiangsu Province Patentee before: Jiangsu Kaibo Technology Co.,Ltd. Patentee before: Nanjing Kaibo Xinda Technology Co.,Ltd. |
|
CP03 | Change of name, title or address |