摘要
采用网络协议爬虫方法对Web网页跨站脚本的动态污点Bug进行检测和数据补齐,根本上保证Web安全。传统方法采用主成分分析和驱动爬虫方法进行Bug数据补齐,当用户提交的数据没有经过严格的过滤和验证的时,Bug漏洞不能得到有效检测。提出一种基于向量空间动态污点传播模型的Web协议爬虫算法,实现对动态污点Bug检测与数据补齐,构建向量空间模型,计算Bug数据和漏洞检测中的模糊关系的隶属度,提取动态污点Bug数据模态特征进行网络爬虫,优化对动态污点数据的检测性能。仿真实验结果表明,该算法能提高数据补齐的准确性,聚类性好,收敛性提高,保证了系统安全防御的实时性,在Web程序安全设计中应用前景广阔。
The network protocols of Web crawler method is taken for Webpage cross site scripting and dynamic taint Bug de-tection, the data filling is researched, it can guarantee Web security. The traditional method uses principal component anal-ysis and driving crawler method for Bug data filling, when the user submits the data without filtering and verification, Bug vulnerabilities cannot be detected effectively. A website crawler Web protocol algorithm based on vector space dynamic taint propagation model is proposed for Bug filling, the vector space model is constructed, calculating the membership de-gree of fuzzy relation between Bug data and leak detection in the extraction of Bug data, dynamic taint mode characteristics of the web crawler is obtained, optimal detection performance for dynamic taint data is completed. The simulation results show that, the algorithm can improve the accuracy of Bug data filling, clustering performance is good, the convergence is im-proved, it can ensure the real-time security of system, it has broad application prospect.
出处
《科技通报》
北大核心
2014年第10期205-207,共3页
Bulletin of Science and Technology
