RASP based Web security detection method

Hang YU; Shuai WANG; Huamin JIN

Dianxin kexue (Nov 2020)

RASP based Web security detection method

Hang YU,
Shuai WANG,
Huamin JIN

Affiliations

Hang YU
Shuai WANG
Huamin JIN

Journal volume & issue: Vol. 36
pp. 113 – 120

Abstract

Read online

At present,the traditional Web security detection methods act on the input and output of the program,which can not prevent malicious code entering the program after being distorted and confused,and it is difficult to meet the new requirements of Web application security protection.Based on the in-depth analysis of the risk of traditional data flow monitoring methods,combined with the technical characteristics of rasp,a Web security detection method based on rasp was proposed.The rasp probe was embedded in the parameters of authority discrimination function,system command execution function and database operation function in Web application,and the change of data flow was detected in real-time at the code interpreter level.This method was implemented based on Java language.It was proved in the laboratory that this method is better than the traditional Web security detection method in accuracy and detection time.Finally,the deployment and application scenarios of this method were analyzed and proposed.

Published in Dianxin kexue

ISSN: 1000-0801 (Print)
Publisher: Beijing Xintong Media Co., Ltd
Country of publisher: China
LCC subjects: Technology: Electrical engineering. Electronics. Nuclear engineering: Telecommunication
Website: http://www.infocomm-journal.com/dxkx/EN/1000-0801/home.shtml

About the journal

Abstract

Keywords