A Web Second-Order Vulnerabilities Detection Method | Zendy

Miao Liu | Zendy; Bin Wang | Zendy

AI Assistant Blog Pricing

Home ZAIA Blog

Open Access

A Web Second-Order Vulnerabilities Detection Method

Author(s) -

Miao Liu,

Bin Wang

Publication year - 2018

Publication title -

ieee access

Language(s) - English

Resource type - Journals

SCImago Journal Rank - 0.587

H-Index - 127

ISSN - 2169-3536

DOI - 10.1109/access.2018.2881070

Subject(s) - aerospace , bioengineering , communication, networking and broadcast technologies , components, circuits, devices and systems , computing and processing , engineered materials, dielectrics and plasmas , engineering profession , fields, waves and electromagnetics , general topics for engineers , geoscience , nuclear engineering , photonics and electrooptics , power, energy and industry applications , robotics and control systems , signal processing and analysis , transportation

Second-order vulnerabilities are more subtle and more destructive than the first-order vulnerabilities. After researching and analyzing the principles of web penetration testing and second-order attack principles, this paper proposes a method to detect web second-order security vulnerabilities. The method detects web second-order security vulnerabilities through two crawl scans. It crawls the website URL for the first time, sends anchor points, crawls URLs of the storage anchor point for the second time, and detects second-order web security vulnerabilities specifically for these suspicious URLs. The approach greatly reduces the time complexity of detecting second-order web security vulnerabilities and makes up for the lack of methods to detect web security second-order vulnerabilities.

The content you want is available to Zendy users.

Already have an account? Click here to sign in.

Having issues? You can contact us here

Accelerating Research