An Enhanced Rule-Based Web Scanner Based on Similarity Score

This paper proposes an enhanced rule-based web scanner in order to get better accuracy in detecting web vulnerabilities than the existing tools, which have relatively high false alarm rate when the web pages are installed in unconventional directory paths. Using the proposed matching method based on similarity score, the proposed scheme can determine whether two pages have the same vulnerabilities or not. With this method, the proposed scheme is able to figure out the target web pages are vulnerable by comparing them to the web pages that are known to have vulnerabilities. We show the proposed scanner reduces 12% false alarm rate compared to the existing well-known scanner through the performance evaluation via various experiments. The proposed scheme is especially helpful in detecting vulnerabilities of the web applications which come from well-known open-source web applications after small customization, which happens frequently in many small-sized companies
Publisher
UNIV SUCEAVA
Issue Date
2016
Language
English
Citation

ADVANCES IN ELECTRICAL AND COMPUTER ENGINEERING, v.16, no.3, pp.9 - 14

ISSN
1582-7445
DOI
10.4316/AECE.2016.03002
URI
http://hdl.handle.net/10203/213947
Appears in Collection
CS-Journal Papers(저널논문)
Files in This Item
97491.pdf(1.21 MB)Download
  • Hit : 202
  • Download : 249
  • Cited 0 times in thomson ci
This item is cited by other documents in WoS
⊙ Detail Information in WoSⓡClick to seewebofscience_button

qr_code

  • mendeley

    citeulike


rss_1.0 rss_2.0 atom_1.0