An Enhanced Rule-Based Web Scanner Based on Similarity Score
This paper proposes an enhanced rule-based web scanner in order to get better accuracy in detecting web vulnerabilities than the existing tools, which have relatively high false alarm rate when the web pages are installed in unconventional directory paths. Using the proposed matching method based on similarity score, the proposed scheme can determine whether two pages have the same vulnerabilities or not. With this method, the proposed scheme is able to figure out the target web pages are vulnerable by comparing them to the web pages that are known to have vulnerabilities. We show the proposed scanner reduces 12% false alarm rate compared to the existing well-known scanner through the performance evaluation via various experiments. The proposed scheme is especially helpful in detecting vulnerabilities of the web applications which come from well-known open-source web applications after small customization, which happens frequently in many small-sized companies
- Publisher
- UNIV SUCEAVA
- Issue Date
- 2016
- Language
- English
- Article Type
- Article
- Citation
ADVANCES IN ELECTRICAL AND COMPUTER ENGINEERING, v.16, no.3, pp.9 - 14
- ISSN
- 1582-7445
- Appears in Collection
- CS-Journal Papers(저널논문)
- Files in This Item
- 97491.pdf(1.21 MB)Download
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.