Detecting Vulnerabilities in Web Applications by Clustering Web Pages (CROSBI ID 540078)
Prilog sa skupa u zborniku | izvorni znanstveni rad | međunarodna recenzija
Podaci o odgovornosti
Suhina, Vanja ; Groš, Stjepan ; Kalafatić, Zoran
engleski
Detecting Vulnerabilities in Web Applications by Clustering Web Pages
In this paper, we propose a new approach to detecting vulnerabilities in Web applications. Majority of current Web application vulnerability scanners rely on detecting vulnerabilities by detecting common error messages or input vectors used in testing. The method we propose in this paper is based on detecting unusual behavior of a Web application. Differences between pages are analyzed by examining page structure, i.e. HTML elements. Variations from standard page structure could indicate raised errors in the Web application and could indicate a vulnerability. Issues that arise in building such a tool will be described here.
data mining; fuzzing; security; unsupervised learning; vulnerability
nije evidentirano
nije evidentirano
nije evidentirano
nije evidentirano
nije evidentirano
nije evidentirano
Podaci o prilogu
75-78.
2008.
objavljeno
Podaci o matičnoj publikaciji
Čišić, Dragan ; Hutinski, Željko ; Baranović, Mirtas ; Mauher, Mladen ; Dragšić, Veljko
Rijeka: Hrvatska udruga za informacijsku i komunikacijsku tehnologiju, elektroniku i mikroelektroniku - MIPRO
978-953-233-040-3
Podaci o skupu
31st International Convention MIPRO 2008
predavanje
01.01.2008-01.01.2008
Opatija, Hrvatska