Design And Implementation Of Logical Vulnerability Scanner Based On DAST Technology

With the popularity of mobile applications,more and more application providers choose to provide data to applications as back-end services in the form of interfaces.The back-end interfaces become richer and the business logic becomes more complex.According to different business scenarios,the back-end interface can return a large amount of personal information or business sensitive information.Therefore,the security problems caused by the back-end interface service have to be paid attention by the application providers.The traditional security solution is to conduct security inspection and penetration test on the interface containing business logic through a security vulnerability scanner or manually.Conducting security reinforcement on the interface according to the security results is also a common way.However,the existing scanner based solutions generally have the following problems:(1)At present,the data packet comparison algorithm for the logical vulnerability detection results causes a high false alarm rate and a high false alarm rate.(2)Existing scanners cannot personalize the scanning parameters to specifically identify sensitive data and business logic,which will lead to a high false alarm rate of the scanners.(3)Compared with the vulnerabilities that can be concluded through the fixed security test case POC(proof of concept),The scanner that uses the fixed security test case for detection and scanning cannot perform the pre-operation,which causes high false alarm rate of the scanner.Based on the above problems in the actual scanning of logical vulnerabilities,this paper proposes a scheme of logical vulnerability scanner based on DAST(dynamic application security testing)technology.Based on functional requirements,there are three parts in this scanner: information crawling and cleaning module,task schedule module,and vulnerabilities scanning module.The target of information crawling and cleaning module is to crawling the target url and remove duplicates,which can avoid the high false positive rate and false negative rate due to the login operation.The task schedule module schedules and plans the following tasks basing on the tasks load in the queue and priority,which can meet the stable requirements and the task scanning plan.The vulnerabilities scanning module can customize options and business related sensitive information,which can solve the high negative rate.In the meanwhile,this module combines TF-IDF algorithm,Adler-32 algorithm and Hamming algorithm for nonkeyword process,which can solve the problem of high false alarm rate and false alarm rate.Finally,this paper evaluates the scanner based on the algorithm.The highest accuracy detection can reach 98%.Compared with the scanners implemented by other algorithms,the accurate detection rate of the scanners based on this algorithm is 89.6% and 85.3% in GET and POST method,both of which are the highest.In terms of functional testing,the scanner based on the algorithm implemented in this paper runs stably in the test,and it has been proved that it can meet the daily logic vulnerability scanning needs of enterprises.