Research On Darknet Vulnerability Based On Web Fingerprinting

With the development of the Internet,the Internet has been integrated into every aspect of life,and people’s demand for privacy and anonymity is also growing.Some anonymous networks have emerged,such as the dark web based on Tor network.However,due to the anonymity of Tor network,many illegal and criminal activities have appeared on the dark Web.It’s hard to track down who runs the dark Web and who uses it.In order to better trace the source of the dark Web,this paper proposes the research of dark Web vulnerability based on Web fingerprint identification.By using Web fingerprint identification to identify the Web software name and software version information of dark sites,and then using these information to match the constructed software vulnerability information,so as to locate the vulnerability information of the dark Web.Thus the implementation of penetration and other work to trace the source.To this end,the main research work of this paper is as follows:(1)Web fingerprint information collection based on fuzzing test:In view of the continuous upgrading and optimization of fingerprint information hiding technology for Web software,in order to collect more robust fingerprint feature information,this paper uses the method of fuzzy testing to obtain the Web fingerprint,and constructs 15 special requests to obtain the Web service fingerprint,which has more advantages than a single Web request.(2)Research on Dark Web fingerprint information recognition:In order to be able to identify the darknet Web fingerprint information more accurately,this paper uses the machine learning method for Web fingerprint identification.Firstly,LDA.algorithm is used to better train and fit the fingerprint feature dimension,and then SVM,KNN,logistic regression,decision tree,random forest and AdaBoost models are compared for Web fingerprint identification effect.The best model is selected.(3)Research on the consistency of software vulnerability information:Aiming at the inconsistency in software vulnerability information,this paper uses the method of named entity recognition and relation extraction.The software name and version entities in the information can be accurately extracted through named entity recognition,and then the relationship extraction method is used to identify the relationship between the entities.(4)Construction of dark Web vulnerability detection system based on Web fingerprinting:In order to provide an integrated darknet vulnerability detection system,this paper combined the research of Web fingerprinting and software vulnerability consistency.Firstly,the software information used by the darknet was identified based on Web fingerprinting,and then the vulnerability information was obtained by matching with the structured vulnerabilities constructed.The experimental results of this paper show that the accuracy of Web fingerprinting based on AdaBoost algorithm is 96.1%,and the consistency accuracy of vulnerability based on NLP is 96.4%.Therefore,the method proposed in this paper has good recognition accuracy and practicality.