Theory And Technology Of Web Vulnerability Detection Based On Symbol Execution

With the development and progress of Internet technology,the number of web application vulnerabilities is constantly increasing.The use of a single vulnerability has limited attack effects and destructive power on the target network,while the combination of multiple vulnerabilities can result in a large attack scope and significant effects,and even cause some unforeseen security issues,resulting in serious property losses.Therefore,detecting combined vulnerabilities can promptly discover security risks in computer networks,improve the vulnerability of network information systems,prevent hacker attacks,and reduce economic losses caused by vulnerabilities to enterprises.This article studies the key technologies in web vulnerability detection.It analyzes in detail the causes,attack paths,and protective measures of several web vulnerabilities,and proposes a web vulnerability detection method based on symbolic execution.This method traces back the vulnerability attack chain based on symbolic execution,and finds the correlation between vulnerabilities through the connections between the attack chains.The detection of combined vulnerabilities is achieved through plugin combination testing.The vulnerability detection technology based on symbolic execution first crawls the vulnerability information from security websites on the entire network,traces the vulnerability attack details from the vulnerability exploitation scripts based on symbolic execution,restores the vulnerability attack chain,and constructs the combined vulnerability attack chain.Then,based on the dominance relationship between the attack nodes of the vulnerabilities,the method uses the combined vulnerability attack chain to combine and call the vulnerability detection plugins to finally complete the detection of combined vulnerabilities in the target network.Functional testing and performance comparison experiments were conducted on the symbolically executed-based web vulnerability detection technology.The results showed that the proposed detection technique can detect combined web application vulnerabilities.Compared with other vulnerability detection tools,it not only expands the types and scope of detection,but also effectively improves the recall rate and accuracy of vulnerability detection.It also supports custom plug-ins to enhance vulnerability detection capabilities.