一种基于预警信息的漏洞自动化快速防护方法  被引量:1

A rapid and automatic vulnerability protection scheme based on warning information

在线阅读下载全文

作  者:徐其望 陈震杭 彭国军[1] 张焕国[1] XU Qiwang;CHEN Zhenhang;PENG Guojun;ZHANG Huanguo(Key laboratory of space information security and trusted computing,ministry of education,wuhan university,School of Cyber Science and Engineering,Wuhan University,Wuhan 430072,China;Nsfocus Information Technology Co.,Ltd.,Beijing 100089,China)

机构地区:[1]武汉大学空天信息安全与可信计算教育部重点实验室,武汉大学国家网络安全学院,中国武汉430072 [2]北京神州绿盟信息安全科技股份有限公司,中国北京100089

出  处:《信息安全学报》2020年第1期74-82,共9页Journal of Cyber Security

基  金:NSFC-通用技术基础研究联合基金(No.U1636107);国家自然科学基金(No.61972297)资助

摘  要:针对当前Web应用防护方法无法有效应对未知漏洞攻击、性能损耗高、响应速度慢的问题,本文从漏洞预警公告中快速提取漏洞影响范围和细节,然后对目标系统存在风险的访问请求与缺陷文件和函数调用关系进行自动化定位,构建正常访问模型,从而形成动态可信验证机制,提出并实现了基于预警信息的漏洞自动化快速防护方法,最后以流行PHPWeb应用的多个高危漏洞对本文方法进行验证测试,结果表明本文方法能够自动化快速成功阻止最新漏洞攻击,平均性能损耗仅为5.31%。Aiming at the problem that current Web application protection schemes can not effectively deal with unknown vulnerability attacks, with high performance loss and slow response speed, this paper extracts the scope and details of vulnerabilities from vulnerability warning announcements, and then automatically locates the relationship between access requests and defective files and function calls that exist risks in the target system, and constructs a normal access model, thus forming dynamic trusted authentication mechanism, proposed and implemented a rapid vulnerability automation protection scheme based on warning information. Finally, several high-risk vulnerabilities of popular PHP Web applications were tested to verify the scheme. The results show that the scheme can automatically and successfully prevent the latest vulnerability attacks, with an average performance loss of only 5.31%.

关 键 词:漏洞预警 漏洞防护 动态可信 调用分析 WEB安全 

分 类 号:TP393.0[自动化与计算机技术—计算机应用技术]

 

参考文献:

正在载入数据...

 

二级参考文献:

正在载入数据...

 

耦合文献:

正在载入数据...

 

引证文献:

正在载入数据...

 

二级引证文献:

正在载入数据...

 

同被引文献:

正在载入数据...

 

相关期刊文献:

正在载入数据...

相关的主题
相关的作者对象
相关的机构对象