網頁弱點最佳化補強 / Patching web application vulnerabilities with optimal word correction algorithm

薛慶源, Shueh, Ching Yuan

Unknown Date

在這篇論文中我們利用程式碼補強達到使有害的攻擊字串用最小的編輯成本去修正成無害的一般字串,主要分為兩個階段,第一階段,我們利用一個安全性分析工具Stranger來分析使用者的PHP原始碼,藉此找到可能被程式碼注入的攻擊點,並產生基於確定有限狀態自動機基礎的安全特徵,這個安全特徵包含了所有可被接受的無害字串可以當作攻擊過濾器使用,第二階段,我們採取基於文字與自動機之間最短編輯距離的演算法來以最少成本修正攻擊字串,有害的攻擊字串會被一個最少變動的無害字串所取代,我們結合所提出的方法來測試一些網頁跟回報實驗結果 / The security problems of web application are always questioned and concerned by users because that can cause huge loss of nancial and privacy. We want to provide a online service that is open to public users, who can access and upload their codes to check for potential vulnerabilities. Moreover, if there exist vulnerabilities and may be cause damages, it will guide users how they can edit their codes through a easy way step by step. In this paper, we propose an optimal word correction approach for patching string related vulnerabilities in web applications. To be brief, we synthesize patches that sanitize malicious inputs to normal ones with the shortest edit distance. The analysis consists of two phases: First, we use automata based static string analysis techniques called Stranger to detect vulnerabilities in web applications, and generate sanitization signatures that accept un-malicious inputs as an input lter that ensures the vulnerabilities are not exploited with respect to given attack patterns. Second, we adopt the shortest edit-distance algorithms between words and automata to nd a minimum way on the cost of edit distance to patch malicious inputs. A malicious input (not accepted by the sanitization signature) is replaced with an unmalicious string and has the minimum change of character from the original input. We integrate the presented approach with Stranger and report the result of experiments on various web applications.

網路安全

弱點補強

文字修正

文字分析

Web Security

Patch Synthesis

Word Correction

Word Analysis