Title :
A New Architecture of Ajax Web Application Security Crawler with Finite-State Machine
Author :
An Huiyao ; Song Yang ; Yu Tao ; Li Hui ; Zhang Peng ; Zha Jun
Author_Institution :
Sch. of Electron. Eng. & Comput. Sci., Peking Univ., Beijing, China
Abstract :
As Ajax webpage can be built by Javascript function, Ajax makes it possible to send asynchronous requests to the server and handle the response in the background. It is not definite that the current URL reflects the current state of the webpage. The traditional approach of security crawler can not walk through the Ajax web application to collect all the interface information for web security testing. In this page, we will introduce several benefits of Ajax web application and some technical differences about the crawler and propose a new model based on finite-state machine with double filter strategy to make it possible for Ajax web application security test automatically. Additionally, the crawler will be highly compatible with the metaspolit framework.
Keywords :
Internet; Java; finite state machines; security of data; Ajax Web application security crawler; Ajax Webpage; Javascript function; Web security testing; double filter strategy; finite-state machine; metaspolit framework; Crawlers; Educational institutions; Security; Servers; Testing; Uniform resource locators; Web pages; Ajax web application; Double Duplicate Elimination Strategy; crawler of security scanner; finite-state machine;
Conference_Titel :
Cyber-Enabled Distributed Computing and Knowledge Discovery (CyberC), 2014 International Conference on
Conference_Location :
Shanghai
Print_ISBN :
978-1-4799-6235-8
DOI :
10.1109/CyberC.2014.27
