An efficient method of web fingerprint identification

doi:10.7523/j.issn.2095-6134.2016.05.016

›› 2016, Vol. 33 ›› Issue (5): 679-685.DOI: 10.7523/j.issn.2095-6134.2016.05.016

• Research Articles • Previous Articles Next Articles

An efficient method of web fingerprint identification

YAN Shujun^1,3, WANG Wenjie^1,2, ZHANG Yuqing^1,2,3

1 School of Computer and Control Engineering, University of Chinese Academy of Sciences, Beijing 101408, China;
2 State Key Laboratory of Information Security, Institute of Information Engineering, Chinese Academy of Sciences, Beijing 100093, China;
3 National Computer Network Intrusion Protection Center, University of Chinese Academy of Sciences, Beijing 101408, China

Received:2016-02-19 Revised:2016-04-01 Online:2016-09-15

Abstract

Abstract:

It is very important to accurately acquire information of the web server and deployed application for website security testing. Since the web server's Banner was apt to be modified, we used the black-box testing method to analyze major web servers, and then selected web server's fingerprint which could prevent Banner cheating. Since the web application's keywords were apt to be deleted, we used the source code audit method to analyze major web applications, and then selected web application's fingerprint, which was associated with its function, and built a web fingerprint database. Furthermore, a web fingerprint identifying tool WebEye was designed and implemented. Experimental results show that WebEye faster and more accurately identifies the web server and application than similar tools, and it has good scalablity.

Key words: web server, web application, web fingerprint identification, web fingerprint database

CLC Number:

TP393

YAN Shujun, WANG Wenjie, ZHANG Yuqing. An efficient method of web fingerprint identification[J]. , 2016, 33(5): 679-685.

References

[1] ZoomEye. ZoomEye网络空间搜索引擎[EB/OL].[2016-01-20]. https://www.zoomeye.org/.
[2] Watson D. The evolution of web application attacks[J]. Network Security, 2007(11):7-12.
[3] Goethem T V, Chen P, Nikiforakis N, et al. Large-scale security analysis of the web:challenges and findings[J]. Lecture Notes in Computer Science, 2014, 8564:110-126.
[4] Dukes L S, Yuan X, Akowuah F. A case study on web application security testing with tools and manual testing[C]//Southeastcon, 2013 Proceedings of IEEE. IEEE, 2013:1-6.
[5] Lee D, Rowe J, Ko C, et al. Detecting and defending against Web-server fingerprinting[C]//Proceedings of Computer Security Applications Conference, 2002. 18th Annual. IEEE, 2002:321-330.
[6] Karthik R, Kamath S. W3-Scrape-A windows based reconnaissance tool for web application fingerprinting[R]. arXiv:1306.6839.
[7] Fielding R, Gettys J, Mogul J, et al. Hypertext transfer protocol-HTTP/1.1[EB/OL]. (1999)[2016-01-20]. http://www.rfc-base.org/txt/rfc-2616.txt.
[8] Yang K, Hu L, Zhang N, et al. Improving the Defence against Web Server Fingerprinting by Eliminating Compliance Variation[C]//Proceedings of the 2010 Fifth International Conference on Frontier of Computer Science and Technology. IEEE Computer Society, 2010:227-232.
[9] Huang Z, Xia C, Sun B, et al. Analyzing and summarizing the web server detection technology based on HTTP[C]//Software Engineering and Service Science (ICSESS), 20156th IEEE International Conference on. IEEE, 2015:1042-1045.
[10] Book T, Witick M, Wallach D S. Automated generation of web server fingerprints[R]. arXiv:1305.0245.
[11] Muller A, Meucci M, Keary E, et al. OWASP testing guide 4.0[EB/OL].(2014)[2016-01-20]. https://www.owasp.org/images/1/19/OTGv4.pdf.
[12] Thomas P. BlindElephant:Web application fingerprinter & vulnerability inferencing[EB/OL]. (2010-07-28)[2016-01-20]. https://media.blackhat.com/bh-us-10/presentations/Thomas/BlackHat-USA-2010-Thomas-BlindElephant-WebApp-Fingerprinting-slides.pdf.
[13] Kozina M, Golub M, Groš S. A method for identifying Web applications[J]. International Journal of Information Security, 2009, 8(6):455-467.
[14] netcraft. Web server survey[EB/OL]. (2015-08-30)[2016-01-20]. http://news.netcraft.com/archives/2015/08/13/august-2015-Web-server-survey.html.
[15] 开源中国社区. 建站系统开源软件[EB/OL].[2016-01-20]. http://www.oschina.net/project/tag/256/web-system.
[16] Net-square. Httprint signatures file[EB/OL].[2016-01-20]. http://www.net-square.com/signature.txt.

An efficient method of web fingerprint identification

PDF (PC)

Knowledge

Abstract

Cite this article

share this article

References

Related Articles 1

Recommended Articles

Metrics

Comments