Processing

Please wait...

Settings

Settings

Goto Application

1. WO2018016669 - METHOD AND APPARATUS FOR GENERATING ATTACK STRING

Publication Number WO/2018/016669
Publication Date 25.01.2018
International Application No. PCT/KR2016/008263
International Filing Date 28.07.2016
IPC
H04L 29/06 2006.01
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
29Arrangements, apparatus, circuits or systems, not covered by a single one of groups H04L1/-H04L27/136
02Communication control; Communication processing
06characterised by a protocol
H04L 29/08 2006.01
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
29Arrangements, apparatus, circuits or systems, not covered by a single one of groups H04L1/-H04L27/136
02Communication control; Communication processing
06characterised by a protocol
08Transmission control procedure, e.g. data link level control procedure
CPC
G06F 21/562
GPHYSICS
06COMPUTING; CALCULATING; COUNTING
FELECTRIC DIGITAL DATA PROCESSING
21Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
55Detecting local intrusion or implementing counter-measures
56Computer malware detection or handling, e.g. anti-virus arrangements
562Static detection
G06F 21/60
GPHYSICS
06COMPUTING; CALCULATING; COUNTING
FELECTRIC DIGITAL DATA PROCESSING
21Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
60Protecting data
H04L 63/1416
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
63Network architectures or network communication protocols for network security
14for detecting or protecting against malicious traffic
1408by monitoring network traffic
1416Event detection, e.g. attack signature detection
H04L 63/1433
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
63Network architectures or network communication protocols for network security
14for detecting or protecting against malicious traffic
1433Vulnerability analysis
H04L 63/145
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
63Network architectures or network communication protocols for network security
14for detecting or protecting against malicious traffic
1441Countermeasures against malicious traffic
145the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
H04L 63/1458
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
63Network architectures or network communication protocols for network security
14for detecting or protecting against malicious traffic
1441Countermeasures against malicious traffic
1458Denial of Service
Applicants
  • 주식회사 스패로우 SPARROW CO., LTD [KR]/[KR]
Inventors
  • 진민식 JIN, Min Sik
  • 윤종원 YOON, Jong Won
  • 임종환 IM, Jong Hwan
Agents
  • 특허법인 이상 E-SANG PATENT & TRADEMARK LAW FIRM
Priority Data
10-2016-009124219.07.2016KR
Publication Language Korean (KO)
Filing Language Korean (KO)
Designated States
Title
(EN) METHOD AND APPARATUS FOR GENERATING ATTACK STRING
(FR) PROCÉDÉ ET APPAREIL DE GÉNÉRATION DE CHAÎNE D'ATTAQUE
(KO) 공격 문자열 생성 방법 및 장치
Abstract
(EN)
Disclosed is an operation method for a dynamic analyzer for analyzing an execution state of a web application. The present invention comprises the steps of: analyzing an execution state of the web application on the basis of a final attack string including a parameter which indicates a particular operation to be executed through the web application; and performing an analysis of the execution state of the web application, wherein the final attack string is generated so as to avoid filtering logic which is designed to filter a raw attack string including a predefined parameter. Therefore, the present invention can detect a security vulnerability, which cannot be detected by the existing dynamic analyzer, through easy generation of a final attack string capable of bypassing filtering.
(FR)
La présente invention concerne un procédé de fonctionnement d'un analyseur dynamique destiné à analyser un état d'exécution d'une application Web. La présente invention comprend les étapes consistant à : analyser un état d'exécution de l'application Web sur la base d'une chaîne d'attaque finale comprenant un paramètre qui indique une opération particulière devant être exécutée par l'intermédiaire de l'application Web; et procéder à une analyse de l'état d'exécution de l'application Web. La chaîne d'attaque finale est générée de façon à éviter une logique de filtrage qui est conçue pour filtrer une chaîne d'attaque brute comprenant un paramètre prédéfini. La présente invention peut donc détecter une vulnérabilité de sécurité indétectable avec l'analyseur dynamique actuel en générant facilement une chaîne d'attaque finale susceptible de contourner un filtrage.
(KO)
웹 애플리케이션의 실행 상태를 분석하는 동적 분석기의 동작 방법이 개시된다. 상기 웹 애플리케이션을 통해 실행될 특정 동작을 지시하는 파라미터를 포함하는 최종 공격 문자열에 기초한 상기 웹 애플리케이션의 실행 상태를 분석하는 단계; 및 웹 애플리케이션의 실행 상태에 대한 분석하는 단계를 포함하며, 상기 최종 공격 문자열은 미리 정의된 파라미터를 포함하는 원시 공격 문자열을 필터링하도록 설계된 필터링 로직을 회피하도록 생성된다. 따라서 간단한 필터링을 우회할 수 있는 최종 공격 문자열 생성을 통해 기존 동적 분석기에서 검출하지 못하던 보안 취약점을 검출할 수 있다.
Latest bibliographic data on file with the International Bureau