漏洞掃描自動化與利用開發者社群診斷建議之測試報告加值技術

Yu-Chien Lin; 林宇謙

請用此 Handle URI 來引用此文件： http://tdr.lib.ntu.edu.tw/jspui/handle/123456789/8336

完整後設資料紀錄

DC 欄位	值	語言
dc.contributor.advisor	王凡(Farn Wang)
dc.contributor.author	Yu-Chien Lin	en
dc.contributor.author	林宇謙	zh_TW
dc.date.accessioned	2021-05-20T00:52:18Z	-
dc.date.available	2020-08-21
dc.date.available	2021-05-20T00:52:18Z	-
dc.date.copyright	2020-08-21
dc.date.issued	2020
dc.date.submitted	2020-08-11
dc.identifier.citation	Y. Makino, V. Klyuev, “Evaluation of Web Vulnerability Scanners,” 2015 IEEE 8th International Conference on Intelligent Data Acquisition and Advanced Computing Systems: Technology and Applications (IDAACS), Warsaw, Poland, Sept. 2015, pp. 399-400 M. Zhao, J. Grossklags, P. Liu, “An Empirical Study of Web Vulnerability Discovery Ecosystems,” the 22nd ACM SIGSAC Conference on Computer and Communications Security, Denver, Colorado, USA, October. 2015, pp. 1106-1108 R. Böhme. “A comparison of market approaches to software vulnerability disclosure,” 2006 International Conference on Emerging Trends in Information and Communication Security, Berlin, Germany, pp. 298-311 S. Small, J. Mason, F. Monrose, N. Provos, A. Stubblefield, “To Catch a Predator: A Natural Language Approach for Eliciting Malicious Payloads,” 2008 USENIX Security Symposium , San Jose, CA, U.S.A., Dec. 2008 M. Shahzad, M. Z. Shafiq, A. X. Liu, “A large scale exploratory analysis of software vulnerability life cycles,” the 34th International Conference on Software Engineering, East Lansing, MI, U.S.A., June 2012, pp. 771-781 G. Vache, “Vulnerability analysis for a quantitative security evaluation,” the 3rd International Symposium on Empirical Software Engineering and Measurement, Lake Buena Vista, FL, U.S.A., November 2009 R. Zunino, R. Surlinelli, F. Sangiacomo, “An analyst-adaptive approach to focused crawlers,” 2013 IEEE/ACM International Conference on Advances in Social Networks Analysis and Mining, Niagara, Ontario, Canada, August 2013, pp. 1073–1077 T. Lauinger, K. Onarlioglu, A. Chaabane, “WHOIS Lost in Translation: (Mis)Understanding Domain Name Expiration and Re-Registration,” 2016 Internet Measurement Conference, Santa Monica, CA, U.S.A., November 2016, pp. 247-253 K. C. Wang, “Automated Testing for iOS Applications and Cross-Platform Integration,” Master Thesis, Electrical Engineering, National Taiwan University, 2020
dc.identifier.uri	http://tdr.lib.ntu.edu.tw/jspui/handle/123456789/8336	-
dc.description.abstract	現代網站技術多元,網頁前端與後端伺服器、資料庫都會針對使用者需求設計與部屬對應服務,而網站應用程式對外提供的服務任何人都存取,因此攻擊事件層出不窮且逐年攀升,甚至有像是 Shodan 等搜尋引擎專門探索與揭露世界各地的網路設備,這些防護能力不足的網站,往往是駭客攻擊的主要對象。然而並非所有開發商都有足夠能力與資本來完善其產品在資安方面的需求, 產生漏洞並被駭客利用,達成惡意癱瘓、竊取個人資料等目的,造成企業與使用者的損失。本篇論文開發的一套自動化測試程序,在網站開發後期階段進行滲透測試,對受測的 IP 位址進行資料蒐集,取得開啟的端口運作狀況,並從資料庫中比對其服務與作業系統版本及類型是否存在已知弱點,評估與歸納漏洞並結合量化的指標、開發者社群建議,產生一份報告供開發者作為改善服務品質的依據。我們在自行建立的實驗環境中對多個目標進行測試,並用自動化程式以及安全漏洞資料庫,對受測服務進行全面掃描後自動上傳至追蹤系統,幫助開發者發掘並管理可能的安全漏洞。	zh_TW
dc.description.abstract	We are using web application every day. The services of application are designed and deployed as a web application based on a different purpose. These websites are available to everyone in the world and attract a lot of cyberattacks if the developer didn't protect their web application properly. However, some developers do not have enough knowledge and funds to meet the requirements of cybersecurity. A vulnerable web service reveals sensitive information to hackers for illegal behaviors such as stealing user information and destroy a specified target. In this thesis, we focus on penetration testing on the deployment stage of web development. Initially, we collect information from the target's IP or hostname list the activate ports. Use the information to leverage the advanced detection and analysis based on the services. Furthermore, we try to extract from the vulnerability database which includes known vulnerabilities in the past years. It will finally be evaluated and summarize as a test report with ecosystem suggestions. To provide a guideline that web developers can follow up. We propose a non-intrusive method to scan the targets and extract risk information from the vulnerability database to help users improve their products. The method reduces the disruptive impact and reveals the possible vulnerabilities without causing instability of services. We have tested on many websites as targets with the automatic process, scanning tools, and vulnerability database to discover any potential risks. The experiments have been proved that can help the developer to improve the security of their products.	en
dc.description.provenance	Made available in DSpace on 2021-05-20T00:52:18Z (GMT). No. of bitstreams: 1 U0001-0308202015473900.pdf: 2842320 bytes, checksum: f0e9cea79734aaded078df81e9cb825b (MD5) Previous issue date: 2020	en
dc.description.tableofcontents	誌謝 i 中文摘要 ii ABSTRACT iii CONTENTS iv LIST OF FIGURES vii LIST OF TABLES viii Chapter 1 Introduction 1 Chapter 2 Preliminaries 6 2.1 Penetration Test Fundamentals6 2.2 Kali Linux7 2.3 Information Gathering 8 2.3.1 WHOIS 9 2.4 Nmap 10 2.4.1 Nmap Scanning techniques 11 2.4.2 Scan Performance 13 2.4.3 Nmap Scan Phases 14 2.4.4 TCP/IP Scanning 15 2.4.5 Nmap Script Engine 16 2.5 Vulnerability Database 17 2.6 Metasploitable 19 2.6.1 Active Services 20 2.7 Developer Ecosystem 21 2.8 Test as a Dragon (TaaD) 22 2.8.1 Platform Modules 25 2.8.2 Automata 25 2.8.3 Test Algorithms Module 25 2.8.4 Issue Tracker 26 Chapter 3 Related Work 28 Chapter 4 Vulnerability Module 30 4.1 Instruction Driver 30 4.2 Information Parser 31 4.3 Issue Tracking System Interface 32 Chapter 5 Testing Algorithms and Procedures 35 5.1 Information Gathering 35 5.2 Server Status Detection 36 5.3 Vulnerability Test Algorithms 37 5.4 Vulnerability Issue Tracker 40 Chapter 6 Experiment 43 6.1 Environment 43 6.1.1 Kali Linux 43 6.1.2 Bitnami Redmine 43 6.2 Results of RQ1 44 6.2.1 Answer to RQ1 45 6.3 Results of RQ2 46 6.3.1 Answer to RQ2 46 6.4 Results of RQ3 47 6.4.1 Answer to RQ3 49 Chapter 7 Conclusion 51 REFERENCE 52
dc.language.iso	en
dc.title	漏洞掃描自動化與利用開發者社群診斷建議之測試報告加值技術	zh_TW
dc.title	Automated Vulnerability Scanning and Test Report Added-Value Technology based on Developer Ecosystem Diagnosis Suggestions	en
dc.type	Thesis
dc.date.schoolyear	108-2
dc.description.degree	碩士
dc.contributor.oralexamcommittee	李宏毅(Hung-Yi Lee),張純明(Chwen-Ming Chang),戴顯權(Shen-Chuan Tai),王帛霞(Po-Hsia Wang),雷欽隆(Chin-Laung Lei)
dc.subject.keyword	網頁測試,弱點掃描,滲透測試,軟體測試,非侵入式測試,	zh_TW
dc.subject.keyword	Web testing,Vulnerability scanning,Penetration testing,Software testing,Non-intrusive testing,	en
dc.relation.page	53
dc.identifier.doi	10.6342/NTU202002284
dc.rights.note	同意授權(全球公開)
dc.date.accepted	2020-08-12
dc.contributor.author-college	電機資訊學院	zh_TW
dc.contributor.author-dept	電機工程學研究所	zh_TW
顯示於系所單位：	電機工程學系

文件中的檔案：

檔案	大小	格式
U0001-0308202015473900.pdf	2.78 MB	Adobe PDF	檢視/開啟

顯示文件簡單紀錄

系統中的文件，除了特別指名其著作權條款之外，均受到著作權保護，並且保留所有的權利。