发明名称 |
Determination and classification of defense measures in web applications |
摘要 |
Techniques for determining classifications of defense measures as described herein. Security tokens are identified to be used to test defense measures of a web application. Combinations of security tokens are determined, wherein the combinations of security tokens are related to classifications of the defense measures. A combination is executed at an input point of the web application. Based on the output of the web application received in response to the executed combination, a classification for a defense measure of the web application is determined. |
申请公布号 |
US9231938(B2) |
申请公布日期 |
2016.01.05 |
申请号 |
US201414155861 |
申请日期 |
2014.01.15 |
申请人 |
International Business Machines Corporation |
发明人 |
Landa Alexander;Tripp Omer |
分类号 |
H04L29/06 |
主分类号 |
H04L29/06 |
代理机构 |
Cantor Colburn LLP |
代理人 |
Cantor Colburn LLP ;Choi Edward |
主权项 |
1. A computing device, comprising:
a storage device; and a processor, the storage device having instructions that when executed by the processor, cause the computing device to: identify security tokens to be used to test defense measures of a web application; determine combinations of the security tokens that are related to classifications of the defense measures; execute one of the combinations of the security tokens at an input point of the web application; determine a classification for a defense measure of the web application based on an output of the web application in response to the executed one of the combinations; and widening the classification determination to account for a measure of error. |
地址 |
Armonk NY US |