张帆, 王振宇, 王红梅, 万月亮, 宁焕生, 李莎. 基于主动探测的Web容器探测识别方法[J]. 工程科学学报, 2024, 46(8): 1446-1457. DOI: 10.13374/j.issn2095-9389.2023.12.15.001
引用本文: 张帆, 王振宇, 王红梅, 万月亮, 宁焕生, 李莎. 基于主动探测的Web容器探测识别方法[J]. 工程科学学报, 2024, 46(8): 1446-1457. DOI: 10.13374/j.issn2095-9389.2023.12.15.001
ZHANG Fan, WANG Zhenyu, WANG Hongmei, WAN Yueliang, NING Huansheng, LI Sha. Web container detection method based on active probing[J]. Chinese Journal of Engineering, 2024, 46(8): 1446-1457. DOI: 10.13374/j.issn2095-9389.2023.12.15.001
Citation: ZHANG Fan, WANG Zhenyu, WANG Hongmei, WAN Yueliang, NING Huansheng, LI Sha. Web container detection method based on active probing[J]. Chinese Journal of Engineering, 2024, 46(8): 1446-1457. DOI: 10.13374/j.issn2095-9389.2023.12.15.001

基于主动探测的Web容器探测识别方法

Web container detection method based on active probing

  • 摘要: 随着工业互联网的飞速发展,各类Web容器的广泛使用呈现不断增长的趋势,然而,这也使得Web容器资产管理的问题变得更加复杂. 随之而来的是诸多网络安全风险和潜在隐患,对于这些挑战,提升网络安全防御水平显得尤为迫切. 为了解决这一问题,本文引入了一种新的基于主动探测的Web容器探测识别方法. 在探测阶段,采用了一种先进的Web容器探针构建方法,通过此方法构建了Web容器探针. 这个探针在识别阶段发挥关键作用,借助一种基于负载内容的Web容器识别方法,通过协议解码技术,实现了对Web容器的高度准确的识别. 通过结合这两种先进的识别方法,成功识别了4种不同类型的Web容器,并且提升了精度,能够精确地区分这些Web容器的各个版本,总计实现了10个版本的准确识别. 通过这种先进的主动探测方法,企业可以更好地了解和管理其Web容器资产,降低网络安全风险,并确保网络系统的稳定性和安全性.

     

    Abstract: As the Industrial Internet of Things rapidly evolves, enterprises are increasingly using a wide variety of web containers. However, this growing usage also magnifies the complexities associated with managing these assets, leading to a rise in network security risks and vulnerabilities. This trend not only highlights a shift in industrial practices but also underscores the urgent need for proactive measures to strengthen network security. In response to this complex challenge, this paper presents a cutting-edge approach for detecting and identifying web containers through proactive probing. During the detection phase, we meticulously construct web container probes, laying the groundwork for their central role in the identification process. During this stage, the probe leverages a payload-based identification method for web containers, achieving an exceptional level of accuracy by implementing advanced protocol decoding techniques. The integration of these innovative techniques not only enhances the precision of web container identification but also demonstrates our commitment to providing a comprehensive solution to the challenges posed by web container management. This pioneering methodology reflects the ongoing evolution of detection strategies and our dedication to pushing technological boundaries for an improved understanding of web containers. By seamlessly integrating these two advanced identification methods, we have successfully identified four different types of web containers. Importantly, we have made significant progress in precision and accurately differentiating between various versions of these web containers, with a total of ten versions correctly identified. This groundbreaking method is not only crucial for addressing the current complexities in web container asset management but also provides enterprises with a more effective means of network security defense. Through the use of this advanced proactive probing method, enterprises can better understand and manage their web container assets, reducing network security risks and ensuring system stability and security. Our contribution plays a pivotal role in the ongoing development of the Industrial Internet of Things and lays a strong foundation for future research and applications in network security. The innovative approach presented here serves as a catalyst for the positive advancement of the current Industrial Internet of Things landscape and lays a solid groundwork for future exploration and application in network security.

     

/

返回文章
返回