DYNAMICALLY SCANNING A WEB APPLICATION THROUGH USE OF WEB TRAFFIC INFORMATION

US 20130191920A1
Filed: 01/24/2012
Published: 07/25/2013
Est. Priority Date: 01/24/2012
Status: Active Grant

First Claim

Patent Images

1-9. -9. (canceled)

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Collecting log file data from at least one log file. From the collected log file data, at least one HTTP request can be generated to exercise a web application to perform a security analysis of the web application. The HTTP request can be communicated to the web application. At least one HTTP response to the HTTP request can be received. The HTTP response can be analyzed to perform validation of the web application. Results of the validation can be output.

32 Citations

View as Search Results

25 Claims

1-9. -9. (canceled)

10. A system that dynamically scans a web application comprising:
- a computer-readable storage medium; and
  
  a processor configured to initiate executable operations comprising;
  
  collecting log file data from at least one log file;
  
  from the collected log file data, generating at least one HTTP request to exercise a web application to perform a security analysis of the web application;
  
  communicating the HTTP request to the web application;
  
  receiving at least one HTTP response to the HTTP request;
  
  analyzing the HTTP response to perform validation of the web application; and
  
  outputting results of the validation.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
- - 11. The system of claim 10, wherein the processor further in configured to initiate executable operations comprising:
    - filtering the collected log file data to remove redundant information from the collected log file data.
  - 12. The system of claim 10, wherein the processor further in configured to initiate executable operations comprising:
    - transforming at least a portion of the collected log file data into at least one data structure recognizable by the web application; and
      
      including the data structure in the HTTP request.
  - 13. The system of claim 10, wherein the at least one log file comprises a log file maintained by an application client on which a client application is executed to access the web application.
  - 14. The system of claim 10, wherein the at least one log file comprises a log file maintained by a web server that hosts the web application.
  - 15. The system of claim 10, wherein the at least one log file comprises a log file maintained by network infrastructure of a communication network to which an application client on which a client application is executed is communicatively linked.
  - 16. The system of claim 10, wherein the at least one log file comprises a log file maintained by network infrastructure of a communication network to which a web server that hosts the web application is communicatively linked.
  - 17. The system of claim 10, wherein:
    - the log file data comprises at least one cookie; and
      
      the processor further is configured to initiate executable operations comprising refreshing the cookie for the HTTP request.
  - 18. The system of claim 10, wherein the processor further is configured to initiate executable operations comprising:
    - identifying at least one URL identified in the collected log file data;
      
      wherein generating the at least one HTTP request comprises submitting in the HTTP request a hazardous payload to the URL.

19. A computer program product for dynamically scanning a web application, the computer program product comprising:
- a computer-readable storage medium having computer-readable program code embodied therewith, the computer-readable program code comprising;
  
  computer-readable program code configured to collect log file data from at least one log file;
  
  computer-readable program code configured to, from the collected log file data, generate at least one HTTP request to exercise a web application to perform a security analysis of the web application;
  
  computer-readable program code configured to communicate the HTTP request to the web application;
  
  computer-readable program code configured to receive at least one HTTP response to the HTTP request;
  
  computer-readable program code configured to analyze the HTTP response to perform validation of the web application; and
  
  computer-readable program code configured to output results of the validation.
- View Dependent Claims (20, 21, 22, 23, 24, 25)
- - 20. The computer program product of claim 19, the computer-readable program code further comprising:
    - computer-readable program code configured to filter the collected log file data to remove redundant information from the collected log file data.
  - 21. The computer program product of claim 19, the computer-readable program code further comprising:
    - computer-readable program code configured to transform at least a portion of the collected log file data into at least one data structure recognizable by the web application; and
      
      computer-readable program code configured to include the data structure in the HTTP request.
  - 22. The computer program product of claim 19, wherein the at least one log file comprises a log file maintained by an application client on which a client application is executed to access the web application.
  - 23. The computer program product of claim 19, wherein the at least one log file comprises a log file maintained by at least one system selected from a group consisting of an application client on which a client application is executed to access the web application, a web server that hosts the web application, network infrastructure of a communication network to which an application client on which a client application is executed is communicatively linked, and network infrastructure of a communication network to which a web server that hosts the web application is communicatively linked.
  - 24. The computer program product of claim 19, wherein the log file data comprises at least one cookie, the computer-readable program code further comprising:
    - computer-readable program code configured to refresh the cookie for the HTTP request.
  - 25. The computer program product of claim 19, the computer-readable program code further comprising:
    - computer-readable program code configured to identify at least one URL identified in the collected log file data;
      
      wherein the computer-readable program code configured to generate the at least one HTTP request comprises computer-readable program code configured to submit in the HTTP request a hazardous payload to the URL.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
AMIT, Yair, BACHAR, Ronen, GUY, Lotem, KREICHMAN, Igal, NORDAN, Ron, SALTZMAN, Roi, SEGAL, Ori

Granted Patent

US 9,213,832 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/25
CPC Class Codes

G06F 21/552   involving long-term monitor...

H04L 63/166   at the transport layer

H04L 67/02   based on web technology, e....

DYNAMICALLY SCANNING A WEB APPLICATION THROUGH USE OF WEB TRAFFIC INFORMATION

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

32 Citations

25 Claims

Specification

Solutions

Use Cases

Quick Links

DYNAMICALLY SCANNING A WEB APPLICATION THROUGH USE OF WEB TRAFFIC INFORMATION

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

32 Citations

25 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links