中大機構典藏-NCU Institutional Repository-提供博碩士論文、考古題、期刊論文、研究計畫等下載:Item 987654321/95517
English  |  正體中文  |  简体中文  |  Items with full text/Total items : 80990/80990 (100%)
Visitors : 42715175      Online Users : 1407
RC Version 7.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
Scope Tips:
  • please add "double quotation mark" for query phrases to get precise results
  • please goto advance search for comprehansive author search
  • Adv. Search
    HomeLoginUploadHelpAboutAdminister Goto mobile version


    Please use this identifier to cite or link to this item: http://ir.lib.ncu.edu.tw/handle/987654321/95517


    Title: 基於黑箱技術之網頁伺服器 URL、子域名與路徑自動發現平台
    Authors: 郭垣佑;Kuo, YuanYu
    Contributors: 資訊工程學系
    Keywords: 黑箱技術;子網域發現;路徑發現;模糊測試;自動化探查;black-box technology;subdomain discovery;path discovery;fuzz testing;automated exploration
    Date: 2024-07-19
    Issue Date: 2024-10-09 16:55:13 (UTC+8)
    Publisher: 國立中央大學
    Abstract: 本研究介紹了一個基於黑箱技術之網頁伺服器 URL、子域名與
    路徑自動發現平台,旨在提升網站管理和網路安全。傳統上,子網域
    與路徑的發現依賴人工操作,耗時且容易出錯。為解決這一問題,我
    們提出了「RuneAlpha」系統,該系統使用先進的黑箱技術、自動化
    工具和模糊測試技術,在無需了解網站內部結構的情況下即可高效地
    探索並識別網站的所有子網域及其路徑。

    RuneAlpha 系統包括管理平台和 Rune 掃描模組,能夠自動化探
    查網站的各個角落,發現子網域和潛在路徑。我們在實驗中選擇了六
    種類型的網站進行測試,結果顯示,RuneAlpha 系統在子網域和路徑
    枚舉的有效性、準確性和完整性上顯著優於人工方法。Rune 掃描模
    組通過模糊測試和爬蟲技術,並結合其他網頁應用掃描工具,能夠發
    現應用的潛在漏洞。這一技術為網站管理和網路安全提供了新的工具
    和方法,幫助組織更有效地保護和管理其網頁資源。

    此研究不僅展示了黑箱技術在網路安全中的應用潛力,還為未來
    相關領域的研究和實踐提供了寶貴的參考。
    ;This study presents an automated discovery platform for web server
    URLs, subdomains, and paths based on black box techniques, aiming to
    improve website management and network security. Traditionally,
    discovering subdomains and paths is manual, time-consuming, and errorprone. To address this, we propose the "RuneAlpha" system, which uses
    advanced black-box techniques, automated tools, and fuzz testing to
    efficiently identify all subdomains and paths of a website without needing
    internal site knowledge.

    The RuneAlpha system includes a management platform and the
    Rune scanning module, capable of automatically exploring websites to
    discover subdomains and potential paths. Testing on six types of websites
    showed that RuneAlpha significantly outperforms manual methods in
    effectiveness, accuracy, and completeness. The Rune scanning module
    combines fuzz testing and crawling techniques with other web application
    scanning tools to identify potential vulnerabilities. This technology offers
    new tools and methods for better website management and network
    security, helping organizations protect and manage their web resources
    more effectively.

    This study demonstrates the potential of black-box technology in
    network security and provides valuable references for future research and
    practice.
    Appears in Collections:[Graduate Institute of Computer Science and Information Engineering] Electronic Thesis & Dissertation

    Files in This Item:

    File Description SizeFormat
    index.html0KbHTML50View/Open


    All items in NCUIR are protected by copyright, with all rights reserved.

    社群 sharing

    ::: Copyright National Central University. | 國立中央大學圖書館版權所有 | 收藏本站 | 設為首頁 | 最佳瀏覽畫面: 1024*768 | 建站日期:8-24-2009 :::
    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - 隱私權政策聲明