FalconEye: A High-Performance Distributed Security Scanning System

Web applications, as a conventional platform for sensitive data and important transactions, are of great significance to human society. But with its open source framework, the existing security vulnerabilities can easily be exploited by malicious users, especially when web developers fail to follow the secure practices. Here we present a distributed scanning system, FalconEye, with great precision and high performance, it will help prevent potential threats to Web applications. Besides, our system is also capable of covering basically all the web vulnerabilities registered in the Common Vulnerabilities and Exposures (CVE). The FalconEye system is consists of three modules, an input source module, a scanner module and a support platform module. The input module is used to improve the coverage of target server, and other modules make the system capable of generic vulnerabilities scanning. We then experimentally demonstrate this system in some of the most common vulnerabilities test environment. The results proved that the FalconEye system can be a strong contender among the various detection systems in existence today.

[1]  Shangguang Wang,et al.  Service vulnerability scanning based on service-oriented architecture in Web service environments , 2013, J. Syst. Archit..

[2]  D Chitra Devi,et al.  Load Balancing in Cloud Computing Environment Using Improved Weighted Round Robin Algorithm for Nonpreemptive Dependent Tasks , 2016, TheScientificWorldJournal.

[3]  Xin Liu,et al.  OwlEye: An Advanced Detection System of Web Attacks Based on HMM , 2018, 2018 IEEE 16th Intl Conf on Dependable, Autonomic and Secure Computing, 16th Intl Conf on Pervasive Intelligence and Computing, 4th Intl Conf on Big Data Intelligence and Computing and Cyber Science and Technology Congress(DASC/PiCom/DataCom/CyberSciTech).

[4]  Dwen-Ren Tsai,et al.  Optimum tuning of defense settings for common attacks on the web applications , 2009, 43rd Annual 2009 International Carnahan Conference on Security Technology.

[5]  Alex Delis,et al.  An Inline Detection and Prevention Framework for Distributed Denial of Service Attacks , 2007, Comput. J..

[6]  Bo Chen,et al.  A Review of the Applications of Agent Technology in Traffic and Transportation Systems , 2010, IEEE Transactions on Intelligent Transportation Systems.

[7]  Ian T. Foster Globus Toolkit Version 4: Software for Service-Oriented Systems , 2005, NPC.

[8]  P. Santhi Thilagam,et al.  Securing web applications from injection and logic vulnerabilities: Approaches and challenges , 2016, Inf. Softw. Technol..

[9]  Yu Zhang,et al.  The Effects of Threading, Infection Time, and Multiple-Attacker Collaboration on Malware Propagation , 2009, 2009 28th IEEE International Symposium on Reliable Distributed Systems.

[10]  Erik Christensen,et al.  WSDL: Web Service Description Language , 2001 .

[11]  Theodore Tryfonas,et al.  A lightweight web-based vulnerability scanner for small-scale computer network security assessment , 2009, J. Netw. Comput. Appl..

[12]  Shangguang Wang,et al.  Towards Web Service selection based on QoS estimation , 2010, Int. J. Web Grid Serv..

[13]  Ben H. Thacker,et al.  Probabilistic engineering analysis using the NESSUS software , 2000 .