本文已被:浏览 2509次 下载 3260次
Received:April 28, 2009
Received:April 28, 2009
中文摘要: 在今天Web2.0时代,越来越多的应用正在从桌面朝着网络化的方向发展。网络的内容从最初的静态的一些超链接逐渐的转变为一系列的多样化应用,包括电子商务,电子邮件,游戏娱乐,数字媒体等等都是可以装载到浏览器中的应用。随着浏览器平台的不断发展,带来了很多的安全隐患诸如网络钓鱼,Xss,Xsrf(cross-site request forgery),Dns等等一系列的黑客手段日益成为威胁互联网用户的安全隐患。黑客可以利用恶意代码,或者钓鱼网站对用户个人信息进行随意的窃取,甚至造成很大的经济损失。针对上述威胁中的
Abstract:More and more applications are developing from desktop to networking in present WEB2.0 era. The content of the network gradually shifts from the original static hyperlink to a series of variegated applications including electronic commerce, electronic mailing, game recreation, digital media, which all can be loaded onto the browser. However, with the constant development of browser platform many hidden dangers concerning safety have arisen. For instance, a series of hacker methods such as Xss, xsrf (cross-site request forgery), DNS have become hidden threats to internet users. Hackers could steal users' personal information by utilizing malicious code or through phishing site, which may cause great economic loss. This paper aims to analyse Xss(cross site scripting) attack, and comes up with a new framework to solve this increasingly apparent safety problem.
keywords: information security cross-site scripting attacks client side layered defense independent threading model
文章编号: 中图分类号: 文献标志码:
基金项目:
| Author Name | Affiliation |
| DA Si-Meng | 华中科技大学 软件工程系 湖北 武汉 430074 |
| LU Yong-Zhong | |
| NING Feng |
| Author Name | Affiliation |
| DA Si-Meng | 华中科技大学 软件工程系 湖北 武汉 430074 |
| LU Yong-Zhong | |
| NING Feng |
引用文本:
达斯孟,陆永忠,宁峰.客户端跨站脚本攻击的分层防御策略.计算机系统应用,2010,19(2):29-32
DA Si-Meng,LU Yong-Zhong,NING Feng.Layered Defense Strategy of the Cross-Site Scripting Attack on Client-Side.COMPUTER SYSTEMS APPLICATIONS,2010,19(2):29-32
达斯孟,陆永忠,宁峰.客户端跨站脚本攻击的分层防御策略.计算机系统应用,2010,19(2):29-32
DA Si-Meng,LU Yong-Zhong,NING Feng.Layered Defense Strategy of the Cross-Site Scripting Attack on Client-Side.COMPUTER SYSTEMS APPLICATIONS,2010,19(2):29-32
