本文選題：XSS　切入點(diǎn)：正則表達(dá)式　出處：《電子科技大學(xué)》2016年碩士論文

【摘要】：隨著互聯(lián)網(wǎng)技術(shù)的快速發(fā)展,電子商務(wù)、社交網(wǎng)絡(luò)以及電子金融等網(wǎng)絡(luò)平臺(tái)成為人們生活中不可或缺的一部分。網(wǎng)絡(luò)在給人們帶來便利的同時(shí),也給釣魚攻擊者帶來了牟取非法利益的機(jī)會(huì)。攻擊者通過誘使用戶訪問釣魚網(wǎng)頁來執(zhí)行攻擊,進(jìn)而竊取用戶的賬戶名、密碼以及銀行賬戶等隱私信息。近年來,隨著跨站腳本攻擊技術(shù)的流行,釣魚攻擊者另辟蹊徑,通過在合法網(wǎng)站的跨站腳本漏洞中注入惡意腳本代碼,實(shí)施一種新型的XSS網(wǎng)絡(luò)釣魚攻擊。由于這種新型的釣魚攻擊發(fā)生在合法網(wǎng)站中,降低用戶警惕性的同時(shí)也規(guī)避了各種傳統(tǒng)網(wǎng)絡(luò)釣魚的檢測,使得攻擊的欺騙性和成功率顯著提高。而針對這一新型的XSS網(wǎng)絡(luò)釣魚攻擊,現(xiàn)有的檢測方法無論在檢測范圍還是準(zhǔn)確性方面仍存在很多不足。因此,針對這一新型攻擊,開發(fā)一種高效準(zhǔn)確的檢測方法勢在必行。針對已有檢測方法的不足,結(jié)合XSS網(wǎng)絡(luò)釣魚攻擊的特點(diǎn),本文提出了基于正則匹配的XSS網(wǎng)絡(luò)釣魚攻擊檢測方法,簡稱REXPH。本文的主要研究工作如下:(1)基于正則匹配的XSS網(wǎng)絡(luò)釣魚攻擊檢測方法設(shè)計(jì)。首先,本文對傳統(tǒng)網(wǎng)絡(luò)釣魚和XSS網(wǎng)絡(luò)釣魚的攻擊原理及其檢測方法進(jìn)行了分析和總結(jié),并指出了已有檢測方法的不足。然后,詳細(xì)描述了REXPH檢測方法的總體流程,并給出了核心的偽代碼。最后,提取了XSS網(wǎng)絡(luò)釣魚正常攻擊、XSS網(wǎng)絡(luò)釣魚變形攻擊以及第三方鏈接的特征,總結(jié)并得出了REXPH檢測方法中所需的6個(gè)正則表達(dá)式集。(2)REXPH原型系統(tǒng)的設(shè)計(jì)與實(shí)現(xiàn)。本文設(shè)計(jì)并實(shí)現(xiàn)了REXPH檢測原型系統(tǒng),其中包括數(shù)據(jù)預(yù)處理、正則檢測、變形代碼還原、結(jié)果判定以及第三方鏈接再檢測共5個(gè)模塊。(3)REXPH方法實(shí)驗(yàn)以及與其他方法的比較。本文使用不同類型的XSS網(wǎng)絡(luò)釣魚攻擊樣本對系統(tǒng)進(jìn)行了測試,并與已有的檢測方法做了測試結(jié)果的對比分析。發(fā)現(xiàn)本文提出的REXPH比現(xiàn)有的檢測方法涵蓋的范圍更廣,檢測的結(jié)果更加準(zhǔn)確并且更加細(xì)致,同時(shí)漏報(bào)率顯著降低,也說明了本文的REXPH檢測方法在XSS網(wǎng)絡(luò)釣魚檢測領(lǐng)域的技術(shù)優(yōu)勢以及推廣應(yīng)用價(jià)值。
[Abstract]:With the rapid development of Internet technology, electronic commerce, social network, electronic finance and other network platforms have become an indispensable part of people's lives.The network not only brings convenience to people, but also brings opportunities for angling attackers to gain illegal profits.The attacker invokes the user to visit the phishing page to carry out the attack, thereby stealing the user's account name, password, bank account and other privacy information.In recent years, with the popularity of cross-site scripting attack technology, phishing attackers seek a new way to implement a new XSS phishing attack by injecting malicious script code into the cross-site script vulnerability of legitimate websites.Due to the fact that this new fishing attack occurs on the legal website, it reduces the vigilance of users and avoids the detection of traditional phishing, which makes the deceptive and successful rate of the attack increase significantly.However, for this new XSS phishing attack, there are still many shortcomings in the detection range and accuracy of the existing detection methods.Therefore, it is imperative to develop an efficient and accurate detection method for this new attack.In view of the shortcomings of the existing detection methods and the characteristics of XSS phishing attacks, this paper proposes a regular matching based detection method for XSS phishing attacks, referred to as REXPH.The main work of this paper is as follows: (1) the design of XSS phishing attack detection method based on regular matching.Firstly, this paper analyzes and summarizes the attack principles and detection methods of traditional phishing and XSS phishing, and points out the shortcomings of existing detection methods.Then, the overall flow of REXPH detection method is described in detail, and the core pseudo code is given.Finally, the features of XSS phishing deformation attack and third party link are extracted, and the design and implementation of six regular expression sets.In this paper, a prototype system of REXPH detection is designed and implemented, which includes five modules: data preprocessing, regular detection, deformable code restoration, result determination and third party link re-detection.In this paper, different types of XSS phishing attack samples are used to test the system, and the test results are compared with the existing methods.It is found that the REXPH proposed in this paper covers a wider range than the existing detection methods, and the detection results are more accurate and meticulous, while the missing reporting rate is significantly reduced.It also explains the technical advantages of the REXPH detection method in the field of XSS phishing detection and its application value.
【學(xué)位授予單位】：電子科技大學(xué)
【學(xué)位級別】：碩士
【學(xué)位授予年份】：2016
【分類號】：TP393.08

【參考文獻(xiàn)】

相關(guān)期刊論文 前3條

1 洪博;耿光剛;王利明;王偉;毛偉;;一種基于DNS主動(dòng)檢測釣魚攻擊的系統(tǒng)[J];計(jì)算機(jī)應(yīng)用研究;2013年12期

2 趙躍華;胡向濤;;網(wǎng)絡(luò)釣魚攻擊的防御技術(shù)及防御框架設(shè)計(jì)[J];計(jì)算機(jī)應(yīng)用研究;2013年06期

3 趙作鵬;尹志民;王潛平;許新征;江海峰;;一種改進(jìn)的編輯距離算法及其在數(shù)據(jù)處理中的應(yīng)用[J];計(jì)算機(jī)應(yīng)用;2009年02期

相關(guān)博士學(xué)位論文 前1條

1 張健毅;大規(guī)模反釣魚識別引擎關(guān)鍵技術(shù)研究[D];北京郵電大學(xué);2012年

相關(guān)碩士學(xué)位論文 前1條

1 譚光林;反釣魚系統(tǒng)的研究與設(shè)計(jì)[D];北京郵電大學(xué);2013年

，

本文編號：1717932