本文選題：網(wǎng)站安全 + 注入式攻擊　； 參考：《鄭州大學(xué)》2011年碩士論文

【摘要】：網(wǎng)絡(luò)的飛速發(fā)展、網(wǎng)民數(shù)量的劇增以及日常生活的日益信息化,使得網(wǎng)站成為了網(wǎng)絡(luò)生活中的重要角色,擔(dān)當(dāng)了信息化的重要載體,網(wǎng)站在發(fā)揮重要作用和豐富人們生活的同時,針對網(wǎng)站的攻擊亦開始活躍起來,這給網(wǎng)站帶來了極大的安全隱患。網(wǎng)站安全問題的產(chǎn)生催生了各種防護(hù)措施和產(chǎn)品,其在保護(hù)網(wǎng)站安全方面發(fā)揮了重要作用；然而各種常見的安全防護(hù)措施和產(chǎn)品往往只關(guān)注一個層次的問題,而網(wǎng)站安全是一個多層次的問題,任何一個層次的防護(hù)缺失都將造成網(wǎng)站被成功攻陷。本文針對單一的網(wǎng)站安全防護(hù)系統(tǒng)不能有效解決當(dāng)前網(wǎng)站安全的問題,研究了一種多層次的網(wǎng)站安全防護(hù)系統(tǒng)。 本文首先對當(dāng)前網(wǎng)站安全的形勢及網(wǎng)站安全的研究現(xiàn)狀進(jìn)行了介紹,分析了一些常見安全防護(hù)的優(yōu)點(diǎn)和缺點(diǎn),進(jìn)而引出了本文的研究內(nèi)容：多層次網(wǎng)站安全防護(hù)系統(tǒng)研究。然后對本文中涉及到的網(wǎng)站安全相關(guān)知識進(jìn)行了闡述,包括注入攻擊(Injection Attack),跨站腳本攻擊(XSS Attack),防篡改技術(shù),WebShell介紹等。第三部分重點(diǎn)對本文研究的多層次網(wǎng)站安全防護(hù)系統(tǒng)進(jìn)行介紹并設(shè)計實現(xiàn),首先對多層次的網(wǎng)站安全防護(hù)系統(tǒng)總體上進(jìn)行設(shè)計,包括了防注入/防XSS攻擊系統(tǒng),網(wǎng)站防篡改系統(tǒng),WebShell和特殊文件夾(特殊文件)檢測系統(tǒng),然后對各個部分進(jìn)行詳細(xì)介紹：(1)防注入/防XSS攻擊系統(tǒng)主要針對網(wǎng)站的SQL注入、跨站腳本攻擊等問題,防止攻擊者利用此類攻擊獲取管理員甚至系統(tǒng)權(quán)限,阻止其對客戶端用戶進(jìn)行攻擊,同時針對比較隱蔽和靈活的cookie注入攻擊,系統(tǒng)及時檢測分析cookie中數(shù)據(jù),保證惡意代碼無法傳遞到Web服務(wù)器,從而保護(hù)網(wǎng)站正常運(yùn)行；(2)防篡改系統(tǒng)的功能主要是保證網(wǎng)站目錄中文件不被非法篡改,采用基于文件過濾驅(qū)動技術(shù)實現(xiàn),在指定監(jiān)控目錄、指定監(jiān)控文件類型、指定操作權(quán)限的情況下,在內(nèi)核態(tài)對文件讀寫操作請求進(jìn)行攔截分析,不符合策略則立即對請求的IRP (I/O Request Package)流進(jìn)行拒絕,從而實現(xiàn)防篡改的目的,同時本文防篡改系統(tǒng)實現(xiàn)了對寫入文件內(nèi)容的主動分析攔截功能,防止惡意文件寫入網(wǎng)站目錄中；(3)網(wǎng)站后臺木馬WebShell文件及特殊文件夾(特殊文件)檢測系統(tǒng)主要對網(wǎng)站的WebShell文件進(jìn)行檢測,防止網(wǎng)站后臺木馬對網(wǎng)站及系統(tǒng)的控制,同時對一些特殊文件夾、特殊文件(以windows設(shè)備等命名)進(jìn)行檢測,清除WebShell木馬和廣告鏈接的藏身之處,兩種檢測結(jié)合起來可以保證網(wǎng)站目錄文件的無木馬化。論文第四部分通過實驗對本文研究實現(xiàn)的多層次防護(hù)系統(tǒng)進(jìn)行驗證,實驗結(jié)果表明,本文實現(xiàn)的系統(tǒng)可以對常見的網(wǎng)站攻擊起到良好的防護(hù)作用,多個層次相互作用,可以對網(wǎng)站安全起到綜合的防護(hù)效果。
[Abstract]:With the rapid development of the network, the rapid increase of the number of Internet users and the increasing informatization of daily life, the website has become an important role in the network life, and has played an important role in the informatization. Website plays an important role and enriches people's life at the same time, the attack against website also begins to be active, which brings great security hidden danger to website. The emergence of the security problems of the website has given birth to a variety of protective measures and products, which play an important role in protecting the security of the website. However, various common security measures and products tend to focus on only one level of problems. Website security is a multi-level problem, any level of lack of protection will result in the success of the site. In view of the fact that a single website security protection system can not effectively solve the problem of current website security, a multi-level website security protection system is studied in this paper. This paper first introduces the current situation of website security and the research status of website security, analyzes the advantages and disadvantages of some common security protection, and then leads to the research content of this paper: the research of multi-level website security protection system. Then, the related knowledge of website security involved in this paper is expounded, including injection attack, cross-site script attack XSS attack, tamper-proof technology and Web shell. The third part focuses on the introduction and implementation of the multi-level website security protection system studied in this paper. Firstly, the multi-level website security protection system is designed as a whole, including the anti-injection / anti-XSS attack system. Web shell and special folder (special file) detection system are introduced in detail. Then, the system of preventing injection / XSS attack is mainly aimed at SQL injection, cross-site script attack and so on. To prevent attackers from taking advantage of such attacks to gain administrator or even system privileges, to prevent them from attacking client users, and at the same time to detect and analyze the data in cookie in time for the more covert and flexible cookie injection attacks. The main function of the tamper-proof system is to ensure that the files in the website directory are not tampered with illegally. When the file type is specified and the operation permission is specified, the file read-write request is intercepted and analyzed in kernel mode, and the requested IRP / I / O Request package stream is rejected immediately if the policy does not conform to the policy, so as to achieve the purpose of anti-tampering. At the same time, the tamper-proof system realizes the active analysis and interception function of writing the contents of the file. To prevent malicious files from writing to the directory of the website, the WebShell file and special folder (special file) detection system mainly detects the WebShell files of the website, and prevents the background Trojan horse from controlling the website and the system. At the same time, some special folders, special files (named after windows devices) are detected to clear the hiding place of WebShell Trojans and advertising links. The combination of the two kinds of detection can ensure the website directory files without Trojans. The fourth part of the thesis verifies the multi-level protection system studied in this paper through experiments. The experimental results show that the system implemented in this paper can play a good role in protecting common website attacks and interact with each other at many levels. Can play the comprehensive protective effect to the website security.
【學(xué)位授予單位】：鄭州大學(xué)
【學(xué)位級別】：碩士
【學(xué)位授予年份】：2011
【分類號】：TP393.08

【參考文獻(xiàn)】

相關(guān)期刊論文 前4條

1 楊飛;;網(wǎng)頁防篡改技術(shù)[J];計算機(jī)安全;2008年09期

2 崔明,劉興華;網(wǎng)絡(luò)入侵及其防范[J];遼寧警專學(xué)報;2004年02期

3 李民;方勇;劉林超;熊帆;;文件過濾驅(qū)動及應(yīng)用[J];信息與電子工程;2005年04期

4 王洪艷;;基于文件系統(tǒng)過濾驅(qū)動的信息安全防護(hù)技術(shù)研究[J];科技創(chuàng)新導(dǎo)報;2007年33期

相關(guān)碩士學(xué)位論文 前3條

1 王雷;主動式網(wǎng)絡(luò)安全監(jiān)控系統(tǒng)的設(shè)計與實現(xiàn)[D];南京航空航天大學(xué);2007年

2 謝夢;文件級I/O監(jiān)控系統(tǒng)的設(shè)計與實現(xiàn)[D];華中科技大學(xué);2008年

3 吳標(biāo);具備綜合安全防范能力的網(wǎng)頁防篡改軟件的研究[D];北京林業(yè)大學(xué);2009年

，

本文編號：1953884