Research On Defend And Detection Of WEB Scripting Attacks

With the development of Internet technology, various kinds of Web applications based on HTTP protocol are changing the way we live. However, kinds of security issues within the development of Web technology also arouse the concern of many people. Among kinds of security issues, the most important and widespread ones come form the Web applications themselves. Due to the specificities of Web architecture and interaction functions, the scripting technology based on interpreting execution is widely used in development of Web application, so further more, negelence of programmer in the process of Web scripting development may leave attacker with kinds of scripting vulnerabilities, which can give chances to attackers to steal confidential informations of the Web applications and their users. Therefore,"How to improve the immune ability of Web applications towards scripting attacks and to guarantee the security of Web applications"is becoming a question needs to be solved immediately.This paper starts with relative technologies of Web applications firstly. It introduces HTTP protocol, Web functions and Web scripting etc. It also gives targeted analysis of these contents, and investigates what the core security issues of Web applications lies. Based on these, this paper gives a detail analysis of kinds of common Web scripting attacks according to given examples, mainly including code injection, XXS and CSRF.Research on how to defend Web scripting attacks is one of the core contents of this paper. Firstly, this paper researchs and elaborates on core defence mechanisms of Web applications. On this basis, according to kinds of common scripting attacks, this paper also takes specific research on defence mechanism of each attack and shows implementation examples of these attacks.Another research focus of this article is the detection of Web scripting vulnerabilities. We take on detections of the scripting vulnerabilities existed in Web applications using both ways named white-box test and black-box test which come from software testing. In the detection method using code review which is based on white-box, this paper firstly researchs on vulnerability signature of kinds of scripting vulnerabilities, and further elaborates how to take on code review of both server scripting code and client scripting code respectively. While using the penetration test method based on black-box to detect the vulnerabilities, this paper analyzes the shortcomings of existed testing tools; brings forward a specific methodology model of how to take penetration test of the Web scripting vulnerabilities; and gives detailed implementation method of each module of the model.The proxy function used in penetration test creates a theoretical foundation of setting up the mid-man proxy Web scripting attack. This paper gives a detail research of the structure and implement of this attack system, makes a comprehensive evaluation of the attack method, and elaborates some defend ways according to this attack.