Research On Cross-Site Request Forgery Attack Detection Based On Link Analyse

With the development of science and technology, the Internet has become an important way people live, work, learn, and a lot of sites, applications, and services are available to users in Web forms, but the security situation is increasingly serious, CSRF vulnerabilities are exploited by an attacker easier and have an impact on the interests of users, how to effectively detect CSRF attacks has become the industry’s hot spots.CSRF attacks on detection, this paper on the basis of the traditional detection methods,puts forward the link static characteristic analysis and link structure and trigger detection methods, designed and implemented the appropriate detection system prototype. The main work includes:First, CSRF Detection Technology research Based on Link Analysis. Firstly, this article has been described HTTP protocol and browser security policy related to CSRF attacks, analyzes the same origin policy and Cookie security policy, pointed out its shortcomings in detection CSRF attacks. Next,in this paper malicious code of the CSRF attacks has been depth analysied,their malicious code depends static cross-domain label, javascript encryption and concealment techniques are summarized,we found characteristics CSRF attacks.Finally, based on the above two studies, with the current existing detection techniques, this paper presents detection method based on link analysis static feature detection method, based on analysis of the link structure and trigger. By combining the two in various ways, for static and dynamic CSRF attack detected embodiment,Extract static active cross-domain tag page is loaded, the characters of the source link is used to identify the functional links and the load source type label matching detection; the user to operate the page Meanwhile, the hijacking page key function and operation of the event, and event correlation function analysis, function and send the link to make the sending of link recognition and proactive way request to the server for the status code detection.Second, the prototype design CSRF detection system based on link analysis, implementation and testing. Based on the detection, the paper detection system prototype design, detail design objectives and design, and its implementation and testing. The prototype of the site can automatically fully present in CSRF attack detection, while the static pages and dynamic CSRF attacks CSRF attacks make detection considerably less CSRF attacks will analyze the workload.