| The widespread HTTP Traffic Injection affects the user experience badly,and brings severe security threats.In recent years,with the development of mobile Internet,mobile devices,most of which are in 4G,3G,2G or Wi-Fi environment are more popular and more vulnerable to attack.This paper presents a method of monitoring the HTTP injection in the mobile devices by deploying front-end scripts on the server.We analyze the injection resources,the injectors and the injection systems by collecting and processing the monitor data.We analyze the injection contents and the demand,and propose blocking methods including deploying HTTPS,CSP or hook scripts on the server side and deploying access restriction procedure on the client side.We also test false alarm rate,false negative rate,efficiency,cost and other indicators of the blocking methods.The test results of injection data show over 4%mobile devices' sessions are modified during transmission.Such modifications include advertisement injection,ISP value-added services injection,increasing false network traffic injection,page jump injection and so on.This paper presents the injection is related to the ISP,region and network environment.The tests of the blocking methods suggest the above blocking methods can all defense HTTP injection effectively.The blocking method of deploying CSP on the server side is a low cost and high accuracy server-side solution,and the blocking method of deploying access restriction procedure is an effective client-side solution for high performance clients. |
PDF Full Text Request