Research And Design Of WEB Script Attack And Defense Detection Model Baesd On Nodejs

With the advent of the Internet era and the "Internet+" concept enjoys popular support, people's lives have been inseparable from the Internet, and at the same time Web script attacks caused by the increasingly prominent network security issues, network security focus areas, which XSS cross Station script attack the most serious, the attacker can use the above means to steal Internet users and enterprises sensitive information, which has a negative impact on the Internet industry. But the current XSS cross-site scripting detection and prevention methods for modern Web applications have many limitations, has been unable to meet the current security needs of the Internet industry. Therefore, in the modern Web application XSS cross-site script attack vulnerability detection process can be based on DOM randomness detection method,used to improve efficiency and accuracy, greatly improve the detection efficiency. At the same time for the corresponding loopholes to prevent preventive measures. This article as the goal, the XSS cross-site scripting attacks and prevention in-depth study.The main work of this paper is as follows:1 .A brief summary of the existing mainstream Web scripting attacks(XSS attacks and CSRF attacks) and Internet technologies.2.Based on the basic principle of XSS cross-site scripting attack and the research of attack mode, a new XSS vulnerability detection model is proposed. Based on the characteristics of asynchronous Web data transmission in modern Web application, we focus on the implementation of DOM randomness and new vulnerability detection Algorithm detection function.3.Based on the characteristics of XSS attack and the characteristics of NodeJs in the current technology, this paper proposes a corresponding XSS prevention scheme, which can prevent the XSS attack while ensuring the maximum use of data submitted by users, and can also be used for frequent XSS Attack is effectively blocked.4.The XSS vulnerability detection model proposed in this paper is designed and verified, and its detection effect is verified.5.The XSS attack defense scheme proposed in this paper is designed and verified, and its defense effect is verified.Experiments show that the proposed XSS vulnerability detection model and XSS attack defense scheme have achieved the expected results.