| With the rapid development of Internet technology,more and more personal network applications have been produced,and a lot of private sensitive data needs to be transmitted through the public Internet network.As a special way of attack,traffic hijacking is a serious threat to the information security of Internet users.Because the current technology for web application traffic hijack detection technology is still not mature,it has great significance to study the vulnerability analysis system.In this paper,the principle of web traffic hijacking and the security of web transport protocol are studied.The security threats of HTTPS protocol are analyzed in detail,and the common attack modes of WEB traffic hijacking are studied and classified.Moreover,this paper presents a system design scheme to validate traffic hijacking scenarios.The basic idea is to use the principle of wireless network man-in-the-middle attack to realize the eavesdropping and modification of the traffic data of the target machine access.The accuracy of the classification of traffic hijacking scenes in previous work is verified by this system.In addition,this paper presents an interactive web detection method.Through the analysis of the security of web page interaction,the key points of the web application are analyzed,and the characteristics of the web page are selected.Through the experimental comparison of multiple classification algorithms,CART algorithm is selected as the classification algorithm of detection system.In this paper.We use the advantages of CART decision tree to analysis the characteristics of the web page to judge whether the interactive processing of the risk has been hijacked.Finally,the system design scheme is implemented,and the performance of the web page classifier of the detection system is evaluated.The experimental results illustrate that this scheme has a good detection effect,which can can detect the vulnerability in the page accurately and effectively,and has some practical value. |
PDF Full Text Request