CN105049440A - Method and system for detecting cross-site scripting attack injection - Google Patents
Method and system for detecting cross-site scripting attack injection Download PDFInfo
- Publication number
- CN105049440A CN105049440A CN201510476875.3A CN201510476875A CN105049440A CN 105049440 A CN105049440 A CN 105049440A CN 201510476875 A CN201510476875 A CN 201510476875A CN 105049440 A CN105049440 A CN 105049440A
- Authority
- CN
- China
- Prior art keywords
- request
- module
- parameter
- list
- cross
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1466—Active attacks involving interception, injection, modification, spoofing of data unit addresses, e.g. hijacking, packet injection or TCP sequence number attacks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer And Data Communications (AREA)
Abstract
The invention discloses a method and a system for detecting cross-site scripting attack injection. The method comprises the following steps: recording request logs of user access by a reverse proxy module; grouping and classifying the request logs, and generate and saving a URL parameter; detecting a parameter name and a parameter value in the URL parameter, respectively; replacing the parameter value with corresponding content in a scripting injection attack dictionary list and generating a second request; sending a second request to a target server and receiving a response return request; judging whether the response return request contains attack content, and if so, adding the URL parameter to an injection risk list. In the way, the method for detecting the cross-site scripting attack injection is capable of detecting XSS bugs in a website more comprehensively, reducing the risk of attacks to users and improving the security of the website; besides, the URL detected by use of the method is more complete than the URL detected in a crawler way.
Description
Technical field
The present invention relates to a kind of method and system detecting cross-site scripting attack and inject.
Background technology
So-called cross-site scripting attack (CrossSiteScripting), for the abbreviation of discord CSS (CascadingStyleSheets, CSS) is obscured, therefore is abbreviated as XSS by cross-site scripting attack.Malicious attacker inserts malice html code in Web page, and when user browses this page, the html code embedded inside wherein Web can be performed, thus reach the specific purposes of malicious attack user.
XSS is a kind of computer security leak often appeared in web application, and it allows malice web user to be implanted to by code in the page being supplied to other user use.Such as these codes comprise HTML code and client script.Assailant utilizes XSS leak to bypass access control---such as same source policy (sameoriginpolicy).Such leak becomes owing to being used for by hacker writing the larger phishing of harmfulness (Phishing) attack and is widely known by the people.For cross-site scripting attack, hacker's circle common recognition is: cross-site scripting attack is novel " buffer overflow attack ", and JavaScript is novel " ShellCode ".
Current many websites are found the leak that there is cross-site script, are all much to use reptile to travel through website, process like this, request can be caused to follow the tracks of comprehensive not, test sufficiently complete.
Existing patent application (application number: 201510046908.0) propose one across station vulnerability scanning method and system, described method comprises the steps: to crawl the full station of targeted sites or the link of single-page; Filter with pre-conditioned crawling the link obtained, multiple potential in station leak link to obtain; Adopt vector of attack to each described potential across station leak link carry out fuzz testing; In fuzz testing process, adopt browse in module check each described potential across station leak link webpage source code carry out dynamic analysis, with judge described potential across station leak link whether exist across station leak; Database is saved to across the link of station leak and the vector of attack of corresponding loading by existing.This patent adopts vector of attack to carry out fuzz testing to each potential link, and workload is large, requires high to hardware configuration.
Summary of the invention
Technical problem to be solved by this invention is: by configuration reverse proxy module, and according to all solicited messages, extract variable element, inject test dictionary, carry out cross-site scripting attack test, to obtain return value, and then realize more comprehensively detecting the XSS leak existed in website, reduce user's risk under fire, improve site safety, and the URL that the mode comparing reptile detects is more complete.
In order to solve the problems of the technologies described above, the technical solution used in the present invention is: provide a kind of method detecting cross-site scripting attack and inject, comprising:
The Request Log of reverse proxy module recording user access;
Grouping and classifying is carried out to described request daily record, generates URL parameter, and preserve;
Detect the parameter name in described URL parameter and parameter value respectively;
Replacing described parameter value is content corresponding in the list of script injection attacks dictionary, generates the second request;
Second request that sends is to destination server, and reception returns response request;
Whether return described in judgement in response request containing attacking content;
If so, then described URL parameter is listed in and inject Risk list.
For solving the problem, the present invention also provides a kind of system detecting cross-site scripting attack and inject, and comprising:
Reverse proxy module, for the Request Log of recording user access;
Module is preserved in classification, for carrying out grouping and classifying to described request daily record, generating URL parameter, and preserving;
Detection module, for detecting parameter name in described URL parameter and parameter value;
Replace generation module, being content corresponding in the list of script injection attacks dictionary for replacing described parameter value, generating the second request;
Sending/receiving module, for sending the second request to destination server, and reception returns response request;
Whether judge module, return in response request containing attacking content described in judging;
List block, injects Risk list for described URL parameter being listed in.
Beneficial effect of the present invention is: be different from prior art, by configuration reverse proxy module, and according to all solicited messages, extract variable element, inject test dictionary, carry out cross-site scripting attack test, to obtain return value, and then realize more comprehensively detecting the XSS leak existed in website, reduce user's risk under fire, improve site safety, and the URL that the mode comparing reptile detects is more complete.
Accompanying drawing explanation
Fig. 1 is the schematic flow sheet of the inventive method embodiment one;
Fig. 2 is the schematic flow sheet of the inventive method embodiment two;
Fig. 3 is the structured flowchart of present system embodiment three;
Fig. 4 is the structured flowchart of present system embodiment four.
Embodiment
By describing technology contents of the present invention in detail, realized object and effect, accompanying drawing is coordinated to be explained below in conjunction with execution mode.
The design of most critical of the present invention is: by analyzing cross-site scripting attack injection request, replace process, by sending the second request to judge response request, realizes detecting cross-site scripting attack and is injected in system.
Please refer to Fig. 1, the embodiment of the present invention one provides a kind of method detecting cross-site scripting attack, comprises the steps:
S1: the Request Log of reverse proxy module recording user access;
S2: carry out grouping and classifying to described request daily record, generates URL parameter, and preserves;
S3: detect the parameter name in described URL parameter and parameter value respectively;
S4: replacing described parameter value is content corresponding in the list of script injection attacks dictionary, generates the second request;
S5: second request that sends is to destination server, and reception returns response request;
S6: whether return described in judgement in response request containing attacking content;
If so, then step S7 is performed: described URL parameter listed in and inject Risk list.
As shown in Figure 2, on the basis of embodiment one, before the embodiment of the present invention two step S1, also comprise:
S01: configuration reverse proxy module;
S02: resolve domain name to reverse proxy module.
Wherein, step S4 is specially:
S41: parameter value is replaced with successively content corresponding in the list of script injection attacks dictionary;
S42: after replacing successively, at least one second request of corresponding generation.
Wherein, after step S6, also comprise:
If not, then step S70 is performed: described in ignoring, return response request.
In a specific embodiment, before being on the defensive, following preparation can be done in advance:
Configuration reverse proxy module, for all Request Logs of recording user access.And reverse proxy module can be Reverse Proxy, the application program containing journal function that also can carry by system, such as iis, apache, nginx etc., proxy server is generally the client of user, and Reverse Proxy is used for service end.
The advantage of the journal function that configuration reverse proxy module and direct employing system carry is, without the need to revising the configuration of original server, only need configure at Reverse Proxy.
And upon configuration, by domain name mapping in this reverse proxy module.
In concrete test process, user accesses Reverse Proxy, and Reverse Proxy can record the content of all requests of user's access site, preserves as Request Log.Subsequently, by URL and parameter thereof, grouping and classifying is carried out to the URL of Request Log, generate the URL parameter of website.Particularly, by? URL is split, such as: http://abc.com/ with &? id=1 & name=abc.Its parameter name is that the parameter value of id and name and correspondence is respectively 1 and abc; Wherein URL not containing parameter part be http://abc.com/.
Respectively the parameter name in the URL of above-mentioned preservation and parameter value are detected again by program, parameter value 1 is replaced with content corresponding in conventional script injection attacks dictionary list, to generate the request after replacement, i.e. the second request.
Particularly, by keyword? split URL with &, namely carry out parameter value replacement (form is: parameter name=parameter) successively by regular expression.Wherein the corresponding content of attacking in dictionary list is exactly the keyword or the block that common are possible generation injection, such as: <script></script > tag block and, the keywords such as onclick, javascript.Should be understood that, owing to attacking content likely more than in dictionary list, therefore after replacement, the request after at least one replacement can be generated.
Request after replacing is resend to destination server, and detects to return in response request whether there is attack content.
Usually, detected website can be sent to.Send HTTP request to accessed detected website, detected website can return a http response, then detects wherein content and whether comprises attack content in request.
Comprise attack content if detect in request, then this URL parameter is listed in and there is XSS injection Risk list.
If detect in request and do not comprise attack content, then directly ignore this and return response request.And send next second request in destination server, perform step S5 ~ S7 to circulate, until detected the request after all replacements, satisfactory URL parameter has been listed in and there is XSS injection Risk list.
Is concrete example as follows: in http://abc.com/ website, have recorded Gethttp in the daily record of reverse proxy: //abc.com/? this request of id=1.By script injection attacks dictionary (this dictionary has contained the use-case that many kinds can be injected, for one by one test), parameter value 1 is replaced to attack string in the dictionary content of correspondence (namely in list) by regular expression.
As: http://abc.com/? id=<scripttype='text/javascript'GreatT.Grea T.GTalert (' pwnd'); </script>; Or
<scripttype='text/javascript'GreatT.GreaT.G Talert (' pwnd'); </script>; Or
<script%20src="http://mallorysevilsite.com/authstealer.js">。
Such as this example uses regular expression (id=) [^ &] * to replace with $ 1<scripttype='text/javascript'GreatT.GreaT. GTalert (' pwnd'); </script>
Does is result http://abc.com/? id=<scripttype='text/javascript'GreatT.Grea T.GTalert (' pwnd'); </script>] attack string.
Detect to return in the content of response whether comprise this script subsequently, and be not by escape.Then illustrate that this URL exists and inject risk.
In sum, the embodiment of the present invention by the daily record of reverse proxy module record request, and resolves domain name, after daily record grouping and classifying, generates URL parameter, using as the basis of defence and preparation; Re-use and inject test dictionary, carry out XSS inject test to parameter, acquisition return value wherein, whether containing attacking content, injects Risk list finally to assert to be listed in.Therefore the XSS injection loophole that exists in website in can more comprehensively detecting of the embodiment of the present invention two, reduces user's risk under fire, improve site safety, and the URL that the mode comparing reptile detects is more complete.
Hold, as shown in Figure 3, the embodiment of the present invention three provides a kind of system 100 detecting cross-site scripting attack, comprising:
Reverse proxy module 110, for the Request Log of recording user access;
Module 120 is preserved in classification, for carrying out grouping and classifying to described request daily record, generating URL parameter, and preserving;
Detection module 130, for detecting parameter name in described URL parameter and parameter value;
Replace generation module 140, being content corresponding in the list of script injection attacks dictionary for replacing described parameter value, generating the second request;
Sending/receiving module 150, for sending the second request to destination server 200, and reception returns response request;
Whether judge module 160, return in response request containing attacking content described in judging;
List block 170, for listing described URL parameter in injection Risk list.
Wherein, the system 100 of example four of the present invention, also comprises:
Configuration module 180, for configuring reverse proxy service module;
Parsing module 190, for resolving domain name to reverse proxy service module.
Wherein, replace generation module 140 also to comprise:
Replacement unit 141, for replacing with content corresponding in the list of script injection attacks dictionary successively by parameter value;
Generation unit 142, for after replacing successively, corresponding generation second request.
Wherein, return described in judging at judge module 160 after not containing attack content in response request, then return response request described in ignoring.
The foregoing is only embodiments of the invention; not thereby the scope of the claims of the present invention is limited; every equivalents utilizing specification of the present invention and accompanying drawing content to do, or be directly or indirectly used in relevant technical field, be all in like manner included in scope of patent protection of the present invention.
Claims (8)
1. detect the method that cross-site scripting attack injects, it is characterized in that, comprising:
The Request Log of reverse proxy module recording user access;
Grouping and classifying is carried out to described request daily record, generates URL parameter, and preserve;
Detect the parameter name in described URL parameter and parameter value respectively;
Replacing described parameter value is content corresponding in the list of script injection attacks dictionary, generates the second request;
Second request that sends is to destination server, and reception returns response request;
Whether return described in judgement in response request containing attacking content;
If so, then described URL parameter is listed in and inject Risk list.
2. detect the method that cross-site scripting attack injects according to claim 1, it is characterized in that, before the step of reverse proxy service module recording user access request daily record, also comprise:
Configuration reverse proxy module;
Resolve domain name to reverse proxy module.
3. detect the method that cross-site scripting attack injects according to claim 1, it is characterized in that, replacing described parameter value is content corresponding in the list of script injection attacks dictionary, and the step generating the second request is specially:
Parameter value is replaced with successively content corresponding in the list of script injection attacks dictionary;
After replacing successively, at least one second request of corresponding generation.
4. detect the method that cross-site scripting attack injects according to claim 1, it is characterized in that, return described in judgement in response request after whether containing the step of attacking content, also comprise:
If not, then ignore described in return response request.
5. detect the system that cross-site scripting attack injects, it is characterized in that, comprising:
Reverse proxy module, for the Request Log of recording user access;
Module is preserved in classification, for carrying out grouping and classifying to described request daily record, generating URL parameter, and preserving;
Detection module, for detecting parameter name in described URL parameter and parameter value;
Replace generation module, being content corresponding in the list of script injection attacks dictionary for replacing described parameter value, generating the second request;
Sending/receiving module, for sending the second request to destination server, and reception returns response request;
Whether judge module, return in response request containing attacking content described in judging;
List block, injects Risk list for described URL parameter being listed in.
6. detect the system that cross-site scripting attack injects according to claim 5, it is characterized in that, also comprise:
Configuration module, for configuring reverse proxy service module;
Parsing module, for resolving domain name to reverse proxy service module.
7. detect the system that cross-site scripting attack injects according to claim 5, it is characterized in that, replace generation module and also comprise:
Replacement unit, for replacing with content corresponding in the list of script injection attacks dictionary successively by parameter value;
Generation unit, for after replacing successively, corresponding generation second request.
8. detect the system that cross-site scripting attack injects according to claim 5, it is characterized in that, return described in judging at judge module after not containing attack content in response request, then return response request described in ignoring.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510476875.3A CN105049440B (en) | 2015-08-06 | 2015-08-06 | Detect the method and system of cross-site scripting attack injection |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510476875.3A CN105049440B (en) | 2015-08-06 | 2015-08-06 | Detect the method and system of cross-site scripting attack injection |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN105049440A true CN105049440A (en) | 2015-11-11 |
| CN105049440B CN105049440B (en) | 2018-04-10 |
Family
ID=54455651
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510476875.3A Active CN105049440B (en) | 2015-08-06 | 2015-08-06 | Detect the method and system of cross-site scripting attack injection |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105049440B (en) |
Cited By (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106446694A (en) * | 2016-12-13 | 2017-02-22 | 四川长虹电器股份有限公司 | Xss vulnerability mining system based on network crawlers |
| CN107948120A (en) * | 2016-10-12 | 2018-04-20 | 阿里巴巴集团控股有限公司 | leak detection method and device |
| CN108632219A (en) * | 2017-03-21 | 2018-10-09 | 腾讯科技(深圳)有限公司 | A kind of website vulnerability detection method, detection service device and system |
| CN108667770A (en) * | 2017-03-29 | 2018-10-16 | 腾讯科技(深圳)有限公司 | A kind of loophole test method, server and the system of website |
| CN109040054A (en) * | 2018-07-30 | 2018-12-18 | 杭州迪普科技股份有限公司 | A kind of url filtering test method and device |
| CN111104675A (en) * | 2019-11-15 | 2020-05-05 | 泰康保险集团股份有限公司 | Method and device for detecting system security vulnerability |
| CN113364815A (en) * | 2021-08-11 | 2021-09-07 | 飞狐信息技术(天津)有限公司 | Cross-site scripting vulnerability attack defense method and device |
| CN113965363A (en) * | 2021-10-11 | 2022-01-21 | 北京天融信网络安全技术有限公司 | Vulnerability studying and judging method and device based on Web user behaviors |
| CN114205123A (en) * | 2021-11-20 | 2022-03-18 | 湖北天融信网络安全技术有限公司 | Attack and defense confrontation-based threat hunting method, device, equipment and storage medium |
| CN114816558A (en) * | 2022-03-07 | 2022-07-29 | 深圳开源互联网安全技术有限公司 | Script injection method and device and computer readable storage medium |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102880830A (en) * | 2011-07-15 | 2013-01-16 | 华为软件技术有限公司 | Acquisition method and device of original test data |
| CN102999420A (en) * | 2011-09-13 | 2013-03-27 | 阿里巴巴集团控股有限公司 | XSS (Cross Site Scripting) testing method and XSS testing system based on DOM (Document Object Model) |
| CN103023869A (en) * | 2012-11-02 | 2013-04-03 | 北京奇虎科技有限公司 | Malicious attack prevention method and browser |
| US20150033285A1 (en) * | 2011-10-24 | 2015-01-29 | International Business Machines Corporation | Non-intrusive method and apparatus for automatically dispatching security rules in cloud environment |
-
2015
- 2015-08-06 CN CN201510476875.3A patent/CN105049440B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102880830A (en) * | 2011-07-15 | 2013-01-16 | 华为软件技术有限公司 | Acquisition method and device of original test data |
| CN102999420A (en) * | 2011-09-13 | 2013-03-27 | 阿里巴巴集团控股有限公司 | XSS (Cross Site Scripting) testing method and XSS testing system based on DOM (Document Object Model) |
| US20150033285A1 (en) * | 2011-10-24 | 2015-01-29 | International Business Machines Corporation | Non-intrusive method and apparatus for automatically dispatching security rules in cloud environment |
| CN103023869A (en) * | 2012-11-02 | 2013-04-03 | 北京奇虎科技有限公司 | Malicious attack prevention method and browser |
Cited By (15)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107948120B (en) * | 2016-10-12 | 2020-11-24 | 阿里巴巴集团控股有限公司 | Vulnerability detection method and device |
| CN107948120A (en) * | 2016-10-12 | 2018-04-20 | 阿里巴巴集团控股有限公司 | leak detection method and device |
| CN106446694A (en) * | 2016-12-13 | 2017-02-22 | 四川长虹电器股份有限公司 | Xss vulnerability mining system based on network crawlers |
| CN108632219A (en) * | 2017-03-21 | 2018-10-09 | 腾讯科技(深圳)有限公司 | A kind of website vulnerability detection method, detection service device and system |
| CN108667770A (en) * | 2017-03-29 | 2018-10-16 | 腾讯科技(深圳)有限公司 | A kind of loophole test method, server and the system of website |
| CN108667770B (en) * | 2017-03-29 | 2020-12-18 | 腾讯科技(深圳)有限公司 | Website vulnerability testing method, server and system |
| CN109040054A (en) * | 2018-07-30 | 2018-12-18 | 杭州迪普科技股份有限公司 | A kind of url filtering test method and device |
| CN109040054B (en) * | 2018-07-30 | 2020-12-04 | 杭州迪普科技股份有限公司 | URL filtering test method and device |
| CN111104675A (en) * | 2019-11-15 | 2020-05-05 | 泰康保险集团股份有限公司 | Method and device for detecting system security vulnerability |
| CN113364815A (en) * | 2021-08-11 | 2021-09-07 | 飞狐信息技术(天津)有限公司 | Cross-site scripting vulnerability attack defense method and device |
| CN113364815B (en) * | 2021-08-11 | 2021-11-23 | 飞狐信息技术(天津)有限公司 | Cross-site scripting vulnerability attack defense method and device |
| CN113965363A (en) * | 2021-10-11 | 2022-01-21 | 北京天融信网络安全技术有限公司 | Vulnerability studying and judging method and device based on Web user behaviors |
| CN114205123A (en) * | 2021-11-20 | 2022-03-18 | 湖北天融信网络安全技术有限公司 | Attack and defense confrontation-based threat hunting method, device, equipment and storage medium |
| CN114816558A (en) * | 2022-03-07 | 2022-07-29 | 深圳开源互联网安全技术有限公司 | Script injection method and device and computer readable storage medium |
| CN114816558B (en) * | 2022-03-07 | 2023-06-30 | 深圳市九州安域科技有限公司 | Script injection method, equipment and computer readable storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN105049440B (en) | 2018-04-10 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN105049440A (en) | Method and system for detecting cross-site scripting attack injection | |
| US10642600B2 (en) | Cloud suffix proxy and a method thereof | |
| Kirda et al. | Client-side cross-site scripting protection | |
| US8819819B1 (en) | Method and system for automatically obtaining webpage content in the presence of javascript | |
| Lekies et al. | 25 million flows later: large-scale detection of DOM-based XSS | |
| Kirda et al. | Noxes: a client-side solution for mitigating cross-site scripting attacks | |
| Canali et al. | Prophiler: a fast filter for the large-scale detection of malicious web pages | |
| Heiderich et al. | Iceshield: Detection and mitigation of malicious websites with a frozen dom | |
| Chen et al. | WebPatrol: Automated collection and replay of web-based malware scenarios | |
| US9147067B2 (en) | Security method and apparatus | |
| CN105046150A (en) | Method and system for preventing structured query language (SQL) implantation | |
| Shahriar et al. | Injecting comments to detect JavaScript code injection attacks | |
| US8789177B1 (en) | Method and system for automatically obtaining web page content in the presence of redirects | |
| WO2016040753A1 (en) | A cloud suffix proxy and methods thereof | |
| Wang et al. | A combined static and dynamic analysis approach to detect malicious browser extensions | |
| US10789360B2 (en) | Protection against third party JavaScript vulnerabilities | |
| Mansoori et al. | YALIH, yet another low interaction honeyclient | |
| Rao et al. | Two for the price of one: A combined browser defense against XSS and clickjacking | |
| Samarasinghe et al. | On cloaking behaviors of malicious websites | |
| Canfora et al. | A set of features to detect web security threats | |
| Panja et al. | Handling cross site scripting attacks using cache check to reduce webpage rendering time with elimination of sanitization and filtering in light weight mobile web browser | |
| Kerschbaumer et al. | Injecting CSP for fun and security | |
| CN105072109B (en) | Prevent the method and system of cross-site scripting attack | |
| CN103390129A (en) | Method and device for detecting security of uniform resource locator | |
| KR101699009B1 (en) | Method for collecting blackmarket crawler for mobile malware |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |