CN109688108A - A kind of defence file uploads the security mechanism and its implementation method of loophole - Google Patents

A kind of defence file uploads the security mechanism and its implementation method of loophole Download PDF

Info

Publication number
CN109688108A
CN109688108A CN201811386587.9A CN201811386587A CN109688108A CN 109688108 A CN109688108 A CN 109688108A CN 201811386587 A CN201811386587 A CN 201811386587A CN 109688108 A CN109688108 A CN 109688108A
Authority
CN
China
Prior art keywords
file
php
web application
unit
plug
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201811386587.9A
Other languages
Chinese (zh)
Other versions
CN109688108B (en
Inventor
孙歆
韩嘉佳
李沁园
秦俊宁
陈利跃
周升
张波
席泽生
刘镇武
马博林
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
State Grid Corp of China SGCC
Global Energy Interconnection Research Institute
Electric Power Research Institute of State Grid Zhejiang Electric Power Co Ltd
Original Assignee
State Grid Corp of China SGCC
Global Energy Interconnection Research Institute
Electric Power Research Institute of State Grid Zhejiang Electric Power Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by State Grid Corp of China SGCC, Global Energy Interconnection Research Institute, Electric Power Research Institute of State Grid Zhejiang Electric Power Co Ltd filed Critical State Grid Corp of China SGCC
Priority to CN201811386587.9A priority Critical patent/CN109688108B/en
Publication of CN109688108A publication Critical patent/CN109688108A/en
Application granted granted Critical
Publication of CN109688108B publication Critical patent/CN109688108B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1433Vulnerability analysis
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/02Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1095Replication or mirroring of data, e.g. scheduling or transport for data synchronisation between network nodes

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Information Transfer Between Computers (AREA)
  • Computer And Data Communications (AREA)

Abstract

The invention discloses security mechanisms and its implementation method that a kind of defence file uploads loophole.Security mechanism of the invention is related to client and Web Application Server, wherein in client, the design of PHP security plug-in unit has been carried out for browser, to guarantee that the file of labeling can effectively be parsed execution by browser;On Web Application Server, in addition to Web application service platform, the parts such as distribution platform, PHP processing routine and the local file storage of PHP security plug-in unit are increased, it is therefore an objective to file be prevented to upload the operation of loophole from source.It present invention uses file header labeling technologies, solves the problems, such as that file uploads loophole, eliminates the security threat that file upload loophole causes and improve the safety of Web application service system to a certain extent.

Description

A kind of defence file uploads the security mechanism and its implementation method of loophole
Technical field
The present invention relates to network safety filed, specifically a kind of defence file uploads the security mechanism and in fact of loophole Applying method.
Background technique
In recent years, the fast development of internet, so that Internet technology is either in science and technology, education, enterprise or government Sufficient application is obtained in part, so that static Web page has been unable to meet the demand of user;In customer side, user is not only Wish to receive multidate information, it is also desirable in some files of oneself are uploaded onto the server.Therefore the just transmitting file on user While, the defect of file upload is utilized in the attacker of malice principle and program itself has manufactured loophole.
Realize that code without the file type that strictly limitation user uploads, causes attacker can due to file upload function To upload any PHP file to by the catalogue of web access, and these files can be passed to PHP interpreter, thus made Arbitrary PHP script can be executed on the remote server by obtaining attacker, and here it is so-called files to upload loophole attack (FileUploadAttack)。
The loophole that loophole is a very fearful terror is uploaded in network programming, if there are this inside network programming Kind loophole, then the attacker of malice can be directly using above upload principle into the server for the website that you are edited A Webshell is uploaded, carries out packet capturing when uploading, skips the detection before file uploads, obtains the page for receiving data submission Address and content, user name and the password that then can further obtain administrator carry out risky operation to control entire website.
Web is exactly the open Web service of server, and shell is the operating right to server in a way, thus Webshell is just commonly referred to as operating right in a way of the malicious attacker by website port to Website server, The ASP wooden horse being namely commonly called as, PHP wooden horse etc. using the file operation sentence of server end write as can be with editor control service The file of device.
It uploads loophole for file to threaten, traditional solution is mainly:
1. file extension detection uploads a php file or similar file, if uploaded successfully, system is not to file Extension name carries out legal verifying.
2. the request packet of building one upper transmitting file of mime type detection, then modifies the content of Content-Type, Such as Content-Type=text/plain be revised as Content-Type=image/gif. such as obtain server upload at The response of function, then system does not carry out legal verifying to mime type.
3. path parameter detects directory path parameter detecting is exactly to detect whether path is legal, a road constructed is uploaded Whether diameter parameter, such as D:/photo/image/test1.php.gif/test2.gif, test macro are verified parameter.
4. file content detection may some files uploaded keep its file type legal by having modified extension name, but File content and file type are inconsistent, and by carrying out file header detection, whether verifying extension name is consistent with content.
Summary of the invention
To solve the problems, such as the existing upper transmitting file for containing unknown loophole, the present invention provides a kind of defence file upload The security mechanism of loophole.
To achieve the goals above, the present invention adopts the following technical scheme: a kind of defence file uploads the safe machine of loophole System, is related to client and Web Application Server;
Client develops browser using the form of PHP security plug-in unit, and PHP security plug-in unit includes a filtering module and one Parse execution module;
Web application service platform and PHP plug-in unit distribution platform are disposed on Web Application Server respectively, meanwhile, a PHP handles journey Sequence is connected with Web application service platform, is responsible for pre-processing the file for uploading preservation in Web application service, described PHP processing routine includes a labeling processing module and a file header processing module, and local file storage is issued with PHP plug-in unit Platform is connected, and the file that storage uploads is responsible in local file storage;
The PHP security plug-in unit is provided by PHP plug-in unit distribution platform, and PHP security plug-in unit preserves Web application service website File header label is convenient for dissection process;When user's access target Web application service, if the browser of client does not install phase The PHP security plug-in unit answered will be unable to user in parsing target Web application service and upload the file saved, causes user cannot be just It is often used due file access services;Targeted website can prompt the corresponding PHP security plug-in unit of user installation as a result,;
The Web application service platform includes N number of Web application service website, each Web application service website and PHP plug-in unit There are linking relationship, users to upload the file saved and require to pre-process by PHP processing routine for distribution platform;
The file header that the PHP processing routine is responsible for uploading user in the file of preservation does labeling processing.
It present invention uses file header labeling technologies, solves the problems, such as that file uploads loophole, eliminates file and upload leakage The security threat that hole is caused improves the safety of Web application service system to a certain extent.
As the supplement of above-mentioned security mechanism, the filtering module in the PHP security plug-in unit can carry out the file of return Filtering, filtering is unacceptable, then illustrates that the processing of file header labeling is not done in target Web application service or file is abnormal, then directly It connects and abandons;What is be filtered through takes the file header of its labeling to be output to parsing execution module.
As the supplement of above-mentioned security mechanism, the parsing execution module in the PHP security plug-in unit has labeling The function of file header parsing and execution.
As the supplement of above-mentioned security mechanism, the labeling processing module in the PHP processing routine is responsible for on user It passes the file header saved in file and does labeling processing.
As the supplement of above-mentioned security mechanism, the file header identification module in the PHP processing routine is responsible for on user Pass the file checking file type saved.
As the supplement of above-mentioned security mechanism, the PHP plug-in unit distribution platform provides a user PHP security plug-in unit, can be according to Corresponding version is provided according to different browsers.
For above description, attacked if malicious user has initiated file upload loophole to target Web application service, maliciously generation Code file is uploaded to server end, and malicious user expects the corresponding permission that server is obtained by script, or passes through External user access is induced, downloading uploads virus or wooden horse file, achievees the purpose that attack.But the malicious code uploaded due to it File is identified specific file type first, and secondly file header is handled by labeling, will not be distorted by attacker, more will not Resolved execution module processing is the file type that attacker wants.
The present invention also provides the implementation methods of above-mentioned security mechanism, and its step are as follows:
User uploads the file saved and pre-processes in step 1:Web application service;
Step 2: issuing related PHP security plug-in unit and dispose Web application service;
Step 3: PHP security plug-in unit is installed on client browser;
The request page that step 4:PHP safety insert processing server returns;
The request page of return can be intercepted by PHP security plug-in unit, first passed through filtering module and be filtered to the file of return, filtering It is unacceptable, then illustrate that the processing of file header labeling is not done in target Web application service or file is abnormal, then directly abandons;It crosses What filter passed through takes the file header of its labeling to be output to parsing execution module;Filtering module handles request page, will mark The file header of labelization filters out;The file header of the labeling filtered out is sent into parsing execution module and parses, tuning and executes processing.
As the supplement of above-mentioned implementation method, the particular content of step 1 are as follows: when entering file header identification module, to every One file uses the authentication mechanism for file content, checks the type of file;After file header identifies, by each text Part is sent into labeling processing module, does labeling processing to file header.
As the supplement of above-mentioned implementation method, the particular content of step 2 are as follows: saved uploading Web application service user File pretreatment after, need to encapsulate complete PHP security plug-in unit and its License to be uploaded to the publication of PHP plug-in unit flat Platform, and the Web application file access service arrangement that step 1 is disposed is online.
As the supplement of above-mentioned implementation method, the particular content of step 3 are as follows: when client transmission normal request, visit for the first time When asking target Web application service, Web application service can prompt user installation PHP security plug-in unit, and it is flat to provide the publication of PHP plug-in unit The chained address of platform;User on the browser of client by PHP security plug-in unit after the installation is completed, can be normally to target Web Application service carries out file access.
The device have the advantages that as follows: the present invention uploads the File saved to Web Application Server user The detection of head legitimacy and execution, have effectively defendd malicious user or hacker to upload the behavior that loophole is attacked using file.With Existing defense technique is compared, and present invention greatly enhances Web application services in the safety of file upload function, is effectively supported It has driven file and has uploaded loophole attack, eliminated file from the root and upload loophole threat.
Detailed description of the invention
Fig. 1 is the structural block diagram for the security mechanism that present invention defence file uploads loophole;
Fig. 2 is the specific implementation flow chart of security mechanism of the present invention;
Fig. 3 is the implementation procedure schematic diagram of PHP processing routine of the present invention;
Fig. 4 is PHP security plug-in unit implementation procedure schematic diagram of the present invention.
Specific embodiment
The present invention is described in detail combined with specific embodiments below.Following embodiment will be helpful to the technology of this field Personnel further understand the present invention, but the invention is not limited in any way.It should be pointed out that the ordinary skill of this field For personnel, without departing from the inventive concept of the premise, various modifications and improvements can be made.These belong to the present invention Protection scope.
Embodiment 1
Defence file provided by the invention uploads the structural block diagram of the security mechanism of loophole as shown in Figure 1, being related to client and Web Application server.To be developed in the form of plug-in unit to browser in client, PHP security plug-in unit include a filtering module and One parsing execution module;Web application service platform and PHP plug-in unit distribution platform are deployed on Web Application Server respectively, together When, PHP processing routine is connected with Web application service platform, and the file for being responsible for uploading user in Web application service preservation is done It pre-processes, including a labeling processing module and a file header processing module, local file storage and PHP plug-in unit distribution platform It is connected, is responsible for the file that storage uploads.
PHP security plug-in unit is the complete installation procedure of encapsulation, is provided by PHP plug-in unit distribution platform, and when user installation needs to use License certification.PHP security plug-in unit preserves the file header label of Web application service website, be convenient for dissection process, respectively by Filtering module and parsing execution module are responsible for.Functions of modules is described as follows:
Filtering module: the file header of the file after labeling is filtered out;
Parsing execution module: the file header of the labeling file filtered out is parsed, optimized and is executed.
Web application service platform includes N number of Web application service website.Each Web application service website is inserted with PHP The link of part distribution platform is oriented to.The file header that user uploads the file saved in each Web application service will be as at PHP The input data of reason program is just deployed in respective services sites after PHP routine processes.
The effect of PHP plug-in unit distribution platform is to download corresponding PHP security plug-in unit for user, provides relevant installation for user It helps.There is the PHP plug-in unit publication of adaptation version on the platform for the browser of different editions.
PHP processing routine is the key that security mechanism, is mainly used for user in Web application service uploading the file saved File header do labeling processing, be responsible for respectively by labeling processing module and file header identification module.Functions of modules is specifically It is bright as follows:
File header identification module: the file saved is uploaded for the middle user of Web application service, uses testing for file content Card mechanism, what this method utilized is that each certain types of file can have not quite alike beginning or flag bit, inspection Look into the type of file.
Labeling processing module: labeling is done for the file header for the file that the middle user of Web application service uploads preservation Processing.
Embodiment 2
According to Fig.2, the specific implementation step of security mechanism described in embodiment 1 is as follows:
Wherein, step 1 to step 3 is the preparation stage, and step 4 is implementation phase.
User uploads the file saved and pre-processes in step 1:Web application service
As shown in figure 3, the authentication mechanism for file content is used to each file when entering file header identification module, Check the type of file.After file header identifies, each file is sent into labeling processing module, label is done to file header Change processing.
Step 2: issuing related PHP security plug-in unit and dispose Web application service
After Web application service user to be uploaded to the file pretreatment saved, need to encapsulate complete PHP security plug-in unit And its License is uploaded to PHP plug-in unit distribution platform, and on the Web application file access service arrangement that step 1 is disposed Line.
Step 3: PHP security plug-in unit is installed on client browser
When client sends normal request, for the first time when access target Web application service, Web application service can prompt user installation PHP security plug-in unit, and the chained address of plug-in unit distribution platform PHP is provided.User inserts PHP security on the browser of client Part after the installation is completed, normally can carry out file access to target Web application service.
The request page that step 4:PHP safety insert processing server returns
The request page of return can be intercepted by PHP security plug-in unit, as shown in figure 4, first pass through filtering module to the file of return into Row filtering, filtering is unacceptable, then illustrates that the processing of file header labeling is not done in target Web application service or file is abnormal, then Directly abandon.What is be filtered through takes the file header of its labeling to be output to parsing execution module.Filtering module to request page into Row processing, the file header of labeling is filtered out.The file header of the labeling filtered out be sent into parsing execution module parse, tuning, Execute processing.

Claims (10)

1. the security mechanism that a kind of defence file uploads loophole, which is characterized in that be related to client and Web Application Server;
Client develops browser using the form of PHP security plug-in unit, and PHP security plug-in unit includes a filtering module and one Parse execution module;
Web application service platform and PHP plug-in unit distribution platform are disposed on Web Application Server respectively, meanwhile, a PHP handles journey Sequence is connected with Web application service platform, is responsible for pre-processing the file for uploading preservation in Web application service, described PHP processing routine includes a labeling processing module and a file header processing module, and local file storage is issued with PHP plug-in unit Platform is connected, and the file that storage uploads is responsible in local file storage;
The PHP security plug-in unit is provided by PHP plug-in unit distribution platform, and PHP security plug-in unit preserves Web application service website File header label is convenient for dissection process;When user's access target Web application service, if the browser of client does not install phase The PHP security plug-in unit answered will be unable to user in parsing target Web application service and upload the file saved, causes user cannot be just It is often used due file access services;Targeted website can prompt the corresponding PHP security plug-in unit of user installation as a result,;
The Web application service platform includes N number of Web application service website, each Web application service website and PHP plug-in unit There are linking relationship, users to upload the file saved and require to pre-process by PHP processing routine for distribution platform;
The file header that the PHP processing routine is responsible for uploading user in the file of preservation does labeling processing.
2. the security mechanism that defence file according to claim 1 uploads loophole, which is characterized in that the PHP security is inserted Filtering module in part can be filtered the file of return, and filtering is unacceptable, then illustrate that target Web application service is not done The processing of file header labeling or file are abnormal, then directly abandon;What is be filtered through takes the file header of its labeling to be output to parsing Execution module.
3. the security mechanism that defence file according to claim 1 or 2 uploads loophole, which is characterized in that the PHP security Parsing execution module in plug-in unit has the file header parsing of labeling and the function of execution.
4. the security mechanism that defence file according to claim 1 or 2 uploads loophole, which is characterized in that the PHP processing The file header that labeling processing module in program is responsible for uploading user in preservation file does labeling processing.
5. the security mechanism that defence file according to claim 1 or 2 uploads loophole, which is characterized in that the PHP processing File header identification module in program is responsible for uploading the file checking file type saved to user.
6. the security mechanism that defence file according to claim 1 or 2 uploads loophole, which is characterized in that the PHP plug-in unit Distribution platform provides a user PHP security plug-in unit, can provide corresponding version according to different browsers.
7. defence file described in claim 1-6 uploads the implementation method of the security mechanism of loophole, which is characterized in that including step It is rapid:
User uploads the file saved and pre-processes in step 1:Web application service;
Step 2: issuing related PHP security plug-in unit and dispose Web application service;
Step 3: PHP security plug-in unit is installed on client browser;
The request page that step 4:PHP safety insert processing server returns;
The request page of return can be intercepted by PHP security plug-in unit, first passed through filtering module and be filtered to the file of return, filtering It is unacceptable, then illustrate that the processing of file header labeling is not done in target Web application service or file is abnormal, then directly abandons;It crosses What filter passed through takes the file header of its labeling to be output to parsing execution module;Filtering module handles request page, will mark The file header of labelization filters out;The file header of the labeling filtered out is sent into parsing execution module and parses, tuning and executes processing.
8. implementation method according to claim 7, which is characterized in that the particular content of step 1 are as follows: know entering file header When other module, the authentication mechanism for file content is used to each file, checks the type of file;File header identification finishes Afterwards, each file is sent into labeling processing module, labeling processing is done to file header.
9. implementation method according to claim 7, which is characterized in that the particular content of step 1 are as follows: step 2 it is specific in Hold are as follows: after Web application service user to be uploaded to the file pretreatment saved, need to encapsulate complete PHP security and insert Part and its License are uploaded to PHP plug-in unit distribution platform, and the Web application file that step 1 is disposed accesses service arrangement It is online.
10. implementation method according to claim 7, which is characterized in that the particular content of step 1 are as follows: step 3 it is specific in Hold are as follows: when client sends normal request, for the first time when access target Web application service, Web application service can prompt user installation PHP security plug-in unit, and the chained address of plug-in unit distribution platform PHP is provided;User inserts PHP security on the browser of client Part after the installation is completed, normally can carry out file access to target Web application service.
CN201811386587.9A 2018-11-20 2018-11-20 Security system for defending file uploading vulnerability and implementation method thereof Active CN109688108B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201811386587.9A CN109688108B (en) 2018-11-20 2018-11-20 Security system for defending file uploading vulnerability and implementation method thereof

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201811386587.9A CN109688108B (en) 2018-11-20 2018-11-20 Security system for defending file uploading vulnerability and implementation method thereof

Publications (2)

Publication Number Publication Date
CN109688108A true CN109688108A (en) 2019-04-26
CN109688108B CN109688108B (en) 2021-07-06

Family

ID=66185405

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201811386587.9A Active CN109688108B (en) 2018-11-20 2018-11-20 Security system for defending file uploading vulnerability and implementation method thereof

Country Status (1)

Country Link
CN (1) CN109688108B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111641596A (en) * 2020-05-11 2020-09-08 湖南大学 Power network information physical potential safety hazard assessment method and system and power system

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20120311714A1 (en) * 2011-06-01 2012-12-06 International Business Machines Corporation Testing web applications for file upload vulnerabilities
CN104978207A (en) * 2014-04-11 2015-10-14 博雅网络游戏开发(深圳)有限公司 Method for uploading file, browser and system
CN105227387A (en) * 2014-06-16 2016-01-06 腾讯科技(深圳)有限公司 The detection method of webpage leak, Apparatus and system
US20170116217A1 (en) * 2015-03-24 2017-04-27 Intellectual Ventures Hong Kong Limited High bit rate covert channel in cloud storage systems
CN107800718A (en) * 2017-11-29 2018-03-13 中科信息安全共性技术国家工程研究中心有限公司 A kind of file uploads the method for early warning device of leak

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20120311714A1 (en) * 2011-06-01 2012-12-06 International Business Machines Corporation Testing web applications for file upload vulnerabilities
CN104978207A (en) * 2014-04-11 2015-10-14 博雅网络游戏开发(深圳)有限公司 Method for uploading file, browser and system
CN105227387A (en) * 2014-06-16 2016-01-06 腾讯科技(深圳)有限公司 The detection method of webpage leak, Apparatus and system
US20170116217A1 (en) * 2015-03-24 2017-04-27 Intellectual Ventures Hong Kong Limited High bit rate covert channel in cloud storage systems
CN107800718A (en) * 2017-11-29 2018-03-13 中科信息安全共性技术国家工程研究中心有限公司 A kind of file uploads the method for early warning device of leak

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111641596A (en) * 2020-05-11 2020-09-08 湖南大学 Power network information physical potential safety hazard assessment method and system and power system

Also Published As

Publication number Publication date
CN109688108B (en) 2021-07-06

Similar Documents

Publication Publication Date Title
KR101001132B1 (en) Method and System for Determining Vulnerability of Web Application
CN102546576B (en) A kind of web page horse hanging detects and means of defence, system and respective code extracting method
CN112468520B (en) Data detection method, device and equipment and readable storage medium
US8800042B2 (en) Secure web application development and execution environment
US9160756B2 (en) Method and apparatus for protecting markup language document against cross-site scripting attack
US20070113282A1 (en) Systems and methods for detecting and disabling malicious script code
US9032519B1 (en) Protecting websites from cross-site scripting
US20110289556A1 (en) Method and Apparatus for Serving Content Elements of a Markup Language Document Protected Against Cross-Site Scripting Attack
Barua et al. Server side detection of content sniffing attacks
WO2016085499A1 (en) Determine vulnerability using runtime agent and network sniffer
CN111191246A (en) Spring annotation based security development verification method
US8127033B1 (en) Method and apparatus for accessing local computer system resources from a browser
Blome et al. Vera: A flexible model-based vulnerability testing tool
CN110879891A (en) Vulnerability detection method and device based on web fingerprint information
CN110968872A (en) File vulnerability detection processing method and device, electronic equipment and storage medium
CN111131303A (en) Request data verification system and method
CN110765333A (en) Method and device for collecting website information, storage medium and electronic device
WO2018018699A1 (en) Website scripting attack prevention method and device
KR100984639B1 (en) Automatic security assessment system and its implementation method
Gupta et al. Robust injection point-based framework for modern applications against XSS vulnerabilities in online social networks
Ravindran et al. A Review on Web Application Vulnerability Assessment and Penetration Testing.
CN109688108A (en) A kind of defence file uploads the security mechanism and its implementation method of loophole
Parimala et al. Efficient web vulnerability detection tool for sleeping giant-cross site request forgery
Duraisamy et al. A server side solution for protection of web applications from cross-site scripting attacks
JP2010250791A (en) Web security management device and method for monitoring communication between web server and client

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant