本文選題：XSS　切入點：正則表達式　出處：《電子科技大學》2016年碩士論文

【摘要】：隨著互聯網技術的快速發(fā)展,電子商務、社交網絡以及電子金融等網絡平臺成為人們生活中不可或缺的一部分。網絡在給人們帶來便利的同時,也給釣魚攻擊者帶來了牟取非法利益的機會。攻擊者通過誘使用戶訪問釣魚網頁來執(zhí)行攻擊,進而竊取用戶的賬戶名、密碼以及銀行賬戶等隱私信息。近年來,隨著跨站腳本攻擊技術的流行,釣魚攻擊者另辟蹊徑,通過在合法網站的跨站腳本漏洞中注入惡意腳本代碼,實施一種新型的XSS網絡釣魚攻擊。由于這種新型的釣魚攻擊發(fā)生在合法網站中,降低用戶警惕性的同時也規(guī)避了各種傳統(tǒng)網絡釣魚的檢測,使得攻擊的欺騙性和成功率顯著提高。而針對這一新型的XSS網絡釣魚攻擊,現有的檢測方法無論在檢測范圍還是準確性方面仍存在很多不足。因此,針對這一新型攻擊,開發(fā)一種高效準確的檢測方法勢在必行。針對已有檢測方法的不足,結合XSS網絡釣魚攻擊的特點,本文提出了基于正則匹配的XSS網絡釣魚攻擊檢測方法,簡稱REXPH。本文的主要研究工作如下:(1)基于正則匹配的XSS網絡釣魚攻擊檢測方法設計。首先,本文對傳統(tǒng)網絡釣魚和XSS網絡釣魚的攻擊原理及其檢測方法進行了分析和總結,并指出了已有檢測方法的不足。然后,詳細描述了REXPH檢測方法的總體流程,并給出了核心的偽代碼。最后,提取了XSS網絡釣魚正常攻擊、XSS網絡釣魚變形攻擊以及第三方鏈接的特征,總結并得出了REXPH檢測方法中所需的6個正則表達式集。(2)REXPH原型系統(tǒng)的設計與實現。本文設計并實現了REXPH檢測原型系統(tǒng),其中包括數據預處理、正則檢測、變形代碼還原、結果判定以及第三方鏈接再檢測共5個模塊。(3)REXPH方法實驗以及與其他方法的比較。本文使用不同類型的XSS網絡釣魚攻擊樣本對系統(tǒng)進行了測試,并與已有的檢測方法做了測試結果的對比分析。發(fā)現本文提出的REXPH比現有的檢測方法涵蓋的范圍更廣,檢測的結果更加準確并且更加細致,同時漏報率顯著降低,也說明了本文的REXPH檢測方法在XSS網絡釣魚檢測領域的技術優(yōu)勢以及推廣應用價值。
[Abstract]:With the rapid development of Internet technology, electronic commerce, social network, electronic finance and other network platforms have become an indispensable part of people's lives.The network not only brings convenience to people, but also brings opportunities for angling attackers to gain illegal profits.The attacker invokes the user to visit the phishing page to carry out the attack, thereby stealing the user's account name, password, bank account and other privacy information.In recent years, with the popularity of cross-site scripting attack technology, phishing attackers seek a new way to implement a new XSS phishing attack by injecting malicious script code into the cross-site script vulnerability of legitimate websites.Due to the fact that this new fishing attack occurs on the legal website, it reduces the vigilance of users and avoids the detection of traditional phishing, which makes the deceptive and successful rate of the attack increase significantly.However, for this new XSS phishing attack, there are still many shortcomings in the detection range and accuracy of the existing detection methods.Therefore, it is imperative to develop an efficient and accurate detection method for this new attack.In view of the shortcomings of the existing detection methods and the characteristics of XSS phishing attacks, this paper proposes a regular matching based detection method for XSS phishing attacks, referred to as REXPH.The main work of this paper is as follows: (1) the design of XSS phishing attack detection method based on regular matching.Firstly, this paper analyzes and summarizes the attack principles and detection methods of traditional phishing and XSS phishing, and points out the shortcomings of existing detection methods.Then, the overall flow of REXPH detection method is described in detail, and the core pseudo code is given.Finally, the features of XSS phishing deformation attack and third party link are extracted, and the design and implementation of six regular expression sets.In this paper, a prototype system of REXPH detection is designed and implemented, which includes five modules: data preprocessing, regular detection, deformable code restoration, result determination and third party link re-detection.In this paper, different types of XSS phishing attack samples are used to test the system, and the test results are compared with the existing methods.It is found that the REXPH proposed in this paper covers a wider range than the existing detection methods, and the detection results are more accurate and meticulous, while the missing reporting rate is significantly reduced.It also explains the technical advantages of the REXPH detection method in the field of XSS phishing detection and its application value.
【學位授予單位】：電子科技大學
【學位級別】：碩士
【學位授予年份】：2016
【分類號】：TP393.08

【參考文獻】

相關期刊論文 前3條

1 洪博;耿光剛;王利明;王偉;毛偉;;一種基于DNS主動檢測釣魚攻擊的系統(tǒng)[J];計算機應用研究;2013年12期

2 趙躍華;胡向濤;;網絡釣魚攻擊的防御技術及防御框架設計[J];計算機應用研究;2013年06期

3 趙作鵬;尹志民;王潛平;許新征;江海峰;;一種改進的編輯距離算法及其在數據處理中的應用[J];計算機應用;2009年02期

相關博士學位論文 前1條

1 張健毅;大規(guī)模反釣魚識別引擎關鍵技術研究[D];北京郵電大學;2012年

相關碩士學位論文 前1條

1 譚光林;反釣魚系統(tǒng)的研究與設計[D];北京郵電大學;2013年

，

本文編號：1717932