Unlock instant, AI-driven research and patent intelligence for your innovation.

XSS defensive system

A defense system and network system technology, applied in the transmission system, electrical components, platform integrity maintenance, etc., can solve the problems of browsing speed impact, robustness and usability limitations, and it is difficult to fundamentally eliminate XSS attacks, so as to eliminate XSS attacks effect of behavior

Active Publication Date: 2015-02-25
TONGJI UNIV
View PDF4 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The disadvantages mainly include: it needs to be deployed on various browsers, which is difficult to implement and popularize; the success rate of the method depends on the recognition rate of illegal scripts; it may affect the browsing speed
The above methods only start from the point of XSS attack, and do not grasp the essential reasons that cause XSS attack to occur and cause harm. Therefore, it can only be said to treat the symptoms but not the root cause, and it is difficult to completely eliminate the occurrence of XSS attacks.
[0005] In summary, the existing defense methods against XSS attacks still have obvious limitations in terms of robustness and usability
At the same time, in reality, many websites are attacked by XSS without the knowledge of the administrators. At this time, it is basically impossible to use the above method to protect the user clients browsing these websites.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • XSS defensive system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0022] Embodiments of the present invention are described below through specific examples, and those of ordinary skill in the art can easily understand other advantages and effects of the present invention from the content disclosed in this specification. The present invention can also be implemented or applied through other different specific examples, and various modifications and changes can be made to the details in this specification based on different viewpoints and applications without departing from the spirit of the present invention.

[0023] see figure 1 , which is a schematic block diagram showing the XSS defense system of the present invention. As shown in the figure, the XSS defense system of the present invention is built in the client 2 connected to the network system 1, and the client 2 utilizes the network system 1 to realize the website provided by the website provider 3 through a browser. access. Wherein, the website provider 3 may be a website developer ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses an XSS defensive system which is mainly realized through the following steps of: pre-establishing a website behavior model for a website to be browsed by a modeling module; detecting the browsing behavior of the website by a detection module; and authenticating the browsing behavior of a user through using a corresponding website behavior model by an authentication module, wherein only the behaviors defined in the behavior model can be successful in authentication and are allowed to be executed, and browsing behaviors unsuccessful in authentication are determined as illegal behaviors to be prevented, and an alarm is given out, thus damage to a client duo to potential XSS attack is avoided.

Description

technical field [0001] The invention relates to an XSS defense system, in particular to an XSS defense system based on behavior authentication. Background technique [0002] Today, the network is becoming a new platform and carrier for various services in real life. In order to improve user experience, scripting languages ​​(mostly JavaScript) are widely used in web applications. Unfortunately, this trend has made XSS (cross-site scripting) one of the most serious security problems on the Internet today. XSS (cross-site scripting attack), also known as CSS (Cross Site Script), refers to malicious attackers inserting malicious script code into a web page. When a user browses the page, the script code embedded in the web will be executed. , so as to achieve the special purpose of maliciously attacking users. The origin of the name "cross-site scripting attack" originates from the initial "cross-site" feature of this type of attack method. Now XSS is no longer limited to the...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06G06F21/55
Inventor 蒋昌俊陈闳中闫春钢丁志军许华杰寿辰
Owner TONGJI UNIV