Cross-site scripting attack monitoring system and method

A cross-site scripting attack and monitoring system technology, applied in transmission systems, instruments, electrical digital data processing, etc., can solve the problems of account security collapse, high implementation costs, and inability to automatically prevent attacks, achieving good monitoring effects and high coverage. , apply the effect of high matching degree
CN103856471AActive Publication Date: 2014-06-11ALIBABA GRP HLDG LTD
4 Cites 18 Cited by

Patent Information

Authority / Receiving Office
CN Β· China
Patent Type
Applications(China)
Current Assignee / Owner
ALIBABA GRP HLDG LTD
Publication Date
2014-06-11

Smart Images

  • Figure 1
    Figure 1
  • Figure 2
    Figure 2
  • Figure 3
    Figure 3
Patent Text Reader

Abstract

The invention relates to a cross-site scripting attack monitoring system. The cross-site scripting attack monitoring system comprises an application serving module, a monitoring module and an analyzing module. The application serving module comprises a service module and a redefining module. The service module receives and responds to a service request of a user side, and the redefining module redefines a script built-in function adopted in a cross-site scripting attack and returns redefining information of the script built-in function to the user side; the monitoring module monitors calling information of the user side to the redefined script built-in function; the analyzing module analyzes the safety of the calling information. The cross-site scripting attack monitoring system can realize accurate locating of the source of the cross-site scripting attack, the attacking time, leaked data, attacked vulnerability and the like. In addition, the invention further provides a cross-site scripting attack monitoring method.
Need to check novelty before this filing date? Find Prior Art

Description

technical field

[0001] The present application relates to the technical field of network security, in particular to a cross-site scripting attack monitoring system and method. Background technique

[0002] In recent years, the focus of attention in the field of software security has gradually shifted from server-side attacks to client-side attacks, and cross-site scripting (XSS, English full name is Cross Site Script) attacks have been regarded as the most important security problem faced by network applications. threaten. Cross-site scripting often takes advantage of application security flaws and causes destructive consequences together with other vulnerabilities. Sometimes cross-site scripting attacks may also turn into a virus or a worm capable of self-propagation, causing more serious damage. In 2005, Myspace was attacked based on a cross-site scripting worm, causing a large number of users to receive millions of requests and had to close its applications. In 2009, Tw...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More