Unlock instant, AI-driven research and patent intelligence for your innovation.

Defense method and system for browser cache poisoning

A defense system and browser technology, applied in transmission systems, digital transmission systems, user identity/authority verification, etc., can solve problems affecting user experience, affecting response speed, taking into account user experience, etc., to achieve fast and reliable verification, defense Cache poisoning attack, the effect of protecting personal information security

Active Publication Date: 2018-10-16
INST OF INFORMATION ENG CAS
View PDF7 Cites 8 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Client-based defense methods require users to have high security awareness and affect user experience
For the server, methods of isolating cache files and URL randomization can be adopted to prevent the client from directly reading page information from the cache, but this will inevitably affect the response speed and violate the original intention of browser caching
Existing defense methods have problems to varying degrees, especially the inability to protect user personal information while taking into account user experience

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Defense method and system for browser cache poisoning
  • Defense method and system for browser cache poisoning
  • Defense method and system for browser cache poisoning

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0038] In order to enable those skilled in the art to better understand the technical solutions in the embodiments of the present invention, and to make the purpose, features and advantages of the present invention more obvious and easy to understand, the technical core of the present invention will be further described in detail below in conjunction with the accompanying drawings and examples instruction of.

[0039] In the present invention, a set of reliable and effective browser cache poisoning defense system is designed, which can effectively solve the above-mentioned existing problems, and the system includes as follows:

[0040] Such as figure 1 As shown in , a schematic diagram of the overall flow of the browser cache poisoning defense system. The system is divided into two parts: client and server. For the client, a cache probe needs to be embedded in the browser; for the server, a cache verification plug-in needs to be installed in the server. When the client uses ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a defense method for browser cache poisoning. The defense method comprises the following steps: intercepting a cache control key function when discovering that a browser sends arequest page to a server and calls the local cache control key function through detection; acquiring all unexpired cached JavaScript files in the request page according to the cache control key function, and performing Hash value computation on the JavaScript files; checking whether the JavaScript files are tampered according to the computation result, if the JavaScript files are tampered, adjusting the caching time to be earlier than the current time. The defense is realized through the interactive verification of a client and the server, the browser cache poisoning attack can be effectivelydefended without influencing the user experience, and the user personal information security is protected. The invention provides a system for realizing the above method at the same time.

Description

technical field [0001] The invention relates to the field of computer network security, and is used for fighting cache poisoning attacks implemented by using a browser cache mechanism, more specifically, a detection method and system for browser cache poisoning. Background technique [0002] Browser cache poisoning means that attackers use man-in-the-middle and other attack methods to implant malicious JavaScript scripts into the client browser cache. On the premise that the cache is not cleared, every time a user visits a web page, malicious JavaScript scripts will be loaded. In turn, it achieves the purpose of stealing user account passwords, browsing records, hijacking, and tampering with traffic, which seriously threatens the security of users' personal information. [0003] The original intention of the browser caching mechanism is to allow the browser to store some static resources (such as pictures, CCS, JavaScript files, etc.) locally, thereby reducing network delays...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06H04L29/08H04L9/32
CPCH04L9/3236H04L9/3239H04L63/145H04L2463/145H04L67/568H04L67/5682
Inventor 刘井强尹捷刘潮歌刘奇旭赵建军
Owner INST OF INFORMATION ENG CAS