Unlock instant, AI-driven research and patent intelligence for your innovation.

A defense method and system for browser cache poisoning

A defense system and browser technology, applied in transmission systems, digital transmission systems, user identity/authority verification, etc., can solve problems affecting response speed, violating browser cache, affecting user experience, etc., to protect personal information security, Effectiveness against cache poisoning attacks, fast and reliable authentication

Active Publication Date: 2021-01-15
INST OF INFORMATION ENG CHINESE ACAD OF SCI
View PDF7 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Client-based defense methods require users to have high security awareness and affect user experience
For the server, methods of isolating cache files and URL randomization can be adopted to prevent the client from directly reading page information from the cache, but this will inevitably affect the response speed and violate the original intention of browser caching
Existing defense methods have problems to varying degrees, especially the inability to protect user personal information while taking into account user experience

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A defense method and system for browser cache poisoning
  • A defense method and system for browser cache poisoning
  • A defense method and system for browser cache poisoning

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0038] In order to enable those skilled in the art to better understand the technical solutions in the embodiments of the present invention, and to make the purpose, features and advantages of the present invention more obvious and easy to understand, the technical core of the present invention will be further described in detail below in conjunction with the accompanying drawings and examples instruction of.

[0039] In the present invention, a set of reliable and effective browser cache poisoning defense system is designed, which can effectively solve the above-mentioned existing problems, and the system includes as follows:

[0040] Such as figure 1 As shown in , a schematic diagram of the overall flow of the browser cache poisoning defense system. The system is divided into two parts: client and server. For the client, a cache probe needs to be embedded in the browser; for the server, a cache verification plug-in needs to be installed in the server. When the client uses ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

A defense method for browser cache poisoning proposed by the present invention includes the following steps: when it is found through detection that the browser sends a request page to the server and calls a local cache control key function, intercept the cache control key function; The key function of cache control obtains all uncached and expired JavaScript files in the requested page, and calculates the hash value of the JavaScript files; checks whether the JavaScript files have been tampered with according to the calculation results, and if so, adjusts its cache time to be earlier than the current time. Realized through interactive verification between the client and the server, it can effectively defend against browser cache poisoning attacks and protect the security of users' personal information without affecting the user experience. At the same time, a system for realizing the above method is provided.

Description

technical field [0001] The invention relates to the field of computer network security, and is used for fighting cache poisoning attacks implemented by using a browser cache mechanism, more specifically, a detection method and system for browser cache poisoning. Background technique [0002] Browser cache poisoning means that attackers use man-in-the-middle and other attack methods to implant malicious JavaScript scripts into the client browser cache. On the premise that the cache is not cleared, every time a user visits a web page, malicious JavaScript scripts will be loaded. In turn, it achieves the purpose of stealing user account passwords, browsing records, hijacking, and tampering with traffic, which seriously threatens the security of users' personal information. [0003] The original intention of the browser caching mechanism is to allow the browser to store some static resources (such as pictures, CCS, JavaScript files, etc.) locally, thereby reducing network delays...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06H04L29/08H04L9/32
CPCH04L9/3236H04L9/3239H04L63/145H04L2463/145H04L67/568H04L67/5682
Inventor 刘井强尹捷刘潮歌刘奇旭赵建军
Owner INST OF INFORMATION ENG CHINESE ACAD OF SCI