Method and device for identifying XSS attack, and computer readable storage medium

A technology for attacking data and digital vectors, applied in the field of identifying XSS attacks, can solve problems such as omissions, misjudgments, and failures, and achieve the effects of improving generalization ability, good robustness, and improving accuracy

Inactive Publication Date: 2019-02-26
HANGZHOU SHIQU INFORMATION TECH CO LTD
View PDF4 Cites 8 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] However, this method relies heavily on the experience of rule makers, and is prone to omissions and misjudgments.
And o

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and device for identifying XSS attack, and computer readable storage medium
  • Method and device for identifying XSS attack, and computer readable storage medium
  • Method and device for identifying XSS attack, and computer readable storage medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0053] The following will clearly and completely describe the technical solutions in the embodiments of the present invention in conjunction with the accompanying drawings in the embodiments of the present invention. Obviously, the described embodiments are only some of the embodiments of the present invention, not all of them. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without making creative efforts belong to the protection scope of the present invention.

[0054] In order to enable those skilled in the art to better understand the solution of the present invention, the present invention will be further described in detail below in conjunction with the accompanying drawings and specific embodiments.

[0055] Next, a method for identifying an XSS attack provided by an embodiment of the present invention is described in detail. figure 1A flow chart of a method for identifying an XSS attack provided ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The embodiment of the invention discloses a method and device for identifying an XSS attack, and a computer-readable storage medium. The data to be detected is preprocessed to obtain a digital vector. the trained character-based convolutional neural network model is used to process the digital vector to obtain the attack probability of XSS. When the XSS attack probability value is greater than orequal to the preset threshold, the output data to be detected is XSS attack data. Compared with the prior art, the technical scheme does not need to make rules artificially, and only needs to use thetrained character-type convolution neural network model for XSS attack analysis. The model uses the network structure of convolution neural network, and can identify some attacks with similar structure, which improves the generalization ability of the model. And the character-based convolution neural network model can take each character as the smallest processing unit. Compared with word segmentation processing, it can learn deeper semantics and improve the accuracy of XSS attack recognition.

Description

technical field [0001] The present invention relates to the technical field of data protection, in particular to a method, device and computer-readable storage medium for identifying XSS attacks. Background technique [0002] Cross Site Scripting (Cross Site Scripting, XSS) is a kind of computer security vulnerability in web applications. Malicious attackers insert malicious script codes into web pages. When users browse the page, the script codes embedded in the web will be destroyed. Execution, so as to achieve the purpose of maliciously attacking users. [0003] The current mainstream identification method is to use manually written regular rules to match suspicious structures in input information, such as <img SRC="javascript:alert('XSS');"> Can be hit by the regular rule alert(.*). [0004] However, this method relies heavily on the experience of rule makers, and is prone to omissions and misjudgments. And once a variant attack occurs, the existing rules may becom...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F21/55G06N3/04G06N3/08
CPCG06F21/55G06N3/08G06N3/045
Inventor 周吴夏朗王帅吴哲夫
Owner HANGZHOU SHIQU INFORMATION TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap