首頁 > 網路資源 > 大同大學數位論文系統

Title page for etd-0821112-155137


URN etd-0821112-155137 Statistics This thesis had been viewed 1207 times. Download 1 times.
Author Ting-Wei Hu
Author's Email Address amorjoca@gmail.com
Department Computer Science and Enginerring
Year 2011 Semester 2
Degree Master Type of Document Master's Thesis
Language zh-TW.Big5 Chinese Page Count 41
Title Precision measurement of Web Detection and Prevention System
Keyword
  • security scanner
  • black box testing
  • web application testing
  • cross-site scripting
  • the complete retrieval
  • SQL injection attacks
  • SQL injection attacks
  • the complete retrieval
  • cross-site scripting
  • web application testing
  • black box testing
  • security scanner
  • Abstract Injection attack is very dangerous and nothing in injection attacks has risen every year, forcing managers to injection attacks also need to understand injection attacks and learn defense. Unfortunately, managers although learn defensive injection attacks good thing, but some managers set conditions too harsh and lead to miscarriage of justice to rise, even for each HTTP request to determine whether aggressive behavior, but also requires a powerful computing center, be possible to do validation on every HTTP. Our system provides a mechanism, it will analyze the vulnerability of each injection point, put forward a set of rules to the defense. Managers are usually in order to maintain the basic operation of the site, will run out of effort, so our system can help managers to filter the user, and adjust the filtering rules, but also by our system to observe the behavior of the attacker, according to the above I hope that managers can find own site with what vulnerabilities exist, and their own to modify the program, or use of our system of filtering rules to defense, and when we determine the attacker, it will be guide to the interactive system, we will record the user's attacks have to adjust our defense rules, and managers will be able to take to make the appropriate corresponding, not only does not affect the operation scenario of the original site, but also to attack isolation to another space, and from the observed behavior of the attacker, which get sort out attack mode.
    Advisor Committee
  • none - advisor
  • none - co-chair
  • none - co-chair
  • Files indicate in-campus access at 3 years and off-campus not accessible
    Date of Defense 2012-07-10 Date of Submission 2012-08-28


    Browse | Search All Available ETDs