摘要
前端组件涉及多个数据流,包括用户输入、服务器返回的数据等,恶意脚本会隐藏在这些数据流中,且跨站脚本攻击存在变异性和不确定性,导致对其检测困难。因此,提出一种Web前端组件中的跨站脚本攻击检测算法。使用基于网络爬虫的Web前端组件跨站脚本信息抓取模型,抓取不重复冗余的Web前端组件跨站脚本信息;再将所抓取的脚本信息作为多分类支持向量机算法的训练样本。检测之前,在权威Web漏洞提交平台Exploit-db中,提取大规模变形跨站脚本信息样本,使用训练完毕的多分类支持向量机对抓取的脚本信息进行分类和检测。实验结果表明,所提算法对100条反射型跨站脚本攻击、50条存储型跨站脚本攻击、10条DOM型跨站脚本攻击的数据分类结果准确,且分类结果的样本分布中,攻击跨站脚本会按照攻击类型有序分布。
The front-end components involve multiple data streams,including user input,server returned data,etc.Malicious scripts can be hidden within these data streams,and cross site scripting attacks have variability and uncertainty,making it difficult to detect them.Therefore,a cross site scripting attack detection algorithm in Web front-end components is proposed.The web crawler based cross site script information crawling model for Web front-end components is used to capture non redundant cross site script information for Web front-end components.The captured script information is used as training samples for the multi classification support vector machine algorithm.Before detection,large-scale deformation cross site script information samples are extracted from the authoritative Web vulnerability submission platform Exploit-db,and a trained multi class support vector machine is used to classify and detect the captured script information.The experimental results show that this algorithm has accurate classification results for 100 reflective cross site script attacks,50 storages cross site script attacks,and 10 DOM cross site script attacks.Moreover,in the sample distribution of the classification results,the attack cross site scripts can be distributed in an orderly manner according to the type of attack.
作者
李新荣
谢绍敏
LI Xinrong;XIE Shaomin(School of Computer Engineering,Guilin University of Electronic Science and Technology,Beihai 536000,China)
出处
《现代电子技术》
北大核心
2024年第14期30-34,共5页
Modern Electronics Technique
基金
教育部产学合作协同育人项目:基于线上线下产学融合的《HTML5程序设计》的教学改革与探索(220605211082944)。
关键词
Web前端组件
跨站脚本
攻击检测
网络爬虫
信息抓取
多分类支持向量机
Web front-end components
cross site scripting
attack detection
web crawler
information capture
multi classification support vector machine
