研究生: |
翁浩正 Hao-Cheng Own |
---|---|
論文名稱: |
網頁安全防禦系統之設計與實現 Design and Implementation of Web Security Defense System |
指導教授: |
吳宗成
Tzong-Chen Wu |
口試委員: |
查士朝
Shi-Cho Cha 羅乃維 Nai-Wei Lo |
學位類別: |
碩士 Master |
系所名稱: |
管理學院 - 資訊管理系 Department of Information Management |
論文出版年: | 2012 |
畢業學年度: | 100 |
語文別: | 中文 |
論文頁數: | 57 |
中文關鍵詞: | 網頁安全 、代理伺服器 、惡意網頁 、堆積擴展填充 、防禦系統 |
外文關鍵詞: | Web Security, Proxy Server, Malicious Web Pages, Heap Spraying, Defense System |
相關次數: | 點閱:326 下載:11 |
分享至: |
查詢本校圖書館目錄 查詢臺灣博碩士論文知識加值系統 勘誤回報 |
網路急速發展,網路為主的應用服務大量增加,網站上的惡意攻擊近年來也跟著大量增加。根據2011年10月份「Symantec Intelligence Report」報告指出,每天有 3,325 個惡意網站被 Symantec 阻擋,10月份更有高達43.9% 的新惡意網站被阻擋。由此數據可見惡意網站的成長速度十分快速,而太多新種類攻擊、零時差攻擊,只依賴傳統防護設備是不足的。本研究實作基於代理伺服器之網頁安全防禦系統,將使用者瀏覽的網頁先經過數種偵測核心分析,若檢測到可疑的存取,將直接阻擋,防止使用者遭到攻擊。除防禦外並兼顧跨平台、輕量化及高效能等優點。
The growth of the Internet and Web Applications has been very fast. To attack efficiently, attackers perform large numbers of malicious attacks on web applications. According to the “Symantec Intelligence Report, October 2011,” 43.9% of all sites blocked by Symantec are malicious sites. Statistics show that the growth rate of malicious sites is very fast. There are numerous new attack techniques and Zero-Day attacks. It is not enough if we only rely on traditional protection devices. Our research has designed a web security defense system based on proxy server. Every HTTP request and response is analyzed by several detection modules. If a malicious action is detected, our system will block the action to protect the user. Additionally, our system offers the advantages of being cross-platform, lightweight and high performance.
[Ale11] Alexa, “Alexa Top Sites,”
http://www.alexa.com/topsites, 2011.
[CVE11] Common Vulnerabilities and Exposures
http://cve.mitre.org/, 2011.
[Daf11] DaftLogic, “Online JavaScript Obfuscator,” http://www.daftlogic.com/projects-online-javascript-obfuscator.htm, 2011.
[GSB11] Google, “Google Safe Browsing API,”
http://code.google.com/apis/safebrowsing/, 2011.
[Hsu11] C.Y Hsu, “Detection of JavaScript based Heapspray Attacks,” 2011.
[IEI04] SkyLined, “Internet Explorer IFRAME src&name parameter BoF remote compromise,”
http://skypher.com/wiki/index.php/Www.edup.tudelft.nl/~bjwever/advisory_iframe.html.php, 2004.
[IHF08] A. Ikinci, T. Holz, and F. Freiling, “MonkeySpider: Detecting Malicious Websites with LowInteraction Honeyclients,” Proceedings of Sicherheit 2008, 2008.
[KKVJ06] E. Kirda, C. Kruegel, G. Vigna, and N. Jovanovic, “Noxes: A client-side solution for mitigating cross-site scripting attacks.” In 21st ACM Symposium on Applied Computing (SAC), 2006.
[LLL08] C. H Lin, J. C Liu, and C. C Lien, “Detection Method Based on Reverse Proxy against Web Flooding Attacks,” 8th International Conference on Intelligent Systems Design and Applications (ISDA-2008), Kaohsiung City, Taiwan, November 26-28, 2008, pp.281-284.
[MDL11] Malware Domain List http://www.malwaredomainlist.com/, 2011.
[MDB11] Malware Domain Blocklist
http://www.malwaredomains.com, 2011.
[MDA11] Malware Database (AMaDa)
http://amada.abuse.ch, 2011.
[MF11] Metasploit Framework
http://metasploit.com, 2011.
[Mila11] Mila, Contagiodump
http://contagiodump.blogspot.com/, 2011.
[MSB01] Microsoft “Microsoft Security Bulletin MS01-033,”
http://technet.microsoft.com/en-us/security/bulletin/ms01-033, 2001.
[Oec03] P. Oechslin, “Making a Faster Cryptanalytic Time-Memory Trade-Off,” Crypto 2003.
[OTT10] OWASP, “OWASP Top Ten,”
http://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project, 2010.
[ODP09] OWASP, “OWASP DirBuster Project,”
https://www.owasp.org/index.php/Category:OWASP_DirBuster_Project, 2009.
[PBS11] PortSwigger, “Burp Suite,”
http://portswigger.net/burp/, 2011.
[Py11] Python Programming Language http://python.org/, 2011.
[Rai11] RainbowCrack Project, http://project-rainbowcrack.com/, 2011.
[RLZ09] P. Ratanaworabhan, B. Livshits, and B. Zorn, “NOZZLE: A defense against heap-spraying code injection attacks,” Proceedings of the 18th USENIX Security Symposium, Augest 2009.
[SB09] Simon Berry-Byrne, “Mozilla Firefox 3.5 (Font tags) Remote Buffer Overflow Exploit,” http://www.exploit-db.com/exploits/9137/, 2009.
[Sno11] Snort, The open source network intrusion detection system, http://www.snort.org/, 2011.
[Sot07] A. Sotirov, “Heap feng shui in JavaScript,” Proceedings of Blackhat Europe, 2007.
[Squ11] Squid: Optimising Web Delivery
http://www.squid-cache.org/ , 2011.
[Twi11] Twisted http://twistedmatrix.com/trac/ , 2011.
[WPLK09] P. Wurzinger, C. Platzer, C. Ludl, E. Kirda, and C. Kruegel, “SWAP: Mitigating XSS Attacks using a Reverse Proxy,” SESS’09, May 19, 2009.