科技广场Issue(7):72-77,6.
浅析CSRF 攻击方式及防御技术研究
Brief Analysis of CSRF Attack Methods and Preventive Technology
孙丹1
作者信息
- 1. 江西省计算技术研究所,江西 南昌 330003
- 折叠
摘要
Abstract
CSRF(Cross-Site Request Forgery)is a kind of Web attack on the Internet. The attack deceives the web server by sending forgery requests to the web server. This paper gives the principles and attack ways of CSRF vulnera-bility. At the same time,it analyzes the new utilization of CSRF based on multi-step scene and bypassing the token limits. The paper puts forward some corresponding measures for preventing the CSRF attack.关键词
跨站伪造请求攻击/CSRF/Web服务器/多步场景/TokenKey words
Cross-Site Request Forgery/CSRF/Web Server/Multi-Step Scene/Token分类
信息技术与安全科学引用本文复制引用
孙丹..浅析CSRF 攻击方式及防御技术研究[J].科技广场,2016,(7):72-77,6.
