计算机应用与软件2016,Vol.33Issue(12):295-300,6.DOI:10.3969/j.issn.1000-386x.2016.12.069
基于HTML5WebWorker组件的DDoS攻击方式和检测
ATTACKS AND DETECTION OF DDOS BASED ON HTML5 WEBWORKER
摘要
Abstract
HTML5 has become the most popular interface development language of major websites.Multi-threaded component—WebWorker based on HTML5 has strong invisibility and imperceptibility which can be combined with XSS bug,forming attacks on the target web system by the DDoS attacking way which can be achieved by hacker.Thus,three detection schemes are proposed to against the DDoS attack.The first one is the detection scheme of simulating browser by simulating browser to detect the target website.The second one is the detection scheme of browser plug-in combined with cloud detection platform.The browser plug-in dynamically monitors the speed of sending requests from users’browser to the server,and assists cloud detection platform promptly to notify the administrator whose website was implanted malicious code.The third one is the detection scheme of JS hook system combined with cloud detection platform.It can track the condition of users’WebWorker conveniently and effectively by implanting hook procedures to the weak web application,and report to cloud detection platform to analysis in time.For malicious attacks,cloud detection platform will also notice the administrator in time that whose website was implanted malicious code.So,the attack can be nipped in the bud by the top three detection schemes.关键词
HTML5/Web Worker/分布式拒绝服务/攻击/检测Key words
HTML5 WebWorker/Distributed Denial of Service(DDoS)/Attack/Detection分类
信息技术与安全科学引用本文复制引用
刘麒,徐阳,吕婷,胡新磊,李华..基于HTML5WebWorker组件的DDoS攻击方式和检测[J].计算机应用与软件,2016,33(12):295-300,6.基金项目
国家自然科学基金项目(61163011;61262082);内蒙古自然科学基金项目(2012MS0922);2014年国家级大学生创新训练计划项目(201410126044)。 ()
