摘要
跨站脚本攻击是一种特殊的Web客户端脚本注入攻击手段,目前对于跨站脚本攻击缺乏有效的防御措施。针对这一问题,提出一种采用决策树分类算法检测跨站脚本攻击的方法,该方法将Web应用程序中容易受到跨站脚本攻击的元素和对象作为特征属性,利用决策树算法对特征属性的取值进行分类,以此对跨站脚本攻击进行检测。实验结果表明,该方法能够有效解决跨站脚本攻击的检测问题。
Cross site scripting (XSS) is a special kind of Web client script injection attacks. Aiming at the lack of effective prevention measures against XSS, a method is proposed by adopting the decision tree to set the detection. It takes the attributes which are vulnerable to cross site scripting attack as feature attributes, and takes decision tree to detect XSS base on feature attribute values. Experimental results show that this method can effectively detect XSS attack.
出处
《微型机与应用》
2015年第16期55-57,61,共4页
Microcomputer & Its Applications
基金
国家自然科学基金项目(61300180)
中央高校基本科研业务费专项资金资助项目(TD2014-01)
