Request and Response Analysis Framework for Mitigating Clickjacking Attacks

Hossain Shahriar; Hisham Haddad; Vamshee Krishna Devendran

首页> 外文期刊>International journal of secure software engineering >Request and Response Analysis Framework for Mitigating Clickjacking Attacks

【24h】

Request and Response Analysis Framework for Mitigating Clickjacking Attacks

机译：缓解点击劫持攻击的请求和响应分析框架

获取原文

获取原文并翻译 | 示例

掌桥外文数据库（机构版） >>

开具论文收录证明 >>

文献代查 >>

页面导航

摘要
著录项
相似文献
相关主题

摘要

This paper addresses the detection of clickjacking attacks, which is an emerging web application security issue. The authors propose a web application request and response page analysis framework to detect clickjacking attacks. Their framework considers not only inspects visual features related to frame, JavaScript code pattern in details to match with known attack signatures. The proposed approach is able to detect advanced clickjacking attacks such as cursor)'acting, double click, and history object-based attacks. The authors evaluate the proposed approach with a set of legitimate and malicious websites. The results indicate that their approach has low false positive and false negative rates. The overhead imposed by the proposed approach is negligible.

机译：本文介绍了点击劫持攻击的检测，这是一个新兴的Web应用程序安全问题。作者提出了一个Web应用程序请求和响应页面分析框架，以检测点击劫持攻击。他们的框架不仅考虑详细检查与框架相关的视觉特征，JavaScript代码模式，以与已知的攻击特征相匹配。所提出的方法能够检测高级的点击劫持攻击，例如光标行为，双击和历史基于对象的攻击。作者使用一组合法和恶意的网站评估了该方法。结果表明，他们的方法具有较低的假阳性率和假阴性率。所提出的方法所产生的开销可以忽略不计。

著录项

来源
《International journal of secure software engineering》 |2015年第3期|1-25|共25页
作者
Hossain Shahriar; Hisham Haddad; Vamshee Krishna Devendran;
展开▼
作者单位

Department of Information Technology, Kennesaw State University, Marietta, GA, USA;

Department of Computer Science, Kennesaw State University, Marietta, GA, USA;

Department of Information Technology, Kennesaw State University, Marietta, Georgia, USA;

展开▼
收录信息
原文格式 PDF
正文语种 eng
中图分类
关键词
Clickjacking; Client-side Framework; Double Clickjacking; Framebusting; iframe; UI Redressing; X-Frame-Options;

机译：点击劫持;客户端框架;双重点击劫持;爆破;iframe;UI修复;X框架选项;

相似文献

外文文献
中文文献
专利

1. Securing Social Sites-Mitigating Clickjacking Attacks [J] . Anjana Joyce Vinod, N. Harini Asian Journal of Information Technology . 2017,第7期

机译：保护社交网站-缓解点击劫持攻击
2. Securing Social Sites-Mitigating Clickjacking Attacks [J] . Anjana Joyce Vinod, N. Harini Asian Journal of Information Technology . 2017,第7期

机译：保护社交网站-缓解点击劫持攻击
3. Distributed Denial-of-Service Attack Detection and Mitigation Using Feature Selection and Intensive Care Request Processing Unit [J] . Bharot Nitesh, Verma Priyanka, Sharma Sangeeta, Arabian Journal for Science and Engineering . 2018,第2期

机译：使用特征选择和重症监护请求处理单元的分布式拒绝服务攻击检测和缓解
4. Modelling and Mitigation of Cross-Origin Request Attacks on Federated Identity Management Using Cross Origin Request Policy [C] . Akash Agrawall, Shubh Maheshwari, Projit Bandyopadhyay, International conference on information systems security . 2017

机译：使用跨源请求策略对联合身份管理上的跨域请求攻击进行建模和缓解
5. Mitigating phishing attacks: A detection, response and evaluation framework. [D] . Ceesay, Ebrima N. 2008

机译：缓解网络钓鱼攻击：一种检测，响应和评估框架。
6. A qualitative evaluation of Southwark Council’s public health response to mitigating the mental health impact of the 2017 London bridge and borough market terror attack [O] . Sandra Jumbe, Adrienne Milner, Megan Clinch, 2021

机译：对南武汉委员会的公共卫生反应的定性评价以减轻2017年伦敦桥梁和自治市镇市场恐怖袭击的心理健康影响
7. A self-healing framework to combat cyber attacks. Analysis and development of a self-healing mitigation framework against controlled malware attacks for enterprise networks. [O] . Alhomoud Adeeb M. 2014

机译：打击网络攻击的自我修复框架。分析和开发针对企业网络的受控恶意软件攻击的自我修复缓解框架。

Request and Response Analysis Framework for Mitigating Clickjacking Attacks

摘要

著录项

相似文献

相关主题

期刊订阅