基于HTML5 WebWorker组件的DDoS攻击方式和检测  被引量：1

作　　者：刘麒[1] 徐阳[1] 吕婷[1] 胡新磊[1] 李华[1,2] 

机构地区：[1]内蒙古大学计算机学院,内蒙古呼和浩特010021 [2]内蒙古大学网络信息中心,内蒙古呼和浩特010021

出　　处：《计算机应用与软件》2016年第12期295-300,共6页Computer Applications and Software

基　　金：国家自然科学基金项目(6116301161262082);内蒙古自然科学基金项目(2012MS0922);2014年国家级大学生创新训练计划项目(201410126044)

摘　　要：HTML5已成为各大网站前端开发的首选语言。基于HTML5的多线程组件Web Worker具有极强的隐蔽性和不易察觉的特点,可以结合网站的XSS漏洞,对目标Web系统形成DDo S攻击,成为攻击者发起攻击的一种方式。针对这种攻击方式,提出三种检测方案:1模拟浏览器检测方案,通过模拟浏览器对目标站点进行检测。2浏览器插件配合云检测平台的检测方案,通过浏览器插件对用户浏览器与服务端发送请求速率进行动态监控,并协助云检测平台及时通知被植入恶意代码的网站管理员。3 JS钩子系统配合云检测平台检测方案,通过对容易遭受攻击的网络应用植入钩子程序,可以方便有效地监测用户使用Web Worker发送请求的情况,并及时上报至云检测平台进行分析,对于恶意攻击的行为会通知被植入恶意代码的管理员及时处理。通过以上三种方式将这种攻击防患于未然。HTML5 has become the most popular interface development language of major websites. Multi-threaded component-- WebWorker based on HTML5 has strong invisibility and imperceptibility which can be combined with XSS bug, forming attacks on the target web system by the DDoS attacking way which can be achieved by hacker. Thus, three detection schemes are proposed to against the DDoS attack. The first one is the detection scheme of simulating browser by simulating browser to detect the target website. The second one is the detection scheme of browser plug-in combined with cloud detection platform. The browser plug-in dynamically monitors the speed of sending requests from users＇ browser to the server, and assists cloud detection platform promptly to notify the administrator whose website was implanted malicious code. The third one is the detection scheme of JS hook system combined with cloud detection platform. It can track the condition of users＇ WebWorker conveniently and effectively by implanting hook procedures to the weak web application, and report to cloud detection platform to analysis in time. For malicious attacks, cloud detection platform will also notice the administrator in time that whose website was implanted malicious code. So, the attack can be nipped in the bud by the top three detection schemes.

关 键 词：HTML5 WebWorker 分布式拒绝服务 攻击 检测 

分 类 号：TP309.1[自动化与计算机技术—计算机系统结构]