检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
作 者:刘淼[1] 王斌[1] LIU Miao;WANG Bin(School of Computer Science and Cyber Engineering,Guangzhou University,Guangzhou 510006,China)
机构地区:[1]广州大学计算机科学与网络工程学院,广东广州510006
出 处:《实验室科学》2020年第1期44-48,共5页Laboratory Science
基 金:广州市属高校科研项目(项目编号:1201620342)。
摘 要:针对Web安全二阶漏洞隐藏深、难以检测等特点,设计了Web二阶攻击与防范实验环境,内置了四种常见Web安全二阶漏洞。实验采用任务驱动法教学模式,分阶段循序渐进,教学过程分为Web二阶攻击、漏洞分析和代码修复三个阶段。通过实验,学生能深刻领会Web二阶攻击的存储特性,快速掌握Web安全二阶漏洞检测和防范知识,提高分析和解决Web安全问题的能力。Aiming at characteristics of second-order vulnerabilities of Web security,such as hidden deeply and difficult to detect,an experiment environment for Web security second-order attack and defense is designed,and it has four common Web second-order vulnerabilities.The experiment adopts the task-driven teaching mode and guides students to do it step by step.The teaching process is divided into three stages:Web second-order attacks,vulnerability analysis and code repairing.Through the experiment,students can understand the storage characteristics of Web second-order attacks deeply,grasp how to detect second-order vulnerabilities of Web security quickly and improve their ability to analyze and solve Web security problems.
分 类 号:TP399[自动化与计算机技术—计算机应用技术]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.49
