Java Web反序列化网络安全漏洞分析  

Analysis of Java Web Unserialization Network Security Vulnerabilities

在线阅读下载全文

作  者:张晨 ZHANG Chen(Department of Software Engineering,Xiamen College of Software Technology,Xiamen 361024,China)

机构地区:[1]厦门软件职业技术学院软件工程系,福建厦门361024

出  处:《四川职业技术学院学报》2022年第5期158-162,168,共6页Journal of Sichuan Vocational and Technical College

摘  要:Web应用的网络安全漏洞层出不穷,用户的隐私和数据等信息安全问题面临着严重威胁。反序列化漏洞因其利用门槛低、影响范围广的特点,已成影响Java Web网络安全重要因素之一。文章结合实例分析了Java Web反序列漏洞的特点,阐述了Java Web反序列化网络安全漏洞分析、代码审计的基本思路,对于有效识别和修复反序列化漏洞,保障网络安全具有参考意义。The network security vulnerabilities of web applications emerge one after another,and the information security problems such as user privacy and data are facing a serious threat.Deserialization vulnerability has become one of the important factors affecting Java Web network security because of its low utilization threshold and wide influence range.Combined with examples,this paper analyzes the characteristics of Java Web deserialization vulnerabilities,and expounds the basic ideas of Java Web deserialization network security vulnerability analysis and code audit,which has reference significance for effectively identifying and repairing deserialization vulnerabilities and ensuring network security.

关 键 词:网络安全 漏洞分析 WEB安全 Java反序列化 

分 类 号:TP309.5[自动化与计算机技术—计算机系统结构]

 

参考文献:

正在载入数据...

 

二级参考文献:

正在载入数据...

 

耦合文献:

正在载入数据...

 

引证文献:

正在载入数据...

 

二级引证文献:

正在载入数据...

 

同被引文献:

正在载入数据...

 

相关期刊文献:

正在载入数据...

相关的主题
相关的作者对象
相关的机构对象