[1]刘宝龙,杨威,陈桦. XML重写攻击检测技术研究[J].计算机技术与发展,2016,26(06):101-105.
 LIU Bao-long,YANG Wei,CHEN Hua. Study on Detecting Technique for XML Rewriting Attack[J].,2016,26(06):101-105.
点击复制

 XML重写攻击检测技术研究()
分享到:

《计算机技术与发展》[ISSN:1006-6977/CN:61-1281/TN]

卷:
26
期数:
2016年06期
页码:
101-105
栏目:
安全与防范
出版日期:
2016-06-10

文章信息/Info

Title:
 Study on Detecting Technique for XML Rewriting Attack
文章编号:
1673-629X(2016)06-0101-05
作者:
 刘宝龙杨威陈桦
 西安工业大学 计算机科学与工程学院
Author(s):
 LIU Bao-longYANG WeiCHEN Hua
关键词:
 XML重写攻击安全策略SOAP Account 验证互补FastXPath重定向攻击多Security头攻击
Keywords:
 XMLrewriting attack security policySOAP Accountverification complementaryFastXPathredirection attackmultiple se-curity header attack
分类号:
TP309.2
文献标志码:
A
摘要:
 细粒度的XML数字签名中存在重写攻击的问题,已有多种方案用来检测XML重写攻击。文中在分析评估了这些检测方案的基础上,讨论了针对各种常见重写攻击类型的安全应对方案以及各种检测方案的最佳应用场景。研究结果表明:安全策略、验证互补(过滤器)、FastXPath以及标记DOM树中元素位置方案能有效地检测到常见的重写攻击方式,且除内联法及验证互补(位置指示器)方案外,已有方案都可应用于有效的检测中间人攻击和重放攻击的场景中。然而,针对修改签名元素上下文关联信息的攻击方式,已有方案都不能检测到。
Abstract:
 There is rewriting attack problem in the fine-grained XML digital signature now. There are several countermeasures can be used to detect XML rewriting attack. It makes a discussion on the security scheme to deal with the common rewriting attacks and the best appli-cation scenarios of the existing detection scheme based on the analysis and evaluation of the existing detection scheme. The study results show that security policy,verification complementary ( filter) ,FastXPath and mark element position scheme in the DOM tree can detect the common attacks effectively and existing scheme can apply to detecting man-in-the-middle attack and repay attack effectively except for inline approach and verification complementary ( position indicator) scheme. However,for attacks against modifying signature element context-sensitive information,all the existing detection scheme can’ t detect.

相似文献/References:

[1]张志宏,吴庆波,邵立松,等.基于飞腾平台TOE协议栈的设计与实现[J].计算机技术与发展,2014,24(07):1.
 ZHANG Zhi-hong,WU Qing-bo,SHAO Li-song,et al. Design and Implementation of TCP/IP Offload Engine Protocol Stack Based on FT Platform[J].,2014,24(06):1.
[2]梁文快,李毅. 改进的基因表达算法对航班优化排序问题研究[J].计算机技术与发展,2014,24(07):5.
 LIANG Wen-kuai,LI Yi. Research on Optimization of Flight Scheduling Problem Based on Improved Gene Expression Algorithm[J].,2014,24(06):5.
[3]黄静,王枫,谢志新,等. EAST文档管理系统的设计与实现[J].计算机技术与发展,2014,24(07):13.
 HUANG Jing,WANG Feng,XIE Zhi-xin,et al. Design and Implementation of EAST Document Management System[J].,2014,24(06):13.
[4]侯善江[],张代远[][][]. 基于样条权函数神经网络P2P流量识别方法[J].计算机技术与发展,2014,24(07):21.
 HOU Shan-jiang[],ZHANG Dai-yuan[][][]. P2P Traffic Identification Based on Spline Weight Function Neural Network[J].,2014,24(06):21.
[5]李璨,耿国华,李康,等. 一种基于三维模型的文物碎片线图生成方法[J].计算机技术与发展,2014,24(07):25.
 LI Can,GENG Guo-hua,LI Kang,et al. A Method of Obtaining Cultural Debris’ s Line Chart Based on Three-dimensional Model[J].,2014,24(06):25.
[6]翁鹤,皮德常. 混沌RBF神经网络异常检测算法[J].计算机技术与发展,2014,24(07):29.
 WENG He,PI De-chang. Chaotic RBF Neural Network Anomaly Detection Algorithm[J].,2014,24(06):29.
[7]刘茜[],荆晓远[],李文倩[],等. 基于流形学习的正交稀疏保留投影[J].计算机技术与发展,2014,24(07):34.
 LIU Qian[],JING Xiao-yuan[,LI Wen-qian[],et al. Orthogonal Sparsity Preserving Projections Based on Manifold Learning[J].,2014,24(06):34.
[8]尚福华,李想,巩淼. 基于模糊框架-产生式知识表示及推理研究[J].计算机技术与发展,2014,24(07):38.
 SHANG Fu-hua,LI Xiang,GONG Miao. Research on Knowledge Representation and Inference Based on Fuzzy Framework-production[J].,2014,24(06):38.
[9]叶偲,李良福,肖樟树. 一种去除运动目标重影的图像镶嵌方法研究[J].计算机技术与发展,2014,24(07):43.
 YE Si,LI Liang-fu,XIAO Zhang-shu. Research of an Image Mosaic Method for Removing Ghost of Moving Targets[J].,2014,24(06):43.
[10]余松平[][],蔡志平[],吴建进[],等. GSM-R信令监测选择录音系统设计与实现[J].计算机技术与发展,2014,24(07):47.
 YU Song-ping[][],CAI Zhi-ping[] WU Jian-jin[],GU Feng-zhi[]. Design and Implementation of an Optional Voice Recording System Based on GSM-R Signaling Monitoring[J].,2014,24(06):47.

更新日期/Last Update: 2016-09-20