Mechanism and prevention of cross-domain Web page malicious code

doi:10.3778/j.issn.1002-8331.2010.21.038

Computer Engineering and Applications ›› 2010, Vol. 46 ›› Issue (21): 135-137.DOI: 10.3778/j.issn.1002-8331.2010.21.038

• 网络、通信、安全 • Previous Articles Next Articles

Mechanism and prevention of cross-domain Web page malicious code

LI Zhi-yong¹，XUE Liang²，TAO Ran¹，ZHANG Hao¹

1.School of Information Technology，Beijing Institute of Technology，Beijing 100081，China
2.Navy Academy of Armament，Beijing 100161，China

Received:2009-04-02 Revised:2009-05-18 Online:2010-07-21 Published:2010-07-21
Contact: LI Zhi-yong

跨安全域网页恶意代码运行机理与防范

李志勇¹，薛亮²，陶然¹，张昊¹

1.北京理工大学信息科学技术学院，北京 100081
2.海军装备研究院，北京 100161

通讯作者: 李志勇

Abstract

Abstract: The Web page malicious code is a main way for the trojan to spread.Many trojan programs can be made as Web page malicious code to spread and do harm to users.The operation mechanism of Web page malicious code is analysed.The method that Web malicious code crosses the security domain is discussed.The reasons of cross-domain vulnerability are analysed.Then methods are given to prevent the cross-domain Web page malicious code in the developer’s view，in order to provide a safe network environment for Internet users.

Key words: Web page malicious code, security domain, cross-domain vulnerability

摘要： 网页恶意代码是木马用来传播的主要方式之一，各种有危害性的木马都可以做成网页恶意代码来传播危害用户，通过分析网页恶意代码的运行机理，对其中网页恶意代码实现跨安全域的方法进行深入探讨，分析跨域漏洞形成原因，从程序开发人员的角度给出跨域网页恶意代码的防范方法，为上网用户提供安全的网络环境。

关键词: 网页恶意代码, 安全域, 跨域漏洞

CLC Number:

TP309.5

LI Zhi-yong¹，XUE Liang²，TAO Ran¹，ZHANG Hao¹. Mechanism and prevention of cross-domain Web page malicious code[J]. Computer Engineering and Applications, 2010, 46(21): 135-137.

李志勇¹，薛亮²，陶然¹，张昊¹. 跨安全域网页恶意代码运行机理与防范[J]. 计算机工程与应用, 2010, 46(21): 135-137.

Mechanism and prevention of cross-domain Web page malicious code

跨安全域网页恶意代码运行机理与防范

PDF

Knowledge

Abstract

Cite this article

share this article

References

Related Articles 1

Recommended Articles

Metrics