Browse > Article

A Study of Web Hacking Response Procedures Model based on Diagnosis Studies for Cross-Site Scripting (XSS)Process  

Noh, SiChoon (남서울대학교 컴퓨터학과)
Publication Information
Abstract
When applying web hacking techniques and methods it needs to configure the integrated step-by-step and run an information security. Web hackings rely upon only one way to respond to any security holes that can cause a lot. In this study the diagnostic process of cross-site scripting attacks and web hacking response procedures are designed. Response system is a framework for configuring and running a step-by-step information security. Step response model of the structure of the system design phase, measures, operational step, the steps in the method used. It is designed to secure efficiency of design phase of the system development life cycle, and combines the way in secure coding. In the use user's step, the security implementation tasks to organize the details. The methodology to be applied to the practice field if necessary, a comprehensive approach in the field can be used as a model methodology.
Keywords
Web Hacking; Response Procedures; Diagnosis Studies; Cross-Site Scripting Process;
Citations & Related Records
연도 인용수 순위
  • Reference
1 http://www.owasp.org/index.php/Cross-Site _Request_Forgery
2 OWASP, CSRF Guard, http://www.owasp.org/index.php/CSRF_Guard
3 J. K. Kwon, S. Park and D. K. Sung, "Log-likelihood ratio(LLR) conversion schemes in orthogonal code hopping multiplexing," IEEE Comm. Letters, vol. 7, no. 3, pp. 104-106, Mar. 2003.   DOI   ScienceOn
4 N. Jovanovic, E. Kirda, and C. Kruegel, "Preventing Cross Site Request Forgery attacks", In IEEE International Conference on Security and Privacy in Communication Networks (SecureComm), 2006.
5 Yia-an Huang, Wenke Lee, "A Cooperative Intrusion Detection System for Ad hoc Networks," Proceedings of the 1st ACM Workshop on Security of Ad hoc and Sensor Networks, 2003, pp.135-147.
6 Sichoon Noh, Dong Chun Lee, and Kuimam J. Kim, "Improved Structure Management of Gateway Firewall Systems for Effective Networks Security", Springer, 2003.
7 Stephen Marsh and Mark R. Dibben, "Trust, Untrust, Distrust and Mistrust - An Exploration of the Dark(er) side", iTrust 2005, LNCS 3477, pp. 17-33, 2005.
8 David Gourley and Brian Totty, "HTTP: The Definitive Guide", O'Reilly Media, 2002.
9 Jeom goo Kim . SiChoon Noh,A Study of Step-by-step Countermeasures Model through Analysis of SQL Injection Attacks Code, Mar.2012.
10 Stepen Cost, An Introduction to SQL Injection Attacks, for Oracle develops, 2007.3
11 David Gourley and Brian Totty, "HTTP: The Definitive Guide", O'Reilly Media, 2002.