移动端Web浏览器HTTP流量注入的监控与屏蔽

发布时间：2018-04-28 17:22

本文选题：网络安全 + HTTP流量注入　；参考：《武汉大学学报(理学版)》2017年05期

【摘要】：提出一种在服务器部署前端脚本程序的监控方案,对移动端HTTP流量注入行为进行监控.基于监控数据,对注入内容、注入主体进行分析.分析结果显示,超过4%的移动端Web客户端会话在传输过程中被篡改,这样的篡改包括注入普通广告、注入恶意广告、网络运营商增值服务、恶意代码、虚假访问代码、页面重定向等,注入主体和网络运营商、地域、网络环境有关.基于此,提出了4项针对这些注入的屏蔽方案,包括在服务器部署HTTPS、CSP、部署检测脚本与HTTPS以及在客户端部署访问限制程序等方案,并对这些方案进行测试.测试结果表明,在服务器部署CSP的方案成本低且准确率较高;针对高性能客户端,在客户端部署访问限制程序的方案能有效屏蔽流量注入.
[Abstract]:This paper presents a monitoring scheme for deploying front-end script programs in the server to monitor the HTTP traffic injection behavior on the mobile side. Based on the monitoring data, the content and the main body of the injection are analyzed. The analysis results show that more than 4% of mobile Web client sessions are tampered with during transmission. Such tampering includes injection of ordinary advertisements, injection of malicious advertisements, value-added services of network operators, malicious code, false access codes, etc. Page redirect and so on, injection and network operators, regions, network environment. Based on this, this paper proposes four shielding schemes for these injection, including deploying HTTPS HTTPS on the server, deploying detection script and HTTPS, and deploying access restriction program on the client side, and tests these schemes. The test results show that the scheme of deploying CSP in the server is low in cost and high in accuracy, and the scheme of deploying access limiting program on the client side can effectively shield the traffic injection for the high performance client.
【作者单位】：武汉大学计算机学院;武汉大学空天信息安全与可信计算教育部重点实验室;武汉大学软件工程国家重点实验室;
【基金】：国家自然科学基金资助项目(61373168,U1636107)
【分类号】：TP393.092

【相似文献】