- 资源介绍
- 更新记录
- 安装教程
若有个人部署运行问题,点击右侧客服按钮咨询站长
站长联系方式
QQ:3484724101
摘 要
计算机互联网的出现极大的改变了人们的生活方式与工作习惯,大量的共享信息给人们带来了各方面的便利,但与此同时由于互联网本身的开放性、脆弱性使得互联网面临的安全问题也日益突显。互联网上的Web站点几乎时刻都面临着拒绝服务攻击、木马注入、跨站脚本等恶意攻击,并常因此导致服务中断、网站内容被恶意篡改、客户信息泄露等严重后果,极大的削弱了Web站点的稳定性,同时也严重影响了用户对Web站点的信心。更值得关注的是,网页木马由于其制作的简捷性、传播速度快、变种形式多样、破坏力强、挂马方式的多样性等原因使其成为最为广泛的网络攻击手段并大行其道,给网络安全造成了极大威胁和负担。
结合上述网络安全现状,本论文主要针对网站安全需求,Web服务器往往得不到传统防御方式的有效保护,使其成为整个网络环境中安全最薄弱的地方。缓冲区溢出、SQL注入、基于脚本的DDos、盗链和跨站等攻击行为对Web服务器的安全和稳定造成极大的威胁,而目前缺少有效的防御和保护的方式。本课题中首先调研了当前Web服务器所面对的威胁,然后针对这些安全威胁设计了一套木马检测系统,并通过ISAPI实现了对Windows平台下的IIS服务器的保护。在这套木马检测系统中,可以通过制定策略来检测所有访问Web服务器的行为,可以有效地阻止恶意攻击从而保护Web服务器的安全。这套木马检测系统的策略引擎可以加载和调用Lua语言编写的策略脚本,使策略脚本的编写更加简单。
论文在总体设计的基础上,完成了系统功能模块的实现,并对系统的功能和性能进行了测试,结果显示所实现系统满足网站安全检测需求,具有较好的可用性。
关键词:网络爬虫,网页源码解析,网页挂马,木马特征库,ISAPI 的解析
Abstract
The emergence of the computer Internet has greatly changed people’s way of life and work habits, a large amount of information sharing has brought people convenience in all aspects, but at the same time, due to the openness of the Internet itself, Vulnerability makes the security problems facing the Internet increasingly prominent. Web sites on the Internet almost always face malicious attacks such as denial of service attacks, Trojan horse injection, cross-site scripts, and so on, which often lead to service disruption, malicious tampering with website content, and serious consequences such as customer information disclosure. Greatly weakened the stability of the Web site, but also seriously affected the user confidence in the Web site. It’s worth it. Note: because of its simplicity, high speed of transmission, variety of forms, strong destructive power and so on, the web Trojan horse has become the most widely used means of network attack. To the network security caused the great threat and the burden.
Combined with the above network security situation, this paper mainly aims at the website security demand, the Web server often can not be effectively protected by the traditional defense mode, making it become the weakest place in the whole network environment. Buffer overflow, SQL injection, DDos, chain theft based on script and cross-station attacks pose a great threat to the security and stability of Web server, but there is a lack of effective defense and protection methods. In this paper, the threats to the current Web server are investigated, and then a Trojan horse detection system is designed for these security threats, and the Win is realized through ISAPI. Dows platform under the IIS server protection. In this Trojan detection system, we can make a policy to detect all access to Web servers, and can effectively prevent malicious attacks to protect the security of Web servers. The policy engine of the Trojan detection system can load and call the policy script written in Lua language, which makes the writing of policy script easier.
On the basis of the overall design, the realization of the system function module is completed, and the function and performance of the system are tested. The results show that the system meets the requirements of website security detection and has good usability.
Keywords: Web crawler, web page source code analysis, web page hanging horse, Trojan horse feature library, Analysis of ISAPI
目 录
4.1.1 使用ISAPI Filter获取Http报文信息 11
4.1.3 在服务器上的安装配置ISAPI Filter 14
猜你喜欢
-
某钢厂脱硫系统智能化超低排放改造设计毕业论文+审题表+任务书+外文翻译及原文+cad图纸
2021-06-08 -
西安电子科技大学网络教育本科生毕业论文(设计)规范
2021-06-08 -
变桨距风力发电机液压系统设计 说明书(论文)+开题报告+cad图纸
2021-06-08 -
风力发电机齿轮增速器设计说明书论文(1500千瓦水平轴)+cad图纸
2021-06-09 -
基于PLC的交通信号灯模拟控制系统的设计毕业设计论文+任务书+评分表
2021-06-08 -
某矿井煤矿机电设备选型设计说明书(论文)+开题报告+外文翻译及原文+答辩PPT+CAD图纸
2021-06-08 -
壳型注塑模模具设计与数控加工设计论文+答辩PPT
2021-06-10 -
基于.NET的门诊药品查询系统的设计与实现毕业论文+设计源码
2021-06-08 -
Win2012设置RAID 5 毕业设计论文+评定表
2021-06-08 -
插件机工作台设计说明书(论文)+任务书+开题报告+cad图纸+工艺卡片+Solidworks三维模型
2021-06-08
-
宜宾县中学生课外参与足球活动调查研究毕业论文
2021-06-10 -
基于SSH框架的选题系统设计与实现毕业论文+文献综述+运行说明+源码及数据库+演示视频
2021-06-08 -
富蕴八钢球厂35kv降压变电所初步设计毕业论文+初稿+答辩PPT+设备表+CAD图纸
2021-06-09 -
六旋翼无人机(飞行器)设计毕业论文+任务书+开题+文综+翻译及原文+cad图纸
2021-06-09 -
新疆科技学院本科毕业论文(设计)材料清单与装订顺序
2021-06-08 -
基于Python的豆瓣Top250排行榜影片数据爬取和分析毕业论文+开题报告+答辩PPT+视频讲解+项目源码及运行结果
2021-06-08 -
基于JavaWeb的电子政系统设计与实现 毕业论文+任务书+开题报告+英文文献及翻译+实习报告+答辩PPT+项目源码及数据库文件
2021-06-08 -
某学生住宅楼设计计算说明书(论文)+任务书+建筑结构cad图纸
2021-06-08 -
基于SSH的网上购物系统设计与实现毕业论文+任务书+中期表+翻译及原文+答辩PPT+源码+数据库+辅导视频
2021-06-08 -
基于SSH的二手图书在线交易平台设计与实现毕业论文+任务书+开题报告+文献综述+外文翻译及原文+答辩PPT+项目源码及数据库文件
2021-06-08
猜你在找
99源码网 » WEB网站安全检测系统设计与实现毕业论文+选题表+开题报告+源码
常见问题FAQ
- 免费下载或者VIP会员专享资源能否直接商用?
- 本站所有资源版权均属于原作者所有,这里所提供资源均只能用于参考学习用,请勿直接商用。若由于商用引起版权纠纷,一切责任均由使用者承担。更多说明请参考 VIP介绍。
- 提示下载完但解压或打开不了?
- 找不到素材资源介绍文章里的示例图片?
- 99源码网
- 2021-06-10Hi,初次和大家见面了,请多关照!