針對網路攻擊與防護,經過歷年來的研究,已經建立一套基礎的研究成果。相關的研究顯示,網路上的injection attack,早已是一種有效且危險的攻擊手法。注入攻擊(Injection attack)是透過網站中的注入點(injection point),將惡意的攻擊字串輸入其中,藉以達到觀察回應並偷取資料,或破壞、癱瘓伺服器、甚至是取得伺服器的控制權等目的。 本論文提出一套多層次過濾規則搭配機制,透過injection point的尋找以及檢測,找出可能有弱點的injection point。以injection point為測試單位,找出適合各injection point的規則搭配組合。並以實驗結果分析說明,此套弱點分析測試架構,相較於以往使用單一規則過濾的好處。
Numbers of the programs are poorly written, lacking even the most basic security procedures for handling input data from users. The input validation vulnerability can be detected by many tools but few tools can fix the flaws automatically. The security gateway can used to protect vulnerable Web sites immediately but it may induce false recognition through impersonal rule. By means of hybrid analysis and injection test, the Web pages having vulnerability can be listed. Only those in vulnerable list need to be checked completely, so as to mitigate the system load and false positives effectively. Moreover an algorithm based on multilevel strategy is proposed producing individual sanitizing rule automatically for every vulnerable injection point. To meet the aim of automated validation, the hybrid analyzer, the testing framework and the meta-programs are integrated into a sanitizing mechanism after we analyze the data flow. According to the experimental results, the mechanism has been proved to be a more effective scheme than those traditional input handling methods for mitigating malicious injection.