English  |  正體中文  |  简体中文  |  Items with full text/Total items : 52047/87178 (60%)
Visitors : 8708892      Online Users : 102
RC Version 7.0 © Powered By DSPACE, MIT. Enhanced by NTU Library & TKU Library IR team.
Scope Tips:
  • please add "double quotation mark" for query phrases to get precise results
  • please goto advance search for comprehansive author search
  • Adv. Search
    HomeLoginUploadHelpAboutAdminister Goto mobile version
    Please use this identifier to cite or link to this item: http://tkuir.lib.tku.edu.tw:8080/dspace/handle/987654321/52142

    Title: 網頁應用程式攻擊之研究 : 以淡江大學為例
    Other Titles: A study of web application attack : a case study of Tamkang university
    Authors: 姚依君;Yau, Yi-jiun
    Contributors: 淡江大學資訊管理學系碩士班
    Keywords: 網頁攻擊;網頁應用程式安全;網頁應用程式弱點;Web Application Security;Web Application Vulnerability
    Date: 2010
    Issue Date: 2010-09-23 16:55:01 (UTC+8)
    Abstract: Cenzic於《2009年1~2季度web應用安全趨勢報告》中評估,9成的網頁應用程式皆有資料外洩、跨站攻擊等弱點,並指出,2009年上半年發現3,100多個安全弱點,其中有78%屬於網頁應用程式弱點,較2008年下半年發現的弱點數量增加了10%以上。依目前網頁應用程式安全現況,一旦遭惡意攻擊,必然造成影響,而事後處理,往往可能造成資訊外洩等嚴重損害。

    Cenzic "Web Application Security Trends Report Q1-Q2, 2009" pointed out that 90 percent of Web Applications were invaded by data leakage, cross-site attacks. During the first half of 2009, Cenzic discovered that the total number of reported vulnerabilities were up to 3100 incidents, and the percentage of Web vulnerabilities continued account for 78 percent, compared with the weaknesses found in the second half of 2008 increased by 10%. According to the present status of Web Application security, once the malicious attacks occur, often cause serious damage. While the post-processing often leads to inevitably affects on information leaks.
    For the reason above, we take Tamkang University Web Application vulnerability as an experiment with an view to observe the outcome through scanning tools and detect the application potential of weakness. The summary contains 11 methods of attack for the cyber administrator to test web applications as a defend reference. As for Web Application security condition, in order to advance insight into the potential of Web Application vulnerabilities.The distribution of Tamkang University Web Applications vulnerabilities is consisted as below: Information leakage and improper error handling 23.26%; Insecure direct object reference 15.95%; Failure to restrict URL access 14.95% and other 45.84%. While the invasion of penetration test results, the actual cause viewers, back-end database administrator password was stolen and other information with the page was to edit a serious threat 21.05%, a total of three important Web Applications related account password; modify the content of 5 web applications. We hoped that through the Web Application vulnerability analysis, and 11 methods of attack for the defenders and future web applications developers could find problems earlier than the hackers do.
    Appears in Collections:[資訊管理學系暨研究所] 學位論文

    Files in This Item:

    File SizeFormat

    All items in 機構典藏 are protected by copyright, with all rights reserved.

    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library & TKU Library IR teams. Copyright ©   - Feedback