130 likes | 240 Views
A Server Solution for Cookie-Stealing-Based XSS Attacks. Jhen -Li Wang, Shih-Jen Chen, Chia-Hao Lee, Fu- Hau Hsu. CSIE@NCU – ADLab , Networks & Multimedia Institute For Information Industry. Stored XSS. Reflected XSS. Stored XSS. Reflected XSS. X S S. How to defend XSS?.
E N D
A Server Solution for Cookie-Stealing-Based XSS Attacks Jhen-Li Wang, Shih-Jen Chen, Chia-Hao Lee, Fu-Hau Hsu CSIE@NCU–ADLab, Networks & Multimedia Institute For Information Industry
Stored XSS Reflected XSS Stored XSS Reflected XSS X S S
How to defend XSS?
We do this… Modify KERNEL
sys_read • do_sock_read • sock_recvmsg • skb_copy_ • datagram_iovec • tcp_recvmsg • inet_recvmsg • memcpy_toiovec • copy_to_user
Web Server Application User mode Kernel mode Cookie Verifier Cookie Cleaner CookieAbstractor Cookie Table Payload Collector Packet 比對cookie 和 IP 檢查table node的時間, 看是否須清除 捉cookie, source IP, 算時間 (Hash table) 儲存cookie(key),IP, 時間 捉封包資料