基于正则匹配的新型跨站脚本攻击的检测方案

With the development of network, information security is becoming more and more important. Cross site scripting attack is one of the top three network threats. With the emergence of HTML5, the form of cross site scripting attacks has become more and more complex. In the past detection strategies, the detection of new attack vectors is not perfect. And there is no good detection method for multi-layer nested attack vector. In order to detect the new attack vector, this paper proposes a detection algorithm based on regular expression. The algorithm analyzes the new features in HTML5, divides the attack pattern of cross site script attack vector into elements, uses the hierarchical traversal method to extract and detectResearch on new detection method of cross site scripting attack the trigger points of multi-layer nested attack vector, and finally adds the threat domain knowledge To judge the data source of cross site script. Experimental results show that the algorithm can achieve high accuracy and coverage rate, as well as low missing report rate.