Moving target defense against cross-site scripting

发明授权

US09154492B2 Moving target defense against cross-site scripting 有权

标题翻译：移动目标防御跨站点脚本

请登陆查看更多内容

专利标题： Moving target defense against cross-site scripting
专利标题（中）： 移动目标防御跨站点脚本
申请号： US14497562

申请日： 2014-09-26
公开(公告)号： US09154492B2

公开(公告)日： 2015-10-06
发明人: Bei-Tseng Chu , Joe Portner , Joel Kerr , Ehab Al-Shaer
申请人： Bei-Tseng Chu , Joe Portner , Joel Kerr , Ehab Al-Shaer
申请人地址： US NC Charlotte
专利权人： The University of North Carolina at Charlotte
当前专利权人： The University of North Carolina at Charlotte
当前专利权人地址： US NC Charlotte
代理机构： Clements Bernard PLLC
代理商 Christopher L. Bernard; Lawrence A. Baratta, Jr.
主分类号： H04L29/06
IPC分类号： H04L29/06 ; H04L29/08 ; G06F21/12 ; G06F21/51

摘要：

A method, in a server, implementing a moving target defense against cross-site scripting includes receiving a request for a web page, wherein the server has N versions of the web page each with a mutated version of JavaScript; selecting a web page of the N versions; and sending an indication of the mutated version of JavaScript associated with the web page in response to the request. Another method, in a client device, using a moving target defense against cross-site scripting includes requesting a web page; receiving an indication of a mutated version of JavaScript for the web page; and adjusting a JavaScript interpreter based on the mutated version of JavaScript for the web page.

摘要（中）：

在服务器中实现针对跨站点脚本的移动目标防御的方法包括接收对网页的请求，其中服务器具有网页的N个版本，每个版本具有变体版本的JavaScript; 选择N个版本的网页; 以及响应于所述请求发送与所述网页相关联的所述JavaScript的突变版本的指示。在客户端设备中使用针对跨站点脚本的移动目标防御的另一种方法包括请求网页; 接收针对该网页的变异版本的JavaScript的指示; 并根据网页的变体版本的JavaScript调整JavaScript解释器。

公开/授权文献

US20150096006A1 MOVING TARGET DEFENSE AGAINST CROSS-SITE SCRIPTING 公开/授权日：2015-04-02

信息查询

Espacenet