Administration:Ministry of Industry and Information Technology of the People's Republic of China
Sponsored by:Posts & Telecom Press Co,.LTD
Published by: China InfoCom Media Group
ISSN 2096-109X CN 10-1366/TP
Xiao-shuang ZHANG,Yi-ling XU,Yuan LIU. Discovery and research of network security vulnerabilities based on Web application[J]. Chinese Journal of Network and Information Security, 2016, 2(6): 58-65.
PARVEZ M , ZAVARSKY P , KHOURY N . Analysis of effective-ness of black-box web application scanners in detection of stored SQL injection and stored XSS vulnerabilities[C]// The 10th Interna-tional Conference for Internet Technology and Secured Transac-tions (ICITST),IEEE.c 2015:186-191.
[2]
SHAR L K , TAN H B K . Auditing the XSS defence features im-plemented in Web application programs[J]. Software,IET, 2012,6 (4):377-390.
[3]
SADEGHIAN A , ZAMANI M ' MANAF A A . A taxonomy of SQL injection detection and prevention techniques[C]// 2013 Interna-tional Conference on Informatics and Creative Multimedia (ICICM),IEEE.c 2013:53-56.
[4]
SATHYANARAYAN S , QI D , LIANG Z , et al. SQLR:gram-mar-guided validation of SQL injection sanitizers[C]// 2014 19th International Conference on Engineering of Complex Computer Systems (ICECCS),IEEE.c 2014:154-157.
[5]
YOON E J , YOO K Y . A new authentication scheme for session initiation protocol[C]// International Conference on Complex,Intel-ligent and Software Intensive Systems,IEEE.c 2009:549-554.
[6]
吴晓恒 . 跨站脚本攻击的防御技术研究[D]. 上海: 上海交通大学, 2011.
WU X H . Defense technology research of cross site scripting attack[D]. Shanghai: Shanghai Jiaotong Universtiy, 2011.