Original title:
Analyzator utokov na webový server
Translated title:
Web server attack analyzer
Authors:
Mižišin, Michal ; Novotný, Miroslav (advisor) ; Mareš, Martin (referee) Document type: Bachelor's theses
Year:
2013
Language:
slo Abstract:
[eng][cze] In this work I will focus on the most common forms of attacks on web applications. My focus will point on so called Injection flaws (attacks where data given by user are interpreted and executed), XSS (Cross Site Scripting) and CSRF (Cross Site Request Forgery), that have for web application in case of compromisation fatal consequences. I will describe these attacks, their history, concrete examples of successful execution. I will propose also possible kinds of protection and possibilities of detection.V tejto práci sa zamieram na najčastejšie formy útokov na webové aplikácie. Predovšetkým na tzv. Injection flaws (útoky, pri ktorých sú dáta od užívateľa interpretované a vykonané), XSS (Cross Site Scripting) a CSRF (Cross Site Request Forgery), ktoré majú pre webovú aplikáciu v prípade kompromitácie fatálne následky. Zmapujem tieto typy útokov, ich históriu, popis, konkrétne príklady zneužitia. Navhrhnem tiež možné spôsoby ochrany a možnosti detekcie týchto útokov.
Keywords:
csrf; injection flaw; sql injection; web attack; xss; csrf; injection flaw; sql injection; webový útok; xss
Institution: Charles University Faculties (theses)
(web)
Document availability information: Available in the Charles University Digital Repository. Original record: http://hdl.handle.net/20.500.11956/58088