信息安全技術(shù)學(xué)期筆記整理

1、信息安全技術(shù)學(xué)期筆記整理General introduction to securitySecurity is a fashion industry.There exist security services that do not provide any security at all.Security is a people problem.crime,malice,curiosity.Technical measures have to be managed in a wider security culture.Example: MyDoomSecurity is a journey,

2、 not a destination.Can not solve problems once for all.IT system keeps changing.Keep defences up-to-date.General introduction to securityA chain is as strong as its weakest link.Strengthening strong links add little security.Pay attention to single point failure.Contingency plans and recovery plans

3、are necessary.Do not expect on correct answer.There are good and bad answers, but no correct answers.Both questions and answers may change over time.Fundamental design principlesFundamental Dilemma:Security unaware users have specific safety requirements but no security expertise.Information securit

4、y, in wider picture:CryptographyNetwork securityComputer securitySecurity managementLaws and regulationsFundamental design principlesSecurity objectivesConfidentiality(機(jī)密性)Prevent unauthorised disclosure of information.Integrity(完整性)Prevent unauthorised modification of information.Access control(訪(fǎng)問(wèn)控

5、制)Prevent unauthorised use of resource.Non-reputation-accountabillity(不可抵賴(lài)性)Prevent denial of involvement in some event.Availibility(可用性)Prevent unauthorised withholding of information or resources.Fundamental design principlesSecurity strategiesPreventionTake measures to prevent assests being damag

6、ed.DetectionTake measures to detect when, how and by whom the assets be damaged.ReactionTake measures to recover.More invest in the prevention, more needed to detect, thus ensuring the preventing measures is working well.Fundamental design principlesSecurity strategies ExamplesPrivate propertyPreven

7、tionLocks at doors, window bars, walls.Detectionstolen items are missing, burglar alarms, close circuit TV.ReactionCall the police, replace stolen items.E-CommercePreventionencrypt your orders.DetectionAn unauthorised transaction appears on your credit card.Reactionask for a new card.Fundamental des

8、ign principlesTerminologyNo single definition of security.One attempt of the definition:The set of strategies and techniques for coping with users who misbehave.Attacks, services and mechanismsSecurity attacksAny action that compromises the security of information.Security servicesMake use of one or

9、 more security mechanisms.Enhance(加強(qiáng)) the security of data processing systems and information transfers.Security mechanismsDesigned to detect, prevent, or recover from a security attack.Security AttacksPassive attack竊聽(tīng)或監(jiān)視數(shù)據(jù)傳輸，攻擊者目標(biāo)為獲取傳輸?shù)臄?shù)據(jù)信息release of message content(消息內(nèi)容泄露)攻擊者讀取消息內(nèi)容。traffic analysi

10、s(流量分析)攻擊者觀察消息模式。對(duì)付被動(dòng)攻擊的重點(diǎn)：防范而非檢測(cè)。Security AttacksActive attackmasquerade(假冒)replay(重放)獲取數(shù)據(jù)單元并按其之前的順序重新傳輸，以此產(chǎn)生一個(gè)非授權(quán)效應(yīng)。modification of massage(改寫(xiě)消息)對(duì)合法消息進(jìn)行篡改，或消息被延遲、重排從而產(chǎn)生非授權(quán)效應(yīng)。denial of service(拒絕服務(wù))阻止或禁止通信設(shè)備的正常使用或管理?；蚴菍?duì)整個(gè)網(wǎng)絡(luò)的破壞，使網(wǎng)絡(luò)癱瘓或消息過(guò)載而失去網(wǎng)絡(luò)性能。檢測(cè)主動(dòng)攻擊兵回復(fù)其造成的損壞和延遲是可行的。Security servicesAuthentication

11、(認(rèn)證)確保兩個(gè)實(shí)體都是可信的，且不會(huì)受第三方的干擾。對(duì)等實(shí)體認(rèn)證(peer entity authentication)在聯(lián)系中確認(rèn)對(duì)等實(shí)體的身份。數(shù)據(jù)源認(rèn)證(data origin authentication)確認(rèn)數(shù)據(jù)單元來(lái)源。Access control(訪(fǎng)問(wèn)控制)限制和控制通過(guò)通信鏈路來(lái)訪(fǎng)問(wèn)主機(jī)系統(tǒng)和應(yīng)用程序的能力。Confidentiality(機(jī)密性)保護(hù)傳輸?shù)臄?shù)據(jù)不會(huì)遭被動(dòng)攻擊。防止流量數(shù)據(jù)遭竊聽(tīng)分析。Integrity確保消息接收時(shí)和發(fā)送時(shí)一致。與主動(dòng)攻擊相關(guān)。Non-reputiation防止發(fā)送者和接受者否認(rèn)一個(gè)已傳輸?shù)南?。Avalibility解決拒絕服務(wù)攻擊引起的安

12、全問(wèn)題。Conventional Encryption Principles An encryption scheme has five ingredients: Plaintext Encryption algorithm Secret Key Ciphertext Decryption algorithm Security depends on the secrecy of the key,not the secrecy of the algorithmClassical Substitution CiphersPlaintext viewed as letters：replaced by

13、 other letters or by numbers or symbolsPlaintext viewed as bits：replaced by ciphertext bit patternsCaesar Cipher earliest known substitution cipher by Julius Caesar first attested use in military affairs replaces each letter by 3rd letter on example:Cryptanalysis of Caesar Cipheronly have 26 possibl

14、e ciphersA maps to A,B,.Zcould simply try each in turna brute force searchgiven ciphertext, just try all shifts of lettersdo need to recognize when have plaintextMonoalphabetic Cipherrather than just shifting the alphabetcould shuffle (jumble) the letters arbitrarilyeach plaintext letter maps to a d

15、ifferent random ciphertext letterhence key is 26 letters long單表置換置換表(Substitution Table): (for example)Monoalphabetic Cipher Securitynow have a total of 26! = 4 x 1026 keyswith so many keys, still be unsecureproblem is language characteristicshuman languages are redundantletters are not equally comm

16、only usedin English e is by far the most common letter then T,R,N,I,O,A,Shave tables of single, double & triple letter frequenciesSo it can be attacked by statistics and guessPlayfair Ciphernot even the large number of keys in a monoalphabetic cipher provides securityone approach to improving securi

17、ty was to encrypt multiple lettersPlayfair Cipher invented by Charles Wheatstone in 1854, but named after his friend Baron Playfaira 5X5 matrix of letters based on a keyword fill in letters of keyword (sans duplicates) fill rest of matrix with other lettersEncrypting and Decrypting1. if a pair is a

18、repeated letter, insert a filler like X, eg. balloon encrypts as ba lx lo on2. if both letters fall in the same row, replace each with letter to right (wrapping back to start from end), eg. “ar encrypts as RM3. if both letters fall in the same column, replace each with the letter below it (again wra

19、pping to top from bottom), eg. “mu encrypts to CM4. otherwise each letter is replaced by the one in its row in the column of the other letter of the pair, eg. “hs encrypts to BP, and “ea to IM or JM“ (as desired)同行右移，同列下移，否則交叉Security of the Playfair Ciphersecurity much improved over monoalphabetics

20、ince have 26 x 26 = 676 digramswould need a 676 entry frequency table to analyse (verses 26 for a monoalphabetic)and correspondingly more ciphertextit can be broken, given a few hundred letters since still has much of plaintext structureOne-Time Padif a truly random key as long as the message is use

21、d, the cipher will be secureOne-Time pad is unbreakable since ciphertext bearsno statistical relationship to the plaintextsince for any plaintext & any ciphertext there exists a key mapping one to othercan only use the key once thoughhave problem of safe distribution of keyOne-time pad: securityKey

22、must be chosen randomly and used only onceUnconditionally (totally) secureGiven a fixed ciphertext C, for every plaintext P, there is a key K=PCTherefore, there is no way that the attacker knows the exact key K.Impractical in most cases since plaintext length is equal to key lengthperfect secrecyThe

23、y try to mimic the Vernam scheme by replacing the perfectly random key stream by a pseudo-random key stream.that is, a key stream that looks random to an observer who has limited computing powerStream ciphershave been popular in the 20th century:they operate on the plaintext character by character,

24、which is very convenient and allows for a simple and inexpensive implementation.Most of the rotor machines are additive stream ciphers.Between 1960and1990 stream ciphers based on Between 1960and 1990, stream ciphers based on Linear Feedback Shift Registers (LFSRs) have been very popular (see for exa

25、mple the book by Rueppel.Stream ciphersRC4, designed in 1987 by Ron Rivest, is based on completely different principles. RC4 is designed for 8-bit microprocessors and was initially kept as a trade secret. It was leaked out in 1994 and it is currently widely used in yy browsers (TLS protocol).While s

26、everal statistical weaknesses have been identified in RC4 the algorithm still seems to resist attacks that recover the keyBlock CiphersBlock ciphers take a different approach to encryption: the plaintext is divided into larger words of n bits, called blocks.Every block is enciphered in the same way,

27、 using a keyed oneway permutation, i.e., a permutation on the set of n-bit strings that is controlled by a secret key.The simplest way to encrypt a plaintext using a block cipher :divide the plaintext into n-bit blocks Pi, and encrypt these block by block. The decryption also operates on individual

28、blocks:Note thatthe encryption operation does not depend on the location in the ciphertext as is the case for additive stream ciphers.ECB電子密碼本特點(diǎn)：簡(jiǎn)單和有效可以并行實(shí)現(xiàn)不能隱藏明文的模式信息相同明文相同密文同樣信息多次出現(xiàn)泄漏對(duì)明文的主動(dòng)攻擊是可能的信息塊可被替換、重排、刪除、重放誤差傳遞：密文塊損壞僅對(duì)應(yīng)明文塊損壞適合傳輸短信息CBC密碼分組鏈接The most popular mode of operation for a block cipher

29、 is the CBC (Cipher Block Chaining) mode .CBC密碼分組鏈接特點(diǎn)：沒(méi)有已知的并行實(shí)現(xiàn)算法能隱藏明文的模式信息需要共同的初始化向量IV相同明文不同密文初始化向量IV可以用來(lái)改變第一塊對(duì)明文的主動(dòng)攻擊是不容易的信息塊不容易被替換、重排、刪除、重放誤差傳遞：密文塊損壞兩明文塊損壞安全性好于ECB適合于傳輸長(zhǎng)度大于64位的報(bào)文，還可以進(jìn)行用戶(hù)鑒別，是大多系統(tǒng)的標(biāo)準(zhǔn)，如SSLCFB密碼反饋CFB密碼反饋特點(diǎn)：分組密碼流密碼沒(méi)有已知的并行實(shí)現(xiàn)算法隱藏了明文模式需要共同的移位寄存器初始值IV對(duì)于不同的信息，IV必須唯一誤差傳遞：一個(gè)單元損壞多個(gè)單元OFB輸出反饋特點(diǎn)

30、：分組密碼流密碼沒(méi)有已知的并行實(shí)現(xiàn)算法隱藏了明文模式需要共同的移位寄存器初始值IV誤差傳遞：一個(gè)單元損壞只影響對(duì)應(yīng)單位對(duì)明文的主動(dòng)攻擊是可能的信息塊可被替換、重排、刪除、重放安全性較CFB差DESThe first standardized block cipher is the Data Encryption Standard (or DES) of FIPS 46 ,which was published in 1977.This block cipher was developed by IBM together with NSA (National Security Agency) i

31、n response to a call by the US government.DES represents a remarkable effort to provide a standard for government and commercial use.利用56比特串長(zhǎng)度的密鑰k來(lái)加密長(zhǎng)度為64位的明文，得到長(zhǎng)度為64位的密文。破譯：1990，以色列，差分密碼分析法，可對(duì)DES進(jìn)行選擇明文攻擊。（線(xiàn)性密碼分析更有效）不能成為群 not a group 所以普遍使用三重（多重）攻擊簡(jiǎn)化DESSimplified DES S-DES五個(gè)函數(shù)：fk為最重要的部分！分組密碼的分析方法：唯密

32、文攻擊已知明文攻擊選擇明文攻擊攻擊的復(fù)雜度：數(shù)據(jù)復(fù)雜度：實(shí)施該攻擊所需輸入的數(shù)據(jù)量處理復(fù)雜度：處理這些數(shù)據(jù)所需要的計(jì)算量分組密碼的典型攻擊方法最可靠：強(qiáng)力攻擊窮盡密鑰搜素攻擊字典攻擊查表攻擊時(shí)間存儲(chǔ)權(quán)衡攻擊最有效：差分密碼分析線(xiàn)性密碼分析：已知明文攻擊方法插值攻擊方法密鑰相關(guān)攻擊IDEA國(guó)際數(shù)據(jù)加密算法強(qiáng)化了抗差分分析的額能力，PGP算法特點(diǎn)：AES基本要求：比三重DES快，至少和三重DES一樣安全，數(shù)據(jù)分組長(zhǎng)度為128比特，密鑰長(zhǎng)度為128/192/256比特AES特點(diǎn)：可變的密鑰長(zhǎng)度：RC5混合的運(yùn)算 IDEA數(shù)據(jù)相關(guān)的圈數(shù)RC5密鑰相關(guān)的圈數(shù) CAST-128密鑰相關(guān)的S盒：Blowfi

33、sh冗長(zhǎng)密鑰調(diào)度算法：Blowfish可變的F：Cast-128可變長(zhǎng)明文/密文塊長(zhǎng)度可變?nèi)?shù)每圈操作作用于全部數(shù)據(jù)Public-Key Cryptography Principles The use of two keys has consequences in: keydistribution, confidentiality and authentication. The scheme has six ingredients (see Figure 3.7) Plaintext Encryption algorithm Public and private key Ciphertext

34、Decryption algorithmApplications for Public-Key Cryptosystems Three categories: Encryption/decryption: The sender encrypts amessage with the recipients public key. Digital signature: The sender ”signs” amessage with its private key. Key exchange: Two sides cooperate twoexhange a session key.Requirem

35、ents for Public-Key Cryptography Three categories: Encryption/decryption: The sender encrypts amessage with the recipients public key. Digital signature: The sender ”signs” amessage with its private key. Key exchange: Two sides cooperate twoexhange a session key.Requirements for Public-Key Cryptogra

36、phy4. Computationally infeasible to determine privatekey (KRb) knowing public key (KUb)5. Computationally infeasible to recover messageM, knowing KUb and ciphertext C6. Either of the two keys can be used forencryption, with the other used for decryption:SYSU 10M D E (M) D E (M)數(shù)論背景歐拉函數(shù)與歐拉定理1. 歐拉數(shù)設(shè)正整

37、數(shù)n，則歐拉數(shù)(n)定義為小于n且與n互素的正整數(shù)的個(gè)數(shù)（特殊地，(1)=1 ）。例如：(6)=2(小于6且與6互素的是1和5);(7)=6(1,2,3,4,5,6); (11)=10(110)2. 素?cái)?shù)的歐拉數(shù)對(duì)于素?cái)?shù)p ，其歐拉數(shù)(p)=p-1(1p-1)3. 歐拉數(shù)的初等性質(zhì)當(dāng)p、q都是素?cái)?shù)時(shí)，(pq)=(p)(q)=(p-1) (q-1)數(shù)論背景歐拉函數(shù)與歐拉定理4. 當(dāng)e與m互素，則存在正整數(shù)d，使得ed=1 (mod m)稱(chēng)d是e關(guān)于模m的乘法逆元（簡(jiǎn)稱(chēng)“模乘逆元”或“模逆元”），記作e-1例如：設(shè)m=13，則5*8=40=3*13+1=1 (mod 13)故5-1=85. 歐拉定

38、理假設(shè)m、n互素，則m(n)=1 (mod n)例如：設(shè)m=13，n=7，則136=4826809=689544*7+1=1 (mod 7)數(shù)論背景歐拉函數(shù)與歐拉定理6. 費(fèi)馬小定理歐拉定理的推論設(shè)p與m互素，且p是素?cái)?shù)，則m p-1=1 (mod p)（因?yàn)?p)=p-1）7. 基礎(chǔ)定理RSA的理論基礎(chǔ)設(shè)n是兩個(gè)不同的素?cái)?shù)p、q之積，x是小于n的非負(fù)整數(shù)，k是非負(fù)整數(shù)，則有：x k(n) +1=x (mod n)Public-Key Cryptographic Algorithms RSA and Diffie-Hellman RSA - Ron Rives, Adi Shamir and

39、Len Adlemanat MIT, in 1977. RSA is a block cipher The most widely implemented Diffie-Hellman Echange a secret key securely Compute discrete logarithmsThe RSA Algorithm Key Generation1. Select p,q p and q both prime2. Calculate n = p x q3. Calculate 4. Select integer e5. Calculate d6. Public Key KU =

40、 e,n7. Private key KR = d,nThe RSA Algorithm Encryption&DecryptionPlaintext: MnCiphertext: C=Mb(mod n)Ciphertext: CPlaintext: M=Cd(mod n)How to pick a public key Pick 2 primes, p and q Compute n = pq and (n) = (p-1)(q-1) Choose a random b (1 b (n) gcd (b, (n) = 1 Compute a = b-1 mod (n) Extended euc

41、lidean algorithm Publish the public key (b, n) is a persons public key now(i.e., people may now send encrypted text usingthis public key)RSA: Component Operations Exponentiation We need to do it fast Factorization Believed to be difficult (security is here) Finding prime numbers and testing primalit

42、y Rabin Miller test New polynomial time algorithm /news/2002-08-07_primetest/Fast Exponentiation a 256 mod 7 Dont do (a*a*a*a) 256 times and mod by 7 (a * b) mod p = (a mod p * b mod p) mod p Shortcut: Look at binary representation of 256 256 = 28, (a2) 2) 2) 2) 2) 2) 2) 2 and mod 7each time you per

43、form a square 25 = 11001 = 24 + 23 + 20a 25 mod n = (a * a8 * a16) mod n= (a * (a2) 2) 2) * (a2) 2) 2) 2) mod n(a2 mod n)*a) mod n)2 mod n)2 mod n)2 mod n) * a) mod nFactorization Brute force is stupid and slow d = 1,2,3,4, Does d divide n? Factoring n = pq. If p = p2, so n = p d can go high as n in

44、 worst case For n 1040, 1020 number of divisions Use structure of Zn p 1 method (not really used, but a good speedup) Pollards rho method Quadratic sieve, Number Field Sieve (NFS) Is there a better method out there?Finding some prime numbers Easy to generate a number, but how do youknow if its prime

45、? Rabin Miller If n is prime, output is always “could be” If n is composite, output is “composite” or “couldbe” If n is composite and “could be” is returned, theprobability of a wrong answer is = New polynomial algorithm that can sayyes/no!Diffie-Hellman Algorithm User Key GenerationUser A key Gener

46、ationSelect private Xa XaqCalculate public Ya Ya=Xa mod qUser B Key GenerationSelect private Xb XbqCalculate public Yb Ub=Xb mod qDiffie-Hellman Algorithm Secret Key GenerationGeneration of Secret Key by User AK = YbXa mod qGeneration of Secret Key by User BK = YaXb mod qGeneration of Secret Key by

47、User AK = YbXa mod qGeneration of Secret Key by User BK = YaXb mod qOther Public-Key Cryptographic Algorithms Digital Signature Standard (DSS) Makes use of the SHA-1 Not for encryption or key echange Elliptic-Curve Cryptography (ECC) Good for smaller bit size Low confidence level, compared with RSA

48、Very complexFinding some prime numbers Easy to generate a number, but how do youknow if its prime? Rabin Miller If n is prime, output is always “could be” If n is composite, output is “composite” or “couldbe” If n is composite and “could be” is returned, theprobability of a wrong answer is = New pol

49、ynomial algorithm that can sayyes/no!Authentication對(duì)信息通信的主動(dòng)攻擊篡改對(duì)信息完整性的主動(dòng)攻擊假冒對(duì)信息來(lái)源真實(shí)性的主動(dòng)攻擊抵賴(lài)對(duì)信息來(lái)源的主動(dòng)攻擊抗擊手段消息認(rèn)證和數(shù)字簽名所以Hash函數(shù)產(chǎn)生消息摘要Approaches to Message Authentication1) 加密認(rèn)證用消息的密文本身充當(dāng)認(rèn)證信息2) 消息認(rèn)證碼MAC(MessageAuthentication Code)由以消息和密鑰作為輸入的公開(kāi)函數(shù)產(chǎn)生的認(rèn)證信息，也稱(chēng)“消息摘要”或“報(bào)文摘要”3) 散列值由以消息作為唯一輸入的散列函數(shù)產(chǎn)生的認(rèn)證信息（無(wú)需密鑰）基于消

50、息加密的認(rèn)證1. 用對(duì)稱(chēng)密碼體制進(jìn)行加密認(rèn)證2. 私鑰加密、公鑰解密3. 用私鑰、公鑰雙重加密、解密基于消息認(rèn)證碼MAC的認(rèn)證1. 產(chǎn)生發(fā)送者以消息M和與接收者共享的密鑰K為輸入，通過(guò)某公開(kāi)函數(shù)C進(jìn)行加密運(yùn)算得到MAC2. 傳送并接收M+MAC3. 認(rèn)證接收者以接收到的M和共享密鑰K為輸入，用C重新加密算得MAC，若MAC=MAC，則可確信M未被篡改4. 作用認(rèn)證，但不保密Hash函數(shù)認(rèn)證方法由Hash函數(shù)產(chǎn)生消息的散列值以消息的散列值來(lái)判別消息的完整性用加密消息的散列值來(lái)產(chǎn)生數(shù)字簽名用口令的散列值來(lái)安全存儲(chǔ)口令（認(rèn)證系統(tǒng)中的口令列表中僅存儲(chǔ)口令的Hash函數(shù)值，以避免口令被竊取。認(rèn)證時(shí)用輸入

51、口令的Hash函數(shù)值與其比較）SHA-1散列算法消息填充附加長(zhǎng)度迭代狀態(tài)的初始化H0=IVABCDE0=0123456789ABCDEFFEDCBA9876543210F0E1D2C3處理分組（由Hi-1 迭代得到Hi）Hi=SUM32(Hi-1,ABCDEi-1) (1=i RFC 2045, RFC2046Content-Type: More types being added bydevelopers (application/word)Content-Transfer-Encoding: How message has been encoded (radix-64)Content-ID

52、: Unique identifying character string.Content Description: Needed when content is not readable text (e.g.,mpeg)Algorithms UsedMessage Digesting: SHA-1 and MDSDigital Signatures: DSSSecret-Key Encryption: Triple-DES, RC2/40 (exportable)Public-Private Key Encryption: RSA with key sizes of 512 and 1024

53、 bits, and Diffie-Hellman (for session keys).S/MIME FunctionsEnveloped Data: Encrypted content and encrypted session keys for recipients.Signed Data: Message Digest encrypted with private key of “signer.”Clear-Signed Data: Signed but not encrypted.Signed and Enveloped Data: Various orderings for enc

54、rypting and signing.Web Security ConsiderationsThe WEB is very visible.Complex software hide many security flaws.Web servers are easy to configure and manage.Users are not aware of the risks.SSL and TLSSSL was originated by NetscapeTLS working group was formed within IETFFirst version of TLS can be

55、viewed as an SSLv3.1SSL ArchitectureSSL Record FormatSecure Electronic TransactionsAn open encryption and security specification.Protect credit card transaction on the Internet.Companies involved:MasterCard, Visa, IBM, Microsoft, Netscape, RSA, Terisa and VerisignNot a payment system.Set of security

56、 protocols and formats.Handshake ProtocolThe most complex part of SSL.Allows the server and client to authenticate each other.Negotiate encryption, MAC algorithm and cryptographic keys.Used before any application data are transmitted.Transport Layer SecurityThe same record format as the SSL record f

57、ormat.Defined in RFC 2246.Similar to SSLv3.Differences in the:version number,message authentication code,pseudorandom function, alert codes,cipher suites, client certificate types,certificate_verify and finished message,cryptographic computations,paddingSET OverviewKey Features of SET: Confidentiali

58、ty of information Integrity of data Cardholder account authenticationMerchant authenticationPayment processingPayment Authorization: Authorization Request Authorization ResponsePayment Capture: Capture Request Capture Response什么是黑客 黑客hacker是那些檢查（網(wǎng)絡(luò)）系統(tǒng)完整性和安 全性的人，他們通常非常精通計(jì)算機(jī)硬件和軟件 知識(shí)，并有能力通過(guò)創(chuàng)新的方法剖析系統(tǒng)。“黑

59、 客”通常會(huì)去尋找網(wǎng)絡(luò)中漏洞，但是往往并不去 破壞計(jì)算機(jī)系統(tǒng)。什么是入侵者入侵者Cracker只不過(guò)是那些利用網(wǎng)絡(luò)漏洞破壞網(wǎng) 絡(luò)的人，他們往往會(huì)通過(guò)計(jì)算機(jī)系統(tǒng)漏洞來(lái)入侵 ，他們也具備廣泛的電腦知識(shí)，但與黑客不同的 是他們以破壞為目的。 SQL注入原理檢測(cè)是否可以注入 http:/domain./xxx?id=1 and 1=1（正常顯 示） http:/domain/xxx?id=1 and 1=2（出錯(cuò)） 出現(xiàn)以上情況則說(shuō)明參數(shù)id存在注入漏洞 檢測(cè)表段（表的名字） http:/domain/xx?id=1 and exists (select * from 表名) 檢測(cè)字段，已經(jīng)猜出表名

60、http:/domain/xx?id=1 and exists (select 字 段名 from 表名) 檢測(cè)ID http:/domain/xx?id=1 and exists(select id from 表名 where id=1) Measures used for Intrusion Detection Login frequency by day and time. Frequency of login at different locations. Time since last login. Password failures at login. Execution freq