S. Sokolov, O. M. Alimov, L. E. Ivleva, Ekaterina Yu. Vartanova, V. Burlov
{"title":"使用基于applet的未经授权的信息访问","authors":"S. Sokolov, O. M. Alimov, L. E. Ivleva, Ekaterina Yu. Vartanova, V. Burlov","doi":"10.1109/EICONRUS.2018.8317046","DOIUrl":null,"url":null,"abstract":"The problem of unauthorized access to information on Web sites through the use of malicious code by an attacker leads to undesirable consequences that arise both on the server side and on the users side. This article is devoted to the review and analysis of existing methods for ensuring the information security of automated systems for authentication and distributed networks. The existence of vulnerabilities on most modern Web content management platforms allows an attacker to inject malicious files onto the server or modify existing files. Recently, there has been a large increase in cybercrime, which is a fairly lucrative business for intruders. To avoid the introduction of malicious code on the site, in addition to the above steps, you should use the SCP / SSH / SFTP protocols instead of FTP to download files to the server, which will prevent the passwords from being sent “in the clear”.","PeriodicalId":6562,"journal":{"name":"2018 IEEE Conference of Russian Young Researchers in Electrical and Electronic Engineering (EIConRus)","volume":"1 1","pages":"128-131"},"PeriodicalIF":0.0000,"publicationDate":"2018-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"Using unauthorized access to information based on applets\",\"authors\":\"S. Sokolov, O. M. Alimov, L. E. Ivleva, Ekaterina Yu. Vartanova, V. Burlov\",\"doi\":\"10.1109/EICONRUS.2018.8317046\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The problem of unauthorized access to information on Web sites through the use of malicious code by an attacker leads to undesirable consequences that arise both on the server side and on the users side. This article is devoted to the review and analysis of existing methods for ensuring the information security of automated systems for authentication and distributed networks. The existence of vulnerabilities on most modern Web content management platforms allows an attacker to inject malicious files onto the server or modify existing files. Recently, there has been a large increase in cybercrime, which is a fairly lucrative business for intruders. To avoid the introduction of malicious code on the site, in addition to the above steps, you should use the SCP / SSH / SFTP protocols instead of FTP to download files to the server, which will prevent the passwords from being sent “in the clear”.\",\"PeriodicalId\":6562,\"journal\":{\"name\":\"2018 IEEE Conference of Russian Young Researchers in Electrical and Electronic Engineering (EIConRus)\",\"volume\":\"1 1\",\"pages\":\"128-131\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2018-01-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2018 IEEE Conference of Russian Young Researchers in Electrical and Electronic Engineering (EIConRus)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/EICONRUS.2018.8317046\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2018 IEEE Conference of Russian Young Researchers in Electrical and Electronic Engineering (EIConRus)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/EICONRUS.2018.8317046","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Using unauthorized access to information based on applets
The problem of unauthorized access to information on Web sites through the use of malicious code by an attacker leads to undesirable consequences that arise both on the server side and on the users side. This article is devoted to the review and analysis of existing methods for ensuring the information security of automated systems for authentication and distributed networks. The existence of vulnerabilities on most modern Web content management platforms allows an attacker to inject malicious files onto the server or modify existing files. Recently, there has been a large increase in cybercrime, which is a fairly lucrative business for intruders. To avoid the introduction of malicious code on the site, in addition to the above steps, you should use the SCP / SSH / SFTP protocols instead of FTP to download files to the server, which will prevent the passwords from being sent “in the clear”.