Method for Detecting Web Injection Attack

摘要

PURPOSE: A detection method for web injection attacks is provided to notify users of web infection attacks by detecting said web injection attacks from web documents transmitted from a web server. CONSTITUTION: A conversion server converts received original documents(32). The conversion server transmits the original documents, first electronic signature values for the converted documents, and predetermined conversion rules to a client module(34). The client module transmits the original document to a web browser module(35). The client module extracts the outputted document of the web browser module(36). The client module creates second electronic signature values for the converted document of the extracted document(38). When the first electronic signature value is different from the second electronic signature value, the client module displays a warning message(39,40).