APPARATUS AND METHOD FOR DETECTING USER CONNECTION INFORMATION BY CLIENT-SIDE SCRIPT

摘要

PURPOSE: An apparatus and a method for extracting user information using client-based script are provided to collect the IP(Internet Protocol) addresses of an attacking host and a proxy server used by the attacking host can be collected by using a script that sets a direct connection between a monitoring server and the attacking host. CONSTITUTION: A web client issues a request for a first webpage to a web server(S101). Then, the web server may transmit the first webpage to the web client along with a script for detecting the IP address of the web client(S103). The script is automatically executed in a web browser of the web client along with the first webpage without a requirement of an additional Java applet, an ActiveX program or an ActiveX plug-in. Once the script is executed in the web browser of the web client, a user identifier for the web client may be created by combining a time-shift value and a random value. Thereafter, the script issues a request for the right and method to access to a monitoring server to the monitoring server(S105). Then, the monitoring server responds to the request(S107), and the script sets a socket communication between the web client and the monitoring server(S109). The socket communication is used for various purposes such as querying a database, issuing a request for TCP(Transmission Control Protocol) communication or issuing a request for FTP(File Transfer Protocol) connection. The script transmits user information, including the user identifier of the web client and information regarding a webpage having the script loaded therein, to the monitoring server. In addition, the script issues a request for a second webpage to the monitoring server(S111). If the web client attempts to access the web server via an anonymous proxy server, the second web page is transmitted to the monitoring server via the anonymous proxy server, and thus, the monitoring server is able to collect the IP address of the anonymous proxy server.