让我们假设攻击者成功地将一个包含恶意脚本的页面填入到订阅成员使用的网站上。
Let us assume an attacker succeeded in filling a page containing malicious script to the Web site for the subscribed members.
如果使用静态方法,应该确保攻击者能够做的最糟糕的事情不会使得预先的假设无效,而且检查最终结果也是一个好主意。
If you're using a static approach, you should ensure that the worst an attacker could do won't invalidate some assumption, and a few checks on the final result would be a good idea too.
最早遭受破坏的,且仍旧普遍的攻击来源于开发人员对最终用户输入的数据可以信任的假设。
Some of earliest to be perpetrated, and still prevalent, attacks rely on a developer's assuming that data entered by the end user can be trusted.
这种假设增加了溢出攻击。
This assumption gives rise to the overflow family of attacks.
服务器将假设Request - Token头部中缺乏正确的值的任何请求都是CSRF攻击企图并将拒绝它们。
The server will assume that any requests that lack the correct value in the Request-Token header are CSRF attack attempts and will reject them.
CSRF攻击依赖于这样一个服务器假设:来自启动了验证会话的浏览器的所有请求都是有效的。
CSRF attacks depend on a server assuming that all requests transmitted from the browser that originally started an authenticated session are valid.
知道了这一点,假设攻击者构造了一条IC MP回应消息,它的头中包含伪造的任意主机a的源地址,如192.168.2.2。
Knowing this, imagine that an attacker constructs an ICMP echo message containing the spoofed source address of some arbitrary Host a, such as 192.168.2.2, in its header.
假设是基于抽烟能削弱肺部功能或者免疫力,更可能是两者,从而使人们更容易受到疾病的攻击。
The presumption has been that smoking renders people vulnerable to disease by impairing lung function or immunity. And it may well do both.
使xml格式抵制模糊攻击的关键特征是一个对输入不做任何假设的解析器。
The key characteristic that makes XML formats resistant to fuzz is that an XML parser assumes nothing about the input.
他说,“如果你把这样的假设设定太广,有许多平民百姓就成为合法的攻击目标。”
"If you are interpreting this concept too widely, far too many civilians become lawful targets," Kellenberger said.
可怜的假设,天真的编码、加上有强烈动机的攻击者,使得危险随之而来。
Poor assumptions, naive coding, and a motivated attacker make dangerous bed fellows.
假设我是一个攻击者,想利用WeatherReporter应用程序的弱点。
Suppose I'm an attacker wishing to exploit weaknesses in the Weather Reporter application.
现在假设攻击者发送了超过buffer 1所能处理的数据。
Now imagine that an attacker has sent more data than buffer1 can handle.
让我们进一步假设主机a位于网络192.168.2.0,并且攻击者将该数据报发送到这个网络的网络广播地址而不是某台特定主机。
Let's further assume that host a is located in network 192.168.2.0, and that the attacker sends the datagram to the network broadcast address of this network instead of to a particular host.
假设存在大量的设施(Eucalyptus声称其客户超过25000个),那我们真的怀疑能否在短期内修复每台服务器上的攻击。
Assuming a large number of installations (according to Eucalyptus there are more than 25,000 customers), we are doubtful that this attack will be mended on each server within a short period of time.
假设你花费了4个小时来战翻一个Boss,过程中你必须在准确把握攻击的时间的同时避开火焰和巨石的攻击。
Say you spend four hours fighting a boss where you have to perfectly time your attacks while dodging flame and giant rock fists.
假设别人的攻击并非出自恶意,而是源自野心。
Assume that offenses do not stem from malice, but rather from ambition.
在分析高级随机包标记算法(AMS)的基础上,提出了一种基于反向确认的攻击源追踪模型,该模型不再需要AMS过强的假设前提。
On the basis of analysis about advanced marking scheme (AMS), a reverse-validation IP traceback scheme is proposed, which no longer requires the too strong assumption of AMS.
让我们假设你的系统受到了冲击波的攻击。
Let us assume that your system by the shock wave of attacks.
但假设你们要在言语上攻击西方人的话,你们会小心不太伤害我们的“脸面”吗?
However suppose you guys wanted to verbally attack the western people, would you be careful enough not to hurt our "faces" too harsh?
此外,证明了方案中加密算法在DDH假设和适应性选择密文攻击下是安全的。
The encryption algorithm in the scheme is semantically secure against adaptive chosen cipher-text attacks based on the DDH assumption.
提出了一种由数据分析、特征滤波器、假设检验、融合决策等过程组成的隐藏攻击方法。
In the end, the paper proposed a way of hiding attack technique composed by data analysis, characteristic filter, hypothesis inspection and syncretism decision-making.
为了抵抗自适应选择信息攻击,提高签名生成效率,提出一种基于强rsa假设的签名方案。
For resisting the adaptive chosen message attack and improving the sign generation efficiency, a signature scheme based on the strong RSA assumption is described in this paper.
在高密度随机背包困难性假设下,可以证明方案在唯密文攻击下是安全的。
Under the assumption that the random high-density knapsack problem is infeasible, the proposed schemes are provably secure against ciphertext-only attack.
水平特权升级要求攻击者使用相同的水平他已经被授予的权限,但假设另一个用户的身份与权限。
Horizontal privilege escalation requires the attacker to use the same level of privileges he already has been granted, but assume the identity of another user with similar privileges.
提出一种新的指定证实人签名方案,对自适应方式攻击的安全性依靠合理的安全假设。
Then, we present a new designated confirmer signature scheme, whose security against adaptive adversaries is proven to depend on reasonable security assumptions.
在合理的参数设置和复杂性假设下,该方案具有接近于RS A签字的复杂性,并可能抗击量子敌手的攻击。
Under rational complexity assumptions and security parameters, the scheme enjoys the same computation cost as that of rsa signature but plausible security against quantum adversaries.
在合理的参数设置和复杂性假设下,该方案具有接近于RS A签字的复杂性,并可能抗击量子敌手的攻击。
Under rational complexity assumptions and security parameters, the scheme enjoys the same computation cost as that of rsa signature but plausible security against quantum adversaries.
应用推荐