CN104079528A - Method and system of safety protection of Web application - Google Patents
Method and system of safety protection of Web application Download PDFInfo
- Publication number
- CN104079528A CN104079528A CN201310098783.7A CN201310098783A CN104079528A CN 104079528 A CN104079528 A CN 104079528A CN 201310098783 A CN201310098783 A CN 201310098783A CN 104079528 A CN104079528 A CN 104079528A
- Authority
- CN
- China
- Prior art keywords
- web application
- rule
- request
- web
- protection
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Landscapes
- Computer And Data Communications (AREA)
Abstract
The invention discloses a method and a system of safety protection of a Web application. According to the method and the system, the method comprises the following steps that: an administrator configures a protection rule on a Web client according to the need, so that a protection rule file is formed, the protection rule file is arranged in a safety protection module of a server, and a global filter is provided; when a Web application server receives a Web application access request of a user, the safety protection module compares request data of the Web application access request and the configured protection rule file and checks whether the request data is matched with the protection rule file, if so, the Web application access is intercepted; and otherwise, the Web application access is allowed. According to the method and the system, which are disclosed by the invention, all Web applications can be protected according to the need, so that safety of the Web access is improved. The intercept action of the Web application access is transferred into a proxy service server from an application program, so that repeated development or missing intercept of the application program is avoided, and the cost is reduced.
Description
Technical field
The present invention relates to information security field, be specifically related to a kind of safety protecting method and system that is deployed in the Web application on Web server in Web application safety technical field.
Background technology
Web application system is utilized various Dynamic Web technological development, based on the transacter of B/S (browser/server) pattern.Current, Web security threat grows in intensity, and for user, Web is safely a disaster.Become the challenge of global security arena maximum for the attack of Web, main cause has following 2 points:
1. business event upgrades rapidly, needs a large amount of Web application Quick threads.And due to the impact of the aspects such as fund, progress, consciousness, abundant security evaluation is not carried out in these application.
2. can be hidden in a large amount of normal business conducts for the attack of Web, and use various distortion camouflage means, can cause traditional fire compartment wall and the intrusion prevention system based on feature cannot find and stop this attack.
The Web safety that the whole world is well-known and Research of Database Security organize the report that OWASP provides to show, at present Web operation system being threatened to two kinds of the most serious attack patterns is that SQL injection attacks and cross site scripting (XSS) are attacked.
For Web safety.Traditional way one: fire compartment wall, fire compartment wall can filter out the data of non-service port, prevents the leak that non-Web service occurs, and selectable fire compartment wall brand is also more in the market.But inject and XSS leak for the SQL appearing in a large number at present on application, fire compartment wall cannot filter, thereby cannot protect the application layer that Web server faces to threaten.Traditional method two: add the code that prevents attack in single Web application, such as the input to user is filtered etc.The shortcoming of doing is like this to protect this application self, and each application needs to do separately a set of safeguard measure.Extensibility is very poor in addition, if prevent other attack pattern, also needs to revise code.Recompilate patch installing.For production system, can bring very large maintenance cost.
Summary of the invention
For the defect existing in prior art, the object of the present invention is to provide a kind of safety protecting method and system of Web application, improve the fail safe of Web application protection.
For achieving the above object, the technical solution used in the present invention is as follows:
A safety protecting method for Web application, comprises the following steps:
(1) in Web client configuration protection rule, form protection rule file; Described configuration protection rule refers to that establishment need to tackle the url path of inspection and create url path binding rule, and url path and url path binding rule are bound;
(2) described protection rule file is arranged in safety protection module, and safety protection module is set to overall filter; Described safety protection module is arranged on separately in the internal memory of proxy server or Web Application Server;
(3) Web Application Server receives user's Web application access request;
(4) safety protection module by the protection rule of the request msg of Web application access request and configuration relatively, checks whether request msg mates with protection rule file, if tackle Web application access; Allow if not Web application access.
A security protection system for Web application, comprising:
Protection rule arranges module: in Web client configuration protection rule, form protection rule file; Described configuration protection rule refers to that establishment need to tackle the url path of inspection and create url path binding rule, and url path and path binding rule are bound;
Protect regular load-on module: for described protection rule file is loaded into safety protection module, and safety protection module is set to overall filter; Described safety protection module is arranged on separately in the internal memory of proxy server or Web Application Server;
Web request receiving module: for receiving user's Web application access request;
Web request processing module: by the request msg of Web application access request and the comparison of protection rule file, check whether request msg mates with protection rule file, if tackle Web application access for safety protection module; Allow if not Web application access.
Beneficial effect of the present invention is: method of the present invention has been transferred to the interception action of Web application access Web server from application program, while being used for accessing Web application, the application of all access Web servers (Web server is Web Application Server) or Web server application server (Web server is proxy server) pointed all can be through filtering, and improved the fail safe of web access.In addition, the interception action of Web application access has been transferred to agency service server from application program, avoided the overlapping development of application program or omitted interception, reduced cost.
Brief description of the drawings
Fig. 1 is the structured flowchart of the security protection system of a kind of Web application of the present invention;
Fig. 2 is the flow chart of the safety protecting method of a kind of Web application of the present invention.
Embodiment
Below in conjunction with Figure of description and embodiment, the present invention is described in further detail.
Main thought of the present invention: the present invention is a kind of overall filter being deployed on Web server, the rule that system manager can oneself need by the configuration of Web client-side program in advance, rule configuration well starts the server at protection module place afterwards.After startup, protection module just can normally have been worked.When application that other user's access configuration will be tackled, will first filter by protection module.Protection module does and mates according to pre-configured rule and user's request and response.If the match is successful, think abnormal request or attack, carry out the action processing configuring, such as denied access, overwrite request data etc.If mate unsuccessful, let pass this request or response to real Web application process.Effectively protect Web application, prevented that it is by malicious attack and information leakage.
Fig. 1 shows the structured flowchart of the security protection system of a kind of Web application of the present invention, and this system comprises that protection rule arranges module 11, protects regular load-on module 12, Web request receiving module 13 and Web request processing module 14, wherein:
Protection rule arranges module 11 in Web client configuration protection rule, forms protection rule file; Described configuration protection rule refers to that establishment need to tackle the url path of inspection and create url path binding rule, and url path and path binding rule are bound;
Protect regular load-on module 12 for described protection rule file is loaded into safety protection module, and safety protection module is set to overall filter; Described safety protection module is arranged on separately in the internal memory of proxy server or Web Application Server;
Web request receiving module 13 is for receiving user's Web application access request;
Web request processing module 14 by the request msg of Web application access request and the comparison of protection rule file, checks whether request msg mates with protection rule file, if tackle Web application access for safety protection module; Allow if not Web application access.This module comprises whether the url path for checking the request of Web application access configures, if enter rule match unit, allow if not the url configuration of Web application access to check unit, with for request msg and rule are compared, check whether request msg mates with rule, tackle in this way Web application access, allow if not the rule match unit of Web application access.
Fig. 2 shows the flow chart of the safety protecting method of a kind of Web application based on security protection system in Fig. 1, and the method mainly comprises the following steps:
Step S21: in Web client configuration protection rule;
In Web client configuration protection rule, form protection rule file; Described configuration protection rule refers to that establishment need to tackle the url path of inspection and create url path binding rule, and url path and url path binding rule are bound.The url path binding rule that system manager can need by Web client configuration oneself in advance, is configured by Web client-side program, specific as follows:
1, configuration needs the url path that interception checks, comprising:
1) configuration authorization host name hostname and file path node filepathnode(can configure multistage path), authorize hostname to be generally server name or IP address.
For example: the url that the needs interception of configuration checks is:
http://192.168.1.1/myApp/test/test.asp
Wherein, IP address is 192.168.1.1, and needing the file path of access is myApp/test/test.asp.
2) create url path binding rule.Url path binding rule comprises that rule name (can know by title which kind of attack is this rule can tackle), rule syntax (can define and whether mate regular expression, whether equate with certain value, etc.), action process (can comprise write daily record, denied access, overwrite request, carry out certain order etc.).Wherein, action is processed and can be defined as a variety ofly, generally can be divided into two large classes, and blacklist action is processed and white list action is processed, and blacklist moves that processing comprises denied access, writes daily record, overwrite request data; White list action comprises execution request command.
2, binding rule
The url path binding rule of defining to the part in the url path being pre-created
Regular part can be bound in url path to be had:
Request:method;version;url;queryString;queryStrng?parameter;body;body?parameter;header;header?parameter;
Response:response?status;body;
When by the part of url and the binding of url path binding rule, can bind more than one rule, also can bind regular group, user can arrange as required.Above-mentioned part of binding is all the known vocabulary in web field, as Request refers to ... request, the request that send customer side; Method refers to ... the attribute of HTML<form> label, how regulation sends form data; Version refers to ... html tag, arranges or obtains the DTD version of managing current document; Response refers to response, is the response that server is made; Describe no longer one by one at this.Above-mentioned these parts of enumerating are only also to illustrate these parts can bind rule, but are not limited to these parts, manyly can bind regular part for selecting as required.In present embodiment, in fact url path is referred to the process that url path " is mated " with path binding rule with the binding of url path binding rule, the method for coupling can be some prior aries such as regular expression.
Step S22: protection rule file is arranged on to safety protection module;
By the setting of Web server, the protection rule file arranging is arranged in safety protection module, and safety protection module is set to overall filter in step S21; Wherein, safety protection module is arranged on separately in the internal memory of proxy server or Web Application Server.That is to say that safety protection module can be deployed in separately in a web server, this server is used as proxy server, also can, by safety protection module and Web application deployment on same station server, be deployed on Web Application Server by safety protection module.When work, start after the server at safety protection module place, the protection rule file configuring in the first load step S21 of meeting, is loaded into file in internal memory.When safety protection module of the present invention is proxy server, user initiates the request of Web application access by this proxy server to Web Application Server.
Safety protection module described in the present invention; its concept and range is very wide; refer to system or device that all can provide network security protection function; as intruding detection system, network firewall, Network anti-virus system etc.; be to say to those skilled in the art, safety protection module is conventional technological means.Security protection rule file can be arranged in the safety protection module of other products or system, also can dispose separately, provide security protection service by modes such as Web services, in fact also formed a safety protection module, security protection rule file is arranged in the safety protection module of product or system, or the mode of disposing is separately also conventional technological means for a person skilled in the art.
Like this, by the setting of Web server, safety protection module is deployed as to overall filter, the filtration of safety protection module all can be first passed through in the application on the server pointing on this Web Application Server of all access or by this proxy server.In present embodiment, preferably safety protection module is deployed on a Web server, the benefit of disposing is separately the resource that can effectively save Web Application Server, reduces pressure.
Step S23:Web application server receives user's Web application access request;
Step S24: by the protection rule file comparison of request msg and configuration, process Web application access according to comparative result.
Web client sends the request of Web application access to Web Application Server, the safety protection module of Web server is tackled this access request, by the protection rule file comparison of the request msg of Web application access request and configuration, check whether request msg mates with protection rule file, if tackle Web application access; Allow if not Web application access.Described interception Web application access refers to carries out blacklist action, and described permission Web application access refers to carries out white list action.
Web server by the concrete mode of the protection rule file comparison of the request msg of Web application access request and configuration is:
1) whether the url path of checking the request of Web application access configures, if enter step 2), allow if not Web application access; The request of access Web application is tackled by safety protection module after coming, and the url path then the needs interception configuring in the url path of access request and step S21 being checked compares, if do not configure this url, lets slip this request to real application; If matched, carry out step 2);
2) just request msg and url path binding rule compare, and check whether request msg mates with url path binding rule, tackles in this way Web application access, allows if not Web application access.By request msg and url path binding rule relatively before, first the request of Web application access is resolved, request msg is converted to the reference format that url path binding rule match needs.Do the request msg inconsistent situation of the object of changing as long as producing in order to tackle different Web server.Be that different Web server is transparent to rule match module.Request msg conversion mainly comprises the processes such as url decoding and decoded fractionation, owing to comprising dangerous character, Chinese, the reasons such as reserved word, url can encode conventionally, url decoding is the process of reduction url, url is decoded as prior art, url after reduction will further be split as scheme (communications protocol), host (main frame), port (port numbers), path (path), query (inquiry), the parts such as fragment (information segment), the part binding rule that may be attacked is carried out to security protection, the equal prior art of this process.After conversion, the user's request msg after conversion is mated with the url path binding rule that is loaded into internal memory.If mate unsuccessfully, think normally, let slip this request to real application.If the match is successful, carry out next step action processing.Action processing can be defined as multiple, is mainly divided into two large class, white list and blacklists.It is mainly Pass that the action of white list is processed, and also can add Log.After the match is successful, directly let slip request, skip rule match below.For blacklist, be commonly defined as deny.If the match is successful for blacklist, denied access, and play daily record.Can also be defined as rewrite, filter dangerous character, after rewriting user's request, be put into again real application.
The present invention has two major advantages:
One, once dispose, can protect all Web application on Web server, only need in client Web program, configure corresponding url.
Two, keeper can configure the request of will checking or respond which part, also can configure and will tackle which request.Simultaneously also can self-defined regular expression or test mode, as long as meet rule syntax specification.Convenient, flexible.
Each module of the present invention or each step can realize with general calculation element, they can concentrate on single calculation element, or be distributed on the network that multiple calculation elements form, alternatively, they can be realized with the executable program code of calculation element, thereby, they can be stored in storage device and be carried out by calculation element, or they are made into respectively to each integrated circuit modules, or the multiple modules in them or step are made into single integrated circuit module realize.Like this, the present invention is not restricted to any specific hardware and software combination.
Below in conjunction with specific embodiment, the present invention is further detailed.
Embodiment
The present embodiment protects as example taking the url that comprises user's input parameter, and its key step comprises:
Step 1: configuration protection rule;
For example, for preventing comprising the sql command that may produce harm in input parameter, can create following protection rule file QuerystringRule.json:
Wherein, the protection rule file of json form is a kind of data interchange format file of lightweight, be easy to read and write, certainly create protection also can xml when rule file or other form storage such as database table.
Step 2: protection rule file is deployed in to safety protection module.
The protection rule file arranging in previous step is deployed in safety protection module, and safety protection module is set to overall filter, first the request of Web application access will be sent to carries out safety inspection in safety protection module.
Step 3: the request of Web application access is sent to safety protection module.
For example, web application server receives the url access request that comprises user's input parameter a: http: // 192.168.1.1/myApp/test/showdetail.asp id=1; This request of delete from users(is one and comprises the illegal request that SQL injects, meeting delete database users table total data), first this request will be sent to safety protection module inspection.
Step 4: by the protection rule of request msg and configuration relatively, process Web application access according to comparative result.
Above-mentioned url request is through decoding, parsing, and can get QueryString is id=1; Delete from users, compares QueryString with protection rule file, find wherein to comprise the forbidding text " delete " of protection in rule file and "; ", therefore this access request is a unauthorized access, will tackle this access request.
Obviously, those skilled in the art can carry out various changes and modification and not depart from the spirit and scope of the present invention the present invention.Like this, if these amendments of the present invention and within modification belongs to the scope of the claims in the present invention and equivalent technology thereof, the present invention is also intended to comprise these changes and modification interior.
Claims (10)
1. a safety protecting method for Web application, comprises the following steps:
(1) in Web client configuration protection rule, form protection rule file; Described configuration protection rule refers to that establishment need to tackle the url path of inspection and create url path binding rule, and url path and url path binding rule are bound;
(2) described protection rule file is arranged in safety protection module, and safety protection module is set to overall filter; Described safety protection module is arranged on separately in the internal memory of proxy server or Web Application Server;
(3) Web Application Server receives user's Web application access request;
(4) safety protection module by the protection rule of the request msg of Web application access request and configuration relatively, checks whether request msg mates with protection rule file, if tackle Web application access; Allow if not Web application access.
2. the safety protecting method of a kind of Web application as claimed in claim 1, is characterized in that: in step (1), described url path binding rule comprises rule name, rule syntax and action processing.
3. the safety protecting method of a kind of Web application as claimed in claim 2, is characterized in that: described rule syntax comprises whether mating regular expression and whether equate with setup parameter value; Described action processing comprises that blacklist action is processed and two large classes are processed in white list action, and blacklist moves that processing comprises denied access, writes daily record, overwrite request data; White list action comprises execution request command.
4. the safety protecting method of a kind of Web application as described in one of claims 1 to 3, is characterized in that: in step (1), url path and the binding of url path binding rule are referred to the part in url path and the binding of url path binding rule.
5. the safety protecting method of a kind of Web application as claimed in claim 4, it is characterized in that: in step (2), when described safety protection module is arranged on proxy server separately, user initiates the request of Web application access by proxy server to Web Application Server.
6. the safety protecting method of a kind of Web application as claimed in claim 4, is characterized in that: in step (4), safety protection module by the request msg of Web application access request and the concrete mode of protection rule file comparison is:
1) whether the url path of checking the request of Web application access configures, if enter step 2), allow if not Web application access;
2) request msg and url path binding rule are compared, check that whether request msg mates with url path binding rule, if tackle Web application access, allows Web application access if not.
7. the safety protecting method of a kind of Web application as claimed in claim 6, it is characterized in that: step 2) in, before request msg and url path binding rule are compared, first resolve the request of Web application access, request msg is converted to the reference format that url path binding rule match needs.
8. the safety protecting method of a kind of Web application as claimed in claim 7, is characterized in that: in step (4), described interception Web application access refers to carries out blacklist action, and described permission Web application access refers to carries out white list action.
9. a security protection system for Web application, comprising:
Protection rule arranges module: in Web client configuration protection rule, form protection rule file; Described configuration protection rule refers to that establishment need to tackle the url path of inspection and create url path binding rule, and url path and path binding rule are bound;
Protect regular load-on module: for described protection rule file is loaded into safety protection module, and safety protection module is set to overall filter; Described safety protection module is arranged on separately in the internal memory of proxy server or Web Application Server;
Web request receiving module: for receiving user's Web application access request;
Web request processing module: by the request msg of Web application access request and the comparison of protection rule file, check whether request msg mates with protection rule file, if tackle Web application access for safety protection module; Allow if not Web application access.
10. the security protection system of a kind of Web application as claimed in claim 9, is characterized in that, described Web request processing module comprises:
Whether unit is checked in url configuration: configure for the url path of checking the request of Web application access, if enter rule match unit, allow if not Web application access;
Rule match unit: for request msg and url path binding rule are compared, check whether request msg mates with url path binding rule, tackles in this way Web application access, allows if not Web application access.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310098783.7A CN104079528A (en) | 2013-03-26 | 2013-03-26 | Method and system of safety protection of Web application |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310098783.7A CN104079528A (en) | 2013-03-26 | 2013-03-26 | Method and system of safety protection of Web application |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN104079528A true CN104079528A (en) | 2014-10-01 |
Family
ID=51600577
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201310098783.7A Pending CN104079528A (en) | 2013-03-26 | 2013-03-26 | Method and system of safety protection of Web application |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104079528A (en) |
Cited By (25)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104361283A (en) * | 2014-12-05 | 2015-02-18 | 网宿科技股份有限公司 | Web attack protection method |
| CN104468563A (en) * | 2014-12-03 | 2015-03-25 | 北京奇虎科技有限公司 | Website bug protection method, device and system |
| CN104506520A (en) * | 2014-12-22 | 2015-04-08 | 中软信息系统工程有限公司 | MIPS (Million Instructions Per Second) platform Web access strategy control method |
| CN105704120A (en) * | 2016-01-05 | 2016-06-22 | 中云网安科技(北京)有限公司 | Method for safe network access based on self-learning form |
| CN106060090A (en) * | 2016-07-29 | 2016-10-26 | 广州市乐商软件科技有限公司 | Website script attack prevention method and device |
| CN106203087A (en) * | 2015-04-29 | 2016-12-07 | 腾讯科技(深圳)有限公司 | Infusion protecting method and system |
| CN106341400A (en) * | 2016-08-29 | 2017-01-18 | 联动优势科技有限公司 | Service request processing method and device |
| CN106407802A (en) * | 2016-09-05 | 2017-02-15 | 北京蓝海讯通科技股份有限公司 | Device, method and system for monitoring application security |
| CN106446690A (en) * | 2016-09-05 | 2017-02-22 | 北京蓝海讯通科技股份有限公司 | Application vulnerability restoration apparatus, method and system |
| CN106993006A (en) * | 2017-06-16 | 2017-07-28 | 郑州云海信息技术有限公司 | The implementation method of WEB fire walls in a kind of cloud platform |
| CN107016289A (en) * | 2017-02-15 | 2017-08-04 | 中国科学院信息工程研究所 | The thin terminal security method for establishing model of movement and device based on Web operating systems |
| CN107204982A (en) * | 2017-06-13 | 2017-09-26 | 成都四方伟业软件股份有限公司 | Interactive data system universal safety guard system |
| CN107454055A (en) * | 2017-05-17 | 2017-12-08 | 中云网安科技(北京)有限公司 | A kind of methods, devices and systems by learning guarding website safely |
| CN107483442A (en) * | 2017-08-18 | 2017-12-15 | 国云科技股份有限公司 | A kind of Web applications attack defense method |
| CN107580005A (en) * | 2017-11-01 | 2018-01-12 | 北京知道创宇信息技术有限公司 | Website protection method, device, website safeguard and readable storage medium storing program for executing |
| CN104994104B (en) * | 2015-07-06 | 2018-03-16 | 浙江大学 | Server fingerprint mimicry and sensitive information mimicry method based on WEB security gateways |
| CN107872463A (en) * | 2017-11-29 | 2018-04-03 | 四川无声信息技术有限公司 | A kind of WEB mails XSS attack detection method and relevant apparatus |
| CN108023860A (en) * | 2016-11-03 | 2018-05-11 | 中国电信股份有限公司 | Means of defence, system and the Web application firewalls of Web applications |
| CN108696488A (en) * | 2017-04-11 | 2018-10-23 | 腾讯科技(深圳)有限公司 | A kind of upload interface identification method, identification server and system |
| CN110869907A (en) * | 2018-03-28 | 2020-03-06 | 华为技术有限公司 | Method and terminal for browsing application page |
| CN110995767A (en) * | 2019-12-31 | 2020-04-10 | 五八有限公司 | Request processing method and device |
| CN111163097A (en) * | 2019-12-31 | 2020-05-15 | 新浪网技术(中国)有限公司 | Web application firewall implementation system and method |
| CN111464480A (en) * | 2019-01-18 | 2020-07-28 | 华为技术有限公司 | Access request processing method and device |
| CN112272212A (en) * | 2020-09-30 | 2021-01-26 | 新华三信息安全技术有限公司 | File transmission method and device |
| CN115664856A (en) * | 2022-12-26 | 2023-01-31 | 北京安锐卓越信息技术股份有限公司 | Request filtering method, system, equipment and medium |
Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1588879A (en) * | 2004-08-12 | 2005-03-02 | 复旦大学 | Internet content filtering system and method |
| CN101035128A (en) * | 2007-04-18 | 2007-09-12 | 大连理工大学 | Three-folded webpage text content recognition and filtering method based on the Chinese punctuation |
| CN101163161A (en) * | 2007-11-07 | 2008-04-16 | 福建星网锐捷网络有限公司 | United resource localizer address filtering method and intermediate transmission equipment |
| CN102624703A (en) * | 2011-12-31 | 2012-08-01 | 成都市华为赛门铁克科技有限公司 | Method and device for filtering uniform resource locators (URLs) |
| CN102638448A (en) * | 2012-02-27 | 2012-08-15 | 珠海市君天电子科技有限公司 | Method for judging phishing websites based on non-content analysis |
| CN102724189A (en) * | 2012-06-06 | 2012-10-10 | 杭州华三通信技术有限公司 | Method and device for controlling user URL (uniform resource locator) access |
| CN102769632A (en) * | 2012-07-30 | 2012-11-07 | 珠海市君天电子科技有限公司 | Method and system for grading detection and prompt of fishing website |
| CN202737911U (en) * | 2012-06-12 | 2013-02-13 | 中国人民解放军91655部队 | Authority control system |
-
2013
- 2013-03-26 CN CN201310098783.7A patent/CN104079528A/en active Pending
Patent Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1588879A (en) * | 2004-08-12 | 2005-03-02 | 复旦大学 | Internet content filtering system and method |
| CN101035128A (en) * | 2007-04-18 | 2007-09-12 | 大连理工大学 | Three-folded webpage text content recognition and filtering method based on the Chinese punctuation |
| CN101163161A (en) * | 2007-11-07 | 2008-04-16 | 福建星网锐捷网络有限公司 | United resource localizer address filtering method and intermediate transmission equipment |
| CN102624703A (en) * | 2011-12-31 | 2012-08-01 | 成都市华为赛门铁克科技有限公司 | Method and device for filtering uniform resource locators (URLs) |
| CN102638448A (en) * | 2012-02-27 | 2012-08-15 | 珠海市君天电子科技有限公司 | Method for judging phishing websites based on non-content analysis |
| CN102724189A (en) * | 2012-06-06 | 2012-10-10 | 杭州华三通信技术有限公司 | Method and device for controlling user URL (uniform resource locator) access |
| CN202737911U (en) * | 2012-06-12 | 2013-02-13 | 中国人民解放军91655部队 | Authority control system |
| CN102769632A (en) * | 2012-07-30 | 2012-11-07 | 珠海市君天电子科技有限公司 | Method and system for grading detection and prompt of fishing website |
Cited By (38)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104468563A (en) * | 2014-12-03 | 2015-03-25 | 北京奇虎科技有限公司 | Website bug protection method, device and system |
| CN104361283A (en) * | 2014-12-05 | 2015-02-18 | 网宿科技股份有限公司 | Web attack protection method |
| CN104361283B (en) * | 2014-12-05 | 2018-05-18 | 网宿科技股份有限公司 | The method for protecting Web attacks |
| CN104506520A (en) * | 2014-12-22 | 2015-04-08 | 中软信息系统工程有限公司 | MIPS (Million Instructions Per Second) platform Web access strategy control method |
| CN106203087B (en) * | 2015-04-29 | 2020-04-28 | 腾讯科技(深圳)有限公司 | Injection protection method, system, terminal and storage medium |
| CN106203087A (en) * | 2015-04-29 | 2016-12-07 | 腾讯科技(深圳)有限公司 | Infusion protecting method and system |
| CN104994104B (en) * | 2015-07-06 | 2018-03-16 | 浙江大学 | Server fingerprint mimicry and sensitive information mimicry method based on WEB security gateways |
| CN105704120A (en) * | 2016-01-05 | 2016-06-22 | 中云网安科技(北京)有限公司 | Method for safe network access based on self-learning form |
| CN105704120B (en) * | 2016-01-05 | 2019-03-19 | 中云网安科技(北京)有限公司 | A method of the secure access network based on self study form |
| CN106060090A (en) * | 2016-07-29 | 2016-10-26 | 广州市乐商软件科技有限公司 | Website script attack prevention method and device |
| WO2018018699A1 (en) * | 2016-07-29 | 2018-02-01 | 广州市乐商软件科技有限公司 | Website scripting attack prevention method and device |
| CN106341400B (en) * | 2016-08-29 | 2019-06-18 | 联动优势科技有限公司 | A kind of method and device of processing business request |
| CN106341400A (en) * | 2016-08-29 | 2017-01-18 | 联动优势科技有限公司 | Service request processing method and device |
| CN106407802B (en) * | 2016-09-05 | 2019-04-02 | 北京蓝海讯通科技股份有限公司 | The safe device being monitored of a kind of pair of application, method and system |
| CN106446690A (en) * | 2016-09-05 | 2017-02-22 | 北京蓝海讯通科技股份有限公司 | Application vulnerability restoration apparatus, method and system |
| CN106407802A (en) * | 2016-09-05 | 2017-02-15 | 北京蓝海讯通科技股份有限公司 | Device, method and system for monitoring application security |
| CN106446690B (en) * | 2016-09-05 | 2019-08-02 | 北京蓝海讯通科技股份有限公司 | A kind of pair of device, method and the system repaired using loophole |
| CN108023860A (en) * | 2016-11-03 | 2018-05-11 | 中国电信股份有限公司 | Means of defence, system and the Web application firewalls of Web applications |
| CN107016289A (en) * | 2017-02-15 | 2017-08-04 | 中国科学院信息工程研究所 | The thin terminal security method for establishing model of movement and device based on Web operating systems |
| US10972496B2 (en) | 2017-04-11 | 2021-04-06 | Tencent Technology (Shenzhen) Company Limited | Upload interface identification method, identification server and system, and storage medium |
| CN108696488A (en) * | 2017-04-11 | 2018-10-23 | 腾讯科技(深圳)有限公司 | A kind of upload interface identification method, identification server and system |
| CN107454055B (en) * | 2017-05-17 | 2020-08-28 | 中云网安科技(北京)有限公司 | Method, device and system for protecting website through safe learning |
| CN107454055A (en) * | 2017-05-17 | 2017-12-08 | 中云网安科技(北京)有限公司 | A kind of methods, devices and systems by learning guarding website safely |
| CN107204982B (en) * | 2017-06-13 | 2019-02-05 | 成都四方伟业软件股份有限公司 | Interactive data system universal safety guard system |
| CN107204982A (en) * | 2017-06-13 | 2017-09-26 | 成都四方伟业软件股份有限公司 | Interactive data system universal safety guard system |
| CN106993006A (en) * | 2017-06-16 | 2017-07-28 | 郑州云海信息技术有限公司 | The implementation method of WEB fire walls in a kind of cloud platform |
| CN107483442A (en) * | 2017-08-18 | 2017-12-15 | 国云科技股份有限公司 | A kind of Web applications attack defense method |
| CN107580005A (en) * | 2017-11-01 | 2018-01-12 | 北京知道创宇信息技术有限公司 | Website protection method, device, website safeguard and readable storage medium storing program for executing |
| CN107872463A (en) * | 2017-11-29 | 2018-04-03 | 四川无声信息技术有限公司 | A kind of WEB mails XSS attack detection method and relevant apparatus |
| CN110869907A (en) * | 2018-03-28 | 2020-03-06 | 华为技术有限公司 | Method and terminal for browsing application page |
| CN110869907B (en) * | 2018-03-28 | 2021-10-01 | 华为技术有限公司 | Method and terminal for browsing application page |
| CN111464480A (en) * | 2019-01-18 | 2020-07-28 | 华为技术有限公司 | Access request processing method and device |
| CN110995767A (en) * | 2019-12-31 | 2020-04-10 | 五八有限公司 | Request processing method and device |
| CN111163097A (en) * | 2019-12-31 | 2020-05-15 | 新浪网技术(中国)有限公司 | Web application firewall implementation system and method |
| CN110995767B (en) * | 2019-12-31 | 2022-01-28 | 五八有限公司 | Request processing method and device |
| CN112272212A (en) * | 2020-09-30 | 2021-01-26 | 新华三信息安全技术有限公司 | File transmission method and device |
| CN112272212B (en) * | 2020-09-30 | 2022-07-12 | 新华三信息安全技术有限公司 | File transmission method and device |
| CN115664856A (en) * | 2022-12-26 | 2023-01-31 | 北京安锐卓越信息技术股份有限公司 | Request filtering method, system, equipment and medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN104079528A (en) | Method and system of safety protection of Web application | |
| DE602005002572T2 (en) | System and method for protecting a computer against computer attacks in secure communication | |
| US7673147B2 (en) | Real-time mitigation of data access insider intrusions | |
| US20050071643A1 (en) | Method of and system for enterprise information asset protection through insider attack specification, monitoring and mitigation | |
| US8548998B2 (en) | Methods and systems for securing and protecting repositories and directories | |
| CN101184088B (en) | Multi-point interlinked LAN firewall cooperating method | |
| US20120023593A1 (en) | System and method for filtering internet content & blocking undesired websites by secure network appliance | |
| GB2385689A (en) | Specifying the attack identities and policies for handling such attacks in an intrusion detection system | |
| CN110677381B (en) | Penetration test method and device, storage medium and electronic device | |
| US20070136809A1 (en) | Apparatus and method for blocking attack against Web application | |
| CN104468632A (en) | Loophole attack prevention method, device and system | |
| CN103246849A (en) | Safe running method based on ROST under Windows | |
| CN107835179B (en) | Application program protection method and device based on virtualization container | |
| CN107276986B (en) | Method, device and system for protecting website through machine learning | |
| CN104967628A (en) | Deceiving method of protecting web application safety | |
| Deng et al. | Lexical analysis for the webshell attacks | |
| CN109284636B (en) | Webpage tamper-proofing system and method | |
| Hidhaya et al. | Intrusion protection against SQL injection and cross site scripting attacks using a reverse proxy | |
| KR100954758B1 (en) | System and method for securing web application | |
| CN111756707A (en) | Back door safety protection device and method applied to global wide area network | |
| KR101910496B1 (en) | Network based proxy setting detection system through wide area network internet protocol(IP) validation and method of blocking harmful site access using the same | |
| Priyadarshini et al. | A cross platform intrusion detection system using inter server communication technique | |
| Morgan et al. | Xml schema, dtd, and entity attacks | |
| PÎRNĂU | General Aspects of Some Causes of Web Application Vulnerabilities | |
| Land | Systemic Vulnerabilities in Customer-Premises Equipment (CPE) Routers |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20141001 |
|
| RJ01 | Rejection of invention patent application after publication |