CN106713318B - WEB site safety protection method and system - Google Patents
WEB site safety protection method and system Download PDFInfo
- Publication number
- CN106713318B CN106713318B CN201611202994.0A CN201611202994A CN106713318B CN 106713318 B CN106713318 B CN 106713318B CN 201611202994 A CN201611202994 A CN 201611202994A CN 106713318 B CN106713318 B CN 106713318B
- Authority
- CN
- China
- Prior art keywords
- http request
- preset
- uri
- matching
- web site
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
- H04L63/0236—Filtering by address, protocol, port number or service, e.g. IP-address or URL
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/30—Network architectures or network communication protocols for network security for supporting lawful interception, monitoring or retaining of communications or communication related information
- H04L63/306—Network architectures or network communication protocols for network security for supporting lawful interception, monitoring or retaining of communications or communication related information intercepting packet switched data communications, e.g. Web, Internet or IMS communications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/02—Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Technology Law (AREA)
- Computer And Data Communications (AREA)
- Information Transfer Between Computers (AREA)
Abstract
The invention relates to a WEB site safety protection method and a system. Obtaining an IP address of a client sending an HTTP request; searching the IP address in a preset IP black list and a preset IP white list to obtain a first search result; when the IP address is not searched in the first search result, extracting a file extension name in the HTTP request to obtain a resource type requested by the HTTP request; when the resource type is a non-static file, extracting the URI in the HTTP request; searching the URI in a preset URI white list to obtain a second search result; when the second search result is that the URI is not searched, identifying whether the HTTP request comprises a preset feature code; if yes, matching the HTTP request with a preset safety rule, and if the matching is successful, sending a resource requested by the HTTP request to the client; otherwise, the HTTP request is intercepted. The efficiency of detecting the security of the HTTP request is improved.
Description
Technical Field
The invention relates to the field of information security, in particular to a WEB site security protection method and system.
Background
The existing WEB site security protection products mainly use hardware firewalls or application firewalls based on Apache, IIS and the like to process website security filtering through independent equipment and agent technology. However, the cost of the application firewall of hardware is high, and the application firewall based on software such as Apache and IIS also adds extra investment to the server.
Disclosure of Invention
The technical problem to be solved by the invention is as follows: the WEB site security protection method and system are provided, and the efficiency of detecting the security of the HTTP request is improved.
In order to solve the technical problems, the invention adopts the technical scheme that:
the invention provides a WEB site safety protection method, which comprises the following steps:
acquiring an IP address of a client sending an HTTP request;
searching the IP address in a preset IP black list and a preset IP white list to obtain a first search result;
when the IP address is not searched in the first search result, extracting a file extension name in the HTTP request to obtain the resource type requested by the HTTP request;
when the resource type is a non-static file, extracting the URI in the HTTP request;
searching the URI in a preset URI white list to obtain a second search result;
when the second search result is that the URI is not searched, identifying whether the HTTP request comprises a preset feature code; if yes, matching the HTTP request with a preset safety rule to obtain a matching result;
if the matching result is that the matching is successful, the HTTP request is intercepted; otherwise, sending the resource requested by the HTTP request to the client.
The invention also provides a WEB site security protection system, comprising:
the first acquisition module is used for acquiring the IP address of the client sending the HTTP request;
the first searching module is used for searching the IP address in a preset IP blacklist and a preset IP whitelist to obtain a first searching result;
the first extraction module is used for extracting the file extension name in the HTTP request to obtain the resource type requested by the HTTP request when the IP address is not searched in the first search result;
the second extraction module is used for extracting the URI in the HTTP request when the resource type is a non-static file;
the second search module is used for searching the URI in a preset URI white list to obtain a second search result;
the matching module is used for identifying whether the HTTP request comprises a preset feature code or not when the second search result is that the URI is not searched; if yes, then: matching the HTTP request with a preset safety rule to obtain a matching result; if the matching result is that the matching is successful, the HTTP request is intercepted; otherwise, sending the resource requested by the HTTP request to the client.
The invention has the beneficial effects that: the security of the IP address of the client sending the HTTP request is detected through the preset IP blacklist and the preset IP white list, if the IP address is not in the IP blacklist and the IP white list, whether the resource requested by the HTTP request is a static file such as a CSS (cascading Style sheets), a picture and the like is further judged, if yes, the static file resource is directly returned to the client, and otherwise, whether the URI requested by the HTTP request is a resource without security risk, such as a home page, a verification code page and the like, set in the preset URI white list is further judged. The IP blacklist mainly rejects the clients which illegally request for a long time or a large batch, and the IP white list provides service communication between servers which are mutually trusted by the two parties (general service communication has security inspection), and the skipping detection aims at improving the service processing efficiency. If the security of the HTTP request cannot be determined through the above steps, further identifying whether the HTTP request includes a preset feature code, and if the HTTP request includes the preset feature code, performing security detection according to a preset security rule. The feature code is a feature of a resource to be subjected to security detection, and if a script file is to be detected, the feature code may be set to "< script >. Each security rule corresponds to one feature code, and only when the HTTP request contains the feature code matched with the feature code, the detailed rule list in the security rules is used for carrying out security detection operation, so that the efficiency of detecting the security of the HTTP request is improved.
Drawings
FIG. 1 is a flow chart diagram of an embodiment of a method for WEB site security protection according to the present invention;
FIG. 2 is a block diagram of a WEB site security system according to an embodiment of the present invention;
description of reference numerals:
1. a first acquisition module; 2. a first search module; 3. a first extraction module; 4. a second extraction module; 5. a second search module; 6. and a matching module.
Detailed Description
In order to explain technical contents, achieved objects, and effects of the present invention in detail, the following description is made with reference to the accompanying drawings in combination with the embodiments.
As shown in fig. 1, the present invention provides a WEB site security protection method, including:
acquiring an IP address of a client sending an HTTP request;
searching the IP address in a preset IP black list and a preset IP white list to obtain a first search result;
when the IP address is not searched in the first search result, extracting a file extension name in the HTTP request to obtain the resource type requested by the HTTP request;
when the resource type is a non-static file, extracting the URI in the HTTP request;
searching the URI in a preset URI white list to obtain a second search result;
when the second search result is that the URI is not searched, identifying whether the HTTP request comprises a preset feature code; if yes, matching the HTTP request with a preset safety rule to obtain a matching result;
if the matching result is that the matching is successful, the HTTP request is intercepted; otherwise, sending the resource requested by the HTTP request to the client.
Further, the matching of the HTTP request and a preset security rule specifically includes:
acquiring a request parameter name in the HTTP request to obtain a first parameter name;
and if the first parameter name is the same as one parameter name in a preset parameter name blacklist, intercepting the HTTP request.
From the above description, the request parameters in the HTTP request are filtered to confirm whether the client submits the illegal parameters in POST and GET request modes.
Further, the matching of the HTTP request and a preset security rule specifically includes:
acquiring the browser type used by the client from the HTTP request to obtain a first browser type;
and if the first browser type is not matched with a preset browser type, intercepting the HTTP request.
As can be seen from the above description, the browser type detection mainly includes the following two aspects: 1. limiting the types of browsers that are not supported by illegal or current applications; 2. SQL injection bugs are avoided when some applications put browser types in a log mode.
Further, still include:
and loading the IP blacklist, the IP whitelist, the URI whitelist and the safety rule to a memory.
From the above description, the efficiency of the security detection of the HTTP request can be improved.
Further, still include:
and storing the intercepted HTTP request to form a log file.
From the above description, it can be known that the health condition of the current website can be evaluated through the log file, statistics is performed on the illegal request clients, and the frequently-used client IP is blacklisted for a period of time to reduce the transaction amount of the server, thereby improving the system performance.
As shown in fig. 2, the present invention further provides a WEB site security protection system, which includes:
a first obtaining module 1, configured to obtain an IP address of a client that sends an HTTP request;
the first searching module 2 is used for searching the IP address in a preset IP blacklist and a preset IP whitelist to obtain a first searching result;
the first extraction module 3 is configured to, when the IP address is not searched in the first search result, extract a file extension in the HTTP request to obtain a resource type requested by the HTTP request;
the second extraction module 4 is configured to extract the URI in the HTTP request when the resource type is a non-static file;
the second searching module 5 is used for searching the URI in a preset URI white list to obtain a second searching result;
the matching module 6 is configured to identify whether the HTTP request includes a preset feature code when the second search result indicates that the URI is not searched; if yes, then: matching the HTTP request with a preset safety rule to obtain a matching result; if the matching result is that the matching is successful, the HTTP request is intercepted; otherwise, sending the resource requested by the HTTP request to the client.
Further, the matching module comprises:
the first acquisition unit is used for acquiring the request parameter name in the HTTP request to obtain a first parameter name;
the first interception unit is configured to intercept the HTTP request if the first parameter name is the same as a parameter name in a preset parameter name blacklist.
Further, the matching module further comprises:
the second acquisition unit is used for acquiring the browser type used by the client from the HTTP request to obtain the first browser type;
and the second intercepting unit is used for intercepting the HTTP request if the first browser type is not matched with a preset browser type.
Further, still include:
and the loading module is used for loading the IP blacklist, the IP whitelist, the URI whitelist and the safety rule to a memory.
Further, still include:
and the storage module is used for storing the intercepted HTTP request to form a log file.
From the above description, the WEB site security protection system provided by the present invention can improve the efficiency of detecting the security of the HTTP request.
The first embodiment of the invention is as follows:
loading a preset IP blacklist, an IP white list, a URI white list and a safety rule to a memory;
acquiring an IP address of a client sending an HTTP request; if the IP address is not searched in the preset IP blacklist and the preset IP white list, the method comprises the following steps:
extracting a file extension name in an HTTP request to obtain a resource type requested by the HTTP request; if the resource type is a non-static file, then:
extracting the URI in the HTTP request, if the URI is not searched in a preset URI white list, then:
identifying whether the HTTP request comprises a preset feature code or not; if yes, then:
matching the HTTP request with a preset safety rule; the method specifically comprises the following steps: acquiring a request parameter name in the HTTP request to obtain a first parameter name;
if the first parameter name is the same as one parameter name in a preset parameter name blacklist, intercepting the HTTP request; otherwise:
acquiring the browser type used by the client from the HTTP request to obtain a first browser type;
if the first browser type is not matched with a preset browser type, intercepting the HTTP request;
and storing the intercepted HTTP request to form a log file.
The second embodiment of the invention is as follows:
acquiring an IP address of a client sending an HTTP request, searching whether the IP address exists in a preset IP white list, and if so, sending a resource requested by the HTTP request to the client; if not, searching whether the IP address exists in a preset IP blacklist, if so, intercepting the HTTP request, and storing the HTTP request into a log file.
If the IP address does not exist in the IP blacklist and the IP white list, extracting a file extension name in the HTTP request, judging the type of the resource requested by the HTTP request according to the extracted file extension name, if the requested resource type is a static file such as a CSS (cascading Style sheets) file and a picture, not continuing to perform safety detection, directly returning the static file to the client, and otherwise, performing URI (Uniform resource identifier) detection.
And obtaining the URI of the requested resource according to the HTTP request, searching whether the URI exists in a preset URI white list, if so, indicating that the requested resource is a resource without safety problem, such as a first page of a page, a verification code page and the like, directly returning the resource of the HTTP request to the client, otherwise, performing safety rule matching.
The preset safety rule comprises a detection parameter http _ refer, and the reference path requested by the user is subjected to matching filtering; detecting a parameter HTTP _ user _ agent, and filtering user browser information of a Header requested by the HTTP; detecting a parameter HTTP _ Accept _ Language, and filtering Accept _ Language information of a browser sending an HTTP request; detecting a parameter URI, and filtering the URL of the HTTP request; detecting a parameter Cookie, and filtering Cookie information in the HTTP request; detecting a parameter Get, and filtering a request parameter of a GET request mode of the HTTP; detecting a parameter POST, and filtering request parameters of a POST request mode of the HTTP. The security rules can be randomly arranged and combined to form a security rule group, a feature code is configured for the security rule group, and when the HTTP request contains the feature code, the corresponding security rule group is used for detecting the HTTP request. If the HTTP request is matched with the safety rule, the resource requested by the HTTP request is sent to the client, otherwise, the HTTP request is intercepted, and the HTTP request is stored to the log file.
The third embodiment of the invention:
for websites with access to Struts2 technology, the client may construct: http:// host/struts 2-blank/example/X.action? action { (new + java. ang. processbuild. er { (new + java. ang. string [ ] { 'command', 'goes', 'here') } start () } chaining, command goes here can be replaced by a path and parameter of the destruction script, such as fdisk-f, etc., resulting in the purpose that the destruction system cannot operate.
The invention can identify the illegal requests 2 by matching some keywords of the Struts2 such as action, java, lang, command and the like, and intercept the illegal requests.
In summary, according to the method and system for WEB site security protection provided by the present invention, the security of the IP address of the client sending the HTTP request is detected through the preset IP blacklist and IP whitelist, if the IP address is not in the IP blacklist and IP whitelist, it is further determined whether the resource requested by the HTTP request is a static file such as CSS, picture, etc., if so, the static file resource is directly returned to the client, otherwise, it is further determined whether the URI requested by the HTTP request is a resource without security risk set in the preset URI whitelist, such as a home page, a verification code page, etc. If the security of the HTTP request cannot be determined through the above steps, further identifying whether the HTTP request includes a preset feature code, and if the HTTP request includes the preset feature code, performing security detection according to a preset security rule. The feature code is a feature of a resource to be subjected to security detection, and if a script file is to be detected, the feature code may be set to "< script >. Each security rule corresponds to one feature code, and only when the HTTP request contains the feature code matched with the feature code, the detailed rule list in the security rules is used for carrying out security detection operation, so that the efficiency of detecting the security of the HTTP request is improved.
The above description is only an embodiment of the present invention, and not intended to limit the scope of the present invention, and all equivalent changes made by using the contents of the present specification and the drawings, or applied directly or indirectly to the related technical fields, are included in the scope of the present invention.
Claims (10)
1. A WEB site security protection method is characterized by comprising the following steps:
acquiring an IP address of a client sending an HTTP request;
searching the IP address in a preset IP black list and a preset IP white list to obtain a first search result;
when the IP address is not searched in the first search result, extracting a file extension name in the HTTP request to obtain the resource type requested by the HTTP request;
when the resource type is a non-static file, extracting the URI in the HTTP request;
searching the URI in a preset URI white list to obtain a second search result;
when the second search result is that the URI is not searched, identifying whether the HTTP request comprises a preset feature code; if yes, matching the HTTP request with a preset safety rule to obtain a matching result;
if the matching result is that the matching is successful, the HTTP request is intercepted; otherwise, sending the resource requested by the HTTP request to the client.
2. The WEB site security protection method according to claim 1, wherein the matching of the HTTP request with a preset security rule specifically includes:
acquiring a request parameter name in the HTTP request to obtain a first parameter name;
and if the first parameter name is the same as one parameter name in a preset parameter name blacklist, intercepting the HTTP request.
3. The WEB site security protection method according to claim 1, wherein the matching of the HTTP request with a preset security rule specifically includes:
acquiring the browser type used by the client from the HTTP request to obtain a first browser type;
and if the first browser type is not matched with a preset browser type, intercepting the HTTP request.
4. The WEB site security method of claim 1 further comprising:
and loading the IP blacklist, the IP whitelist, the URI whitelist and the safety rule to a memory.
5. The WEB site security method of claim 1 further comprising:
and storing the intercepted HTTP request to form a log file.
6. A WEB site security system, comprising:
the first acquisition module is used for acquiring the IP address of the client sending the HTTP request;
the first searching module is used for searching the IP address in a preset IP blacklist and a preset IP whitelist to obtain a first searching result;
the first extraction module is used for extracting the file extension name in the HTTP request to obtain the resource type requested by the HTTP request when the IP address is not searched in the first search result;
the second extraction module is used for extracting the URI in the HTTP request when the resource type is a non-static file;
the second search module is used for searching the URI in a preset URI white list to obtain a second search result;
the matching module is used for identifying whether the HTTP request comprises a preset feature code or not when the second search result is that the URI is not searched; if yes, matching the HTTP request with a preset safety rule to obtain a matching result; if the matching result is that the matching is successful, the HTTP request is intercepted, otherwise, the resource requested by the HTTP request is sent to the client.
7. The WEB site security system of claim 6 wherein the matching module comprises:
the first acquisition unit is used for acquiring the request parameter name in the HTTP request to obtain a first parameter name;
the first interception unit is configured to intercept the HTTP request if the first parameter name is the same as a parameter name in a preset parameter name blacklist.
8. The WEB site security system of claim 6 wherein the matching module further comprises:
the second acquisition unit is used for acquiring the browser type used by the client from the HTTP request to obtain the first browser type;
and the second intercepting unit is used for intercepting the HTTP request if the first browser type is not matched with a preset browser type.
9. The WEB site security system of claim 6 further comprising:
and the loading module is used for loading the IP blacklist, the IP whitelist, the URI whitelist and the safety rule to a memory.
10. The WEB site security system of claim 6 further comprising: and the storage module is used for storing the intercepted HTTP request to form a log file.
Priority Applications (4)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202010304157.9A CN111541674A (en) | 2016-12-23 | 2016-12-23 | WEB site safety protection method and system with high detection efficiency |
CN202010303797.8A CN111541673A (en) | 2016-12-23 | 2016-12-23 | Efficient method and system for detecting HTTP request security |
CN201611202994.0A CN106713318B (en) | 2016-12-23 | 2016-12-23 | WEB site safety protection method and system |
CN202010303787.4A CN111541672A (en) | 2016-12-23 | 2016-12-23 | Method and system for detecting security of HTTP (hyper text transport protocol) request |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201611202994.0A CN106713318B (en) | 2016-12-23 | 2016-12-23 | WEB site safety protection method and system |
Related Child Applications (3)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202010304157.9A Division CN111541674A (en) | 2016-12-23 | 2016-12-23 | WEB site safety protection method and system with high detection efficiency |
CN202010303797.8A Division CN111541673A (en) | 2016-12-23 | 2016-12-23 | Efficient method and system for detecting HTTP request security |
CN202010303787.4A Division CN111541672A (en) | 2016-12-23 | 2016-12-23 | Method and system for detecting security of HTTP (hyper text transport protocol) request |
Publications (2)
Publication Number | Publication Date |
---|---|
CN106713318A CN106713318A (en) | 2017-05-24 |
CN106713318B true CN106713318B (en) | 2020-04-07 |
Family
ID=58903063
Family Applications (4)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202010303787.4A Withdrawn CN111541672A (en) | 2016-12-23 | 2016-12-23 | Method and system for detecting security of HTTP (hyper text transport protocol) request |
CN201611202994.0A Active CN106713318B (en) | 2016-12-23 | 2016-12-23 | WEB site safety protection method and system |
CN202010303797.8A Withdrawn CN111541673A (en) | 2016-12-23 | 2016-12-23 | Efficient method and system for detecting HTTP request security |
CN202010304157.9A Withdrawn CN111541674A (en) | 2016-12-23 | 2016-12-23 | WEB site safety protection method and system with high detection efficiency |
Family Applications Before (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202010303787.4A Withdrawn CN111541672A (en) | 2016-12-23 | 2016-12-23 | Method and system for detecting security of HTTP (hyper text transport protocol) request |
Family Applications After (2)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202010303797.8A Withdrawn CN111541673A (en) | 2016-12-23 | 2016-12-23 | Efficient method and system for detecting HTTP request security |
CN202010304157.9A Withdrawn CN111541674A (en) | 2016-12-23 | 2016-12-23 | WEB site safety protection method and system with high detection efficiency |
Country Status (1)
Country | Link |
---|---|
CN (4) | CN111541672A (en) |
Families Citing this family (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108234453A (en) * | 2017-12-12 | 2018-06-29 | 杭州安恒信息技术有限公司 | A kind of web safety defense methods of rule-based Java |
CN109558427A (en) * | 2018-11-30 | 2019-04-02 | 上海找钢网信息科技股份有限公司 | Intelligent inquiry system and method based on steel industry data platform |
CN110012096B (en) * | 2019-04-03 | 2021-12-24 | 中国工商银行股份有限公司 | Mobile client service update management method, device and system |
CN113542287A (en) * | 2021-07-21 | 2021-10-22 | 山东浪潮通软信息科技有限公司 | Network request management method and device |
CN113992423B (en) * | 2021-11-05 | 2023-01-17 | 枣庄科技职业学院 | Use method of computer network firewall |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2006119508A2 (en) * | 2005-05-05 | 2006-11-09 | Ironport Systems, Inc. | Detecting unwanted electronic mail messages based on probabilistic analysis of referenced resources |
CN101252443A (en) * | 2008-03-20 | 2008-08-27 | 华为技术有限公司 | Apparatus and method for detecting message security |
Family Cites Families (13)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7707245B2 (en) * | 2000-02-22 | 2010-04-27 | Harvey Lunenfeld | Metasearching a client's request for displaying different order books on the client |
CN100440811C (en) * | 2006-12-25 | 2008-12-03 | 杭州华三通信技术有限公司 | Detection method and device for network attack |
US8271650B2 (en) * | 2009-08-25 | 2012-09-18 | Vizibility Inc. | Systems and method of identifying and managing abusive requests |
CN103095810B (en) * | 2012-12-28 | 2015-08-12 | 三维通信股份有限公司 | A kind of multi-functional recognition middleware system of sing on web technology |
US9215209B2 (en) * | 2013-11-08 | 2015-12-15 | U.S. Bancorp, National Association | Source request monitoring |
CN103607385B (en) * | 2013-11-14 | 2017-01-18 | 北京奇虎科技有限公司 | Method and apparatus for security detection based on browser |
CN103825900A (en) * | 2014-02-28 | 2014-05-28 | 广州云宏信息科技有限公司 | Website access method and device and filter form downloading and updating method and system |
CN104954346B (en) * | 2014-03-31 | 2018-12-18 | 北京奇安信科技有限公司 | Attack recognition method and device based on object analysis |
CN103973684B (en) * | 2014-05-07 | 2017-05-24 | 北京神州绿盟信息安全科技股份有限公司 | Rule compiling and matching method and device |
CN105635064B (en) * | 2014-10-31 | 2019-12-06 | 新华三技术有限公司 | CSRF attack detection method and device |
CN104361283B (en) * | 2014-12-05 | 2018-05-18 | 网宿科技股份有限公司 | The method for protecting Web attacks |
CN105938472A (en) * | 2015-08-26 | 2016-09-14 | 杭州迪普科技有限公司 | Web access control method and device |
CN110417748A (en) * | 2019-07-08 | 2019-11-05 | 新华三信息安全技术有限公司 | A kind of attack detection method and device |
-
2016
- 2016-12-23 CN CN202010303787.4A patent/CN111541672A/en not_active Withdrawn
- 2016-12-23 CN CN201611202994.0A patent/CN106713318B/en active Active
- 2016-12-23 CN CN202010303797.8A patent/CN111541673A/en not_active Withdrawn
- 2016-12-23 CN CN202010304157.9A patent/CN111541674A/en not_active Withdrawn
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2006119508A2 (en) * | 2005-05-05 | 2006-11-09 | Ironport Systems, Inc. | Detecting unwanted electronic mail messages based on probabilistic analysis of referenced resources |
CN101252443A (en) * | 2008-03-20 | 2008-08-27 | 华为技术有限公司 | Apparatus and method for detecting message security |
Also Published As
Publication number | Publication date |
---|---|
CN111541672A (en) | 2020-08-14 |
CN111541674A (en) | 2020-08-14 |
CN111541673A (en) | 2020-08-14 |
CN106713318A (en) | 2017-05-24 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN106713318B (en) | WEB site safety protection method and system | |
US9762543B2 (en) | Using DNS communications to filter domain names | |
CN101895516B (en) | Method and device for positioning cross-site scripting attack source | |
US8370407B1 (en) | Systems providing a network resource address reputation service | |
US9208309B2 (en) | Dynamically scanning a web application through use of web traffic information | |
CN107634967B (en) | CSRFtoken defense system and method for CSRF attack | |
CN107046544B (en) | Method and device for identifying illegal access request to website | |
US20090064337A1 (en) | Method and apparatus for preventing web page attacks | |
US20130007882A1 (en) | Methods of detecting and removing bidirectional network traffic malware | |
US20130007870A1 (en) | Systems for bi-directional network traffic malware detection and removal | |
US11451583B2 (en) | System and method to detect and block bot traffic | |
CN107341395B (en) | Method for intercepting reptiles | |
CN101964025A (en) | XSS (Cross Site Scripting) detection method and device | |
CN103929440A (en) | Web page tamper prevention device based on web server cache matching and method thereof | |
CN105635064B (en) | CSRF attack detection method and device | |
CN107612926B (en) | One-sentence speech WebShell interception method based on client recognition | |
CN107800686A (en) | A kind of fishing website recognition methods and device | |
CN109660552A (en) | A kind of Web defence method combining address jump and WAF technology | |
WO2019165362A1 (en) | System, method, apparatus, and computer program product to detect page impersonation in phishing attacks | |
US11582226B2 (en) | Malicious website discovery using legitimate third party identifiers | |
JP5743822B2 (en) | Information leakage prevention device and restriction information generation device | |
US20210176275A1 (en) | System and method for page impersonation detection in phishing attacks | |
CN113542287A (en) | Network request management method and device | |
CN104852907A (en) | Cross-site request forgery CSRF attack recognition method and device | |
GB2582703A (en) | Injection attack mitigation |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
PE01 | Entry into force of the registration of the contract for pledge of patent right |
Denomination of invention: A web site security protection method and system Effective date of registration: 20210127 Granted publication date: 20200407 Pledgee: Fuzhou Gulou sub branch of Fujian Straits Bank Co.,Ltd. Pledgor: NEWDOONE SCIENCE & TECHNOLOGY Co.,Ltd. Registration number: Y2021350000016 |
|
PE01 | Entry into force of the registration of the contract for pledge of patent right |