CN110555303A - Method and device for preventing machine script from being maliciously accessed - Google Patents
Method and device for preventing machine script from being maliciously accessed Download PDFInfo
- Publication number
- CN110555303A CN110555303A CN201910707791.4A CN201910707791A CN110555303A CN 110555303 A CN110555303 A CN 110555303A CN 201910707791 A CN201910707791 A CN 201910707791A CN 110555303 A CN110555303 A CN 110555303A
- Authority
- CN
- China
- Prior art keywords
- encryption
- decryption
- logic
- server
- value
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a device for preventing malicious access of machine scripts, relates to the technical field of computer security, and adopts a dynamic encryption technical means to prevent the malicious access behaviors of batch interface refreshing of the machine scripts. The method comprises the following steps: monitoring session control of user access behaviors, and randomly selecting any one or more groups of encryption and decryption algorithms by the server to generate js obfuscated codes with encryption logic; the server receives encrypted data uploaded by the client, and the encrypted data are generated by analyzing js obfuscated codes and then sequentially calling corresponding encryption algorithm to encrypt message data by the client; and the server side sequentially calls corresponding decryption algorithms to decrypt the encrypted data to obtain a plaintext message and then executes the access request based on the decryption logic corresponding to the encryption logic, otherwise, the access request is intercepted. The device is applied with the method provided by the scheme.
Description
Technical Field
The invention relates to the technical field of computer security, in particular to a method and a device for preventing machine scripts from being accessed maliciously.
Background
Most of the current web systems are developed only for realizing corresponding functional requirements, and excessive technical protection is not performed on system security, so that key service interfaces and messages are easily analyzed and cracked. With the increasing development of the machine script (also called automation script) technology, the machine script technology is often used in system test scenarios such as automation test or pressure test, so that developers can find out the BUG to upgrade the system, but the machine script technology can also be used by attackers, for example, false traffic of websites can be maliciously manufactured by a machine script interface brushing means in batch, or a cattle packages the machine script into interface brushing software such as a ticket-grabbing tool and a second-killing tool, so that the access pressure of the server is increased.
disclosure of Invention
The invention aims to provide a method and a device for preventing machine scripts from malicious access, which adopt a dynamic encryption technical means to prevent the malicious access behaviors of the machine scripts for batch interface refreshing.
In order to achieve the above object, an aspect of the present invention provides a method for preventing a machine script from being maliciously accessed, including:
monitoring session control of user access behaviors, and randomly selecting any one or more groups of encryption and decryption algorithms by the server to generate js obfuscated codes with encryption logic;
the server receives encrypted data uploaded by the client, and the encrypted data is generated by analyzing js obfuscated codes and then sequentially calling corresponding encryption algorithm to encrypt message data by the client;
And the server side sequentially calls a corresponding decryption algorithm to decrypt the encrypted data to obtain a plaintext message based on the decryption logic corresponding to the encryption logic, and then executes the access request, otherwise, the access request is intercepted.
Preferably, before the session control of the access behavior of the listening user, the server randomly selecting any one or several groups of encryption and decryption algorithms to generate js obfuscated codes with encryption logic, the method further includes:
and presetting a plurality of groups of encryption and decryption algorithms at the server, wherein each group of encryption and decryption algorithms comprises an encryption algorithm and a decryption algorithm which correspond to each other.
preferably, the method for monitoring session control of user access behavior and randomly selecting any one or more groups of encryption and decryption algorithms by the server to generate js obfuscated codes with encryption logic includes:
monitoring the page access behavior of a user through a server background, and selecting one or more groups of encryption and decryption algorithms from multiple groups of encryption and decryption algorithms to randomly construct an encryption logic according to the current session control;
And converting the encryption logic into js obfuscated codes and returning the js obfuscated codes to the client.
Preferably, the method for generating the encrypted message data by the server side receiving the encrypted data uploaded by the client side and sequentially calling the corresponding encryption algorithm after the client side analyzes the js obfuscated code comprises the following steps:
splicing message data filled by a user through a client, calculating an MD5 value of the message data, and feeding the MD5 value back to a server background record;
and the client analyzes the js obfuscated code to extract encryption logic, sequentially calls a corresponding encryption algorithm according to the encryption logic to encrypt the packed message data and the MD5 value to generate encrypted message data, and uploads the encrypted message data to the server to request access.
preferably, the server, based on the decryption logic corresponding to the encryption logic, sequentially invokes a corresponding decryption algorithm to decrypt the encrypted data to obtain a plaintext message and then executes the access request, otherwise, the method for intercepting the access request includes:
the server side obtains decryption logic corresponding to the encryption logic, and sequentially calls corresponding decryption algorithms to decrypt the encrypted data to obtain a plaintext message and an MD5 value;
And checking whether the decrypted MD5 value is consistent with the MD5 value recorded in the background, executing the access request based on a plaintext message when the decrypted MD5 value is consistent with the MD5 value recorded in the background, and intercepting the access request when the decrypted MD5 value is inconsistent with the MD5 value.
compared with the prior art, the method for preventing the machine script from being maliciously accessed has the following beneficial effects:
In the method for preventing the machine script from malicious access, by monitoring the access page behavior of the user, the session control of the user is realized by randomly generating a group of encryption logic by the server background, recording the encryption logic by the server background, simultaneously, js obfuscation codes of the encryption logic are sent to the client, then the client analyzes the js obfuscation codes to obtain the encryption logic in the js obfuscation codes, when a user finishes filling message data and clicks and submits, the client side automatically and sequentially calls the corresponding encryption algorithm to encrypt the message data according to the encryption logic to obtain encrypted data and uploads the encrypted data to the server side, the server side receives the encrypted data and then sequentially calls the corresponding decryption algorithm to decrypt the encrypted data according to the decryption logic corresponding to the encryption logic, if decryption is successful, the access request is continuously executed after a plaintext message is obtained, and if decryption is failed, the access request is intercepted.
Therefore, the invention randomly generates a group of encryption logics to encrypt the message data uploaded by the user aiming at each session control, namely, the machine script cannot easily crack the message data of the user by adopting the dynamic encryption technology of one-time pad, thereby effectively intercepting the malicious access request of the machine script.
another aspect of the present invention provides an apparatus for preventing malicious machine script access, to which the method for preventing malicious machine script access mentioned in the above technical solution is applied, where the apparatus includes:
the logic unit is used for monitoring the session control of the access behavior of the user, and the server randomly selects any one group or several groups of encryption and decryption algorithms to generate js confusion codes with encryption logic;
the encryption unit is used for receiving the encrypted data uploaded by the client by the server, and the encrypted data is generated by analyzing js confusion codes by the client and then sequentially calling corresponding encryption algorithms to encrypt message data;
and the decryption unit is used for sequentially calling a corresponding decryption algorithm to decrypt the encrypted data to obtain a plaintext message and then executing the access request on the basis of the decryption logic corresponding to the encryption logic by the server, and otherwise intercepting the access request.
Preferably, the method further comprises the following steps:
The device comprises a setting unit and a processing unit, wherein the setting unit is used for presetting a plurality of groups of encryption and decryption algorithms at a server, and each group of encryption and decryption algorithms comprises an encryption algorithm and a decryption algorithm which correspond to each other.
preferably, the encryption unit includes:
the message splicing module is used for splicing message data filled by a user through a client to calculate an MD5 value of the user, and feeding the MD5 value back to a server background record;
And the encryption module is used for analyzing the js obfuscated code by the client, extracting encryption logic, sequentially calling a corresponding encryption algorithm according to the encryption logic to encrypt the packed message data and the MD5 value to generate encrypted message data, and uploading the encrypted message data to the server to request access.
Preferably, the decryption unit includes:
The decryption module is used for the server side to acquire decryption logic corresponding to the encryption logic and sequentially call a corresponding decryption algorithm to decrypt the encrypted data to obtain a plaintext message and an MD5 value;
and the checking module is used for checking whether the decrypted MD5 value is consistent with the MD5 value recorded in the background, executing the access request based on the plaintext message when the decrypted MD5 value is consistent with the MD5 value recorded in the background, and intercepting the access request when the decrypted MD5 value is inconsistent with the MD5 value.
Compared with the prior art, the device for preventing the malicious access of the machine script provided by the invention has the same beneficial effect as the method for preventing the malicious access of the machine script provided by the technical scheme, and the detailed description is omitted here.
a third aspect of the present invention provides a computer-readable storage medium, on which a computer program is stored, the computer program, when executed by a processor, performing the steps of the above method for preventing malicious machine script access.
compared with the prior art, the beneficial effects of the computer-readable storage medium provided by the invention are the same as the beneficial effects of the method for preventing the machine script from being maliciously accessed provided by the technical scheme, and the detailed description is omitted here.
drawings
The accompanying drawings, which are included to provide a further understanding of the invention and are incorporated in and constitute a part of this specification, illustrate embodiments of the invention and together with the description serve to explain the invention and not to limit the invention. In the drawings:
Fig. 1 is a flowchart illustrating a method for preventing a machine script from being maliciously accessed according to an embodiment of the present invention.
Detailed Description
in order to make the aforementioned objects, features and advantages of the present invention comprehensible, embodiments accompanied with figures are described in detail below. It is to be understood that the described embodiments are merely exemplary of the invention, and not restrictive of the full scope of the invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Example one
Referring to fig. 1, the present embodiment provides a method for preventing a machine script from being maliciously accessed, including:
Monitoring session control of user access behaviors, and randomly selecting any one or more groups of encryption and decryption algorithms by the server to generate js obfuscated codes with encryption logic; the server receives encrypted data uploaded by the client, and the encrypted data is generated by analyzing js obfuscated codes and then sequentially calling corresponding encryption algorithm to encrypt message data by the client; and the server side sequentially calls a corresponding decryption algorithm to decrypt the encrypted data to obtain a plaintext message based on the decryption logic corresponding to the encryption logic, and then executes the access request, otherwise, the access request is intercepted.
In the method for preventing malicious machine script access, by monitoring the access page behavior of the user, the session control of the user is realized by randomly generating a group of encryption logic by the server background, recording the encryption logic by the server background, simultaneously, js obfuscation codes of the encryption logic are sent to the client, then the client analyzes the js obfuscation codes to obtain the encryption logic in the js obfuscation codes, when a user finishes filling message data and clicks and submits, the client side automatically and sequentially calls the corresponding encryption algorithm to encrypt the message data according to the encryption logic to obtain encrypted data and uploads the encrypted data to the server side, the server side receives the encrypted data and then sequentially calls the corresponding decryption algorithm to decrypt the encrypted data according to the decryption logic corresponding to the encryption logic, if decryption is successful, the access request is continuously executed after a plaintext message is obtained, and if decryption is failed, the access request is intercepted.
Therefore, in the embodiment, a group of encryption logic is randomly generated for each session control to encrypt the message data uploaded by the user, that is, the machine script cannot easily crack the user message data by using the one-time pad dynamic encryption technology, so that the malicious access request of the machine script can be effectively intercepted.
it should be noted that the method for preventing malicious machine script access can be applied to traditional security technologies such as verification codes and fingerprint verification, so as to ensure the anti-cracking capability of the technology and improve the reliability of the security technology. Besides, the method can also be applied to a service interface with higher security, so as to prevent other people from maliciously cracking the message and attacking service loopholes.
preferably, in the above embodiment, before the session control of the access behavior of the listening user, the server randomly selects any one or several groups of encryption and decryption algorithms to generate a js obfuscated code having encryption logic, the method further includes:
And presetting a plurality of groups of encryption and decryption algorithms at the server, wherein each group of encryption and decryption algorithms comprises an encryption algorithm and a decryption algorithm which correspond to each other. In specific implementation, the encryption and decryption algorithm can adopt the existing general reversible algorithm or the reversible algorithm written by the user.
Specifically, the method for monitoring session control of user access behavior in the foregoing embodiment, where the server randomly selects any one or more groups of encryption and decryption algorithms to generate js obfuscated codes with encryption logic, includes:
monitoring the page access behavior of a user through a server background, and selecting one or more groups of encryption and decryption algorithms from multiple groups of encryption and decryption algorithms to randomly construct an encryption logic according to the current session control; and converting the encryption logic into js obfuscated codes and returning the js obfuscated codes to the client.
in specific implementation, the session control is session of the user. The encryption and decryption algorithm group number selected in the encryption logic is also random, preferably, all encryption and decryption algorithms are randomly combined to generate the encryption logic, and the encryption logic formed by fully selecting the encryption and decryption algorithms can ensure the complexity of data encryption and has the effect of being not easy to crack by machine scripts.
in the above embodiment, the method for the server to receive the encrypted data uploaded by the client, and the encrypted data is generated by the client analyzing the js obfuscated codes and then sequentially calling the corresponding encryption algorithms to encrypt the message data includes:
Splicing message data filled by a user through a client, calculating an MD5 value of the message data, and feeding the MD5 value back to a server background record; and the client analyzes the js obfuscated code to extract encryption logic, sequentially calls a corresponding encryption algorithm according to the encryption logic to encrypt the packed message data and the MD5 value to generate encrypted message data, and uploads the encrypted message data to the server to request access.
illustratively, the message data comprises a user name and a password, when the user finishes clicking and submitting the user name and the password on a login page on the client, the client automatically splices the user name and the password field, simultaneously calculates an MD5 value of the spliced field and feeds the value back to a background of the server, then the client analyzes a js obfuscated code to extract an encryption logic therein, and sequentially calls a corresponding encryption algorithm according to the encryption logic to encrypt the packed message data and the MD5 value for multiple times to generate the encrypted message data, for example, the logic combination comprises N encryption algorithms, firstly, the packed message data and the MD5 value are encrypted by using a first encryption algorithm, then, the encrypted data obtained by encrypting one encryption algorithm is secondarily by using a second algorithm, and so on until the encrypted data obtained by encrypting the N-1 algorithm by using the N algorithm is encrypted again, finally, encrypted message data are obtained after multiple rounds of encryption and uploaded to a server side for access request, and therefore the safety of the data can be guaranteed through the compound multiple rounds of encryption method, and the data cannot be easily cracked.
in the foregoing embodiment, based on the decryption logic corresponding to the encryption logic, the server sequentially invokes a corresponding decryption algorithm to decrypt the encrypted data to obtain a plaintext packet and then executes the access request, otherwise, the method for intercepting the access request includes:
The server side obtains decryption logic corresponding to the encryption logic, and sequentially calls corresponding decryption algorithms to decrypt the encrypted data to obtain a plaintext message and an MD5 value; and checking whether the decrypted MD5 value is consistent with the MD5 value recorded in the background, executing the access request based on a plaintext message when the decrypted MD5 value is consistent with the MD5 value recorded in the background, and intercepting the access request when the decrypted MD5 value is inconsistent with the MD5 value.
When the method is specifically implemented, the decryption logic is a reverse sequence process of the encryption logic, namely, the encrypted data is sequentially decrypted by calling a corresponding decryption algorithm, a plaintext message and an MD5 value in the encrypted data are extracted, after the decryption is successful, whether the decrypted MD5 value is consistent with an MD5 value recorded in a background is checked, if the decrypted MD5 value is consistent with the MD5 value recorded in the background, the message uploaded by a user is not tampered, the access request is executed, a result is fed back to a client, and if the decryption is failed or the decrypted MD5 value is not consistent with an MD5 value recorded in the background, the access is determined as a malicious access behavior of script data, the access request is intercepted, and the result is fed back to the client.
Example two
The embodiment provides an apparatus for preventing a machine script from being maliciously accessed, comprising:
The logic unit is used for monitoring the session control of the access behavior of the user, and the server randomly selects any one group or several groups of encryption and decryption algorithms to generate js confusion codes with encryption logic;
The encryption unit is used for receiving the encrypted data uploaded by the client by the server, and the encrypted data is generated by analyzing js confusion codes by the client and then sequentially calling corresponding encryption algorithms to encrypt message data;
and the decryption unit is used for sequentially calling a corresponding decryption algorithm to decrypt the encrypted data to obtain a plaintext message and then executing the access request on the basis of the decryption logic corresponding to the encryption logic by the server, and otherwise intercepting the access request.
Preferably, the method further comprises the following steps:
the device comprises a setting unit and a processing unit, wherein the setting unit is used for presetting a plurality of groups of encryption and decryption algorithms at a server, and each group of encryption and decryption algorithms comprises an encryption algorithm and a decryption algorithm which correspond to each other.
Preferably, the encryption unit includes:
The message splicing module is used for splicing message data filled by a user through a client to calculate an MD5 value of the user, and feeding the MD5 value back to a server background record;
Preferably, the decryption unit comprises:
The decryption module is used for the server side to acquire decryption logic corresponding to the encryption logic and sequentially call a corresponding decryption algorithm to decrypt the encrypted data to obtain a plaintext message and an MD5 value;
and the checking module is used for checking whether the decrypted MD5 value is consistent with the MD5 value recorded in the background, executing the access request based on the plaintext message when the decrypted MD5 value is consistent with the MD5 value recorded in the background, and intercepting the access request when the decrypted MD5 value is inconsistent with the MD5 value.
compared with the prior art, the beneficial effects of the device for preventing the malicious access of the machine script provided by the embodiment of the invention are the same as the beneficial effects of the method for preventing the malicious access of the machine script provided by the first embodiment, and are not repeated herein.
EXAMPLE III
The present embodiment provides a computer-readable storage medium, on which a computer program is stored, and the computer program, when executed by a processor, performs the steps of the above-mentioned method for preventing malicious machine script access.
compared with the prior art, the beneficial effects of the computer-readable storage medium provided by the embodiment are the same as the beneficial effects of the method for preventing the machine script from being maliciously accessed provided by the above technical scheme, and no further description is given here.
It will be understood by those skilled in the art that all or part of the steps in the method for implementing the invention may be implemented by hardware that is instructed to be associated with a program, the program may be stored in a computer-readable storage medium, and when the program is executed, the program includes the steps of the method of the embodiment, and the storage medium may be: ROM/RAM, magnetic disks, optical disks, memory cards, and the like.
the above description is only for the specific embodiments of the present invention, but the scope of the present invention is not limited thereto, and any person skilled in the art can easily conceive of the changes or substitutions within the technical scope of the present invention, and the changes or substitutions should be covered within the scope of the present invention. Therefore, the protection scope of the present invention shall be subject to the protection scope of the appended claims.
Claims (10)
1. A method of preventing malicious access to a machine script, comprising:
Monitoring session control of user access behaviors, and randomly selecting any one or more groups of encryption and decryption algorithms by the server to generate js obfuscated codes with encryption logic;
The server receives encrypted data uploaded by the client, and the encrypted data is generated by analyzing js obfuscated codes and then sequentially calling corresponding encryption algorithm to encrypt message data by the client;
and the server side sequentially calls a corresponding decryption algorithm to decrypt the encrypted data to obtain a plaintext message based on the decryption logic corresponding to the encryption logic, and then executes the access request, otherwise, the access request is intercepted.
2. The method according to claim 1, wherein before listening to session control of user access behavior, the server randomly selecting any one or more groups of encryption and decryption algorithms to generate js obfuscated codes with encryption logic, further comprising:
And presetting a plurality of groups of encryption and decryption algorithms at the server, wherein each group of encryption and decryption algorithms comprises an encryption algorithm and a decryption algorithm which correspond to each other.
3. The method of claim 2, wherein the method for listening to session control of user access behavior and randomly selecting any one or more groups of encryption and decryption algorithms by the server to generate js obfuscated codes with encryption logic comprises:
monitoring the page access behavior of a user through a server background, and selecting one or more groups of encryption and decryption algorithms from multiple groups of encryption and decryption algorithms to randomly construct an encryption logic according to the current session control;
and converting the encryption logic into js obfuscated codes and returning the js obfuscated codes to the client.
4. The method according to claim 1, wherein the server receives the encrypted data uploaded by the client, and the method for generating the encrypted data by analyzing js obfuscated codes and then sequentially calling corresponding encryption algorithms to encrypt the message data comprises the following steps:
Splicing message data filled by a user through a client, calculating an MD5 value of the message data, and feeding the MD5 value back to a server background record;
and the client analyzes the js obfuscated code to extract encryption logic, sequentially calls a corresponding encryption algorithm according to the encryption logic to encrypt the packed message data and the MD5 value to generate encrypted message data, and uploads the encrypted message data to the server to request access.
5. The method according to claim 4, wherein the server side sequentially calls corresponding decryption algorithms to decrypt the encrypted data to obtain the plaintext message based on the decryption logic corresponding to the encryption logic, and then executes the access request, otherwise, the method for intercepting the access request comprises:
The server side obtains decryption logic corresponding to the encryption logic, and sequentially calls corresponding decryption algorithms to decrypt the encrypted data to obtain a plaintext message and an MD5 value;
And checking whether the decrypted MD5 value is consistent with the MD5 value recorded in the background, executing the access request based on a plaintext message when the decrypted MD5 value is consistent with the MD5 value recorded in the background, and intercepting the access request when the decrypted MD5 value is inconsistent with the MD5 value.
6. an apparatus for preventing malicious machine script access, comprising:
the logic unit is used for monitoring the session control of the access behavior of the user, and the server randomly selects any one group or several groups of encryption and decryption algorithms to generate js confusion codes with encryption logic;
The encryption unit is used for receiving the encrypted data uploaded by the client by the server, and the encrypted data is generated by analyzing js confusion codes by the client and then sequentially calling corresponding encryption algorithms to encrypt message data;
and the decryption unit is used for sequentially calling a corresponding decryption algorithm to decrypt the encrypted data to obtain a plaintext message and then executing the access request on the basis of the decryption logic corresponding to the encryption logic by the server, and otherwise intercepting the access request.
7. the apparatus of claim 6, further comprising:
the device comprises a setting unit and a processing unit, wherein the setting unit is used for presetting a plurality of groups of encryption and decryption algorithms at a server, and each group of encryption and decryption algorithms comprises an encryption algorithm and a decryption algorithm which correspond to each other.
8. The apparatus according to claim 7, wherein the encryption unit comprises:
The message splicing module is used for splicing message data filled by a user through a client to calculate an MD5 value of the user, and feeding the MD5 value back to a server background record;
and the encryption module is used for analyzing the js obfuscated code by the client, extracting encryption logic, sequentially calling a corresponding encryption algorithm according to the encryption logic to encrypt the packed message data and the MD5 value to generate encrypted message data, and uploading the encrypted message data to the server to request access.
9. the apparatus of claim 6, wherein the decryption unit comprises:
the decryption module is used for the server side to acquire decryption logic corresponding to the encryption logic and sequentially call a corresponding decryption algorithm to decrypt the encrypted data to obtain a plaintext message and an MD5 value;
and the checking module is used for checking whether the decrypted MD5 value is consistent with the MD5 value recorded in the background, executing the access request based on the plaintext message when the decrypted MD5 value is consistent with the MD5 value recorded in the background, and intercepting the access request when the decrypted MD5 value is inconsistent with the MD5 value.
10. A computer-readable storage medium, on which a computer program is stored, which, when being executed by a processor, carries out the steps of the method according to any one of the claims 1 to 5.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910707791.4A CN110555303A (en) | 2019-08-01 | 2019-08-01 | Method and device for preventing machine script from being maliciously accessed |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910707791.4A CN110555303A (en) | 2019-08-01 | 2019-08-01 | Method and device for preventing machine script from being maliciously accessed |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN110555303A true CN110555303A (en) | 2019-12-10 |
Family
ID=68736605
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910707791.4A Pending CN110555303A (en) | 2019-08-01 | 2019-08-01 | Method and device for preventing machine script from being maliciously accessed |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN110555303A (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112256557A (en) * | 2020-09-16 | 2021-01-22 | 蘑菇物联技术(深圳)有限公司 | Program regression testing method, device, system, computer equipment and storage medium |
| CN113010856A (en) * | 2021-03-02 | 2021-06-22 | 北京顶象技术有限公司 | Dynamic asymmetric encryption and decryption JavaScript code obfuscation method and system |
| CN113794679A (en) * | 2021-08-02 | 2021-12-14 | 浪潮软件股份有限公司 | Method and system for preventing automatic script number robbing |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101321057A (en) * | 2008-07-22 | 2008-12-10 | 北京航空航天大学 | Electronic official document safety transmission method based on Web service |
| CN105447700A (en) * | 2014-08-27 | 2016-03-30 | 阿里巴巴集团控股有限公司 | Payment security detection method and device |
| CN106209886A (en) * | 2016-07-22 | 2016-12-07 | 广州爱九游信息技术有限公司 | Web interface data encryption is endorsed method, device and server |
| KR101737895B1 (en) * | 2015-11-17 | 2017-05-22 | 유넷시스템주식회사 | Web server that performs encryption communication on critical information |
-
2019
- 2019-08-01 CN CN201910707791.4A patent/CN110555303A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101321057A (en) * | 2008-07-22 | 2008-12-10 | 北京航空航天大学 | Electronic official document safety transmission method based on Web service |
| CN105447700A (en) * | 2014-08-27 | 2016-03-30 | 阿里巴巴集团控股有限公司 | Payment security detection method and device |
| KR101737895B1 (en) * | 2015-11-17 | 2017-05-22 | 유넷시스템주식회사 | Web server that performs encryption communication on critical information |
| CN106209886A (en) * | 2016-07-22 | 2016-12-07 | 广州爱九游信息技术有限公司 | Web interface data encryption is endorsed method, device and server |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112256557A (en) * | 2020-09-16 | 2021-01-22 | 蘑菇物联技术(深圳)有限公司 | Program regression testing method, device, system, computer equipment and storage medium |
| CN112256557B (en) * | 2020-09-16 | 2024-05-07 | 广东蘑菇物联科技有限公司 | Program regression testing method, device, system, computer equipment and storage medium |
| CN113010856A (en) * | 2021-03-02 | 2021-06-22 | 北京顶象技术有限公司 | Dynamic asymmetric encryption and decryption JavaScript code obfuscation method and system |
| CN113794679A (en) * | 2021-08-02 | 2021-12-14 | 浪潮软件股份有限公司 | Method and system for preventing automatic script number robbing |
| CN113794679B (en) * | 2021-08-02 | 2023-04-18 | 浪潮软件股份有限公司 | Method and system for preventing automatic script number robbing |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10719602B2 (en) | Method and device for realizing session identifier synchronization | |
| CN109474619B (en) | Data encryption reporting method and device and data decryption method and device | |
| CN107454048B (en) | Information processing method and device, and information authentication method, device and system | |
| CN110555303A (en) | Method and device for preventing machine script from being maliciously accessed | |
| CN110011950B (en) | Authentication method and device for video stream address | |
| CN106372497B (en) | Application programming interface API protection method and protection device | |
| CN105812366A (en) | Server, anti-crawler system and anti-crawler verification method | |
| CN113204772B (en) | Data processing method, device, system, terminal, server and storage medium | |
| CN110110551B (en) | Data storage method and device | |
| CN106790243B (en) | A kind of password remapping method of safe U disc | |
| WO2021137769A1 (en) | Method and apparatus for sending and verifying request, and device thereof | |
| CN116662941B (en) | Information encryption method, device, computer equipment and storage medium | |
| CN106533677A (en) | User login method, user terminal and server | |
| CN111585995A (en) | Method and device for transmitting and processing safety wind control information, computer equipment and storage medium | |
| CN108235067B (en) | Authentication method and device for video stream address | |
| CN117240625B (en) | Tamper-resistant data processing method and device and electronic equipment | |
| CN113395406B (en) | Encryption authentication method and system based on power equipment fingerprint | |
| CN114938313B (en) | Man-machine identification method and device based on dynamic token | |
| CN114448722B (en) | Cross-browser login method and device, computer equipment and storage medium | |
| CN115935388A (en) | Software package safety sending method, device, equipment and storage medium | |
| CN115567200A (en) | http interface anti-brush method, system and related device | |
| CN114238870A (en) | Network request processing method, device, equipment and storage medium | |
| US11704418B2 (en) | Fingerprint encryption method and device, fingerprint decryption method and device, storage medium and terminal | |
| CN108259490B (en) | Client verification method and device | |
| CN112733166A (en) | license authentication and authorization function realization method and system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20191210 |
|
| RJ01 | Rejection of invention patent application after publication |