CN111818008B - Network data safety exchange method based on Webservice - Google Patents

Network data safety exchange method based on Webservice Download PDF

Info

Publication number
CN111818008B
CN111818008B CN202010434945.XA CN202010434945A CN111818008B CN 111818008 B CN111818008 B CN 111818008B CN 202010434945 A CN202010434945 A CN 202010434945A CN 111818008 B CN111818008 B CN 111818008B
Authority
CN
China
Prior art keywords
network
interface
exchange
data
data security
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202010434945.XA
Other languages
Chinese (zh)
Other versions
CN111818008A (en
Inventor
钏涛
漆振飞
吕垚
郭威
和悦
杭菲璐
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Information Center of Yunnan Power Grid Co Ltd
Original Assignee
Information Center of Yunnan Power Grid Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Information Center of Yunnan Power Grid Co Ltd filed Critical Information Center of Yunnan Power Grid Co Ltd
Priority to CN202010434945.XA priority Critical patent/CN111818008B/en
Publication of CN111818008A publication Critical patent/CN111818008A/en
Application granted granted Critical
Publication of CN111818008B publication Critical patent/CN111818008B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0227Filtering policies
    • H04L63/0236Filtering by address, protocol, port number or service, e.g. IP-address or URL
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0227Filtering policies
    • H04L63/0245Filtering by information in the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1416Event detection, e.g. attack signature detection
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/1458Denial of Service

Abstract

The invention discloses a network data security exchange method based on Webservice, which comprises the following steps: s1: the external network and the internal network are logically isolated by using a gatekeeper; s2: configuring a data exchange channel on the network gate by adopting an http protocol; s3: setting an external network to exchange data with an internal network; s4: a filtering gateway is connected in series in front of the gateway; s5: and filtering the data sent to the internal network by the external network to complete the safe exchange of the network data. The network data security exchange method of the invention carries out security check on the web request and prevents network attacks like SQL injection, sensitive file reading and the like. The strict Webservice safety check can ensure the application safety and the service safety of the user, and the Web attack detection provided by the invention can ensure the safety of a Webservice system to the maximum extent.

Description

Network data safety exchange method based on Webservice
Technical Field
The invention belongs to the technical field of network data security, and particularly relates to a network data security exchange method based on Webservice.
Background
With the proposal of the internet +, an originally closed network is gradually opened, and the service is provided for the internet. However, if the network is completely opened to the internet, the security of the network is protected only by boundary protection mechanisms such as firewall and IDS, which will pose a great challenge to the security of the original closed network. The currently adopted technology is to separately construct an independent network outside the original closed network, and deploy a service system which needs to be opened to the internet in a new independent network. Therefore, the requirement of the Internet + can be met, and the original closed network security cannot be threatened. However, with the change of the internet service requirement, the services in the independent network need to exchange data with the closed network and implement service processing, so that two independent networks need to be communicated to realize seamless exchange of data. In order to solve the problem, data exchange is performed by using a data exchange platform, but the problem is that service real-time performance is affected and application between two networks needs to be modified.
Disclosure of Invention
The invention aims to solve the problem of Webservice security and provides a network data security exchange method based on Webservice.
The technical scheme of the invention is as follows: a network data secure exchange method based on Webservice comprises the following steps:
s1: the external network and the internal network are logically isolated by using a gatekeeper;
s2: configuring a data exchange channel on the network gate by adopting an http protocol;
s3: setting an external network and an internal network to exchange data on a data exchange channel;
s4: a filtering gateway is connected in series before the gatekeeper which carries out data exchange;
s5: and filtering the data sent from the external network to the internal network by using the filtering gateway to complete the safe exchange of the network data.
The invention has the beneficial effects that: the network data security exchange method of the invention carries out security check on the web request and prevents network attacks like SQL injection, sensitive file reading and the like. Meanwhile, a resource white list check is added, and the white list check can reduce the probability of the attack of the internal service; and carrying out various safety checks on an XML message body in the SOAP protocol, such as interface white list, parameter format and XML attack. The strict Webservice safety check can ensure the application safety and the service safety of the user, and the Web attack detection provided by the invention can ensure the safety of a Webservice system to the maximum extent.
Further, in step S3, the external network only allows data exchange with the internal network through the interface form of Webservice on the data exchange channel.
The beneficial effects of the further scheme are as follows: in the invention, the external network is appointed to only allow data exchange with the internal network through the interface form of the Webservice, namely, the internal network starts the Webservice service, and the external network accesses the service to further acquire the data of the internal network or inform the internal network of service processing.
Further, step S5 comprises the following sub-steps:
s51: acquiring a data packet sent from an external network to an internal network from a network card by using a filtering gateway;
s52: judging whether the network protocol is an http protocol or not by analyzing the data packet, if so, entering a step S53, and otherwise, ending the network data security exchange;
s53: analyzing an XML file in the SOAP protocol to obtain a request interface name;
s54: checking whether the request interface name is in an interface white list, if so, entering a step S55, and otherwise, ending the network data security exchange;
s55: checking whether the interface parameter format of the analyzed XML file conforms to the interface parameter format of the interface white list, if so, entering a step S56, and otherwise, ending the network data security exchange;
s56: and checking XML format attack to complete network data security exchange.
The beneficial effects of the further scheme are as follows: in the invention, a filtering gateway is connected in series in front of the gateway, and data sent from an external network to an internal network is filtered.
Further, in step S52, if the network protocol is not the http protocol, the data packet is discarded, and the tcp reset packet is returned to the external network client, so as to end the network data security exchange.
The beneficial effects of the above further scheme are: in the invention, whether the network protocol is the http protocol is judged by analyzing the data packet, and if the network protocol is not the http protocol, the network data security exchange is terminated in time.
Further, in step S54, the interface white list is configured in advance by the network administrator according to the WSDL file of the Webservice interface, and is stored in the database; and if the requested interface name is not in the interface white list, discarding the data packet, returning to the tcp reset packet of the external network client, and ending the network data security exchange.
The beneficial effects of the further scheme are as follows: in the invention, whether the request interface name is in the interface white list is judged, and if not, the network data security exchange is terminated in time.
Further, in step S55, the interface parameter format is configured in advance by the administrator according to the WSDL file of the Webservice interface, and is stored in the database; and if the interface parameter format of the XML file does not conform to the interface parameter format of the interface white list, discarding the data packet, returning to the external network client tcp reset packet, and ending the network data security exchange.
The beneficial effects of the further scheme are as follows: in the invention, whether the interface parameter format of the analyzed XML file accords with the interface parameter format of the interface white list or not is judged, and if not, the network data safety exchange is terminated in time.
Further, step S56 comprises the following sub-steps:
s561: checking whether the interface parameters of the analyzed XML file contain SQL injection attack codes, if so, ending the network data security exchange, otherwise, entering the step S562;
s562: checking whether the interface parameters of the analyzed XML file contain XML injection attack codes or not, if so, ending network data security exchange, otherwise, entering a step S563;
s563: checking whether the interface parameters of the analyzed XML file contain an injection command, if so, ending network data security exchange, otherwise, entering a step S564;
s564: checking whether the input parameters of the analyzed XML file contain DOS attacks, if so, ending the network data security exchange, otherwise, entering a step S565;
s565: checking whether a file path of the' \\ character is contained in the detection interface parameters of the analyzed XML file, if so, entering a step S566, otherwise, entering a step S567;
s566: judging whether the file path of the analyzed XML file contains a system sensitive file path, if so, ending the network data security exchange, otherwise, entering a step S567;
s567: and filtering the sensitive file reading attack and the file uploading attack, preventing illegal requests and reporting and checking, and finishing the network data security exchange.
The beneficial effects of the above further scheme are: in the invention, when XML format attack check is carried out, SQL injection attack check: mainly checking whether interface parameters in the XML file contain SQL injection attack codes or not; XML injection attack checking: mainly checking whether interface parameters in an XML file contain XML injection attack codes or not; command injection attack checking: mainly checking whether there is injected command in interface parameter in XML file, such as ls and ping; and (3) carrying out attack check on the Soap parameter DOS: checking the length of the input parameters to prevent buffer overflow attack; XXE attack check: whether a file path of the \ typeface is contained in the interface parameter needs to be detected, and whether the file path is a system sensitive file path needs to be judged if the file path is contained in the interface parameter; and finally, filtering the sensitive file reading attack and the file uploading attack, preventing illegal requests and reporting, examining and counting.
Further, in step S561, the SQL injection attack code includes an illegal quotation mark and a digital parameter including non-digital content.
The beneficial effects of the further scheme are as follows: in the invention, the SQL injection attack check mainly checks whether the interface parameters in the XML file contain SQL injection attack codes.
Drawings
FIG. 1 is a flow chart of a method for secure exchange of network data;
FIG. 2 is a flowchart of step S5;
fig. 3 is a flowchart of step S56;
fig. 4 is an architecture diagram of a network data security exchange method.
Detailed Description
The embodiments of the present invention will be further described with reference to the accompanying drawings.
The content of the nouns mentioned in the present invention will be explained below.
(1) White list: each request contains a resource that must be on a resource white list that represents access permissions.
(2) SQL injection: the SQL injection attack is a method for modifying SQL statements through operation input so as to attack a WEB server by executing codes. The method is simply a process of inserting an SQL command into a query string of a post/getweb form, an input domain name or a page request, and finally enabling a web server to execute a malicious command.
(3) XXE: XML External Entity, XML External Entity.
(4) SOAP protocol: is an abbreviation of Simple Object Access Protocol; simple object access protocol is a protocol specification for exchanging data, a lightweight simple protocol based on XML (a subset under the standard universal markup language) that is designed to exchange structured and solidified information on the WEB.
(5) WSDL: is an abbreviation of "Web Services Description Language", which is an XML format for describing Web service distribution.
(7) XML: is an abbreviation of Extensible Markup Language; is a markup language for marking electronic documents to be structured. In an electronic computer, a label refers to a symbol of information that can be understood by the computer, and by this label, various information such as articles can be handled between computers. It can be used to tag data and define data types, a source language that allows a user to define his or her own markup language.
As shown in fig. 1, the present invention provides a network data secure exchange method based on Webservice, which includes the following steps:
s1: the external network and the internal network are logically isolated by using a gatekeeper;
s2: configuring a data exchange channel on the network gate by adopting an http protocol;
s3: setting an external network and an internal network to exchange data on a data exchange channel;
s4: the front end of the gateway after data exchange is connected with a filtering gateway in series;
s5: and filtering the data sent from the external network to the internal network by using the filtering gateway to complete the safe exchange of the network data.
In the embodiment of the present invention, as shown in fig. 1, in step S3, the external network only allows data exchange with the internal network on the data exchange channel through the interface form of Webservice. In the invention, the external network is appointed to only allow data exchange with the internal network through the interface form of the Webservice, namely, the internal network starts the Webservice service, and the external network accesses the service to further acquire the data of the internal network or inform the internal network of service processing.
In the embodiment of the present invention, as shown in fig. 2, step S5 includes the following sub-steps:
s51: acquiring a data packet sent from an external network to an internal network from a network card by using a filtering gateway;
s52: judging whether the network protocol is an http protocol or not by analyzing the data packet, if so, entering a step S53, and otherwise, ending the network data security exchange;
s53: analyzing an XML file in the SOAP protocol to obtain a request interface name;
s54: checking whether the request interface name is in an interface white list, if so, entering a step S55, and otherwise, ending the network data security exchange;
s55: checking whether the interface parameter format of the analyzed XML file conforms to the interface parameter format of the interface white list, if so, entering a step S56, and otherwise, ending the network data security exchange;
s56: and checking XML format attack to complete network data security exchange.
In the invention, a filtering gateway is connected in series in front of the gateway, and data sent from an external network to an internal network is filtered.
In the embodiment of the present invention, as shown in fig. 2, in step S52, if the network protocol is not the http protocol, the data packet is discarded, and the tcp reset packet of the external network client is returned, so as to end the network data security exchange. In the invention, whether the network protocol is the http protocol is judged by analyzing the data packet, and if the network protocol is not the http protocol, the network data security exchange is terminated in time.
In the embodiment of the present invention, as shown in fig. 2, in step S54, the interface white list is configured in advance by the network administrator according to the WSDL file of the Webservice interface, and is stored in the database; and if the requested interface name is not in the interface white list, discarding the data packet, returning to the tcp reset packet of the external network client, and ending the network data security exchange. In the invention, whether the request interface name is in the interface white list is judged, if not, the network data safety exchange is terminated in time.
In the embodiment of the present invention, as shown in fig. 2, in step S55, an interface parameter format is configured in advance by an administrator according to a WSDL file of a Webservice interface, and is stored in a database; if the interface parameter format of the XML file does not conform to the interface parameter format of the interface white list, discarding the data packet, returning to the tcp reset packet of the external network client, and ending the network data secure exchange. In the invention, whether the interface parameter format of the analyzed XML file accords with the interface parameter format of the interface white list or not is judged, and if not, the network data safety exchange is terminated in time.
In the embodiment of the present invention, as shown in fig. 3, step S56 includes the following sub-steps:
s561: checking whether the interface parameters of the analyzed XML file contain SQL injection attack codes, if so, ending the network data security exchange, otherwise, entering the step S562;
s562: checking whether the interface parameters of the analyzed XML file contain XML injection attack codes or not, if so, ending network data security exchange, otherwise, entering a step S563;
s563: checking whether the interface parameters of the analyzed XML file contain an injection command, if so, ending the network data security exchange, otherwise, entering a step S564;
s564: checking whether the input parameters of the analyzed XML file contain DOS attacks, if so, ending the network data security exchange, otherwise, entering a step S565;
s565: checking whether a file path of the' \\ character is contained in the detection interface parameters of the analyzed XML file, if so, entering a step S566, otherwise, entering a step S567;
s566: judging whether the file path of the analyzed XML file contains a system sensitive file path, if so, ending the network data security exchange, otherwise, entering a step S567;
s567: and filtering the sensitive file reading attack and the file uploading attack, preventing illegal requests and reporting and checking, and finishing the network data security exchange.
In the invention, when XML format attack check is carried out, SQL injection attack check: mainly checking whether interface parameters in the XML file contain SQL injection attack codes or not; XML injection attack checking: mainly checking whether interface parameters in an XML file contain XML injection attack codes or not; if the registered operation contains 2 parameter sections, the second parameter section is a real request, the first parameter section is an injected request, and the operation number and the message digest need to be checked for validity during checking; command injection attack checking: mainly checking whether there is injected command in interface parameter in XML file, such as ls and ping; and (3) checking the Soap parameter DOS attack: checking the length of the input parameters to prevent buffer overflow attack; XXE attack check: whether a file path of the \\ character pattern is contained in the interface parameter needs to be detected, and if yes, whether the file path is a system sensitive file path needs to be judged; and finally, filtering the sensitive file reading attack and the file uploading attack, preventing illegal requests and reporting and checking.
In the embodiment of the present invention, as shown in fig. 1, in step S561, the SQL injection attack code includes an illegal quotation mark and a digital parameter containing non-digital content. In the invention, the SQL injection attack check mainly checks whether the interface parameters in the XML file contain SQL injection attack codes.
The working principle and the process of the invention are as follows: firstly, the external network and the internal network are logically isolated by the gatekeeper, and a data exchange channel adopting an http protocol is configured on the gatekeeper, so that the external network and the internal network can exchange data through the http protocol. And then, the external network is appointed to only allow data exchange with the internal network through the interface form of the Webservice, namely, the internal network starts the Webservice service, and the external network accesses the service to further acquire the data of the internal network or inform the internal network of service processing. And then, a filtering gateway is connected in series in front of the gateway, and data sent to the internal network by the external network is filtered to complete network data security exchange.
The beneficial effects of the invention are as follows: as shown in fig. 4, the network data security exchange method of the present invention performs security check on the web request, and prevents network attacks such as SQL injection and sensitive file reading. Meanwhile, a resource white list check is added, and the white list check can reduce the probability of the attack of the internal service; and carrying out various safety checks on an XML message body in the SOAP protocol, such as interface white list, parameter format and XML attack. The strict Webservice safety check can ensure the application safety and the service safety of the user, and the Web attack detection provided by the invention can ensure the safety of a Webservice system to the maximum extent.
It will be appreciated by those of ordinary skill in the art that the embodiments described herein are intended to assist the reader in understanding the principles of the invention and are to be construed as being without limitation to such specifically recited embodiments and examples. Those skilled in the art can make various other specific changes and combinations based on the teachings of the present invention without departing from the spirit of the invention, and these changes and combinations are within the scope of the invention.

Claims (3)

1. A network data security exchange method based on Webservice is characterized by comprising the following steps:
s1: the external network and the internal network are logically isolated by using a gatekeeper;
s2: configuring a data exchange channel on the network gate by adopting an http protocol;
s3: setting an external network and an internal network to exchange data on a data exchange channel;
s4: the front end of the gateway after data exchange is connected with a filtering gateway in series;
s5: filtering data sent from an external network to an internal network by using a filtering gateway to complete the secure exchange of network data;
the step S5 includes the following substeps:
s51: acquiring a data packet sent from an external network to an internal network from a network card by using a filtering gateway;
s52: judging whether the network protocol is an http protocol or not by analyzing the data packet, if so, entering a step S53, and otherwise, ending the network data security exchange;
s53: analyzing an XML file in the SOAP protocol to obtain a request interface name;
s54: checking whether the request interface name is in an interface white list, if so, entering a step S55, and otherwise, ending the network data security exchange;
s55: checking whether the interface parameter format of the analyzed XML file conforms to the interface parameter format of the interface white list, if so, entering a step S56, and otherwise, ending the network data security exchange;
s56: checking XML format attack to complete network data safety exchange;
in step S54, the interface white list is configured in advance by the network administrator according to the WSDL file of the Webservice interface, and is stored in the database; if the requested interface name is not in the interface white list, discarding the data packet, returning to the tcp reset packet of the external network client, and ending the network data security exchange;
in step S55, the interface parameter format is configured in advance by the network administrator according to the WSDL file of the Webservice interface, and is stored in the database; if the interface parameter format of the XML file does not conform to the interface parameter format of the interface white list, discarding the data packet, returning to an external network client tcp reset packet, and ending the network data security exchange;
the step S56 includes the following sub-steps:
s561: checking whether the interface parameters of the analyzed XML file contain SQL injection attack codes, if so, ending the network data security exchange, otherwise, entering the step S562;
s562: checking whether the interface parameters of the analyzed XML file contain XML injection attack codes or not, if so, ending network data security exchange, otherwise, entering a step S563;
s563: checking whether the interface parameters of the analyzed XML file contain an injection command, if so, ending the network data security exchange, otherwise, entering a step S564;
s564: checking whether the input parameters of the analyzed XML file contain DOS attacks, if so, ending the network data security exchange, otherwise, entering a step S565;
s565: checking whether a file path of the' \\ character is contained in the detection interface parameters of the analyzed XML file, if so, entering a step S566, otherwise, entering a step S567;
s566: judging whether the file path of the analyzed XML file contains a system sensitive file path, if so, ending the network data security exchange, otherwise, entering the step S567;
s567: filtering the sensitive file reading attack and the file uploading attack, preventing illegal requests and reporting and checking, and completing network data security exchange;
in step S561, the SQL injection attack code includes an illegal quotation mark and a digital parameter including non-digital content.
2. The Webservice-based network data security exchange method according to claim 1, wherein in step S3, the external network only allows data exchange with the internal network through the interface format of the Webservice on the data exchange channel.
3. The Webservice-based network data security exchange method of claim 1, wherein in step S52, if the network protocol is not an http protocol, the data packet is discarded, and a tcp reset packet is returned to the external network client, thereby ending the network data security exchange.
CN202010434945.XA 2020-05-21 2020-05-21 Network data safety exchange method based on Webservice Active CN111818008B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010434945.XA CN111818008B (en) 2020-05-21 2020-05-21 Network data safety exchange method based on Webservice

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010434945.XA CN111818008B (en) 2020-05-21 2020-05-21 Network data safety exchange method based on Webservice

Publications (2)

Publication Number Publication Date
CN111818008A CN111818008A (en) 2020-10-23
CN111818008B true CN111818008B (en) 2022-11-11

Family

ID=72848368

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010434945.XA Active CN111818008B (en) 2020-05-21 2020-05-21 Network data safety exchange method based on Webservice

Country Status (1)

Country Link
CN (1) CN111818008B (en)

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102790759A (en) * 2011-12-07 2012-11-21 国网电力科学研究院 Network service filtering method based on private network brake special for electric power system
CN102859934A (en) * 2009-03-31 2013-01-02 考持·维 System and method for access management and security protection for network accessible computer services
CN104063756A (en) * 2014-05-23 2014-09-24 国网辽宁省电力有限公司本溪供电公司 Electric power utilization information remote control system
CN105024987A (en) * 2014-04-30 2015-11-04 中国移动通信集团设计院有限公司 Web service log monitoring method and apparatus
CN106209801A (en) * 2016-06-28 2016-12-07 广东电网有限责任公司信息中心 Mobile solution platform and inner-external network data safety switching plane integrated system
CN109194670A (en) * 2018-09-19 2019-01-11 杭州安恒信息技术股份有限公司 A kind of any file download leak detection method in website
CN110557364A (en) * 2019-06-06 2019-12-10 浙江天正信息科技有限公司 method for realizing network gate based on software
CN110912776A (en) * 2019-11-27 2020-03-24 中国科学院信息工程研究所 Automatic fuzzy test method and device for entity router management protocol

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102859934A (en) * 2009-03-31 2013-01-02 考持·维 System and method for access management and security protection for network accessible computer services
CN102790759A (en) * 2011-12-07 2012-11-21 国网电力科学研究院 Network service filtering method based on private network brake special for electric power system
CN105024987A (en) * 2014-04-30 2015-11-04 中国移动通信集团设计院有限公司 Web service log monitoring method and apparatus
CN104063756A (en) * 2014-05-23 2014-09-24 国网辽宁省电力有限公司本溪供电公司 Electric power utilization information remote control system
CN106209801A (en) * 2016-06-28 2016-12-07 广东电网有限责任公司信息中心 Mobile solution platform and inner-external network data safety switching plane integrated system
CN109194670A (en) * 2018-09-19 2019-01-11 杭州安恒信息技术股份有限公司 A kind of any file download leak detection method in website
CN110557364A (en) * 2019-06-06 2019-12-10 浙江天正信息科技有限公司 method for realizing network gate based on software
CN110912776A (en) * 2019-11-27 2020-03-24 中国科学院信息工程研究所 Automatic fuzzy test method and device for entity router management protocol

Also Published As

Publication number Publication date
CN111818008A (en) 2020-10-23

Similar Documents

Publication Publication Date Title
US10491614B2 (en) Illegitimate typosquatting detection with internet protocol information
US10848505B2 (en) Cyberattack behavior detection method and apparatus
US8051484B2 (en) Method and security system for indentifying and blocking web attacks by enforcing read-only parameters
BR102020003104A2 (en) HTTP BASED ACCESS POINT IDENTIFICATION AND CLASSIFICATION USING MACHINE LEARNING METHOD
CN109768992B (en) Webpage malicious scanning processing method and device, terminal device and readable storage medium
CN110650117B (en) Cross-site attack protection method, device, equipment and storage medium
CN103346972A (en) Flow control device and method based on user terminal
CN108259425A (en) The determining method, apparatus and server of query-attack
CN111835777B (en) Abnormal flow detection method, device, equipment and medium
CN103746992B (en) Based on reverse intruding detection system and method thereof
CN113518077A (en) Malicious web crawler detection method, device, equipment and storage medium
CN102316087A (en) The detection method that network application is attacked
CN107612926B (en) One-sentence speech WebShell interception method based on client recognition
CN111585956B (en) Website anti-brushing verification method and device
US20130081135A1 (en) Injection attack mitigation using context sensitive encoding of injected input
CN103731429A (en) Method and device for web application vulnerability detection
CN107623693B (en) Domain name resolution protection method, device, system, computing equipment and storage medium
US9942267B1 (en) Endpoint segregation to prevent scripting attacks
CN113190838A (en) Web attack behavior detection method and system based on expression
KR101658450B1 (en) Security device using transaction information obtained from web application server and proper session id
EP4033717A1 (en) Distinguishing network connection requests
CN111818008B (en) Network data safety exchange method based on Webservice
US11128639B2 (en) Dynamic injection or modification of headers to provide intelligence
Zheng et al. A network state based intrusion detection model
CN110708308A (en) Cross-site script vulnerability mining method and system for cloud computing environment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant