CN112134881B - Network request tamper-proof method based on serial number - Google Patents

Network request tamper-proof method based on serial number Download PDF

Info

Publication number
CN112134881B
CN112134881B CN202011000103.XA CN202011000103A CN112134881B CN 112134881 B CN112134881 B CN 112134881B CN 202011000103 A CN202011000103 A CN 202011000103A CN 112134881 B CN112134881 B CN 112134881B
Authority
CN
China
Prior art keywords
data packet
request
random value
random
value
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202011000103.XA
Other languages
Chinese (zh)
Other versions
CN112134881A (en
Inventor
施甘图
陈旭
庭治宏
赵乾旭
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Lahuobao Network Technology Co ltd
Hongtu Intelligent Logistics Co ltd
Original Assignee
Lahuobao Network Technology Co ltd
Hongtu Intelligent Logistics Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Lahuobao Network Technology Co ltd, Hongtu Intelligent Logistics Co ltd filed Critical Lahuobao Network Technology Co ltd
Priority to CN202011000103.XA priority Critical patent/CN112134881B/en
Publication of CN112134881A publication Critical patent/CN112134881A/en
Application granted granted Critical
Publication of CN112134881B publication Critical patent/CN112134881B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/60Scheduling or organising the servicing of application requests, e.g. requests for application data transmissions using the analysis and optimisation of the required network resources

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention discloses a network request tamper-proofing method based on a serial number, wherein the type of a request data packet corresponds to a random code, a request end and an access end need to carry out interaction of a check value, then the random code corresponding to the type of the interactive random value and the request data packet is added to the head of the request data packet according to a composition serial number to form a recombined data packet, the access end compares whether a first random value in the recombined data packet is consistent with a first random value in a first check value or not and whether a second random value in the recombined data packet is consistent with a second random value in a second check value or not, when the first random value is consistent with the first check value, whether the random code in the recombined data packet is matched with the type of the recombined data packet or not is judged according to a data type relation table, and when the random code in the recombined data packet is matched with the type of the recombined data packet, the head of the recombined data packet is removed to obtain the request data packet. The invention can realize the tamper resistance of the network request.

Description

Network request tamper-proof method based on serial number
Technical Field
The invention relates to the technical field of logistics networks, in particular to a network request tamper-proofing method based on a sequence number.
Background
With the explosive development of the logistics industry, the logistics network security becomes a problem which must be considered. The network request is the most common event and also becomes the most important step of network security defense, and the effective protection of the network request plays a key role in network security. However, the prior art cannot well protect the integrity of the network request.
Disclosure of Invention
The invention aims to provide a network request anti-tampering method based on a serial number, which can realize the network request anti-tampering.
In order to solve the technical problems, the invention adopts a technical scheme that: a network request tamper-proofing method based on a serial number is provided, which comprises the following steps;
s1: the method comprises the steps that a request end and an access end acquire a data type relation table, and the data type relation table records all types of request data packets and random codes corresponding to each type;
s2: the request end generates a request data packet according to a network request;
s3: the request terminal generates a first check value and sends the first check value to the access terminal, wherein the first check value consists of a request terminal name and a first random value;
s4: after receiving the first check value, the access terminal sends a second check value to the request terminal, wherein the second check value consists of an access terminal name and a second random value;
s5: after receiving the second check value, the request end acquires a random code corresponding to the type of the request data packet from the data type relation table, and the first random value, the random code and the second random value form a sequence number;
s6: the request end adds the sequence number to the head of the request data packet to form a recombined data packet and sends the recombined data packet to the access end;
s7: the access terminal compares whether the first random value in the recombined data packet is consistent with the first random value in the first check value and whether the second random value in the recombined data packet is consistent with the second random value in the second check value, and if so, the step S8 is carried out;
s8: the access terminal judges whether the random codes in the recombined data packets are matched with the types of the recombined data packets according to the data type relation table, and if so, the step S9 is carried out;
s9: and the access terminal removes the head of the recombined data packet to obtain a request data packet.
Preferably, the step S7 further includes: if the first random value in the reassembled data packet is inconsistent with the first random value in the first check value or the second random value in the reassembled data packet is inconsistent with the second random value in the second check value, performing step S10;
s10: and discarding the recombined data packet.
Preferably, the step S8 further includes: if not, the step S10 is performed.
Preferably, before sending the reassembled packet to the access end, the step S6 further includes:
encrypting the grouped data packet by adopting an encryption algorithm;
before step S7, the method further includes:
and the access terminal decrypts the encrypted recombined data packet.
Preferably, the encryption algorithm is an MD5 algorithm or a sha128 algorithm.
Preferably, the first random value and the second random value are both 4-bit random numbers.
Preferably, the serial number includes a first random value, a random code, and a second random value in this order.
Different from the prior art, the invention has the beneficial effects that:
1. the purpose of network request tamper resistance is achieved by carrying out three times of verification on the data packet;
2. the random value is used for many times, so that the accuracy of the verification process is improved, and errors caused by the verification process are effectively solved.
Drawings
Fig. 1 is a schematic flowchart of a method for preventing network request from being tampered based on a serial number according to an embodiment of the present invention.
Fig. 2 is a schematic data flow diagram of a network request tamper-proofing method based on sequence numbers according to an embodiment of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Referring to fig. 1, the method for preventing network request from being tampered based on serial numbers of the embodiment of the present invention includes the following steps;
s1: the request end and the access end acquire a data type relation table, and the data type relation table records all types of the request data packet and random codes corresponding to each type.
The data type relation table is generated in advance, the data type relation table can be stored locally at a request end or an access end, the request end and the access end directly read the data type relation table from the local, or the data type relation table is stored on a specified server, and the request end and the access end acquire the data type relation table from the server. In the data type relationship table, each type of request packet can find a corresponding random code, for example, the type of request packet is a network interface request, and the corresponding random code is SEfr23f.
S2: the request end generates a request data packet according to the network request.
As shown in fig. 2, the request packet generated by the request end is represented by data.
S3: the request end generates a first check value and sends the first check value to the access end, and the first check value is composed of a request end name and a first random value.
As shown in fig. 2, the first check value generated by the requester includes name1 and nub1, where name1 represents the name of the requester and nub1 represents the first random value.
S4: and after receiving the first check value, the access terminal sends a second check value to the request terminal, wherein the second check value consists of the name of the access terminal and a second random value.
As shown in fig. 2, the second check value generated by the access terminal includes name2 and nub2, where name2 represents the name of the access terminal, and nub2 represents the second random value. In this embodiment, the first random value and the second random value are both 4-bit random numbers.
S5: and after receiving the second check value, the requesting end acquires the random code corresponding to the type of the request data packet from the data type relation table, and the first random value, the random code and the second random value form a sequence number.
In this embodiment, the serial number includes a first random value, a random code, and a second random value in this order.
S6: the request end adds the sequence number to the head of the request data packet to form a recombined data packet, and sends the recombined data packet to the access end.
As shown in fig. 2, the reassembly packet sent by the request end includes a header, where the header is composed of nub1, roll, and nub2, and the roll indicates a random code corresponding to the type of the request packet.
S7: the access terminal compares whether the first random value in the reassembled data packet is consistent with the first random value in the first check value or not and whether the second random value in the reassembled data packet is consistent with the second random value in the second check value or not, and if so, the step S8 is performed.
Wherein, if the network request is consistent, the network request of the requesting end is safe.
S8: and the access terminal judges whether the random code in the recombined data packet is matched with the type of the recombined data packet according to the data type relation table, and if so, the step S9 is carried out.
Wherein, if the data packet is matched with the data packet, the data packet is not tampered.
S9: and the access terminal removes the head of the recombined data packet to obtain a request data packet.
Wherein, the access terminal can continuously process the network request on the basis of the correct request data packet.
In this embodiment, step S7 further includes: if the first random value in the reassembled data packet is inconsistent with the first random value in the first check value or the second random value in the reassembled data packet is inconsistent with the second random value in the second check value, performing step S10;
s10: and discarding the recombined data packet.
Similarly, step S8 further includes: if not, step S9 is performed.
In order to further improve the security, in this embodiment, before sending the reassembled packet to the access terminal, step S6 further includes:
encrypting the grouped data packet by adopting an encryption algorithm;
before step S7, the method further includes:
and the access terminal decrypts the encrypted recombined data packet.
As shown in fig. 2, the lock in the reassembled packet sent by the requesting end indicates that the requesting end completes encryption on the reassembled packet. In this embodiment, the encryption algorithm may be a common encryption algorithm such as an MD5 algorithm or a sha128 algorithm.
Through the mode, the network request anti-tampering method based on the sequence number forms the sequence number by using the random code corresponding to the type of the request data packet and two random values generated by the request end and the access end, adds the sequence number to the head of the request data packet to obtain a recombined data packet, and encrypts the recombined data packet, so that the network request anti-tampering can be realized, and other network operations are facilitated.
The above description is only an embodiment of the present invention, and not intended to limit the scope of the present invention, and all modifications of equivalent structures and equivalent processes performed by the present specification and drawings, or directly or indirectly applied to other related technical fields, are included in the scope of the present invention.

Claims (5)

1. A network request tamper-proofing method based on sequence numbers is characterized by comprising the following steps:
s1: the method comprises the steps that a request end and an access end acquire a data type relation table, and the data type relation table records all types of request data packets and random codes corresponding to each type;
s2: the request end generates a request data packet according to a network request;
s3: the request terminal generates a first check value and sends the first check value to the access terminal, wherein the first check value consists of a request terminal name and a first random value;
s4: after receiving the first check value, the access terminal sends a second check value to the request terminal, wherein the second check value consists of an access terminal name and a second random value;
s5: after receiving the second check value, the request end acquires a random code corresponding to the type of the request data packet from the data type relation table, and the first random value, the random code and the second random value form a sequence number;
s6: the request end adds the sequence number to the head of the request data packet to form a recombined data packet and sends the recombined data packet to the access end;
s7: the access terminal compares whether the first random value in the recombined data packet is consistent with the first random value in the first check value and whether the second random value in the recombined data packet is consistent with the second random value in the second check value, and if so, the step S8 is carried out; if the first random value in the reassembled data packet is inconsistent with the first random value in the first check value or the second random value in the reassembled data packet is inconsistent with the second random value in the second check value, performing step S10;
s8: the access terminal judges whether the random codes in the recombined data packets are matched with the types of the recombined data packets according to the data type relation table, and if so, the step S9 is carried out; if not, go to step S10;
s9: the access terminal removes the head of the recombined data packet to obtain a request data packet;
s10: and discarding the recombined data packet.
2. The network request tamper-resistant method according to claim 1, wherein before sending the reassembled packet to the access terminal, the step S6 further comprises:
encrypting the grouped data packet by adopting an encryption algorithm;
before step S7, the method further includes:
and the access terminal decrypts the encrypted recombined data packet.
3. The method of claim 2, wherein the encryption algorithm is MD5 algorithm or sha128 algorithm.
4. The method of claim 1, wherein the first random value and the second random value are both 4-bit random numbers.
5. The network request tamper-resistant method of claim 1, wherein the sequence number comprises a first random value, a random code, and a second random value in that order.
CN202011000103.XA 2020-09-22 2020-09-22 Network request tamper-proof method based on serial number Active CN112134881B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202011000103.XA CN112134881B (en) 2020-09-22 2020-09-22 Network request tamper-proof method based on serial number

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202011000103.XA CN112134881B (en) 2020-09-22 2020-09-22 Network request tamper-proof method based on serial number

Publications (2)

Publication Number Publication Date
CN112134881A CN112134881A (en) 2020-12-25
CN112134881B true CN112134881B (en) 2023-03-21

Family

ID=73842192

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202011000103.XA Active CN112134881B (en) 2020-09-22 2020-09-22 Network request tamper-proof method based on serial number

Country Status (1)

Country Link
CN (1) CN112134881B (en)

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104134021A (en) * 2013-06-20 2014-11-05 腾讯科技(深圳)有限公司 Software tamper-proofing verification method and software tamper-proofing verification device
CN106028320A (en) * 2016-07-26 2016-10-12 深圳市金立通信设备有限公司 Data security transmission method, terminal and server

Family Cites Families (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
FR2928798B1 (en) * 2008-03-14 2011-09-09 Centre Nat Rech Scient AUTHENTICATION METHOD, AUTHENTICATION SYSTEM, SERVER TERMINAL, CLIENT TERMINAL AND CORRESPONDING COMPUTER PROGRAMS
ITTO20120462A1 (en) * 2012-05-28 2013-11-29 Alenia Aermacchi Spa SYSTEM AND METHOD OF PROTECTION OF INFORMATION DATA
CN105429953B (en) * 2015-10-30 2018-11-13 上海红神信息技术有限公司 A kind of methods, devices and systems for accessing website
CN105871915A (en) * 2016-06-07 2016-08-17 得理电子(上海)有限公司 Software network authentication binding method and system
CN107579984B (en) * 2017-09-15 2020-12-18 哈尔滨工程大学 Network layer oriented secure communication link establishing method
CN109962888A (en) * 2017-12-22 2019-07-02 航天信息股份有限公司 A kind of anti-tamper business access method, client and server
CN110035035B (en) * 2018-01-12 2021-09-17 北京新媒传信科技有限公司 Secondary authentication method and system for single sign-on
WO2020093212A1 (en) * 2018-11-05 2020-05-14 华北电力大学扬中智能电气研究中心 Video data transmission system and method, and device
CN110430043B (en) * 2019-07-05 2022-11-08 视联动力信息技术股份有限公司 Authentication method, system and device and storage medium
CN111371743A (en) * 2020-02-21 2020-07-03 上海红神信息技术有限公司 Security defense method, device and system
CN111626662B (en) * 2020-04-24 2022-06-03 宏图智能物流股份有限公司 Method for extracting warehouse network monitoring information

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104134021A (en) * 2013-06-20 2014-11-05 腾讯科技(深圳)有限公司 Software tamper-proofing verification method and software tamper-proofing verification device
CN106028320A (en) * 2016-07-26 2016-10-12 深圳市金立通信设备有限公司 Data security transmission method, terminal and server

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
数据篡改攻击下配电网数据传输加密研究;陈力等;《信息技术》;20200616(第06期);全文 *

Also Published As

Publication number Publication date
CN112134881A (en) 2020-12-25

Similar Documents

Publication Publication Date Title
US10296248B2 (en) Turn-control rewritable blockchain
US10305875B1 (en) Hybrid blockchain
CN110278115B (en) Hot update method and device
CN112134881B (en) Network request tamper-proof method based on serial number
CN113343264A (en) Block chain-based data tamper-proof system and method
CN1303778C (en) Method and apparatus for secure distribution of authentication credentials to roaming users
CN114401117B (en) Block chain-based account login verification system
CN112187760B (en) Network request tamper-proof method based on data splitting
CN114978664A (en) Data sharing method and device and electronic equipment
CN114679299A (en) Communication protocol encryption method, device, computer equipment and storage medium
CN112351041A (en) Network request tamper-proof method applied to logistics network
CN101084487A (en) Method for guaranteeing freshness of results for queries against a non-secure data store
CN110826110B (en) Distributed account book data tamper-proofing method and system
CN114266061A (en) Offline data tamper-proof method based on hash chain
CN117081833A (en) Data management method, device, industrial internet equipment and storage medium
WO2001091363A1 (en) Network security system and method to proactively establish and maintain consistent security posture across all enterprise computing assets

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant