CN115296844A - Safety protection method and device - Google Patents
Safety protection method and device Download PDFInfo
- Publication number
- CN115296844A CN115296844A CN202210758097.7A CN202210758097A CN115296844A CN 115296844 A CN115296844 A CN 115296844A CN 202210758097 A CN202210758097 A CN 202210758097A CN 115296844 A CN115296844 A CN 115296844A
- Authority
- CN
- China
- Prior art keywords
- access request
- access
- security
- server
- module
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 51
- 238000001514 detection method Methods 0.000 claims abstract description 50
- 238000012550 audit Methods 0.000 claims abstract description 42
- 238000004590 computer program Methods 0.000 claims description 17
- 238000004458 analytical method Methods 0.000 claims description 15
- 230000006399 behavior Effects 0.000 claims description 10
- 230000008569 process Effects 0.000 claims description 9
- 238000010586 diagram Methods 0.000 description 10
- 230000006870 function Effects 0.000 description 4
- 230000009471 action Effects 0.000 description 3
- 238000007405 data analysis Methods 0.000 description 2
- 238000004519 manufacturing process Methods 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 230000004075 alteration Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000002265 prevention Effects 0.000 description 1
- 230000000750 progressive effect Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/101—Access control lists [ACL]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Storage Device Security (AREA)
Abstract
The embodiment of the invention discloses a safety protection method and a safety protection device, which are used for data safety protection of a server, the method comprises the steps of obtaining an access request sent by a client, judging whether the access request meets a preset condition through an access control module, if the access request does not meet the preset condition, carrying out safety detection on the access request based on a safety audit module, and obtaining a detection result; when the access request is a safe access request, allowing the client to access the server; and when the access request is a malicious access request, intercepting the access request of the client. By carrying out security detection on the access request, the resource occupation of the server by the malicious access request can be reduced while the data security in the server is improved, the load of the server is reduced, and the normal use of the server resource by the normal access request is met.
Description
Technical Field
The invention relates to the technical field of data security, in particular to a security protection method and device.
Background
In an existing intrusion prevention system (WAF), when a large number of access requests are processed, in order to ensure performance, a large number of server resources are generally consumed to provide support, so that the utilization rate of the server resources by the WAF system is high, and further normal use of the server resources by other services is influenced.
Disclosure of Invention
The technical problem to be solved by the present invention is to provide a security protection method, apparatus, electronic device, and storage medium that overcome or at least partially solve the above problems.
In order to solve the above problem, in one aspect, an embodiment of the present invention discloses a security protection method for data security protection of a server, where an access control module and a security audit module are disposed in the server, and the method includes:
acquiring an access request sent by a client, wherein the access request comprises a file format and an access address;
judging whether the access request meets a preset condition or not through the access control module;
if the access request does not meet the preset condition, performing security detection on the access request based on the security audit module, and obtaining a detection result;
when the detection result shows that the access request is a safe access request, allowing the client to access the server;
and intercepting the access request of the client when the detection result shows that the access request is a malicious access request.
Optionally, a security plug-in is provided on the security audit module, and based on that the security audit module performs security detection on the access request, the method includes:
the security plug-in is used for routinely checking the access request according to a security policy of a local cache, and the security plug-in acquires parameters in the access request, wherein the parameters comprise a user name, an access address IP, an execution statement, an operation type and a target resource;
if a security policy matched with the parameters in the access request is found, the security plug-in determines whether to record an audit log according to the security policy;
if no security policy matched with the parameters in the access request is found, the security plug-in is processed according to a default auditing mode in service setting, wherein the default auditing mode comprises default full records and default non-records;
optionally, the security audit module is further provided with a risk level, where the security policy includes a policy with risk behavior, and the risk level includes high risk, medium risk, and low risk, and after discovering a security policy matching a parameter in the access request,
when any parameter in the access request hits a strategy with risk behaviors, the security audit module records the access process of the access request and generates an access log.
Optionally, the determining, by the access control module, whether the access request meets a preset condition includes:
judging whether the access request exists in a preset white list or not through the access control module, wherein the white list is used for storing a plurality of preset safe access requests and comprises an access address trusted by the server and a file format trusted by the server;
if the access request exists in a preset white list, determining that the access request is a safe access request;
if not, judging whether the access request meets a preset interception rule or not;
if so, determining that the access request is a malicious access request;
and if not, determining that the access request is a safe access request.
Optionally, after determining that the access request is a malicious access request, the method further includes:
and recording the access address of the malicious access request, and generating an interception log of the malicious access request.
Optionally, after generating an interception log of the malicious access request, the method further includes:
analyzing the interception log, and updating the access control module and the safety audit module based on the analysis result.
Optionally, before obtaining the access request sent by the client, the method further includes:
recording the file format and the access address of the normal access request within the preset time;
analyzing the normal access request and obtaining an analysis result;
and determining a preset request with an identifier based on the analysis result, and adding the preset request with the identifier to a preset white list.
On the other hand, the embodiment of the invention discloses a safety protection device, which is used for data safety protection of a server, wherein an access control module and a safety audit module are arranged in the server, and the device comprises:
the access request acquisition module is used for acquiring an access request sent by a client, wherein the access request comprises a file format and an access address;
the first access judging module is used for judging whether the access request meets a preset condition or not through the access control module;
the access request detection module is used for carrying out security detection on the access request based on the security audit module and obtaining a detection result if the access request does not meet a preset condition;
the second access judging module is used for allowing the client to access the server when the detection result shows that the access request is a safe access request;
and the third access judgment module is used for intercepting the access request of the client when the detection result shows that the access request is a malicious access request.
Optionally, a security plug-in is provided on the security audit module, and the access request detection module includes:
the first detection submodule is used for carrying out routine check on the access request, and the security plug-in obtains parameters in the access request, wherein the parameters comprise a user name, an access address IP, an execution statement, an operation type and a target resource;
the second detection submodule is used for determining whether to record an audit log according to the security policy if the security policy matched with the parameters in the access request is found;
the third detection submodule is used for processing the security plugin according to a default auditing mode in service setting if no security policy matched with the parameters in the access request is found, wherein the default auditing mode comprises a default full record and a default non-record;
optionally, the security audit module is further provided with a risk level, the security policy includes a policy with risk behavior, the risk level includes high risk, medium risk and low risk, and after discovering a security policy matched with a parameter in the access request, the apparatus further includes:
and the first log recording module is used for recording the access process of the access request and generating an access log when any parameter in the access request hits the strategy with the risk behavior.
Optionally, the first access judging module includes:
a first access judgment sub-module, configured to judge, by using the access control module, whether the access request exists in a preset white list, where the white list is used to store a plurality of preset security access requests, and the white list includes an access address trusted by the server and a file format trusted by the server;
the second access judgment sub-module is used for determining that the access request is a safe access request if the access request exists in a preset white list;
the third access judgment submodule is used for judging whether the access request meets a preset interception rule or not if the access request does not exist;
the fourth access judgment submodule is used for determining that the access request is a malicious access request if the access request is met;
and the fifth access judgment sub-module is used for determining that the access request is a safe access request if the access request does not meet the requirements.
Optionally, after determining that the access request is a malicious access request, the apparatus further includes:
and the second log recording module is used for recording the access address of the malicious access request and generating an interception log of the malicious access request.
Optionally, after generating an interception log of the malicious access request, the apparatus further includes:
and the updating module is used for analyzing the interception logs and updating the access control module and the safety auditing module based on the analysis result.
Optionally, before obtaining the access request sent by the client, the apparatus further includes:
the normal access request recording module is used for recording the file format and the access address of the normal access request within the preset time;
the data analysis module is used for analyzing the normal access request and obtaining an analysis result;
and the data statistics module is used for determining a preset request with an identifier based on the analysis result and adding the preset request with the identifier to a preset white list.
In another aspect, an embodiment of the present invention further provides an electronic device, which includes a processor, a memory, and a computer program stored in the memory and capable of running on the processor, and when executed by the processor, the computer program implements the steps of the method.
In another aspect, an embodiment of the present invention further provides a computer-readable storage medium, on which a computer program is stored, and the computer program, when executed by a processor, implements the steps of the method as described above.
The embodiment of the invention discloses a safety protection method, which is used for data safety protection of a server, and comprises the steps of obtaining an access request sent by a client, judging whether the access request meets a preset condition through an access control module, if the access request does not meet the preset condition, carrying out safety detection on the access request based on a safety audit module, and obtaining a detection result; when the access request is a safe access request, allowing the client to access the server; and when the access request is a malicious access request, intercepting the access request of the client. By carrying out security detection on the access request, the resource occupation of the server by the malicious access request can be reduced while the data security in the server is improved, the load of the server is reduced, and the normal use of the server resource by the normal access request is met.
Drawings
Fig. 1 is a flowchart illustrating steps of a security protection method according to an embodiment of the present invention;
fig. 2 is a block diagram of a safety protection device according to an embodiment of the present invention.
Detailed Description
In order to make the aforementioned objects, features and advantages of the present invention comprehensible, embodiments accompanied with figures are described in further detail below. It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
Fig. 1 is a flowchart of steps of a security protection method according to an embodiment of the present invention, where the method is applied to data security protection of a server, where an access control module and a security audit module are disposed in the server, and the method includes:
step 101, obtaining an access request sent by a client, wherein the access request comprises a file format and an access address;
in this embodiment, the server may include a security server for network security protection and a service server for responding to the access request, where after the access request sent by the client is obtained, the security server performs security detection on the access request, and after the access request passes the security detection, the service server is used for the client to obtain corresponding request data or resources. The file format comprises jpg, png, mp3, txt and the like, and the access address is a network address IP corresponding to the access request.
Step 102, judging whether the access request meets a preset condition through the access control module;
judging whether the access request exists in a preset white list or not through an access control module, wherein the white list is used for storing a plurality of preset safe access requests and comprises an access address trusted by a server and a file format trusted by the server; if the access request exists in the preset white list, determining the access request as a safe access request; if not, judging whether the access request meets a preset interception rule or not; if so, determining the access request as a malicious access request; and if not, determining that the access request is a safe access request.
After the access request is determined to be a malicious access request, recording an access address of the malicious access request, and generating an interception log of the malicious access request. After the interception logs of the malicious access requests are generated in production, the interception logs are analyzed, and the access control module and the security audit module are updated based on the analysis results. According to the updated access control module and the security audit module, malicious access requests can be effectively intercepted, and the data security of the server is improved.
103, if the access request does not meet a preset condition, performing security detection on the access request based on the security audit module, and obtaining a detection result; when the detection result shows that the access request is a safe access request, allowing the client to access the server; and intercepting the access request of the client when the detection result shows that the access request is a malicious access request.
The security audit module is provided with a security plug-in, and the process of performing security detection on the access request based on the security audit module comprises the following steps: the access request is routinely checked, and the security plug-in obtains parameters in the access request, wherein the parameters comprise a user name, an access address IP, an execution statement, an operation type and a target resource; if a security policy matched with the parameters in the access request is found, the security plug-in determines whether to record an audit log according to the security policy; if no security policy matched with the parameters in the access request is found, the security plug-in is processed according to a default auditing mode in service setting, wherein the default auditing mode comprises default full records and default non-records;
the embodiment of the invention discloses a safety protection method, which is used for data safety protection of a server, and comprises the steps of obtaining an access request sent by a client, judging whether the access request meets a preset condition through an access control module, if the access request does not meet the preset condition, carrying out safety detection on the access request based on a safety audit module, and obtaining a detection result; when the access request is a safe access request, allowing the client to access the server; and when the access request is a malicious access request, intercepting the access request of the client. By carrying out security detection on the access request, the resource occupation of the server by the malicious access request can be reduced while the data security in the server is improved, the load of the server is reduced, and the normal use of the server resource by the normal access request is met.
In some embodiments, the security audit module is further provided with a risk level, the security policy includes a policy with risk behavior, and the risk level includes high risk, medium risk and low risk. By recording the access log with the risk behavior, the identification efficiency of the security audit module can be improved, the risk level of the access request can be judged more quickly, and the load of the server is reduced while the data security in the server is improved.
In some embodiments, before an access request sent by a client is acquired, recording a file format and an access address of a normal access request within a preset time; analyzing the normal access request and obtaining an analysis result; and determining a preset request with an identifier based on the analysis result, and adding the preset request with the identifier to a preset white list. And recording the white list of the normal access request, so that the safety audit efficiency of the normal access request can be improved, and the load of the server is reduced.
On the other hand, fig. 2 is a block diagram of a security protection device according to an embodiment of the present invention, where the security protection device is used for data security protection of a server, where an access control module and a security audit module are disposed in the server, and the security protection device includes:
an access request obtaining module 201, configured to obtain an access request sent by a client, where the access request includes a file format and an access address;
a first access judging module 202, configured to judge, by the access control module, whether the access request meets a preset condition;
an access request detection module 203, configured to perform security detection on the access request based on the security audit module and obtain a detection result if the access request does not meet a preset condition;
a second access determining module 204, configured to allow the client to access the server when the detection result indicates that the access request is a secure access request;
a third access determining module 205, configured to intercept the access request of the client when the detection result indicates that the access request is a malicious access request.
In an optional embodiment, a security plug is disposed on the security audit module, and the access request detection module 203 may include:
the first detection submodule is used for carrying out routine check on the access request, and the security plug-in obtains parameters in the access request, wherein the parameters comprise a user name, an access address IP, an execution statement, an operation type and a target resource;
the second detection submodule is used for determining whether to record an audit log according to the security policy if the security policy matched with the parameters in the access request is found;
the third detection submodule is used for processing the security plugin according to a default auditing mode in service setting if no security policy matched with the parameters in the access request is found, wherein the default auditing mode comprises a default full record and a default non-record;
in an optional embodiment, the security audit module is further provided with a risk level, the security policy includes a policy with risk behavior, the risk level includes high risk, medium risk and low risk, and after discovering a security policy matching a parameter in the access request, the apparatus further includes:
and the first log recording module is used for recording the access process of the access request and generating an access log when any parameter in the access request hits the strategy with risk behaviors.
In an optional embodiment, the first access determining module includes:
the first access judgment sub-module is used for judging whether the access request exists in a preset white list or not through the access control module, the white list is used for storing a plurality of preset safe access requests, and the white list comprises an access address trusted by the server and a file format trusted by the server;
the second access judgment sub-module is used for determining that the access request is a safe access request if the access request exists in a preset white list;
the third access judgment submodule is used for judging whether the access request meets a preset interception rule or not if the access request does not exist;
the fourth access judgment sub-module is used for determining that the access request is a malicious access request if the first access judgment sub-module meets the requirement;
and the fifth access judgment sub-module is used for determining that the access request is a safe access request if the access request does not meet the requirements.
In an optional embodiment, after determining that the access request is a malicious access request, the apparatus further includes:
and the second log recording module is used for recording the access address of the malicious access request and generating an interception log of the malicious access request.
In an optional embodiment, after generating the interception log of the malicious access request, the apparatus further comprises:
and the updating module is used for analyzing the interception logs and updating the access control module and the security audit module based on the analysis result.
In an optional embodiment, before acquiring the access request sent by the client, the apparatus further includes:
the normal access request recording module is used for recording the file format and the access address of the normal access request within the preset time;
the data analysis module is used for analyzing the normal access request and obtaining an analysis result;
and the data statistics module is used for determining a preset request with an identifier based on the analysis result and adding the preset request with the identifier to a preset white list.
By carrying out security detection on the access request, the embodiment of the invention can improve the data security in the server, reduce the resource occupation of the server by the malicious access request, reduce the load of the server and meet the normal use of the server resource by the normal access request.
In another aspect, an embodiment of the present invention further provides an electronic device, which includes a processor, a memory, and a computer program stored on the memory and capable of running on the processor, and when executed by the processor, the computer program implements the steps of the above method.
In another aspect, an embodiment of the present invention further provides a computer-readable storage medium, on which a computer program is stored, which, when executed by a processor, implements the steps of the method as described above.
The embodiments in the present specification are described in a progressive manner, each embodiment focuses on differences from other embodiments, and the same and similar parts among the embodiments are referred to each other.
As will be appreciated by one skilled in the art, embodiments of the present invention may be provided as a method, apparatus, or computer program product. Accordingly, embodiments of the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, embodiments of the present invention may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
Embodiments of the present invention are described with reference to flowchart illustrations and/or block diagrams of methods, terminal devices (systems), and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing terminal to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing terminal, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing terminal to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing terminal to cause a series of operational steps to be performed on the computer or other programmable terminal to produce a computer implemented process such that the instructions which execute on the computer or other programmable terminal provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
While preferred embodiments of the present invention have been described, additional variations and modifications of these embodiments may occur to those skilled in the art once they learn of the basic inventive concepts. Therefore, it is intended that the appended claims be interpreted as including preferred embodiments and all such alterations and modifications as fall within the scope of the embodiments of the invention.
Finally, it should also be noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "include", "including" or any other variations thereof are intended to cover non-exclusive inclusion, so that a process, method, article, or terminal device including a series of elements includes not only those elements but also other elements not explicitly listed or inherent to such process, method, article, or terminal device. Without further limitation, an element defined by the phrase "comprising a … …" does not exclude the presence of another identical element in a process, method, article, or terminal apparatus that comprises the element.
The above detailed description is provided for a safety protection method and a safety protection device provided by the present invention, and the principle and the implementation of the present invention are explained in the present document by applying specific examples, and the description of the above examples is only used to help understanding the method and the core idea of the present invention; meanwhile, for a person skilled in the art, according to the idea of the present invention, there may be variations in the specific embodiments and the application scope, and in summary, the content of the present specification should not be construed as a limitation to the present invention.
Claims (10)
1. A safety protection method is used for data safety protection of a server, and is characterized in that an access control module and a safety audit module are arranged in the server, and the method comprises the following steps:
acquiring an access request sent by a client, wherein the access request comprises a file format and an access address;
judging whether the access request meets a preset condition or not through the access control module;
if the access request does not meet the preset condition, performing security detection on the access request based on the security audit module, and obtaining a detection result;
when the detection result shows that the access request is a safe access request, allowing the client to access the server;
and when the detection result shows that the access request is a malicious access request, intercepting the access request of the client.
2. The security protection method according to claim 1, wherein a security plug-in is provided on the security audit module, and the performing security detection on the access request based on the security audit module includes:
the security plug-in is used for performing routine check on the access request according to a security policy of a local cache, and the security plug-in acquires parameters in the access request, wherein the parameters comprise a user name, an access address IP, an execution statement, an operation type and a target resource;
if a security policy matched with the parameters in the access request is found, the security plug-in determines whether to record an audit log according to the security policy;
and if no security policy matched with the parameters in the access request is found, the security plug-in is processed according to a default auditing mode in service setting, wherein the default auditing mode comprises default full records and default non-records.
3. The security protection method according to claim 2, wherein a risk level is further set on the security audit module, the security policy includes a policy with risk behavior, the risk level includes high risk, medium risk and low risk, after finding a security policy matching a parameter in the access request,
when any parameter in the access request hits the strategy with risk behaviors, the security audit module records the access process of the access request and generates an access log.
4. The security protection method according to claim 1, wherein the determining, by the access control module, whether the access request satisfies a preset condition includes:
judging whether the access request exists in a preset white list or not through the access control module, wherein the white list is used for storing a plurality of preset safe access requests and comprises an access address trusted by the server and a file format trusted by the server;
if the access request exists in a preset white list, determining that the access request is a safe access request;
if not, judging whether the access request meets a preset interception rule or not;
if so, determining the access request as a malicious access request;
and if not, determining that the access request is a safe access request.
5. The security protection method of claim 4, wherein after determining that the access request is a malicious access request, the method further comprises:
and recording the access address of the malicious access request, and generating an interception log of the malicious access request.
6. The method of claim 5, wherein after generating the interception log of the malicious access request, the method further comprises:
analyzing the interception log, and updating the access control module and the safety audit module based on the analysis result.
7. The security protection method according to claim 4, wherein before obtaining the access request sent by the client, the method further comprises:
recording the file format and the access address of the normal access request within the preset time;
analyzing the normal access request and obtaining an analysis result;
and determining a preset request with an identifier based on the analysis result, and adding the preset request with the identifier to a preset white list.
8. The utility model provides a safety device for the data security protection of server, its characterized in that is provided with access control module and security audit module in the server, the device includes:
the access request acquisition module is used for acquiring an access request sent by a client, wherein the access request comprises a file format and an access address;
the first access judging module is used for judging whether the access request meets a preset condition or not through the access control module;
the access request detection module is used for carrying out security detection on the access request based on the security audit module and obtaining a detection result if the access request does not meet a preset condition;
the second access judging module is used for allowing the client to access the server when the detection result shows that the access request is a safe access request;
and the third access judging module is used for intercepting the access request of the client when the detection result shows that the access request is a malicious access request.
9. An electronic device, comprising: processor, memory and computer program stored on the memory and capable of running on the processor, which computer program, when executed by the processor, carries out the steps of the method according to any one of claims 1 to 7.
10. A computer-readable storage medium, on which a computer program is stored which, when being executed by a processor, carries out the steps of the method according to any one of claims 1 to 7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210758097.7A CN115296844A (en) | 2022-06-29 | 2022-06-29 | Safety protection method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210758097.7A CN115296844A (en) | 2022-06-29 | 2022-06-29 | Safety protection method and device |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN115296844A true CN115296844A (en) | 2022-11-04 |
Family
ID=83822059
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210758097.7A Pending CN115296844A (en) | 2022-06-29 | 2022-06-29 | Safety protection method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115296844A (en) |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20040193716A1 (en) * | 2003-03-31 | 2004-09-30 | Mcconnell Daniel Raymond | Client distribution through selective address resolution protocol reply |
| CN102611756A (en) * | 2012-03-28 | 2012-07-25 | 北京蓝汛通信技术有限责任公司 | Method and system for sending access request |
| CN103685315A (en) * | 2013-12-30 | 2014-03-26 | 曙光云计算技术有限公司 | Method and device for defending denial of service attack |
| CN111193700A (en) * | 2019-08-27 | 2020-05-22 | 腾讯科技(深圳)有限公司 | Safety protection method, safety protection device and storage medium |
| CN111931218A (en) * | 2020-09-22 | 2020-11-13 | 安徽长泰信息安全服务有限公司 | Client data safety protection device and protection method |
-
2022
- 2022-06-29 CN CN202210758097.7A patent/CN115296844A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20040193716A1 (en) * | 2003-03-31 | 2004-09-30 | Mcconnell Daniel Raymond | Client distribution through selective address resolution protocol reply |
| CN102611756A (en) * | 2012-03-28 | 2012-07-25 | 北京蓝汛通信技术有限责任公司 | Method and system for sending access request |
| CN103685315A (en) * | 2013-12-30 | 2014-03-26 | 曙光云计算技术有限公司 | Method and device for defending denial of service attack |
| CN111193700A (en) * | 2019-08-27 | 2020-05-22 | 腾讯科技(深圳)有限公司 | Safety protection method, safety protection device and storage medium |
| CN111931218A (en) * | 2020-09-22 | 2020-11-13 | 安徽长泰信息安全服务有限公司 | Client data safety protection device and protection method |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US8549645B2 (en) | System and method for detection of denial of service attacks | |
| CN109743315B (en) | Behavior identification method, behavior identification device, behavior identification equipment and readable storage medium for website | |
| CN109586282B (en) | Power grid unknown threat detection system and method | |
| CN110417778B (en) | Access request processing method and device | |
| CN106407830B (en) | Cloud-based database detection method and device | |
| CN111460445B (en) | Sample program malicious degree automatic identification method and device | |
| WO2016121348A1 (en) | Anti-malware device, anti-malware system, anti-malware method, and recording medium in which anti-malware program is stored | |
| JP6282217B2 (en) | Anti-malware system and anti-malware method | |
| JP6750457B2 (en) | Network monitoring device, program and method | |
| CN111404949A (en) | Flow detection method, device, equipment and storage medium | |
| CN108183884B (en) | Network attack determination method and device | |
| CN104426836A (en) | Invasion detection method and device | |
| CN111131166B (en) | User behavior prejudging method and related equipment | |
| CN115906184B (en) | Method, device, medium and electronic equipment for controlling process to access files | |
| CN111241547B (en) | Method, device and system for detecting override vulnerability | |
| RU2587424C1 (en) | Method of controlling applications | |
| CN115189938A (en) | Service safety protection method and device | |
| CN111949363A (en) | Service access management method, computer equipment, storage medium and system | |
| CN115189937A (en) | Security protection method and device for client data | |
| CN115296844A (en) | Safety protection method and device | |
| CN114039778A (en) | Request processing method, device, equipment and readable storage medium | |
| CN114021115A (en) | Malicious application detection method and device, storage medium and processor | |
| CN111159714B (en) | Method and system for verifying credibility of main body in operation in access control | |
| CN116346488B (en) | Unauthorized access detection method and device | |
| EP3556084A1 (en) | Automated server deployment platform |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |