CN101448005B - Method, system and equipment for data security detection at gateway - Google Patents
Method, system and equipment for data security detection at gateway Download PDFInfo
- Publication number
- CN101448005B CN101448005B CN2008102415653A CN200810241565A CN101448005B CN 101448005 B CN101448005 B CN 101448005B CN 2008102415653 A CN2008102415653 A CN 2008102415653A CN 200810241565 A CN200810241565 A CN 200810241565A CN 101448005 B CN101448005 B CN 101448005B
- Authority
- CN
- China
- Prior art keywords
- activex control
- browser
- action
- shell script
- module
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000001514 detection method Methods 0.000 title claims abstract description 42
- 238000000034 method Methods 0.000 title claims abstract description 13
- 238000013515 script Methods 0.000 claims abstract description 111
- 230000009471 action Effects 0.000 claims abstract description 90
- 230000000875 corresponding effect Effects 0.000 claims abstract description 10
- GOLXNESZZPUPJE-UHFFFAOYSA-N spiromesifen Chemical compound CC1=CC(C)=CC(C)=C1C(C(O1)=O)=C(OC(=O)CC(C)(C)C)C11CCCC1 GOLXNESZZPUPJE-UHFFFAOYSA-N 0.000 claims description 24
- 230000005540 biological transmission Effects 0.000 claims description 10
- 238000009434 installation Methods 0.000 claims description 9
- 238000004088 simulation Methods 0.000 claims description 4
- 230000006837 decompression Effects 0.000 claims description 2
- 230000009545 invasion Effects 0.000 abstract 1
- 230000008569 process Effects 0.000 description 4
- 239000008186 active pharmaceutical agent Substances 0.000 description 1
- 230000008901 benefit Effects 0.000 description 1
- 230000006870 function Effects 0.000 description 1
- 239000007943 implant Substances 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012797 qualification Methods 0.000 description 1
Images
Landscapes
- Computer And Data Communications (AREA)
Abstract
The invention is suitable for the technical field of network security, and provides a method, a system and equipment for data security detection at a gateway, wherein the method comprises the following steps: acquiring a script program and/or an ActiveX control transmitted to a browser by a network; carrying out classification detection on the script program and/or the ActiveX control; and executing corresponding actions according to the types of the script programs and/or the ActiveX controls. In the embodiment of the invention, the script program and/or the ActiveX control transmitted to the browser on the network are acquired and classified to detect, and the corresponding allowed or forbidden action is executed according to the category of the script program and/or the ActiveX control, so that the invasion of a malicious script program or a malicious binary program is prevented, and the safety of the network is ensured.
Description
Technical field
The invention belongs to the network security technology field, relate in particular to and a kind ofly carry out data security detection method, system and equipment at gateway.
Background technology
Browser is expanded its function through running client script and the mode that loads control; Windows scripting host host (Windows Scripting Host; WSH) receive the support of various browsers with ActiveX control; WSH is the interface that one group of script is handled the windows host resource, as long as enough authorities are arranged, the script of server can be through any resource of this interface control client host; ActiveX is the carrier of binary code; It can comprise calling any API of windows; If the interface that script or ActiveX called is not carried out control of authority, from the script or the ActiveX control of malicious server, the client host of will having an opportunity to handle; For example steal its hard disk information, implant wooden horse etc.
Through the secure option of client browser is set; Forbid some perhaps all execution of script/ActiveX controls; Perhaps, not use and management of client member user, make script/ActiveX not possess enough authorities and handle client resource; But this method all depends on the understanding of browser client to network security, is difficult to guarantee that all Intranet clients do not receive the attack of malicious script/control.
Summary of the invention
The purpose of the embodiment of the invention is to provide a kind of and carries out the data security detection method at gateway, is intended to solve and passes through the problem that browser is introduced malicious script program or malice binary program in the prior art.
The embodiment of the invention is achieved in that a kind ofly carries out the data security detection method at gateway, and said method comprises the steps:
Obtain shell script and/or the ActiveX control of Network Transmission to browser;
According to whether having called the WSH interface said shell script is classified, through whether needing administrator right that said ActiveX control is classified;
According to the classification of said shell script and/or ActiveX control, carry out following actions respectively:
1) when said shell script does not call the WSH interface, carries out the action that allows said shell script on browser, to move; When said shell script calls the WSH interface, judge whether gateway is provided with the secure option of forbidding browser execution WSH script; When gateway being provided with forbidden the secure option of browser execution WSH shell script, continue to check whether the server that said shell script is provided is server trusty, be then to carry out the action that allows said shell script on browser, to move; Forbid the action that said shell script moves otherwise carry out on browser; When gateway is provided with the secure option that allows browser execution WSH shell script, carry out the action that allows said shell script on browser, to move;
And/or
2) when said ActiveX control needs administrator right, judge whether gateway is provided with and forbid that browser execution needs the secure option of the ActiveX control of administrator right; When gateway is provided with when forbidding that browser execution needs the secure option of ActiveX control of administrator right; Continuing to check whether the server that said ActiveX control is provided is server trusty, is then to carry out the action that allows said ActiveX control on browser, to move; Forbid the action that said ActiveX control moves otherwise carry out on browser; When gateway is provided with the secure option of the ActiveX control that allows browser execution to need administrator right, carry out the action that allows said ActiveX control on browser, to move; When said ActiveX control does not need administrator right, carry out the action that allows said ActiveX control on browser, to move.
Another purpose of the embodiment of the invention is to provide a kind of and carries out the data security detection system at gateway, and said system comprises:
Acquisition module is used to obtain shell script and/or the ActiveX control of Network Transmission to browser;
Whether the classification and Detection module is used for according to whether having called the WSH interface said shell script being classified, through needing administrator right that said ActiveX control is classified; And
The action Executive Module is used for the classification according to said shell script and/or ActiveX control, carries out corresponding action;
Said action Executive Module comprises the first action Executive Module and the second action Executive Module, and the said first action Executive Module comprises that specifically first judge module, first allows the action Executive Module and the first prohibited acts Executive Module, wherein:
When said shell script did not call the WSH interface, first allowed the action Executive Module to carry out the action that allows said shell script on browser, to move;
When said shell script called the WSH interface, first judge module judged whether gateway is provided with the secure option of forbidding browser execution WSH script;
When said first judge module judges that gateway is provided with the secure option of forbidding browser execution WSH shell script; First judge module continues to check whether the server that said shell script is provided is server trusty, is then first to allow the action Executive Module to carry out the action that allows said shell script on browser, to move; Otherwise the first prohibited acts Executive Module is carried out and forbid the action that said shell script moves on browser; And
When said first judge module judged that gateway is provided with the secure option that allows browser execution WSH shell script, first allowed the action Executive Module to carry out the action that allows said shell script on browser, to move;
The said second action Executive Module comprises that specifically second judge module, second allows the action Executive Module and the second prohibited acts Executive Module, wherein:
When said ActiveX control needed administrator right, second judge module was judged whether gateway is provided with and is forbidden that browser execution needs the secure option of the ActiveX control of administrator right;
Judging gateway when second judge module is provided with when forbidding that browser execution needs the secure option of ActiveX control of administrator right; Second judge module continues to check whether the server that said ActiveX control is provided is server trusty, is then second to allow the action Executive Module to carry out the action that allows said ActiveX control on browser, to move; Otherwise the second prohibited acts Executive Module is carried out and forbid the action that said ActiveX control moves on browser;
When second judge module judged that gateway is provided with the secure option of the ActiveX control that allows browser execution to need administrator right, second prohibited acts allowed module to carry out the action that allows said ActiveX control on browser, to move; And
When said ActiveX control did not need administrator right, second allowed the action Executive Module to carry out the action that allows said ActiveX control on browser, to move.
Another purpose of the embodiment of the invention is to provide a kind of network data security checkout equipment that carries out the data security detection system at gateway.
In embodiments of the present invention; Obtain the also shell script and/or the ActiveX control of classification and Detection transmission over networks; Classification according to shell script and/or ActiveX control; Carry out the action allow accordingly or forbid, prevent the intrusion of binary program of shell script or the malice of malice, guaranteed the safety of network.
Description of drawings
Fig. 1 be the embodiment of the invention provide carry out the realization flow figure of data security detection method at gateway;
Fig. 2 be the embodiment of the invention provide ActiveX control is carried out the realization flow figure of classification and Detection;
Fig. 3 is the classification according to shell script that the embodiment of the invention provides, and carries out the realization flow figure of corresponding action;
Fig. 4 is the classification according to shell script that the embodiment of the invention provides, and carries out the realization flow figure of corresponding action;
Fig. 5 be the embodiment of the invention provide carry out the structured flowchart of data security detection system at gateway;
Fig. 6 is the structured flowchart of the control classification and Detection module that provides of the embodiment of the invention;
Fig. 7 be the embodiment of the invention provide first the action Executive Module structured flowchart;
Fig. 8 be the embodiment of the invention provide second the action Executive Module structured flowchart.
Embodiment
In order to make the object of the invention, technical scheme and advantage clearer,, the present invention is further elaborated below in conjunction with accompanying drawing and embodiment.Should be appreciated that specific embodiment described herein only in order to explanation the present invention, and be not used in qualification the present invention.
In embodiments of the present invention, obtain and classification and Detection through the shell script and/or the ActiveX control of gateway transmission, according to the classification of shell script and/or ActiveX control, carry out the action that allows accordingly or forbid.
What Fig. 1 showed that the embodiment of the invention provides carries out the realization flow figure of data security detection method at gateway, and its detailed step is described below:
In step S101, obtain shell script and/or the ActiveX control that is transferred to browser at gateway.
In embodiments of the present invention, shell script is through http protocol transmission, promptly in GET order through the interception http protocol or the html file with<script>The beginning, with</script>The data of ending are obtained shell script.
In embodiments of the present invention, ActiveX control is packaged in cab file or ocx file, therefore obtains ActiveX control through downloading cab file or ocx file.
In step S102, shell script and/or ActiveX control are carried out classification and Detection.
In embodiments of the present invention, according to whether having called the WSH interface shell script is classified; Through whether needing administrator right that ActiveX control is classified.
In step S103,, carry out corresponding action according to the classification of shell script and/or ActiveX control.
What Fig. 2 showed that the embodiment of the invention provides carries out the realization flow of classification and Detection to ActiveX control, and its detailed step is described below:
In step S201, ActiveX control is carried out decompress(ion).
In step S202, the ActiveX control behind the parsing decompress(ion), and simulation installation ActiveX control obtain the client file of installation.
In step S203, the client file that scanning is installed judges whether ActiveX control needs administrator right.
Fig. 3 shows the classification according to shell script that the embodiment of the invention provides, and carries out the realization flow of corresponding action, and its detailed step is described below:
In step S301, judge whether shell script calls the WSH interface, be execution in step S303 then, otherwise execution in step S302.
In embodiments of the present invention, the process of this judgement is the process to the classification and Detection of shell script, according to whether having called the WSH interface, shell script is classified, and is divided into shell script that does not call the WSH interface and the shell script that calls the WSH interface.
In step S302, carry out the action that allows shell script on browser, to move.
In embodiments of the present invention, carry out the action that allows shell script on browser, to move, promptly this shell script that does not call the WSH interface is not tackled, clearance is passed through, and supplies user's downloading-running on browser.
In step S303, judge whether gateway is provided with the secure option of forbidding browser execution WSH shell script, be execution in step S304 then, otherwise execution in step S302.
In embodiments of the present invention; The user can be provided with the secure option of client browser; Forbid some perhaps execution of whole shell scripts, when the user has carried out being provided with of secure option to browser, when promptly being provided with the execution of forbidding shell script; No matter whether this shell script safety, all forbid sending on this browser.
In step S304, judge to check whether the server that shell script is provided is server trusty, be execution in step S302 then, otherwise execution in step S305.
In step S305, carry out and forbid the action that shell script moves on browser.
Fig. 4 shows the classification according to shell script that the embodiment of the invention provides, and carries out the realization flow of corresponding action, and its detailed step is described below:
In step S401, judge whether ActiveX control needs administrator right, be execution in step S402 then, otherwise execution in step S404.
In embodiments of the present invention; The process of this judgement is the process to the classification and Detection of ActiveX control; According to ActiveX control whether the needs administrator rights; ActiveX control is classified, be divided into ActiveX control that needs administrator right and the ActiveX control that does not need administrator right.
In step S402, judge whether gateway is provided with and forbid that browser execution needs the secure option of the ActiveX control of administrator right, be execution in step S403 then, otherwise execution in step S404.
In embodiments of the present invention; The user can be provided with the secure option of client browser; Forbid some perhaps execution of whole ActiveX controls, when the user has carried out being provided with of secure option to browser, when promptly being provided with the execution of forbidding ActiveX control; No matter whether this ActiveX control safety, all forbid sending on this browser.
In step S403, judge to check whether the server that ActiveX control is provided is server trusty, be execution in step S404 then, otherwise execution in step S405.
In step S404, carry out the action that allows ActiveX control on browser, to move.
In step S405, carry out and forbid the action that ActiveX control moves on browser.
In embodiments of the present invention, execution is forbidden the action that ActiveX control moves promptly not needing the ActiveX control of administrator right to tackle to this on browser.
What Fig. 5 showed that the embodiment of the invention provides carries out the structured flowchart of data security detection system at gateway; For the ease of explanation; Only provided the part relevant among the figure, carried out the data security detection system at gateway and can be software unit, hardware cell or the software and hardware combining unit that is built in the network data security checkout equipment with the embodiment of the invention.
In embodiments of the present invention, the network data security checkout equipment can be gateway device or bridge, as long as can reach the hardware device of the object of the invention, not in order to restriction the present invention.
In embodiments of the present invention, classification and Detection module 12 comprises shell script classification and Detection module 121 and control classification and Detection module 122, wherein:
As shown in Figure 6,1221 pairs of ActiveX controls of decompression module carry out decompress(ion); Client file acquisition module 1222 is resolved the ActiveX control behind the decompress(ion), and simulation installation ActiveX control, obtains the client file of installation; The client file that scan module 1223 scannings are installed judges whether ActiveX control needs administrator right.
In embodiments of the present invention, action Executive Module 13 comprises the first action Executive Module 131 and the second action Executive Module 132, wherein:
As shown in Figure 7, when classification and Detection module 12 judged that shell script does not call the WSH interface, first allowed action Executive Module 1311 to carry out the action that allows shell script on browser, to move; When classification and Detection module 12 judged that shell script calls the WSH interface, first judge module 1312 judged whether gateway is provided with the secure option of forbidding browser execution WSH shell script; When first judge module 1312 judges that gateway is provided with the secure option of forbidding browser execution WSH shell script; First judge module 1312 continues to check whether the server that shell script is provided is server trusty, is then first to allow action Executive Module 1311 to carry out the action that allows shell script on browser, to move; Otherwise the first prohibited acts Executive Module 1313 is carried out and forbid the action that shell script moves on browser; When first judge module 1312 judged that gateway is provided with the secure option that allows browser execution WSH shell script, first allowed action Executive Module 1313 to carry out the action that allows shell script on browser, to move.
As shown in Figure 8, when classification and Detection module 12 judged that ActiveX controls need administrator right, second judge module 1321 was judged whether gateway is provided with and is forbidden that browser execution needs the secure option of the ActiveX control of administrator right; Judging gateways when second judge module 1321 is provided with when forbidding that browser execution needs the secure option of ActiveX control of administrator right; Second judge module 1321 continues to check whether the server that ActiveX control is provided is server trusty, is then second to allow action Executive Module 1322 to carry out the action that allows ActiveX control on browser, to move; Otherwise the second prohibited acts Executive Module 1323 is carried out and forbid the action that ActiveX control moves on browser; When second judge module 1321 judged that gateway is provided with the secure option of the ActiveX control that allows browser execution to need administrator right, second allowed action Executive Module 1323 to carry out the action that allows ActiveX control on browser, to move; When classification and Detection module 12 judged that ActiveX control does not need administrator right, second allowed action Executive Module 1322 to carry out the action that allows ActiveX control on browser, to move.
In embodiments of the present invention; Obtain and the classification and Detection transmission over networks to the shell script and/or the ActiveX control of browser; Classification according to shell script and/or ActiveX control; Carry out the action allow accordingly or forbid, prevent the intrusion of binary program of shell script or the malice of malice, guaranteed the safety of network.
One of ordinary skill in the art will appreciate that all or part of step that realizes in the foregoing description method is to instruct relevant hardware to accomplish through program; Described program can be in being stored in a computer read/write memory medium; Described storage medium is like ROM/RAM, disk, CD etc.
The above is merely preferred embodiment of the present invention, not in order to restriction the present invention, all any modifications of within spirit of the present invention and principle, being done, is equal to and replaces and improvement etc., all should be included within protection scope of the present invention.
Claims (6)
1. one kind is carried out the data security detection method at gateway, it is characterized in that said method comprises the steps:
Obtain shell script and/or the ActiveX control of Network Transmission to browser;
According to whether having called the WSH interface said shell script is classified, through whether needing administrator right that said ActiveX control is classified;
According to the classification of said shell script and/or ActiveX control, carry out following actions respectively:
1) when said shell script does not call the WSH interface, carries out the action that allows said shell script on browser, to move; When said shell script calls the WSH interface, judge whether gateway is provided with the secure option of forbidding browser execution WSH script; When gateway being provided with forbidden the secure option of browser execution WSH shell script, continue to check whether the server that said shell script is provided is server trusty, be then to carry out the action that allows said shell script on browser, to move; Forbid the action that said shell script moves otherwise carry out on browser; When gateway is provided with the secure option that allows browser execution WSH shell script, carry out the action that allows said shell script on browser, to move;
And/or
2) when said ActiveX control needs administrator right, judge whether gateway is provided with and forbid that browser execution needs the secure option of the ActiveX control of administrator right; When gateway is provided with when forbidding that browser execution needs the secure option of ActiveX control of administrator right; Continuing to check whether the server that said ActiveX control is provided is server trusty, is then to carry out the action that allows said ActiveX control on browser, to move; Forbid the action that said ActiveX control moves otherwise carry out on browser; When gateway is provided with the secure option of the ActiveX control that allows browser execution to need administrator right, carry out the action that allows said ActiveX control on browser, to move; When said ActiveX control does not need administrator right, carry out the action that allows said ActiveX control on browser, to move.
2. the method for claim 1 is characterized in that, said shell script is through the http protocol transmission; Said ActiveX control is packaged in cab file or the ocx file.
3. the method for claim 1 is characterized in that, the said step that said ActiveX control is carried out classification and Detection specifically comprises the steps:
Said ActiveX control is carried out decompress(ion);
ActiveX control behind the parsing decompress(ion), and the said ActiveX control of simulation installation obtain the client file of installation;
Scan the client file of said installation, judge whether said ActiveX control needs administrator right.
4. one kind is carried out the data security detection system at gateway, it is characterized in that said system comprises:
Acquisition module is used to obtain shell script and/or the ActiveX control of Network Transmission to browser;
Whether the classification and Detection module is used for according to whether having called the WSH interface said shell script being classified, through needing administrator right that said ActiveX control is classified; And
The action Executive Module is used for the classification according to said shell script and/or ActiveX control, carries out corresponding action;
Said action Executive Module comprises the first action Executive Module and the second action Executive Module, and the said first action Executive Module comprises that specifically first judge module, first allows the action Executive Module and the first prohibited acts Executive Module, wherein:
When said shell script did not call the WSH interface, first allowed the action Executive Module to carry out the action that allows said shell script on browser, to move;
When said shell script called the WSH interface, first judge module judged whether gateway is provided with the secure option of forbidding browser execution WSH script;
When said first judge module judges that gateway is provided with the secure option of forbidding browser execution WSH shell script; First judge module continues to check whether the server that said shell script is provided is server trusty, is then first to allow the action Executive Module to carry out the action that allows said shell script on browser, to move; Otherwise the first prohibited acts Executive Module is carried out and forbid the action that said shell script moves on browser; And
When said first judge module judged that gateway is provided with the secure option that allows browser execution WSH shell script, first allowed the action Executive Module to carry out the action that allows said shell script on browser, to move;
The said second action Executive Module comprises that specifically second judge module, second allows the action Executive Module and the second prohibited acts Executive Module, wherein:
When said ActiveX control needed administrator right, second judge module was judged whether gateway is provided with and is forbidden that browser execution needs the secure option of the ActiveX control of administrator right;
Judge when second judge module that gateway is provided with and forbid that browser execution needs administrator right
During the secure option of ActiveX control; Second judge module continues to check whether the server that said ActiveX control is provided is server trusty, is then second to allow the action Executive Module to carry out the action that allows said ActiveX control on browser, to move; Otherwise the second prohibited acts Executive Module is carried out and forbid the action that said ActiveX control moves on browser;
When second judge module judged that gateway is provided with the secure option of the ActiveX control that allows browser execution to need administrator right, second prohibited acts allowed module to carry out the action that allows said ActiveX control on browser, to move; And
When said ActiveX control did not need administrator right, second allowed the action Executive Module to carry out the action that allows said ActiveX control on browser, to move.
5. system as claimed in claim 4 is characterized in that, said classification and Detection module comprises shell script classification and Detection module and control classification and Detection module, and wherein, said control classification and Detection module specifically comprises:
Decompression module is used for said ActiveX control is carried out decompress(ion);
The client file acquisition module is used to resolve the ActiveX control behind the decompress(ion), and simulation installs said ActiveX control, obtains the client file of installation; And
Scan module is used to scan the client file of said installation, judges whether said ActiveX control needs administrator right.
6. one kind comprises claim 4 or the 5 described network data security checkout equipments that carry out the data security detection system at gateway.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2008102415653A CN101448005B (en) | 2008-12-24 | 2008-12-24 | Method, system and equipment for data security detection at gateway |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2008102415653A CN101448005B (en) | 2008-12-24 | 2008-12-24 | Method, system and equipment for data security detection at gateway |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101448005A CN101448005A (en) | 2009-06-03 |
| CN101448005B true CN101448005B (en) | 2012-05-02 |
Family
ID=40743402
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2008102415653A Active CN101448005B (en) | 2008-12-24 | 2008-12-24 | Method, system and equipment for data security detection at gateway |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101448005B (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104394176A (en) * | 2014-12-17 | 2015-03-04 | 中国人民解放军国防科学技术大学 | Webshell prevention method based on mandatory access control mechanism |
Families Citing this family (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102750281B (en) * | 2011-04-19 | 2015-09-16 | 腾讯科技(深圳)有限公司 | A kind of script processing method of browser and system |
| CN102270132B (en) * | 2011-07-13 | 2014-03-12 | 中国人民解放军海军计算技术研究所 | Control method for script action in Linux operating system |
| CN102663299B (en) * | 2012-04-06 | 2014-10-08 | 北京空间飞行器总体设计部 | Hardware resource information security online detecting system facing to terminal computers |
| CN103634366A (en) * | 2012-08-27 | 2014-03-12 | 北京千橡网景科技发展有限公司 | Method and device for identifying network robot |
| CN104281804A (en) * | 2014-09-22 | 2015-01-14 | 深圳市金立通信设备有限公司 | Terminal |
| CN107070888A (en) * | 2017-03-09 | 2017-08-18 | 北京聚睿智能科技有限公司 | Gateway security management method and equipment |
Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1924866A (en) * | 2006-09-28 | 2007-03-07 | 北京理工大学 | Static feature based web page malicious scenarios detection method |
-
2008
- 2008-12-24 CN CN2008102415653A patent/CN101448005B/en active Active
Patent Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1924866A (en) * | 2006-09-28 | 2007-03-07 | 北京理工大学 | Static feature based web page malicious scenarios detection method |
Non-Patent Citations (1)
| Title |
|---|
| Andrew Conry-Murray.《Product Focus:Behavior-Blocking Stops Unknown Malicious Code》.《network magazine》.2002,第1-10页. * |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104394176A (en) * | 2014-12-17 | 2015-03-04 | 中国人民解放军国防科学技术大学 | Webshell prevention method based on mandatory access control mechanism |
Also Published As
| Publication number | Publication date |
|---|---|
| CN101448005A (en) | 2009-06-03 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101448005B (en) | Method, system and equipment for data security detection at gateway | |
| CN105427096B (en) | Payment security sandbox implementation method and system and application program monitoring method and system | |
| US8826424B2 (en) | Run-time additive disinfection of malware functions | |
| US20150033342A1 (en) | Security detection method and system | |
| CN102932370B (en) | A kind of security sweep method, equipment and system | |
| CN111294345A (en) | Vulnerability detection method, device and equipment | |
| US10826939B2 (en) | Blended honeypot | |
| CN106998335B (en) | Vulnerability detection method, gateway equipment, browser and system | |
| CN110545269A (en) | Access control method, device and storage medium | |
| US20130074160A1 (en) | Method of controlling information processing system, computer-readable recording medium storing program for controlling apparatus | |
| CN109361574B (en) | JavaScript script-based NAT detection method, system, medium and equipment | |
| CN108154026B (en) | Root-free and non-invasive secure communication method and system based on Android system | |
| CN115348086A (en) | Attack protection method and device, storage medium and electronic equipment | |
| Suriadi et al. | Validating denial of service vulnerabilities in web services | |
| CN113987468A (en) | Security check method and security check device | |
| CN109565499B (en) | Attack string generation method and device | |
| CN116112384A (en) | Application flow integrated management method and device and electronic equipment | |
| KR20140113013A (en) | Terminal device and control method thereof | |
| CN111475763B (en) | Webpage running method and device, storage medium and equipment | |
| CN113836529A (en) | Process detection method, device, storage medium and computer equipment | |
| CN108595954A (en) | A kind of malicious act monitoring method based on run time verification | |
| Sun et al. | Secure HybridApp: A detection method on the risk of privacy leakage in HTML5 hybrid applications based on dynamic taint tracking | |
| CN104850785B (en) | A kind of android safe and intelligents accessory system | |
| CN113726728B (en) | Safety protection system and application system transformation processing method and device | |
| CN113407940B (en) | Script detection method, script detection device, storage medium and computer equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CP03 | Change of name, title or address |
Address after: Nanshan District Xueyuan Road in Shenzhen city of Guangdong province 518000 No. 1001 Nanshan Chi Park building A1 layer Patentee after: SINFOR Polytron Technologies Inc Address before: 518000, four floor, Pioneer Road, 1 Qilin Road, Shenzhen, Guangdong, Nanshan District Patentee before: Shenxinfu Electronics Science and Technology Co., Ltd., Shenzhen |
|
| CP03 | Change of name, title or address |