CN102833269B - 跨站攻击的检测方法、装置和具有该装置的防火墙 - Google Patents
跨站攻击的检测方法、装置和具有该装置的防火墙 Download PDFInfo
- Publication number
- CN102833269B CN102833269B CN201210346751.XA CN201210346751A CN102833269B CN 102833269 B CN102833269 B CN 102833269B CN 201210346751 A CN201210346751 A CN 201210346751A CN 102833269 B CN102833269 B CN 102833269B
- Authority
- CN
- China
- Prior art keywords
- parameter
- cross
- carried out
- data
- site
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000001514 detection method Methods 0.000 title claims abstract description 39
- 238000004458 analytical method Methods 0.000 claims abstract description 108
- 230000000877 morphologic effect Effects 0.000 claims abstract description 58
- 238000000354 decomposition reaction Methods 0.000 claims abstract description 33
- 238000000034 method Methods 0.000 claims description 17
- 235000014510 cooky Nutrition 0.000 claims description 5
- 230000014509 gene expression Effects 0.000 abstract description 21
- 238000005259 measurement Methods 0.000 abstract description 5
- 230000006399 behavior Effects 0.000 description 19
- 238000010586 diagram Methods 0.000 description 7
- 238000010801 machine learning Methods 0.000 description 7
- 230000008569 process Effects 0.000 description 6
- 238000004364 calculation method Methods 0.000 description 5
- 238000005516 engineering process Methods 0.000 description 5
- 230000000694 effects Effects 0.000 description 3
- 230000003044 adaptive effect Effects 0.000 description 2
- 230000008859 change Effects 0.000 description 2
- 238000007405 data analysis Methods 0.000 description 2
- 230000002950 deficient Effects 0.000 description 2
- 238000002347 injection Methods 0.000 description 2
- 239000007924 injection Substances 0.000 description 2
- 230000009467 reduction Effects 0.000 description 2
- 230000002159 abnormal effect Effects 0.000 description 1
- 239000012141 concentrate Substances 0.000 description 1
- 238000007418 data mining Methods 0.000 description 1
- JEIPFZHSYJVQDO-UHFFFAOYSA-N ferric oxide Chemical compound O=[Fe]O[Fe]=O JEIPFZHSYJVQDO-UHFFFAOYSA-N 0.000 description 1
- ZXQYGBMAQZUVMI-GCMPRSNUSA-N gamma-cyhalothrin Chemical compound CC1(C)[C@@H](\C=C(/Cl)C(F)(F)F)[C@H]1C(=O)O[C@H](C#N)C1=CC=CC(OC=2C=CC=CC=2)=C1 ZXQYGBMAQZUVMI-GCMPRSNUSA-N 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 239000000203 mixture Substances 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
- 239000000243 solution Substances 0.000 description 1
- 238000007619 statistical method Methods 0.000 description 1
- 238000012360 testing method Methods 0.000 description 1
Landscapes
- Storage Device Security (AREA)
- Devices For Executing Special Programs (AREA)
Abstract
Description
Claims (10)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201210346751.XA CN102833269B (zh) | 2012-09-18 | 2012-09-18 | 跨站攻击的检测方法、装置和具有该装置的防火墙 |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201210346751.XA CN102833269B (zh) | 2012-09-18 | 2012-09-18 | 跨站攻击的检测方法、装置和具有该装置的防火墙 |
Publications (2)
Publication Number | Publication Date |
---|---|
CN102833269A CN102833269A (zh) | 2012-12-19 |
CN102833269B true CN102833269B (zh) | 2016-03-30 |
Family
ID=47336239
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201210346751.XA Active CN102833269B (zh) | 2012-09-18 | 2012-09-18 | 跨站攻击的检测方法、装置和具有该装置的防火墙 |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN102833269B (zh) |
Families Citing this family (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104601540B (zh) * | 2014-12-05 | 2018-11-16 | 华为技术有限公司 | 一种跨站脚本XSS攻击防御方法及Web服务器 |
CN104601556B (zh) * | 2014-12-30 | 2017-12-26 | 中国科学院信息工程研究所 | 一种面向web的攻击检测方法及系统 |
CN106202889A (zh) * | 2016-06-30 | 2016-12-07 | 上海艾牙健康科技有限公司 | 一种口腔微视仪应用系统及全口拍摄方法 |
CN109218339B (zh) * | 2017-06-29 | 2021-08-10 | 北京京东尚科信息技术有限公司 | 请求处理方法和装置 |
CN109726185B (zh) * | 2018-12-28 | 2020-12-25 | 杭州安恒信息技术股份有限公司 | 一种基于语法树的日志解析方法、系统和计算机可读介质 |
CN110602029B (zh) * | 2019-05-15 | 2022-06-28 | 上海云盾信息技术有限公司 | 一种用于识别网络攻击的方法和系统 |
CN110650117B (zh) * | 2019-08-01 | 2022-03-25 | 平安科技(深圳)有限公司 | 跨站攻击防护方法、装置、设备及存储介质 |
CN112883372B (zh) * | 2019-11-29 | 2024-02-09 | 中国电信股份有限公司 | 跨站脚本攻击检测方法和装置 |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101459548A (zh) * | 2007-12-14 | 2009-06-17 | 北京启明星辰信息技术股份有限公司 | 一种脚本注入攻击检测方法和系统 |
CN101751530A (zh) * | 2009-12-29 | 2010-06-23 | 成都市华为赛门铁克科技有限公司 | 检测漏洞攻击行为的方法及设备 |
CN101895516A (zh) * | 2009-05-19 | 2010-11-24 | 北京启明星辰信息技术股份有限公司 | 一种跨站脚本攻击源的定位方法及装置 |
-
2012
- 2012-09-18 CN CN201210346751.XA patent/CN102833269B/zh active Active
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101459548A (zh) * | 2007-12-14 | 2009-06-17 | 北京启明星辰信息技术股份有限公司 | 一种脚本注入攻击检测方法和系统 |
CN101895516A (zh) * | 2009-05-19 | 2010-11-24 | 北京启明星辰信息技术股份有限公司 | 一种跨站脚本攻击源的定位方法及装置 |
CN101751530A (zh) * | 2009-12-29 | 2010-06-23 | 成都市华为赛门铁克科技有限公司 | 检测漏洞攻击行为的方法及设备 |
Also Published As
Publication number | Publication date |
---|---|
CN102833269A (zh) | 2012-12-19 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN102833269B (zh) | 跨站攻击的检测方法、装置和具有该装置的防火墙 | |
Gupta et al. | XSS-secure as a service for the platforms of online social network-based multimedia web applications in cloud | |
CN102833270A (zh) | Sql注入攻击的检测方法、装置和具有该装置的防火墙 | |
Gupta et al. | Enhancing the browser-side context-aware sanitization of suspicious HTML5 code for halting the DOM-based XSS vulnerabilities in cloud | |
CN103744802B (zh) | Sql注入攻击的识别方法及装置 | |
US8024804B2 (en) | Correlation engine for detecting network attacks and detection method | |
US8225402B1 (en) | Anomaly-based detection of SQL injection attacks | |
Tajpour et al. | SQL injection detection and prevention tools assessment | |
US8051484B2 (en) | Method and security system for indentifying and blocking web attacks by enforcing read-only parameters | |
Tajpour et al. | Comparison of SQL injection detection and prevention techniques | |
US20140173736A1 (en) | Method and system for detecting webpage Trojan embedded | |
US20110066585A1 (en) | Extracting information from unstructured data and mapping the information to a structured schema using the naïve bayesian probability model | |
Tripp et al. | Finding your way in the testing jungle: A learning approach to web security testing | |
CN101447991A (zh) | 用于测试入侵检测系统的测试装置及测试方法 | |
CN110602021A (zh) | 一种基于http请求行为与业务流程相结合的安全风险值评估方法 | |
CN106203095A (zh) | 一种webshell的检测方法和检测系统 | |
CN108683685A (zh) | 一种针对xss攻击的云安全cdn系统及监测方法 | |
CN107122657B (zh) | 一种防御sql注入攻击的数据库代理装置 | |
Chaudhary et al. | Securing heterogeneous embedded devices against XSS attack in intelligent IoT system | |
CN117240598B (zh) | 攻击检测方法、装置、终端设备及存储介质 | |
CN101471781A (zh) | 一种脚本注入事件处理方法和系统 | |
Aliero et al. | Review on SQL injection protection methods and tools | |
Das et al. | Detection of cross-site scripting attack under multiple scenarios | |
Zhang et al. | Research on SQL injection vulnerabilities and its detection methods | |
Aliero et al. | Classification of Sql Injection Detection And Prevention Measure |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C53 | Correction of patent for invention or patent application | ||
CB02 | Change of applicant information |
Address after: 215163 Jiangsu city of Suzhou province high tech Industrial Development Zone, kolding Road No. 78 Su Gaoxin Software Park Building 7 layer 3 Applicant after: HILLSTONE NETWORKS Address before: 215163 Jiangsu city of Suzhou province high tech Zone (Suzhou city) kolding Road No. 78 Gaoxin Software Park Building 7 floor 3 Applicant before: Suzhou Shanshi Network Co., Ltd. |
|
COR | Change of bibliographic data |
Free format text: CORRECT: APPLICANT; FROM: SUZHOU SHANSHI NETWORK CO., LTD. TO: HILLSTONE NETWORKS COMMUNICATION TECHNOLOGY CO., LTD. |
|
C14 | Grant of patent or utility model | ||
GR01 | Patent grant | ||
CP03 | Change of name, title or address | ||
CP03 | Change of name, title or address |
Address after: 215163 No. 181 Jingrun Road, Suzhou High-tech Zone, Jiangsu Province Patentee after: SHANSHI NETWORK COMMUNICATION TECHNOLOGY CO., LTD. Address before: 215163 3rd Floor, 7th Building, No. 78 Keling Road, Suzhou High-tech Industrial Development Zone, Jiangsu Province Patentee before: HILLSTONE NETWORKS |
|
TR01 | Transfer of patent right | ||
TR01 | Transfer of patent right |
Effective date of registration: 20220117 Address after: 215163 No. 181 Jingrun Road, Suzhou High-tech Zone, Jiangsu Province Patentee after: Shanshi Netcom Communication Technology Co.,Ltd. Patentee after: Jingyi Zhiyuan (Wuhan) Information Technology Co., Ltd Address before: 215163 No. 181 Jingrun Road, Suzhou High-tech Zone, Jiangsu Province Patentee before: Shanshi Netcom Communication Technology Co.,Ltd. |