CN104318162A - Source code leakage detection method and device - Google Patents
Source code leakage detection method and device Download PDFInfo
- Publication number
- CN104318162A CN104318162A CN201410506037.1A CN201410506037A CN104318162A CN 104318162 A CN104318162 A CN 104318162A CN 201410506037 A CN201410506037 A CN 201410506037A CN 104318162 A CN104318162 A CN 104318162A
- Authority
- CN
- China
- Prior art keywords
- source code
- network data
- data flow
- character string
- function
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
Abstract
A source code leakage detection method comprises the steps of intercepting a network data flow; performing protocol analysis on the network data flow to obtain a character flow; obtaining a preset detection character string and/or a grammatical analysis base function corresponding to a program language; detecting whether the character flow obtained by analysis contains a source code or not according to the detection character string and/or the grammatical analysis base function, if yes, obstructing the network data flow. In addition, the invention also provides a source code leakage detection device. By the source code leakage detection method and device, the safety of detection on leakage of the source code is improved.
Description
Technical field
The present invention relates to technical field of network security, particularly relate to a kind of source code leakage detection method and device.
Background technology
Now in the art, if the source code of internet, applications suffers that (internal staff sends to outer net at Intranet by file transfer in leakage, or downloaded the source code that web server stores by leak by hacker, such as php server), hacker can by analyzing source code, find the leak that application system exists, thus application system is attacked.
And current enterprise gateway tackle the leakage-preventing method of source code be by check transmission file suffixes name judge whether exist reveal.If source code file is compressed or send after suffix name change again, cannot detect and draw.Therefore, the security of the source code leak detection in conventional art is not enough.
Summary of the invention
Based on this, be necessary to provide a kind of source code leakage detection method that can improve the security of source code leak detection.
A kind of source code leakage detection method, comprising:
Intercepting network data stream;
Protocol analysis is carried out to described network data flow and obtains character stream;
Obtain the detection character string corresponding with program language and/or grammatical analysis built-in function preset;
Judge whether the character stream that described parsing obtains comprises source code, if so, then blocks described network data flow according to described detection character string and/or grammatical analysis built-in function.
Wherein in an embodiment, described described network data flow is carried out to the step of protocol analysis after also comprise:
Judge whether described network data flow is file transfer stream, if so, then obtain the file suffixes name that described network data flow is corresponding, judge described file suffixes name whether with the suffix name keyword match preset, if so, the step blocking described network data flow is then performed.
Wherein in an embodiment, also comprise after the step of the file suffixes name that the described network data flow of described acquisition is corresponding:
Judge the whether corresponding compressed file of described file suffixes name, if so, then decompress(ion) is carried out to described network data flow.
Wherein in an embodiment, described method also comprises:
Receive the rule configuration request of uploading, extract corresponding detection character string and/or grammatical analysis built-in function, and be written in configuration file;
The detection character string corresponding with program language that described acquisition is preset and/or the step of grammatical analysis built-in function are:
The detection character string corresponding with program language and/or grammatical analysis built-in function preset is read by described configuration file.
Wherein in an embodiment, describedly judge that the step whether character stream that described parsing obtains comprises source code comprises according to described detection character string and/or grammatical analysis built-in function:
Obtain the matching times of described detection character string and/or grammatical analysis built-in function, judge whether the character stream that described parsing obtains comprises source code according to described matching times.
In addition, there is a need to provide a kind of source code leak detection apparatus that can improve the security of source code leak detection.
A kind of source code leak detection apparatus, comprising:
Data interception module, for intercepting network data stream;
Data resolution module, obtains character stream for carrying out protocol analysis to described network data flow;
Matched rule acquisition module, for obtaining the default detection character string corresponding with program language and/or grammatical analysis built-in function;
According to described detection character string and/or grammatical analysis built-in function, string matching module, for judging whether the character stream that described parsing obtains comprises source code, if so, then blocks described network data flow.
Wherein in an embodiment, described device also comprises suffix name matching module, for judging whether described network data flow is file transfer stream, if, then obtain the file suffixes name that described network data flow is corresponding, judge described file suffixes name whether with the suffix name keyword match preset, if so, then block described network data flow.
Wherein in an embodiment, described suffix name matching module also for judging the whether corresponding compressed file of described file suffixes name, if so, then carries out decompress(ion) to described network data flow.
Wherein in an embodiment, described device also comprises matched rule configuration module, for receiving the rule configuration request of uploading, extracting corresponding detection character string and/or grammatical analysis built-in function, and being written in configuration file;
Described matched rule acquisition module is also for being read the detection character string corresponding with program language and/or grammatical analysis built-in function preset by described configuration file.
Wherein in an embodiment, according to described matching times, described string matching module, also for obtaining the matching times of described detection character string and/or grammatical analysis built-in function, judges whether the character stream that described parsing obtains comprises source code.
In above-mentioned source code leakage detection method and device, character string in the data stream of Internet Transmission is detected, by the detection character string corresponding with program language preset and/or grammatical analysis built-in function, it is mated, thus judge that whether the data stream of Internet Transmission is the data stream of transmission sources code.Compared with the method for carrying out by means of only the mode of file suffixes name in conventional art judging, not only can be applicable to detect in the scene of file transfer, also can detect for the mode by mail sending source code, therefore the scope of source code leak detection strengthens greatly, thus improves security.
Accompanying drawing explanation
Fig. 1 is the process flow diagram of a kind of source code leakage detection method in an embodiment;
Fig. 2 is the structural representation of a kind of source code leak detection apparatus in an embodiment;
Fig. 3 is the structural representation of a kind of source code leak detection apparatus in another embodiment.
Embodiment
For solving the problem of the security deficiency of above-mentioned source code leak detection, spy proposes a kind of source code leakage detection method.The method places one's entire reliance upon computer program, and this computer program can run in the computer system based on Feng Luoyiman system.This computer system can be enterprise gateway or the equipment playing gateway effect.
In the present embodiment, as shown in Figure 1, the method comprises:
Step S102: intercepting network data stream.
In the prior art, enterprises has subnet usually, and this subnet is connected with wide area network by enterprise gateway, the user in subnet when sending mail or file to the terminal on wide area network, the network data flow of generation by tackle by the gateway of this subnet.
Web application server of the prior art is also erected in the machine room at web server trustship center, and accesses the Intranet of this machine room, is also provided with gateway device between Intranet and wide area network.Web server, when responding the download request of terminal of wide area network, is also needed to be forwarded by gateway to its network data flow issued, is then blocked at this gateway.
Step S104: protocol analysis is carried out to network data flow and obtains character stream.
In this example, the protocol rule that protocol analysis relies at least comprises: HTTP, FTP (File Transfer Protocol, file transfer protocol (FTP)), TFTP (Trivial File Transfer Protocol, TFTP), SMNP (Simple Network Management Protocol, Simple Network Management Protocol) and SMTP (Simple Mail Transfer Protocol, Simple Mail Transfer protocol) etc.
Network data flow is when transmitting with certain agreement, can protocol headers in Sampling network data stream, judge the protocol type that network data flow mates, and then according to protocol type, agreement text is resolved (removing the character playing protocol integrated test system effect in protocol header and agreement tail and network data flow), extract the character stream of transmission.
Step S106: obtain the detection character string corresponding with program language and/or grammatical analysis built-in function preset.
Step S108: judge whether the character stream that described parsing obtains comprises source code by detection character string and/or grammatical analysis built-in function, if so, then performs step S110; Otherwise, perform step S112.
Step S110: block network data flow.
Step S112: clearance network data flow.
Program language comprises multiple key word, such as, uses and if else keyword definition conditional branching, uses function keyword definition function.Also the exclusive key word of this program language is comprised in the grammer of some program language, such as, " <? php phpinfo (); > " key word represents php program.Then according to the characteristic of often kind of program language, multiple detection character string corresponding with program language can be pre-set, by string matching, can judge whether comprise detection character string in character stream, thus judge whether character stream comprises source code.
Preferably, regular expression can be used as detection character string.Regular expression, also known as normal representation method, conventional expressing method (English: Regular Expression, is often abbreviated as regex, regexp or RE in code), a concept of computer science.Regular expression uses single character string to describe, mate a series of character string meeting certain syntactic rule.
Such as, can use regular expression #include s* [< "]+([w+ .h]+) [" >] * (? S* */s*) mate reference statement in C++ program language.When there is the character strings such as #include<a.h>#includeLEssT.LT ssT.LT*> in character stream, the detection string matching of this character string and this regular expression.That is, detect in character stream and include C++ source code, wherein refer to a.h file.
The character string as the key word detected in regular expression and the program language grammer of character string preset, character string sequentially and the feature combined match.For the program language including exclusive key word, such as aforesaid php program language, the then regular expression that matches of the exclusive feature of predeterminable and various program language, and the kind of matching judgment program language by regular expression.
Such as, if pre-configured javascript shell script and html script can be transferred to outer net by Intranet, these two kinds of program's source codes are not limited, then matching regular expressions to the source code in network data flow be javascript program or html program time, still let pass.If but matching regular expressions is that (such as matching regular expressions has arrived character string < to php program to the source code in network data flow? php phpinfo (); >), then blocked.
In the present embodiment, also by grammatical analysis built-in function, character stream is judged.Grammatical analysis built-in function is generally the grammar checking tools storehouse provided in compiler.Program usually can be called the syntax format of grammatical analysis built-in function to program language and detect before Complied executing, if its grammer existing problems, then cannot enter compiling link, and point out the in-problem code line of grammer and concrete grammar issue.
And in the present embodiment, the grammatical analysis built-in function in the compiler of multiple common program language can be obtained in advance, then by calling this function, character stream is analyzed.If the testing result that this function returns is character stream grammaticality, then represent that the character string in character stream is meet the program statement corresponding with grammatical analysis built-in function, thus determine in this character stream and comprise source code.
Such as, javaCC storehouse can being used as the grammatical analysis built-in function corresponding with java language preset, by calling this built-in function, character stream being detected, if the testing result returned meets java syntax rule, then represent in character stream and comprise java source code.
Further, judge to resolve the step whether character stream obtained comprise source code also comprise by detecting character string and/or grammatical analysis built-in function: obtain the matching times detecting character string and/or grammatical analysis built-in function, according to matching times judge character stream that parsing obtains whether with key-strings and/or matching regular expressions.
Such as, the include<net*.h> of more than 5 times is matched in a network data flow, or matching/* */, //, (), { } these characters, and wherein at least three characters, occur reaching more than 20 times at same network data flow simultaneously, can think and find that source code is revealed.Program language comprises more than one but a large amount of detection character strings usually, carries out judgement can prevent erroneous judgement according to matching times.
In the present embodiment, also comprise after network data flow being carried out to the step of protocol analysis: judge whether network data flow is file transfer stream, if, then obtain file suffixes name corresponding to network data flow, judge file suffixes name whether with the suffix name keyword match preset, if so, the step blocking network data flow is then performed.
Such as, if judge that the host-host protocol obtaining this network data flow is File Transfer Protocol by protocol analysis, then can judge that this network data flow is as file transfer stream, the data stream of transmission may be file byte stream.By resolving the character stream that possibly cannot obtain its correspondence, therefore cannot carry out string matching, then obtaining its file suffixes name by protocol analysis, if its suffix is called php, java, c etc., then blocked.
Further, also comprise after obtaining the step of file suffixes name corresponding to network data flow: judge the whether corresponding compressed file of file suffixes name, if so, then decompress(ion) is carried out to network data flow.
As previously mentioned, if what transmitted by File Transfer Protocol is compressed file, then by network data flow buffer memory, then can carries out decompress(ion) to it, obtain the suffix name of the file after decompress(ion), judge whether it is php, java, c etc., if so, then can be blocked.Compress mode at least comprises: rar, tar.gz, 7z, zip etc.
It should be noted that, obtaining network data flow if judge is file transfer stream, if but file transfer stream character stream, then still can continue to perform aforesaid step S106, and by detection character string and grammatical analysis built-in function, string matching, matching regular expressions and program syntax analysis be carried out to the character in file transfer stream.And the judged result of matching result with file suffixes name is combined, with or or mode merge after judge whether to need to block.
Further, network manager also can access gateway at any time, is configured detection character string (comprising regular expression), grammatical analysis built-in function or the file suffixes name that gateway is preset.Concrete, gateway can receive the rule configuration request of uploading, and extracts and detects character string (comprising regular expression), grammatical analysis built-in function or suffix name accordingly, and be written in configuration file.
In the present embodiment, the step obtaining detection character string (comprise regular expression), grammatical analysis built-in function or the file suffixes name corresponding with program language preset can be specially: read detection character string (comprise regular expression), grammatical analysis built-in function or the file suffixes name corresponding with program language preset by configuration file.
That is, gateway device can provide web accession page to network manager, network manager, by after this web accession page of browser access, can add, revises or delete and detect character string (comprising regular expression), grammatical analysis built-in function or file suffixes name.After network manager revises complete preservation, gateway device is about to the content write configuration file upgraded, and follow-up matching operation is then mated according to the configuration file of this renewal.
In one embodiment, as shown in Figure 2, a kind of source code leak detection apparatus, comprises data interception module 102, data resolution module 104, matched rule acquisition module 106 and string matching module 108, wherein:
Data interception module 102, for intercepting network data stream.
Data resolution module 104, obtains character stream for carrying out protocol analysis to described network data flow.
Matched rule acquisition module 106, for obtaining the default detection character string corresponding with program language and/or grammatical analysis built-in function.
According to described detection character string and/or grammatical analysis built-in function, string matching module 108, for judging whether the character stream that described parsing obtains comprises source code, if so, then blocks described network data flow.
In the present embodiment, as shown in Figure 3, source code leak detection apparatus also comprises suffix name matching module 110, for judging whether described network data flow is file transfer stream, if so, then obtain the file suffixes name that described network data flow is corresponding, judge described file suffixes name whether with the suffix name keyword match preset, if so, described network data flow is then blocked.
In the present embodiment, suffix name matching module 110 also for judging the whether corresponding compressed file of described file suffixes name, if so, then carries out decompress(ion) to described network data flow.
In the present embodiment, as shown in Figure 3, source code leak detection apparatus also comprises matched rule configuration module 112, for receiving the rule configuration request of uploading, extracting corresponding detection character string and/or grammatical analysis built-in function, and being written in configuration file;
Described matched rule acquisition module 106 is also for being read the detection character string corresponding with program language and/or grammatical analysis built-in function preset by described configuration file.
In the present embodiment, according to described matching times, string matching module 108, also for obtaining the matching times of described detection character string and/or grammatical analysis built-in function, judges whether the character stream that described parsing obtains comprises source code.
In above-mentioned source code leakage detection method and device, character string in the data stream of Internet Transmission is detected, by the detection character string corresponding with program language preset and/or grammatical analysis built-in function, it is mated, thus judge that whether the data stream of Internet Transmission is the data stream of transmission sources code.Compared with the method for carrying out by means of only the mode of file suffixes name in conventional art judging, not only can be applicable to detect in the scene of file transfer, also can detect for the mode by mail sending source code, therefore the scope of source code leak detection strengthens greatly, thus improves security.
The above embodiment only have expressed several embodiment of the present invention, and it describes comparatively concrete and detailed, but therefore can not be interpreted as the restriction to the scope of the claims of the present invention.It should be pointed out that for the person of ordinary skill of the art, without departing from the inventive concept of the premise, can also make some distortion and improvement, these all belong to protection scope of the present invention.Therefore, the protection domain of patent of the present invention should be as the criterion with claims.
Claims (10)
1. a source code leakage detection method, comprising:
Intercepting network data stream;
Protocol analysis is carried out to described network data flow and obtains character stream;
Obtain the detection character string corresponding with program language and/or grammatical analysis built-in function preset;
Judge whether the character stream that described parsing obtains comprises source code, if so, then blocks described network data flow according to described detection character string and/or grammatical analysis built-in function.
2. source code leakage detection method according to claim 1, is characterized in that, described described network data flow is carried out to the step of protocol analysis after also comprise:
Judge whether described network data flow is file transfer stream, if so, then obtain the file suffixes name that described network data flow is corresponding, judge described file suffixes name whether with the suffix name keyword match preset, if so, the step blocking described network data flow is then performed.
3. source code leakage detection method according to claim 2, is characterized in that, also comprises after the step of the file suffixes name that the described network data flow of described acquisition is corresponding:
Judge the whether corresponding compressed file of described file suffixes name, if so, then decompress(ion) is carried out to described network data flow.
4. source code leakage detection method according to claim 1, is characterized in that, described method also comprises:
Receive the rule configuration request of uploading, extract corresponding detection character string and/or grammatical analysis built-in function, and be written in configuration file;
The detection character string corresponding with program language that described acquisition is preset and/or the step of grammatical analysis built-in function are:
The detection character string corresponding with program language and/or grammatical analysis built-in function preset is read by described configuration file.
5. source code leakage detection method according to claim 1, is characterized in that, describedly judges that the step whether character stream that described parsing obtains comprises source code comprises according to described detection character string and/or grammatical analysis built-in function:
Obtain the matching times of described detection character string and/or grammatical analysis built-in function, judge whether the character stream that described parsing obtains comprises source code according to described matching times.
6. a source code leak detection apparatus, is characterized in that, comprising:
Data interception module, for intercepting network data stream;
Data resolution module, obtains character stream for carrying out protocol analysis to described network data flow;
Matched rule acquisition module, for obtaining the default detection character string corresponding with program language and/or grammatical analysis built-in function;
According to described detection character string and/or grammatical analysis built-in function, string matching module, for judging whether the character stream that described parsing obtains comprises source code, if so, then blocks described network data flow.
7. source code leak detection apparatus according to claim 1, it is characterized in that, described device also comprises suffix name matching module, for judging whether described network data flow is file transfer stream, if so, then obtain the file suffixes name that described network data flow is corresponding, judge described file suffixes name whether with the suffix name keyword match preset, if so, described network data flow is then blocked.
8. source code leak detection apparatus according to claim 7, is characterized in that, described suffix name matching module also for judging the whether corresponding compressed file of described file suffixes name, if so, then carries out decompress(ion) to described network data flow.
9. source code leak detection apparatus according to claim 6, it is characterized in that, described device also comprises matched rule configuration module, for receiving the rule configuration request of uploading, extract corresponding detection character string and/or grammatical analysis built-in function, and be written in configuration file;
Described matched rule acquisition module is also for being read the detection character string corresponding with program language and/or grammatical analysis built-in function preset by described configuration file.
10. source code leak detection apparatus according to claim 6, it is characterized in that, according to described matching times, described string matching module, also for obtaining the matching times of described detection character string and/or grammatical analysis built-in function, judges whether the character stream that described parsing obtains comprises source code.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410506037.1A CN104318162A (en) | 2014-09-27 | 2014-09-27 | Source code leakage detection method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410506037.1A CN104318162A (en) | 2014-09-27 | 2014-09-27 | Source code leakage detection method and device |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN104318162A true CN104318162A (en) | 2015-01-28 |
Family
ID=52373393
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410506037.1A Pending CN104318162A (en) | 2014-09-27 | 2014-09-27 | Source code leakage detection method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104318162A (en) |
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105812396A (en) * | 2016-05-27 | 2016-07-27 | 江苏通付盾科技有限公司 | Server-side interface information detection method and server-side interface information detection device |
| CN106250769A (en) * | 2016-07-30 | 2016-12-21 | 北京明朝万达科技股份有限公司 | The source code data detection method of a kind of multistage filtering and device |
| CN107566349A (en) * | 2017-08-14 | 2018-01-09 | 北京知道创宇信息技术有限公司 | The method and computing device that sensitive document is revealed in a kind of detection webserver |
| CN108629182A (en) * | 2017-03-21 | 2018-10-09 | 腾讯科技(深圳)有限公司 | Leak detection method and Hole Detection device |
| CN109787886A (en) * | 2019-01-22 | 2019-05-21 | 北京北信源信息安全技术有限公司 | A kind of mail auditing method and system |
| CN109922062A (en) * | 2019-03-04 | 2019-06-21 | 腾讯科技(深圳)有限公司 | Source code reveals monitoring method and relevant device |
| CN110377337A (en) * | 2019-07-26 | 2019-10-25 | 北京智游网安科技有限公司 | Information extracting method, intelligent terminal and storage medium in a kind of application |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101017458A (en) * | 2007-03-02 | 2007-08-15 | 北京邮电大学 | Software safety code analyzer based on static analysis of source code and testing method therefor |
| CN103198240A (en) * | 2012-09-29 | 2013-07-10 | 网易(杭州)网络有限公司 | Method and device for protecting security of code |
| CN203206281U (en) * | 2012-12-21 | 2013-09-18 | 中建材集团进出口公司 | Source code protection machine and source code protection system |
| CN103927473A (en) * | 2013-01-16 | 2014-07-16 | 广东电网公司信息中心 | Method, device and system for detecting source code safety of mobile intelligent terminal |
-
2014
- 2014-09-27 CN CN201410506037.1A patent/CN104318162A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101017458A (en) * | 2007-03-02 | 2007-08-15 | 北京邮电大学 | Software safety code analyzer based on static analysis of source code and testing method therefor |
| CN103198240A (en) * | 2012-09-29 | 2013-07-10 | 网易(杭州)网络有限公司 | Method and device for protecting security of code |
| CN203206281U (en) * | 2012-12-21 | 2013-09-18 | 中建材集团进出口公司 | Source code protection machine and source code protection system |
| CN103927473A (en) * | 2013-01-16 | 2014-07-16 | 广东电网公司信息中心 | Method, device and system for detecting source code safety of mobile intelligent terminal |
Cited By (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105812396A (en) * | 2016-05-27 | 2016-07-27 | 江苏通付盾科技有限公司 | Server-side interface information detection method and server-side interface information detection device |
| CN105812396B (en) * | 2016-05-27 | 2019-03-19 | 江苏通付盾科技有限公司 | Server-side interface message detection method and device |
| CN106250769A (en) * | 2016-07-30 | 2016-12-21 | 北京明朝万达科技股份有限公司 | The source code data detection method of a kind of multistage filtering and device |
| CN106250769B (en) * | 2016-07-30 | 2019-08-16 | 北京明朝万达科技股份有限公司 | A kind of the source code data detection method and device of multistage filtering |
| CN108629182A (en) * | 2017-03-21 | 2018-10-09 | 腾讯科技(深圳)有限公司 | Leak detection method and Hole Detection device |
| CN107566349A (en) * | 2017-08-14 | 2018-01-09 | 北京知道创宇信息技术有限公司 | The method and computing device that sensitive document is revealed in a kind of detection webserver |
| CN107566349B (en) * | 2017-08-14 | 2019-12-24 | 北京知道创宇信息技术股份有限公司 | Method and computing device for detecting sensitive file leakage in network server |
| CN109787886A (en) * | 2019-01-22 | 2019-05-21 | 北京北信源信息安全技术有限公司 | A kind of mail auditing method and system |
| CN109787886B (en) * | 2019-01-22 | 2021-03-02 | 北京北信源信息安全技术有限公司 | Mail auditing method and system |
| CN109922062A (en) * | 2019-03-04 | 2019-06-21 | 腾讯科技(深圳)有限公司 | Source code reveals monitoring method and relevant device |
| CN110377337A (en) * | 2019-07-26 | 2019-10-25 | 北京智游网安科技有限公司 | Information extracting method, intelligent terminal and storage medium in a kind of application |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN104318162A (en) | Source code leakage detection method and device | |
| US9081961B2 (en) | System and method for analyzing malicious code using a static analyzer | |
| CN107341399B (en) | Method and device for evaluating security of code file | |
| US11399288B2 (en) | Method for HTTP-based access point fingerprint and classification using machine learning | |
| US20160205125A1 (en) | System and method for analyzing mobile cyber incident | |
| CN109768992B (en) | Webpage malicious scanning processing method and device, terminal device and readable storage medium | |
| CN111835777B (en) | Abnormal flow detection method, device, equipment and medium | |
| CN101605074A (en) | The method and system of communication behavioural characteristic monitoring wooden horse Network Based | |
| KR101859562B1 (en) | Method and Apparatus for Analyzing Vulnerability Information | |
| CN105357179A (en) | Network attack handling method and network attack handling device | |
| CN109040097A (en) | A kind of defence method of cross-site scripting attack, device, equipment and storage medium | |
| US20180034776A1 (en) | Filtering data using malicious reference information | |
| WO2019190403A1 (en) | An industrial control system firewall module | |
| KR101487476B1 (en) | Method and apparatus to detect malicious domain | |
| CN105207842B (en) | The method and system of the plug-in feature detection of Android | |
| US11159548B2 (en) | Analysis method, analysis device, and analysis program | |
| CN113141332B (en) | Command injection identification method, system, equipment and computer storage medium | |
| CN108595960A (en) | It is a kind of that based on third party software, there are the detection methods of loophole and system | |
| US20160277430A1 (en) | System and method for detecting mobile cyber incident | |
| CN110830416A (en) | Network intrusion detection method and device | |
| CN114338126A (en) | Network application identification method and device | |
| KR101428721B1 (en) | Method and system for detecting malicious traffic by analyzing traffic | |
| KR102001814B1 (en) | A method and apparatus for detecting malicious scripts based on mobile device | |
| CN104363256B (en) | A kind of identification and control method, equipment and system of mobile phone viruses | |
| Atapattu et al. | A sensitive data leakage detection and privacy policy analyzing application for android systems (privot) |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20150128 |
|
| RJ01 | Rejection of invention patent application after publication |