CN105429953A - Method, device and system used for accessing websites - Google Patents

Method, device and system used for accessing websites Download PDF

Info

Publication number
CN105429953A
CN105429953A CN201510726547.4A CN201510726547A CN105429953A CN 105429953 A CN105429953 A CN 105429953A CN 201510726547 A CN201510726547 A CN 201510726547A CN 105429953 A CN105429953 A CN 105429953A
Authority
CN
China
Prior art keywords
session
information
local
access
list item
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201510726547.4A
Other languages
Chinese (zh)
Other versions
CN105429953B (en
Inventor
吴承荣
严明
金蒿林
刘巍
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shanghai Redneurons Co Ltd
Original Assignee
Shanghai Redneurons Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shanghai Redneurons Co Ltd filed Critical Shanghai Redneurons Co Ltd
Priority to CN201510726547.4A priority Critical patent/CN105429953B/en
Publication of CN105429953A publication Critical patent/CN105429953A/en
Application granted granted Critical
Publication of CN105429953B publication Critical patent/CN105429953B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

The present invention aims to provide a method, device and system used for accessing websites. The method comprises the steps of: when requiring accessing a webpage corresponding to an initial URL, obtaining a local session item corresponding to an access session corresponding to the initial URL; generating a random directory filed based on the obtained local session item, the random directory filed including a first random filed; adding the generated random directory filed to the initial URL to obtain a new URL; and sending the new URL to a network device corresponding to a user device. The advantages of the invention are that the method, device and system can directly filter abnormal HTTP access and make network access more secure, do not need to adjust an original application too much, and are convenient to apply to a plurality of environments.

Description

A kind of methods, devices and systems for access websites
Technical field
The present invention relates to field of computer technology, particularly relate to the methods, devices and systems of a kind of access websites at information security field.
Background technology
Along with applying of Internet technology, current most of network application adopts WEB mode to provide, and the security protection of WEB application becomes the important component part of internet security.What main at present WEB application guard technology adopted is fire compartment wall, intrusion detection, vulnerability scanning and system mend is reinforced, WEB application fire compartment wall (WAF, WebApplicationFirewall) and improve WEB application Programming's quality (input checking and filtration) and realize.Although these methods serve certain protective action, still there is certain defect, make WEB website leak and happen occasionally for the attack of WEB application.Current technological means is not enough to prevent such as unknown leak, attack for WEB service end program traffic logic flaw, and its main cause is:
The leak of 1.WEB service terminal software is difficult to stop
A series of safety prevention measure can be used in WEB application program to improve fail safe, such as strict authentication, empowerment management, input detection, communication encryption (as secure sockets layer (SSL, SecureSocketsLayer)) etc.But many attacks for WEB website at present utilize the leak of service terminal software to implement, if software itself exists leak, the security mechanism relying on the function of software own to provide possibly cannot stop the generation of attack.Although various means can be adopted to improve the quality of WEB service software to reduce leak as far as possible, there is no the existence that leak is stopped in absolute assurance at present.And WEB service is generally opening, general fire compartment wall all can open WEB service port, so cannot based on the security attack of fire compartment wall elimination for leak.
The communication feature that 2.WEB attacks cannot be exhaustive
Intruding detection system (IDS, IntrusionDetectionSystem), IPS (IPS, IntrusionPreventionSystem)), fire compartment wall (WAF, WebApplicationFirewall) security mechanism of class can identify contingent attack by the application layer load analyzed in WEB application communication data, and then attack is blocked, the attacks such as similar SQL injection can be taken precautions against to a certain extent.But some leak belongs to unexposed leak, possibly cannot obtain in advance for the attack code sample of this leak and network service content characteristic thereof.Some leak is present in upper application software, is not the platform softwares such as WEBServer, and the attack method for different application is different.Because cannot the communication feature attacked of exhaustive all kinds of contingent WEB, therefore only rely on IDS, IPS, WAF cannot take precautions against these and attack.
3.URL is relatively fixing
Current WEB website externally provides the URL of service to be fixing substantially.As long as any user knows that URL just can access site, as long as hacker knows the URL of web portal, various hole scanner just can be adopted to carry out vulnerability scanning to WEB website, the leak existed in excavation and discovery system is to attack.In attack process, assailant may not use general browser software, but uses some instruments, as BURP external member, sqlmap etc. send through well-designed information website, utilizes relevant vulnerability.Because URL is fixing, so all kinds of attack means that can make repeated attempts is until success.
In order to network attacks, the Initiative Defense thought based on MTD (MovingTargetDefense) has certain development in recent years.Namely the MovingTargetDefense that America NI TRD (NetworkingandInformationTechnologyResearchandDevelopment Program) proposes in the annual report of 2009 is the new method being improved systemic defence ability by changeability.Early stage exploration, the Active Networks defence that such as BBNTechnologies company proposes strengthens the fail safe of system by dynamically changing the network address and port; Some have been researched and proposed and by the randomized model of address space, wooden horse and worm had been lost efficacy.Al-Shaer etc. propose MUTE (MutableNetworks) model, and support Random assignment and the change of IP address, MUTE carrys out the address change information in synchronizing network by a cryptographic algorithm.Except network MTD method, some scholars propose the MTD method based on system simultaneously in the world, comprise the method for randomization (ASLR) of memory address space, instruction set method of randomization (ISR), randomizing data method etc.The essence of these methods makes system produce diversity to resist attack.But in these current methods, inevitably need to carry out Important Adjustment to network, WEBServer and upper application software.
Summary of the invention
The object of this invention is to provide a kind of methods, devices and systems of access websites.
According to an aspect of the present invention, provide a kind of method for access websites in a user device, the local session table corresponding with the access session of accessed web page can be preserved in described subscriber equipment, wherein, said method comprising the steps of:
A is when the webpage that request access is corresponding with initial URL, obtain the local session list item that the access session corresponding to described initial URL is corresponding, wherein, described local session list item at least comprises the user related information of the session label information corresponding with described access session, the user corresponding with described access session, the time related information of described access session, and the request order information of this request;
B generates random category field based on obtained described local session list item, comprises the first random field in described random category field;
Generated random category field is added in described initial URL by c, with the new URL obtained;
Described new URL is sent to the network equipment corresponding with described subscriber equipment by d.
According to an aspect of the present invention, provide a kind of method for supplementary access website in the network device, can preserve the BlueDrama table corresponding with the access session of accessed web page in the described network equipment, wherein, described method is further comprising the steps of:
A receives the new URL from subscriber equipment, and wherein, described new URL is included in the URL that with the addition of random category field in the initial URL of described webpage, comprises the first random field in described random category field;
B, based on the random category field in described new URL, extracts the session label information that the access session relevant to described initial URL is corresponding;
C is based on obtained session label information, obtain the BlueDrama list item of the described BlueDrama table corresponding with described session label information, wherein, described BlueDrama list item comprises the user totem information of the described network equipment, network time information, and this request network request order;
D generates the second random field based on obtained BlueDrama list item;
Described first random field is mated with the described second random field by E, and when the match is successful, sends the request corresponding with described initial URL to server.
According to an aspect of the present invention, provide a kind of access means for access websites in a user device, can preserve the local session table corresponding with the access session of accessed web page in described subscriber equipment, wherein, described access means comprises:
A first acquisition device, during for the webpage corresponding with initial URL when request access, obtain the local session list item that the access session corresponding to described initial URL is corresponding, wherein, described local session list item at least comprises the user related information of the session label information corresponding with described access session, the user corresponding with described access session, the time related information of described access session, and the request order information of this request;
B first generating apparatus, for generating the first random field based on obtained described local session list item;
C adding set, for being added in described initial URL accordingly with described session label information, with the new URL obtained by the generated first random field;
D first dispensing device, for being sent to the network equipment corresponding with described subscriber equipment by described new URL.
According to an aspect of the present invention, provide a kind of servicing unit for supplementary access website in the network device, can preserve the BlueDrama table corresponding with the access session of accessed web page in the described network equipment, wherein, described servicing unit comprises the following steps:
First receiving device, for receiving the new URL from subscriber equipment, wherein, described new URL is included in the initial URL of described webpage the URL that with the addition of the first random field;
Extraction element, for based on the random field of first in described new URL, extracts the session label information that the access session relevant to described initial URL is corresponding;
Second acquisition device, for based on obtained session label information, obtain the BlueDrama list item of the described BlueDrama table corresponding with described session label information, wherein, described BlueDrama list item comprises the user totem information of the described network equipment, network time information, and this request network request order;
Second generating apparatus, for generating the second random field based on obtained BlueDrama list item;
Coalignment, for the described first random field being mated with the described second random field, and when the match is successful, sends the request corresponding with described initial URL.
According to an aspect of the present invention, provide a kind of network system, wherein, described system comprises the subscriber equipment belonging to described access means, the network equipment belonging to described servicing unit, and for providing the server apparatus of corresponding network service.
Compared with prior art, the present invention has the following advantages: (1) is based on the solution of the present invention, comprise stochastic generation category field in the URL that legal HTTP access between subscriber equipment and the network equipment adopts, the HTTP access that normally can not generate legal random field will be filtered at the network equipment.So scanning and attack cannot be implemented for shielded WEBServer for the vulnerability scanning of fixing URL and automatic attack tool.Even if original WEBServer exists leak and back door, disabled user also cannot utilize this leak and back door because constructing the legal URL of stochastic generation.(2) same user accesses same web page, and the random category field in each URL adopted all regenerates, and depends on time stamp, request sequence number, cannot by access related web page of resetting after network intercept communication information.(3) because the generation of random category field relies on the PIN information of user and the shared random number that generated by DiffieHellman negotiating algorithm, when hacker does not grasp user PIN information and random number, even if kidnap existing connection also cannot generate the new random category field that access next time adopts.(4) the present invention is not encrypted Content of Communication, does not affect that intrusion detection, WAF etc. are undertaken in violation of rules and regulations by load information, the judgement of intrusion behavior and filtering function.As needs encryption also can be combined with HTTPS.(5) the present invention can adopt the mode of additional proxy to realize, and need not carry out very large adjustment to system, does not need to modify to original application, adapts to the demand of most of network environment, and have good portability.
Accompanying drawing explanation
By reading the detailed description done non-limiting example done with reference to the following drawings, other features, objects and advantages of the present invention will become more obvious:
Fig. 1 illustrates network system schematic diagram according to an embodiment of the invention;
Fig. 2 illustrates the method flow diagram of access websites according to an embodiment of the invention;
Fig. 3 illustrates the apparatus structure schematic diagram of access websites according to an embodiment of the invention.
Fig. 4 a illustrates the example of the list item according to a kind of local session table of the present invention;
Fig. 4 b illustrates the example of the list item according to a kind of BlueDrama table of the present invention;
In accompanying drawing, same or analogous Reference numeral represents same or analogous parts.
Embodiment
Below in conjunction with accompanying drawing, the present invention is described in further detail.
Network system schematic diagram according to an embodiment of the invention is illustrated with reference to Fig. 1, Fig. 1.Wherein, this network system comprises the subscriber equipment comprising access means, the network equipment comprising servicing unit and for providing the server apparatus of corresponding network service.
Preferably, described server apparatus is for providing the service corresponding with the initial URL of accessed web page.
Wherein, realized by the servicing unit in access means in a user device and the network equipment according to the solution of the present invention.
Preferably, the software involved by access means of the present invention or servicing unit can be independently application program, or, be the partial code in application program.
More preferably, can be contained in the agent software of similar proxy etc. respectively according to access means of the present invention or servicing unit.
Wherein, the local session table corresponding with the access session of accessed web page can be preserved according in the access means of subscriber equipment of the present invention, the BlueDrama table corresponding with the access session of accessed web page in the servicing unit of the network equipment, can be preserved.
Wherein, the local session list item of local session table at least comprises the user related information of the session label information corresponding with described access session, the user corresponding with described access session, the time related information of described access session, and the request order information of this request.
Preferably, local session list item according to the present invention also comprises local random number and free mark information.
More preferably, local session list item also comprises the first random number for assisting corresponding network equipment determination web random number.
Wherein, described session label information comprises: client ip address, client port information, service end IP address, service end port information.
Preferably, each list item that this session label information is come in index local session table is adopted.
Wherein, user related information according to the present invention comprises user totem information and user password information.
With reference to Fig. 4 a, Fig. 4 a illustrates a kind of example of list item of local session table, comprising: the clock difference deltaT of session label information s, user totem information ID, request sequence number N, free mark information Idle, local random number r, user password information PIN, the DiffieHellman private key information x as the first random number and the subscriber equipment as time related information and the network equipment.
Wherein, the BlueDrama list item of described BlueDrama table at least comprises corresponding session label information, user totem information, network time information, and this request network request order.
Wherein, described session label information comprises: client ip address, client port information, service end IP address, service end port information.
Preferably, BlueDrama list item according to the present invention also comprises web random number.
Preferably, each list item that this session label information is come in index network conversational list is adopted.
With reference to Fig. 4 b, Fig. 4 b illustrates a kind of example of list item of BlueDrama table.Wherein the BlueDrama list item of this BlueDrama table comprises session label information s, user totem information ID, request sequence number N, free mark information Idle and web random number r.
Then, with reference to Fig. 2.Fig. 2 illustrates the method flow diagram of access websites according to an embodiment of the invention.According to method of the present invention, comprise the step S101 that performed by access means to step S104, and the step S210 performed by servicing unit is to step S204.
In step S101, when the webpage that request access is corresponding with initial URL, access means obtain the access session corresponding to described initial URL corresponding, local session list item in local session table.
Particularly, when the webpage that request access is corresponding with initial URL, access means is inquired about in described local session table based on the session label information corresponding with described initial URL; As exist with as described in local session list item corresponding to session label information time, obtain in described local session table, the local session list item corresponding with this session label information; Or, if do not exist with as described in local session list item corresponding to session label information time, access means obtains the local session list item corresponding with described session label information and is also added in described local session table.
Preferably, access means can the partial information of dialogue-based identification information be inquired about, to determine whether there is the local session list item corresponding with described session label information in local session table.
Such as, can client ip in dialogue-based identification information or client port information inquire about etc.
Preferably, the partial information corresponding to local session list item obtains by mutual negotiation of access means and servicing unit.
Wherein, described access means obtains the local session list item corresponding with described session label information and the mode be added in described local session table includes but not limited to:
1) for the request order information in local session list item and free mark information, set its initial value, and itself and session label information are added in this local session table accordingly.
2) for the user related information in local session list item, obtain user totem information and the user password information of user's input, and both are added in described local session table accordingly with described session label information.
3) for the user related information in local session list item, access means is to the request of described network equipment transmitting time stamp.Correspondingly, the servicing unit in the network equipment receives the timestamp solicited message from subscriber equipment; And obtain current time information, feed back to described subscriber equipment as timestamp and receive the described network equipment feedback timestamp information.Then, access means, based on described timestamp information and local time information, determines described time related information, and itself and described session label information is added into accordingly in described local session table.
4) for the local random number in local session list item, access means first generates the first random number based on random algorithm, then, generates local PKI based on the first random number, and sends described local PKI to the described network equipment; Then, the servicing unit in the network equipment receives the local PKI from subscriber equipment; Generate web random number based on PKI local described in this and the second random number, and described web random number and described session label information are added in the BlueDrama table of servicing unit accordingly; Then, servicing unit carrys out generating network PKI based on the second random number; Described network PKI is sent to described subscriber equipment, access means in subscriber equipment receives the network PKI that the described network equipment feeds back, and generates local random number based on described network PKI and described first random number and it be added into accordingly in local session table with described session label information.
Wherein, adopt cipher key exchange mechanism to generate between described web random number and described local random number.Described local PKI and described network PKI are respectively based on the algorithm that can use cipher key exchange mechanism, and such as DiffieHellman algorithm obtains.
Preferably, the timestamp request and 4 3)) described in local PKI can be sent to the network equipment in same request.
Wherein, according to actual conditions and demand, those skilled in the art should be able to determine that access means and servicing unit generate the mode of session label information automatically, repeat no more herein.
Similarly, those skilled in the art according to the initial value of actual conditions and demand determination servicing unit setting request order information and free mark information, and should be able to obtain the mode of other BlueDrama list items, repeat no more.
Preferably, first necessary initial configuration can be carried out to access means and servicing unit respectively before executable operations, as the user related information corresponding with it to servicing unit configuration, again such as, to access means configuration of IP and port, again such as, the necessary parameter information of cipher key exchange mechanism etc. is performed to access means and servicing unit configuration.
More preferably; the protection site list corresponding to access means also can be set when initial configuration; as the initial URL of needs access one, first judge this initial URL whether in this protection site list, and the initial URL comprised in the list is performed process operation as described in the present invention.
According to the first example of the present invention, access means is contained in the client proxy of subscriber equipment, servicing unit is contained in the server proxy of the network equipment, and the most respectively access means and servicing unit are being configured, set the local ip address corresponding to access means and client port information, and in the auxiliary equipment of the network equipment, import the user related information of validated user, and such as, the list of user totem information and corresponding user password information.Further, protection site list information is set in access means.
For realizing cipher key exchange mechanism, No. DifferHellmanGroup required for DifferHellman cipher key exchange mechanism is configured respectively in access means and servicing unit, wherein, No. Group comprises for determining the parameter p that DiffieHellman cipher key exchange mechanism adopts and g, wherein p is Big prime, g is the primitive root of this Big prime, and p and g allows open.
In addition, set respectively in the list item of the local session table of access means and need each item of information comprised to comprise as is shown in fig. 4 a, and in the list item of the BlueDrama table of servicing unit, need each item of information of comprising as shown in fig 4b.
Subsequently, when user clicks the web page address url_1 of a website first, access means obtains based on this initial URL, that is the access request of url_1, and judge whether url_1 is contained in the protection site list of access means, when determining to be contained in this list, identity-based authentication mechanism, obtain user totem information ID1 and the user password information PIN1 of user's input, and, access means is based on client ip, client PORT, service end IP, service end PORT generates the session label information s1 of this access session automatically, and, based on the session label information s1 corresponding with this address url_1 automatically generated, the local session list item whether existing and mate with s1 is inquired about in local session table, and when finding not exist, access means setting request order information n1=0 and free mark information idle1=0, and the interpolation list item corresponding with s1 also records (s1, ID1, PIN1, x, n1, the idle1) that obtain in local session table, wherein x is the first random number of stochastic generation.Further, access means generates time related information and random number by following operation.
Particularly, access means generates the first random number x, and generates the local PKI c=g of DiffieHellman based on this first random number x xmodp.Then, access means sends a solicited message to service end, comprises local PKI c and timestamp request in this solicited message, and corresponding session label information s1 and user totem information ID1, such as, comprises (s1, ID1, c); Then, after servicing unit receives this request, the local time information t of the network equipment is obtained as timestamp information, and, based on the second random number y of stochastic generation, generate DifferHellman network PKI d=g further ymodp, sends the response message comprising (s1, t, d) subsequently to access means, and, servicing unit computing network random number r2=c ymodp, the initial value n2=0 of setting request order information and free mark idle_2=0, and with session label information s1 wherein for index adds corresponding list item for (s1, ID1, r2, n1, idle2) in BlueDrama table.
After then access means receives this response message, extract timestamp t wherein, and in conjunction with local zone time t ', calculate and obtain time difference detlatT1, wherein, deltaT1=t-t '.Further, access means extracts the first random number x in the local session list item corresponding with s1, calculates local random number r1=d xmodp, and obtained time difference deltaT1 and local random number r1 is added in the local session list item corresponding with s1, obtain complete list item information (s1, ID1, PIN1, x, n1, idle1, deltaT1, r1).
Wherein, those skilled in the art will be understood that according to DiffieHellman cipher key exchange mechanism, and when operating correct, the r1 obtained in access means should be identical with the r2 obtained in servicing unit.
Then, in step s 102, access means generates random category field based on obtained described local session list item.
Wherein, the first random field is comprised in described random category field.
Particularly, access means is according to the user related information in local session item, time related information, local random number and request order information, and the local time information of combined with access device, carry out computing based on predetermined way, to generate the corresponding first random field.And based on predetermined concatenate rule, generate random category field based on the first random field and session label information.
Continue to be described foregoing First example, access means is according to the time related information deltaT1 in local session list item and current local time information t ', come to stab information t=deltaT+t ' computing time, the random field h1=HMAC (PIN1 of union first, ID1_t_r1_n1), wherein PIN1 is the key that HMAC function adopts, the character string that ID1_t_r1_n1 is user totem information ID1, timestamp information t, local random number r1 and request order information n1 are connected to form, wherein can comprise separator; HMAC function is message authentication code (Hash-basedMessageAuthenticationCode) operation function based on Hash.Then, session label information s1 and the first random field h1 of obtaining is connected obtain random category field z=s1_h1.
Wherein, those skilled in the art should understand, when carrying out Connection operator, as user totem information be connected with timestamp time, separator can be adopted to be situated between split, similar, when generating random field z, any recognizable character can be adopted between session label information s1 and field h1 to separate.
Wherein, those skilled in the art it can also be appreciated that and any suitable function can be adopted to replace HMAC function, such as, adopt HMAC-SHA1 function etc.
Preferably, can adopt the modes such as Q_P or base64 that the result of HMAC computing is normalized to character string forms.
Then, in step s 103, generated random category field is added in described initial URL by access means, to obtain new URL.
Particularly, the first random field participant words identification information is added into the predetermined position of described initial URL, as stem etc., to obtain new URL by access means accordingly.
Continue to be described foregoing First example, generated random category field z is added in initial URL by access means, to obtain the new URL comprising z.
Then, in step S104, described new URL is sent to the network equipment corresponding with described subscriber equipment by access means.
Preferably, the step S105 (not shown) performed by access means is also comprised according to method of the present invention.
In step S105, access means upgrades the order information that described request order information is next request.
Continue to be described foregoing First example, access equipment is based on initial URL, that is url_1, generate new URL in step s 103, that is after url_1 ', in step S104, send this url_1 ' to the network equipment, and, the request order information of local session list item China is increased by 1, is updated to n1=0+1=1.And it can be used as the request order information of next time asking in this session.
Preferably, step S106 (not shown) is also comprised to step S108 (not shown) according to method of the present invention.
In step s 106, at interval of the scheduled time, described free mark information is increased fixed value by access means.
Then, in step s 107, when described free mark information exceedes predetermined threshold, access means removes the local session list item corresponding with described access session.
Such as, access means, every 5s, makes idle marker information increase by 1, and when free mark information is more than or equal to 10, removes corresponding local session list item.
Further, after step s 104, access means performs step S108.In step S108, it is initial value that access means resets described free mark information.
Such as, the initial value of free mark information is 0, then, after each access means sends new URL to the network equipment, free mark information is set to 0.
Then, in step s 201, servicing unit receives the new URL from subscriber equipment.
Wherein, described new URL is included in the URL that with the addition of random category field in the initial URL of described webpage, and wherein random category field comprises the first random field.
Then, in step S202, servicing unit, based on the random category field in described new URL, extracts the session label information that the access session relevant to described initial URL is corresponding.
Then, in step S203, servicing unit, based on obtained session label information, obtains the BlueDrama list item of the described BlueDrama table corresponding with described session label information.
Then, in step S204, servicing unit generates the second random field based on obtained BlueDrama list item.
Wherein, described subscriber equipment is identical for the mode generating the second random field with the network equipment for the mode generating the first random field.
Then, in step S205, random for first in described random category field field is mated with the described second random field by servicing unit, and when the match is successful, sends the request corresponding with described initial URL.
Preferably, the first random field and the second random field are carried out XOR by servicing unit, when result is 0, determine that the match is successful, and send the request corresponding with described initial URL.
Continue to be described foregoing First example, servicing unit extracts random category field z from received new link address url_1 ', and according to predetermined separator, extract the random field h1 of session label information s1 and first in random category field, and dialogue-based identification information s1 inquires about and obtains the BlueDrama list item matched with s1 from BlueDrama table, and therefrom obtain user totem information ID1, web random number r2, request order information n2, and, servicing unit is according to obtained user totem information ID1, obtain in the pre-configured user password information corresponding to user totem information ID1 and obtain corresponding user password information PIN2, and obtain current network time information t ' ', then servicing unit adopts the HMAC function identical with aforementioned subscriber equipment China to carry out the random field h2=HMAC (PIN2 of computing second, ID1_t ' ' _ r2_n2).
Then, random for the first random field h1 and second field h2 is carried out XOR by servicing unit, and obtaining result is 0, determines that the match is successful.
Then s1 and the h1 category field increased in url1 ' removed by servicing unit, sends corresponding network request based on the initial url1 after reduction.
Preferably, be also included in step S205 according to method of the present invention after the step S206 (not shown) that performs.
In step S206, servicing unit upgrades the order information that described request order information is next request.
Preferably, also comprise step S20 (not shown) to step S209 (not shown) according to method of the present invention, wherein, step S209 performs after step S205.
In step S207, at interval of the scheduled time, described free mark information is increased fixed value by servicing unit.
Then, in step S208, when described free mark information exceedes predetermined threshold, the local session list item corresponding with described access session removed by servicing unit.
Further, after step S205, access means performs step S209.In step S209, it is initial value that servicing unit resets described free mark information.
Such as, the initial value of free mark information is 0, then, after each servicing unit sends network request based on the URL filtered after category field, free mark information is set to 0.
According to preferred version of the present invention, method of the present invention also comprises the step S210 (not shown) performed by servicing unit.
In step S210, whether the new URL received by servicing unit judges meets predetermined format, when not meeting predetermined format, abandons this new URL.
Particularly, servicing unit, based on call format when interpolation session label information and the first random field, as the separator, point of addition etc. that adopt, checks received new URL, and when new URL does not meet this call format, abandons this new URL.
According to a preferred embodiment of the present invention, method of the present invention also comprise access means perform step S109 (not shown) and servicing unit perform step S211 (not shown) and step S212 (not shown).
In step S211, servicing unit receives the network information that the service equipment corresponding with described initial URL feeds back.
Then, in step S212, described info web is sent to described subscriber equipment by servicing unit.
Particularly, the network information that servicing unit reception server equipment feeds back based on initial URL, as corresponding info web etc.
Then, in step S109, access means receives the info web fed back based on described new URL from the described network equipment.
Then, when user wishes to perform subsequent access operation, by re-executing abovementioned steps S101 to step S104 and step S201 to step S205 to realize its subsequent access.
The apparatus structure schematic diagram of access websites according to an embodiment of the invention is illustrated with reference to Fig. 3, Fig. 3.
Network system according to the present invention comprises access means 1, servicing unit 2 and server apparatus 3.Wherein access means 1 comprises the first acquisition device 101, first generating apparatus 102, adding set 103 and the first dispensing device 104 further; Servicing unit 2 comprises first receiving device 201, extraction element 202, second acquisition device 203, second generating apparatus 204 and coalignment 205.
Wherein, the operation performed by each device and the aforementioned similar process with reference to each step described in Fig. 2, repeat no more herein.
According to the solution of the present invention, its advantage is: (1) is based on the solution of the present invention, comprise stochastic generation category field in the URL that legal HTTP access between subscriber equipment and the network equipment adopts, the HTTP access that normally can not generate legal random field will be filtered at the network equipment.So scanning and attack cannot be implemented for shielded WEBServer for the vulnerability scanning of fixing URL and automatic attack tool.Even if original WEBServer exists leak and back door, disabled user also cannot utilize this leak and back door because constructing the legal URL of stochastic generation.(2) same user accesses same web page, and the random category field in each URL adopted all regenerates, and depends on time stamp, request sequence number, cannot by access related web page of resetting after network intercept communication information.(3) because the generation of random category field relies on the PIN information of user and the shared random number that generated by DiffieHellman negotiating algorithm, when hacker does not grasp user PIN information and random number, even if kidnap existing connection also cannot generate the new random category field that access next time adopts.(4) the present invention is not encrypted Content of Communication, does not affect that intrusion detection, WAF etc. are undertaken in violation of rules and regulations by load information, the judgement of intrusion behavior and filtering function.As needs encryption also can be combined with HTTPS.(5) the present invention can adopt the mode of additional proxy to realize, and need not carry out very large adjustment to system, does not need to modify to original application, adapts to the demand of most of network environment, and have good portability.
Wherein, method according to the present invention is realized by the device be contained in computer equipment.Computer equipment comprise a kind of can according in advance setting or the instruction stored, automatically carry out the electronic equipment of numerical computations and/or information processing, its hardware includes but not limited to microprocessor, application-specific integrated circuit (ASIC) (ASIC), programmable gate array (FPGA), digital processing unit (DSP), embedded device etc.Computer equipment comprises the network equipment and/or subscriber equipment.Wherein, the network equipment includes but not limited to the server group that single network server, multiple webserver form or the cloud be made up of a large amount of main frame or the webserver based on cloud computing (CloudComputing), wherein, cloud computing is the one of Distributed Calculation, the super virtual machine be made up of a group loosely-coupled computer collection.Subscriber equipment includes but not limited to that any one can to carry out the electronic product of man-machine interaction with user by modes such as keyboard, mouse, remote controller, touch pad or voice-operated devices, such as, personal computer, panel computer, smart mobile phone, PDA, game machine or IPTV etc.Wherein, subscriber equipment and the network residing for the network equipment include but not limited to the Internet, wide area network, metropolitan area network, local area network (LAN), VPN etc.
It should be noted that; subscriber equipment, the network equipment and network are only citing; other subscriber equipment that is existing or that may occur from now on, the network equipment and networks, as being applicable to the present invention, within also should being included in scope, and are contained in this with way of reference.
Software program of the present invention can perform to realize step or function above by processor.Similarly, software program of the present invention (comprising relevant data structure) can be stored in computer readable recording medium storing program for performing, such as, and RAM memory, magnetic or CD-ROM driver or floppy disc and similar devices.In addition, steps more of the present invention or function can adopt hardware to realize, such as, as coordinating with processor thus performing the circuit of each function or step.
In addition, a part of the present invention can be applied to computer program, such as computer program instructions, when it is performed by computer, by the operation of this computer, can call or provide according to method of the present invention and/or technical scheme.And call the program command of method of the present invention, may be stored in fixing or moveable recording medium, and/or be transmitted by the data flow in broadcast or other signal bearing medias, and/or be stored in the working storage of the computer equipment run according to program command.At this, comprise a device according to one embodiment of present invention, this device comprises the memory for storing computer program instructions and the processor for execution of program instructions, wherein, when this computer program instructions is performed by this processor, trigger this plant running based on the aforementioned method according to multiple embodiment of the present invention and/or technical scheme.
To those skilled in the art, obviously the invention is not restricted to the details of above-mentioned one exemplary embodiment, and when not deviating from spirit of the present invention or essential characteristic, the present invention can be realized in other specific forms.Therefore, no matter from which point, all should embodiment be regarded as exemplary, and be nonrestrictive, scope of the present invention is limited by claims instead of above-mentioned explanation, and all changes be therefore intended in the implication of the equivalency by dropping on claim and scope are included in the present invention.Any Reference numeral in claim should be considered as the claim involved by limiting.In addition, obviously " comprising " one word do not get rid of other unit or step, odd number does not get rid of plural number.Multiple unit of stating in system claims or device also can be realized by software or hardware by a unit or device.First, second word such as grade is used for representing title, and does not represent any specific order.

Claims (35)

1., for a method for access websites in a user device, the local session table corresponding with the access session of accessed web page can be preserved in described subscriber equipment, wherein, said method comprising the steps of:
A is when the webpage that request access is corresponding with initial URL, obtain the local session list item that the access session corresponding to described initial URL is corresponding, wherein, described local session list item at least comprises the user related information of the session label information corresponding with described access session, the user corresponding with described access session, the time related information of described access session, and the request order information of this request;
B generates random category field based on obtained described local session list item, comprises the first random field in described random category field;
Generated random category field is added in described initial URL by c, with the new URL obtained;
Described new URL is sent to the network equipment corresponding with described subscriber equipment by d.
2. method according to claim 1, wherein, described step a is further comprising the steps of:
-inquire about in described local session table based on the session label information corresponding with described initial URL;
-as exist with as described in local session list item corresponding to session label information time, obtain in described local session table, the local session list item corresponding with this session label information.
3. method according to claim 2, wherein, when there is not the local session list item corresponding with described session label information in local session table, described step a is further comprising the steps:
A1 obtains the local session list item corresponding with described session label information and is added in described local session table.
4. method according to claim 3, wherein, described step a1 is further comprising the steps of:
The user related information of the user of the access session that-acquisition is corresponding with described session label information, and itself and described session label information are added in described local session table accordingly.
5. the method according to claim 3 or 4, wherein, described step m is further comprising the steps of:
-to the request of described network equipment transmitting time stamp;
-receive the described network equipment feedback timestamp information;
-based on described timestamp information and local time information, determine described time related information, and itself and described session label information are added in described local session table accordingly.
6. the method according to any one of claim 3 to 5, wherein, described local session list item also comprises local random number, and described step a1 is further comprising the steps of:
-generate local PKI based on the first random number;
-send described local PKI to the described network equipment, generate web random number for the described network equipment based on described local PKI;
-receive the network PKI that the described network equipment feeds back;
-generate local random number based on described network PKI and the first random number and itself and described session label information are added in local session table accordingly, wherein, adopt cipher key exchange mechanism to generate between described web random number and described local random number.
7. method according to any one of claim 1 to 7, wherein, described local session list item also comprises free time information, and described method is further comprising the steps of:
-at interval of the scheduled time, described free mark information increases fixed value;
-when described free mark information exceedes predetermined threshold, remove the local session list item corresponding with described access session;
Wherein, described method is further comprising the steps of after steps d:
-to reset described free mark information be initial value.
8. method according to any one of claim 1 to 8, wherein, described method is further comprising the steps of after steps d:
-upgrade the order information that described request order information is next request.
9. method according to any one of claim 1 to 8, wherein, described method is further comprising the steps of:
-receive the info web fed back based on described new URL from the described network equipment.
10. method according to any one of claim 1 to 9, wherein, described subscriber equipment is identical for the mode generating the second random field with the network equipment for the mode generating the first random field.
11. 1 kinds of methods for supplementary access website in the network device, can preserve the BlueDrama table corresponding with the access session of accessed web page in the described network equipment, wherein, described method is further comprising the steps of:
A receives the new URL from subscriber equipment, and wherein, described new URL is included in the URL that with the addition of random category field in the initial URL of described webpage, comprises the first random field in described random category field;
B, based on the random category field in described new URL, extracts the session label information that the access session relevant to described initial URL is corresponding;
C is based on obtained session label information, obtain the BlueDrama list item of the described BlueDrama table corresponding with described session label information, wherein, described BlueDrama list item comprises the user totem information of the described network equipment, network time information, and this request network request order;
D generates the second random field based on obtained BlueDrama list item;
Described first random field is mated with the described second random field by E, and when the match is successful, sends the request corresponding with described initial URL.
12. methods according to claim 11, wherein, described BlueDrama list item also comprises web random number, and described step C is further comprising the steps:
-receive local PKI from subscriber equipment;
-generate web random number based on described local PKI and the second random number, and described web random number and described session label information are added in described BlueDrama table accordingly;
Wherein, described method is further comprising the steps of:
-carry out generating network PKI based on the second random number;
-send described network PKI to described subscriber equipment, generate local random number for described subscriber equipment based on described network PKI, wherein, described web random number and described local random number generate based on cipher key exchange mechanism.
13. methods according to claim 11 or 12, wherein, described method is further comprising the steps of:
-receive timestamp solicited message from subscriber equipment;
-obtain current time information, feed back to described subscriber equipment as timestamp.
14. according to right, he requires the method according to any one of 11 to 13, and wherein, described BlueDrama list item also comprises free mark information, and wherein, described method is further comprising the steps of:
-at interval of the scheduled time, described free mark information increases fixed value;
-when described free mark information exceedes predetermined threshold, remove the BlueDrama list item corresponding with described access session;
Wherein, described method is further comprising the steps of after step e:
-to reset described free mark information be initial value.
15. according to claim 11 to the method according to any one of 14, and wherein, described method is further comprising the steps of after step e:
-upgrade the order information that described request order information is next request.
16. according to claim 11 to the method according to any one of 15, and wherein, described method is further comprising the steps of:
Whether the new URL received by-judgement meets predetermined format, when not meeting predetermined format, abandons this new URL.
17. according to claim 11 to the method according to any one of 16, and wherein, described method is further comprising the steps of:
The network information that-reception the service equipment corresponding with described initial URL feeds back;
-described info web is sent to described subscriber equipment.
18. 1 kinds of access means for access websites in a user device, can preserve the local session table corresponding with the access session of accessed web page in described subscriber equipment, wherein, described access means comprises:
A first acquisition device, during for the webpage corresponding with initial URL when request access, obtain the local session list item that the access session corresponding to described initial URL is corresponding, wherein, described local session list item at least comprises the user related information of the session label information corresponding with described access session, the user corresponding with described access session, the time related information of described access session, and the request order information of this request;
B first generating apparatus, for generating the first random field based on obtained described local session list item;
C adding set, for being added in described initial URL accordingly with described session label information, with the new URL obtained by the generated first random field;
D first dispensing device, for being sent to the network equipment corresponding with described subscriber equipment by described new URL.
19. access means according to claim 18, wherein, described first acquisition device also for:
Inquire about in described local session table based on the session label information corresponding with described initial URL;
-as exist with as described in local session list item corresponding to session label information time, obtain in described local session table, the local session list item corresponding with this session label information.
20. access means according to claim 19, wherein, when there is not the local session list item corresponding with described session label information in local session table, described first acquisition device comprises further:
Sub-acquisition device, for obtaining the local session list item corresponding with described session label information and being added in described local session table.
21. access means according to claim 20, wherein, described sub-acquisition device also for:
The user related information of the user of the access session that-acquisition is corresponding with described session label information, and itself and described session label information are added in described local session table accordingly.
22. access means according to claim 20 or 21, wherein, described sub-acquisition device also for:
-to the request of described network equipment transmitting time stamp;
-receive the described network equipment feedback timestamp information;
-based on described timestamp information and local time information, determine described time related information, and itself and described session label information are added in described local session table accordingly.
23. access means according to any one of claim 20 to 22, wherein, described local session list item also comprises local random number, described sub-acquisition device also for:
-generate local PKI based on the first random number;
-send described local PKI to the described network equipment, generate web random number for the described network equipment based on described local PKI;
-receive the network PKI that the described network equipment feeds back;
-generate local random number based on described network PKI and the first random number and itself and described session label information are added in local session table accordingly, wherein, adopt cipher key exchange mechanism to generate between described web random number and described local random number.
24. according to claim 18 to the access means according to any one of 23, and wherein, described local session list item also comprises free time information, and described access means also comprises:
First increases device, and at interval of the scheduled time, described free mark information increases fixed value;
First scavenge unit, for when described free mark information exceedes predetermined threshold, removes the local session list item corresponding with described access session;
First reset apparatus is initial value for resetting described free mark information.
25. according to claim 18 to the access means according to any one of 24, wherein, described access means also for:
-upgrade the order information that described request order information is next request.
26. according to claim 18 to the access means according to any one of 25, wherein, described access means also for:
-receive the info web fed back based on described new URL from the described network equipment.
27. according to claim 18 to the access means according to any one of 26, and wherein, described subscriber equipment is identical for the mode generating the second random field with the network equipment for the mode generating the first random field.
28. 1 kinds of servicing units for supplementary access website in the network device, can preserve the BlueDrama table corresponding with the access session of accessed web page in the described network equipment, wherein, described servicing unit comprises the following steps:
First receiving device, for receiving the new URL from subscriber equipment, wherein, described new URL is included in the initial URL of described webpage the URL that with the addition of the first random field;
Extraction element, for based on the random field of first in described new URL, extracts the session label information that the access session relevant to described initial URL is corresponding;
Second acquisition device, for based on obtained session label information, obtain the BlueDrama list item of the described BlueDrama table corresponding with described session label information, wherein, described BlueDrama list item comprises the user totem information of the described network equipment, network time information, and this request network request order;
Second generating apparatus, for generating the second random field based on obtained BlueDrama list item;
Coalignment, for the described first random field being mated with the described second random field, and when the match is successful, sends the request corresponding with described initial URL.
29. servicing units according to claim 28, wherein, described BlueDrama list item also comprises web random number, and described second acquisition device is further used for:
-receive local PKI from subscriber equipment;
-generate web random number based on described local PKI and the second random number, and described web random number and described session label information are added in described BlueDrama table accordingly;
Wherein, described servicing unit also for:
-carry out generating network PKI based on the second random number;
-send described network PKI to described subscriber equipment, generate local random number for described subscriber equipment based on described network PKI, wherein, described web random number and described local random number generate based on cipher key exchange mechanism.
30. servicing units according to claim 28 or 29, wherein, described servicing unit also comprises:
Second receiving system, for receiving the timestamp solicited message from subscriber equipment;
3rd acquisition device, for obtaining current time information, feeds back to described subscriber equipment as timestamp.
31. according to right, he requires the servicing unit according to any one of 28 to 30, and wherein, described BlueDrama list item also comprises free mark information, and wherein, described servicing unit also comprises:
Second increases device, and at interval of the scheduled time, described free mark information increases fixed value;
Second scavenge unit, for when described free mark information exceedes predetermined threshold, removes the BlueDrama list item corresponding with described access session;
Second reset apparatus is initial value for resetting described free mark information.
32. servicing units according to any one of claim 28 to 31, wherein, described servicing unit also for:
-upgrade the order information that described request order information is next request.
33. servicing units according to any one of claim 28 to 32, wherein, described servicing unit also for:
Whether the new URL received by-judgement meets predetermined format, when not meeting predetermined format, abandons this new URL.
34. servicing units according to any one of claim 28 to 33, wherein, described servicing unit also comprises:
3rd receiving system, for receiving the network information that the service equipment corresponding with described initial URL feeds back;
Second dispensing device, for being sent to described subscriber equipment by described info web.
35. 1 kinds of network systems, wherein, described system comprises according to claim 18 to the subscriber equipment belonging to the access means according to any one of 28, the network equipment belonging to servicing unit according to any one of claim 29 to 34, and for providing the server apparatus of corresponding network service.
CN201510726547.4A 2015-10-30 2015-10-30 A kind of methods, devices and systems for accessing website Active CN105429953B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201510726547.4A CN105429953B (en) 2015-10-30 2015-10-30 A kind of methods, devices and systems for accessing website

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201510726547.4A CN105429953B (en) 2015-10-30 2015-10-30 A kind of methods, devices and systems for accessing website

Publications (2)

Publication Number Publication Date
CN105429953A true CN105429953A (en) 2016-03-23
CN105429953B CN105429953B (en) 2018-11-13

Family

ID=55507895

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201510726547.4A Active CN105429953B (en) 2015-10-30 2015-10-30 A kind of methods, devices and systems for accessing website

Country Status (1)

Country Link
CN (1) CN105429953B (en)

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105763560A (en) * 2016-04-15 2016-07-13 北京思特奇信息技术股份有限公司 Web Service interface flow real-time monitoring method and system
CN107967287A (en) * 2016-10-20 2018-04-27 法乐第(北京)网络科技有限公司 The collocation method and device of local resource
CN108664793A (en) * 2017-03-30 2018-10-16 腾讯科技(深圳)有限公司 A kind of method and apparatus of detection loophole
CN109560960A (en) * 2018-11-05 2019-04-02 杭州迪普科技股份有限公司 The method for parameter configuration and device, WAF system of WAF Brute Force protection
CN109873818A (en) * 2019-02-01 2019-06-11 湖南快乐阳光互动娱乐传媒有限公司 A kind of method and system preventing unauthorized access server
CN111008345A (en) * 2019-11-28 2020-04-14 蜂助手股份有限公司 Method and system for accessing fixed-point access URL
CN111209544A (en) * 2019-12-17 2020-05-29 中移(杭州)信息技术有限公司 Web application security protection method and device, electronic equipment and storage medium
CN112134881A (en) * 2020-09-22 2020-12-25 宏图智能物流股份有限公司 Network request tamper-proof method based on serial number
CN116527373A (en) * 2023-05-18 2023-08-01 清华大学 Back door attack method and device for malicious URL detection system

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102546165B (en) * 2010-12-31 2015-11-25 中国银联股份有限公司 Dynamic URL maker, generation method, based on the Verification System of dynamic URL and method
CN102594557A (en) * 2012-01-10 2012-07-18 深圳市汉普电子技术开发有限公司 Method and device for encrypting uniform resource locator (URL) and method and device for authenticating URL
CN103701946B (en) * 2013-12-20 2017-02-08 珠海金山网络游戏科技有限公司 Method and system for client-side to be in communication with server through URL (Universal Resource Locator)
CN104158799A (en) * 2014-07-17 2014-11-19 天津大学 HTTP DDOS defense method based on URL dynamic mapping

Cited By (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105763560A (en) * 2016-04-15 2016-07-13 北京思特奇信息技术股份有限公司 Web Service interface flow real-time monitoring method and system
CN107967287A (en) * 2016-10-20 2018-04-27 法乐第(北京)网络科技有限公司 The collocation method and device of local resource
CN108664793A (en) * 2017-03-30 2018-10-16 腾讯科技(深圳)有限公司 A kind of method and apparatus of detection loophole
CN109560960A (en) * 2018-11-05 2019-04-02 杭州迪普科技股份有限公司 The method for parameter configuration and device, WAF system of WAF Brute Force protection
CN109873818A (en) * 2019-02-01 2019-06-11 湖南快乐阳光互动娱乐传媒有限公司 A kind of method and system preventing unauthorized access server
CN111008345A (en) * 2019-11-28 2020-04-14 蜂助手股份有限公司 Method and system for accessing fixed-point access URL
CN111008345B (en) * 2019-11-28 2020-12-15 蜂助手股份有限公司 Method and system for accessing fixed-point access URL
CN111209544A (en) * 2019-12-17 2020-05-29 中移(杭州)信息技术有限公司 Web application security protection method and device, electronic equipment and storage medium
CN111209544B (en) * 2019-12-17 2022-07-01 中移(杭州)信息技术有限公司 Web application security protection method and device, electronic equipment and storage medium
CN112134881A (en) * 2020-09-22 2020-12-25 宏图智能物流股份有限公司 Network request tamper-proof method based on serial number
CN116527373A (en) * 2023-05-18 2023-08-01 清华大学 Back door attack method and device for malicious URL detection system
CN116527373B (en) * 2023-05-18 2023-10-20 清华大学 Back door attack method and device for malicious URL detection system

Also Published As

Publication number Publication date
CN105429953B (en) 2018-11-13

Similar Documents

Publication Publication Date Title
CN105429953A (en) Method, device and system used for accessing websites
JP6527590B2 (en) System and method for detecting covert channel network intrusion based on offline network traffic
US8752208B2 (en) Detecting web browser based attacks using browser digest compute tests launched from a remote source
US10212130B1 (en) Browser extension firewall
CN105939326B (en) Method and device for processing message
US9003519B2 (en) Verifying transactions using out-of-band devices
Brengel et al. Identifying key leakage of bitcoin users
US20190303601A1 (en) Apparatus and Method for Securing Web Application Server Source Code
CN107645478B (en) Network attack defense system, method and device
JP2016136735A (en) System, device, program, and method for protocol fingerprint acquisition and evaluation correlation
CN103944900A (en) Cross-station request attack defense method and device based on encryption
CN102523218A (en) Network safety protection method, equipment and system thereof
CN103929440A (en) Web page tamper prevention device based on web server cache matching and method thereof
CN107733725B (en) Safety early warning method, device, equipment and storage medium
CN104954386A (en) Network anti-hijacking methods and device
WO2020107446A1 (en) Method and apparatus for obtaining attacker information, device, and storage medium
CN105099676A (en) User login method, user terminal and server
CN107276986B (en) Method, device and system for protecting website through machine learning
CN104348924A (en) Method, system and device for domain name resolution
CN110958239A (en) Method and device for verifying access request, storage medium and electronic device
CN110602134B (en) Method, device and system for identifying illegal terminal access based on session label
Yassin et al. SQLIIDaaS: A SQL injection intrusion detection framework as a service for SaaS providers
CN112491883A (en) Method, device, electronic device and storage medium for detecting web attack
CN115086064A (en) Large-scale network security defense system based on cooperative intrusion detection
CN111049794A (en) Page reverse crawling method and device, storage medium and gateway equipment

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant