CN106713318A - WEB site security protection method and system - Google Patents
WEB site security protection method and system Download PDFInfo
- Publication number
- CN106713318A CN106713318A CN201611202994.0A CN201611202994A CN106713318A CN 106713318 A CN106713318 A CN 106713318A CN 201611202994 A CN201611202994 A CN 201611202994A CN 106713318 A CN106713318 A CN 106713318A
- Authority
- CN
- China
- Prior art keywords
- http request
- default
- uri
- web site
- address
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
- H04L63/0236—Filtering by address, protocol, port number or service, e.g. IP-address or URL
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/30—Network architectures or network communication protocols for network security for supporting lawful interception, monitoring or retaining of communications or communication related information
- H04L63/306—Network architectures or network communication protocols for network security for supporting lawful interception, monitoring or retaining of communications or communication related information intercepting packet switched data communications, e.g. Web, Internet or IMS communications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/02—Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Technology Law (AREA)
- Computer And Data Communications (AREA)
- Information Transfer Between Computers (AREA)
Abstract
The invention relates to a WEB site security protection method and system. The WEB site security protection method comprises the steps of acquiring an IP address of a client sending an HTTP request; searching the IP address in a preset IP black list and a preset IP white list, and acquiring a first search result; when the first search result is that the IP address is not found, extracting a file extension name in the HTTP request, and acquiring a resource type requested by the HTTP request; when the resource type is a non-static file, extracting a URI in the HTTP request; searching the URI in a preset URI white list, and acquiring a second search result; when the second search result is that the URI is not found, recognizing whether the HTTP request contains a preset feature code or not; if so, matching the HTTP request with a preset security rule, if the HTTP request is successfully matched with the preset security rule, sending a resource requested by the HTTP request to a client; and if not, intercepting the HTTP request. The efficiency of detecting the security of an HTTP request is improved.
Description
Technical field
The present invention relates to information security field, more particularly to a kind of WEB site safeties means of defence and system.
Background technology
The main application fire prevention with hardware firewall or based on Apache, IIS etc. of existing WEB site safeties Protection Product
Wall, web portal security filtering is processed by autonomous device and agent skill group.But, the application firewall high cost of hardware, base
Can also increase the extra input of server in the application firewall of the softwares such as Apache, IIS.
The content of the invention
The technical problems to be solved by the invention are:A kind of WEB site safeties means of defence and system are provided, detection is improved
The efficiency of HTTP request security.
In order to solve the above-mentioned technical problem, the technical solution adopted by the present invention is:
The present invention provides a kind of WEB site safeties means of defence, including:
Obtain the IP address of the client for sending HTTP request;
The IP address is searched in default IP blacklists and default IP white lists, the first Search Results are obtained;
When first Search Results are not to search the IP address, the file extension in HTTP request is extracted,
Obtain the HTTP request requested resource type;
When the resource type is non-static file, the URI in the HTTP request is extracted;
The URI is searched in default URI white lists, the second Search Results are obtained;
Whether include when second Search Results are not to search the URI, in the identification HTTP request default
Condition code;If so, then matching the HTTP request and default safety regulation, matching result is obtained;
If the matching result intercepts the HTTP request for the match is successful;Otherwise, the HTTP request is sent to ask
The resource asked is to client.
The present invention also provides a kind of WEB site safeties guard system, including:
First acquisition module, the IP address for obtaining the client for sending HTTP request;
First search module, for searching for the IP address in default IP blacklists and default IP white lists, obtains
One Search Results;
First extraction module, for when first Search Results are not to search the IP address, extracting HTTP please
File extension in asking, obtains the HTTP request requested resource type;
Second extraction module, for when the resource type is non-static file, extracting the HTTP request in
URI;
Second search module, for searching for the URI in default URI white lists, obtains the second Search Results;
Matching module, for when second Search Results are not to search the URI, recognizing the HTTP request in
Whether default condition code is included;If so, then:The HTTP request and default safety regulation are matched, matching result is obtained;If
The matching result then intercepts the HTTP request for the match is successful;Otherwise, the HTTP request requested resource is sent extremely
Client.
The beneficial effects of the present invention are:The present invention detects that sending HTTP asks by default IP blacklists and IP white lists
The security of the IP address of the client asked, if the IP address is determined whether not in IP blacklists and IP white lists
Whether HTTP request requested resource is the static files such as CSS, picture, if so, directly returning to static file resource to client
End, otherwise determines whether whether URI that HTTP request asked is to set in default URI white lists without security risk
Resource, such as homepage, the identifying code page.Client of the IP blacklists mainly to those long-times or high-volume illegal request is carried out
Refusal, and between IP white lists are then supplied to the server that both sides trust each other servicing communications (general service communication has peace in itself
Full inspection is tested), skip detection is to lift service processing efficiency.If cannot determine the peace of the HTTP request by above-mentioned steps
Whether Quan Xing, then further include default condition code, according to default if comprising default condition code in identification HTTP request
Safety regulation carry out safety detection.Described document information is the feature of the resource of safety detection to be carried out, and is such as intended to detection script text
Part, condition code can be set to "<script>”.Each safety regulation is corresponding with a condition code, only works as HTTP request
In comprising matching this feature code when, just carry out safety detection operation using list of rules detailed in safety regulation, improve detection
The efficiency of HTTP request security.
Brief description of the drawings
A kind of FB(flow block) of the specific embodiment of WEB site safeties means of defence that Fig. 1 is provided for the present invention;
A kind of structured flowchart of the specific embodiment of WEB site safeties guard system that Fig. 2 is provided for the present invention;
Label declaration:
1st, the first acquisition module;2nd, the first search module;3rd, the first extraction module;4th, the second extraction module;5th, second search
Rope module;6th, matching module.
Specific embodiment
It is to describe technology contents of the invention, the objects and the effects in detail, below in conjunction with implementation method and coordinates attached
Figure is explained.
As shown in figure 1, the present invention provides a kind of WEB site safeties means of defence, including:
Obtain the IP address of the client for sending HTTP request;
The IP address is searched in default IP blacklists and default IP white lists, the first Search Results are obtained;
When first Search Results are not to search the IP address, the file extension in HTTP request is extracted,
Obtain the HTTP request requested resource type;
When the resource type is non-static file, the URI in the HTTP request is extracted;
The URI is searched in default URI white lists, the second Search Results are obtained;
Whether include when second Search Results are not to search the URI, in the identification HTTP request default
Condition code;If so, then matching the HTTP request and default safety regulation, matching result is obtained;
If the matching result intercepts the HTTP request for the match is successful;Otherwise, the HTTP request is sent to ask
The resource asked is to client.
Further, the matching HTTP request and default safety regulation, specially:
The required parameter name in the HTTP request is obtained, the first parameter name is obtained;
If first parameter name is identical with the parameter name in default parameter name blacklist, intercepting the HTTP please
Ask.
Seen from the above description, the required parameter in HTTP request is filtered, confirms whether client has and pass through
POST, GET request mode submit illegal parameter to.
Further, the matching HTTP request and default safety regulation, specially:
The browser type that client is used is obtained from the HTTP request, the first browser type is obtained;
If first browser type is mismatched with default browser type, the HTTP request is intercepted.
Seen from the above description, browser type detection mainly includes following two aspects:1st, limit illegal or currently should
With the browser type do not supported;There is SQL injection when the 2nd, avoiding some applications from being put in storage browser type in daily record form to leak
Hole.
Further, also include:
Load the IP blacklists, the IP white lists, the URI white lists and the safety regulation to internal memory.
Seen from the above description, the efficiency of HTTP request safety detection can be improved.
Further, also include:
The HTTP request for intercepting is preserved, journal file is formed.
Seen from the above description, the health condition of current site can be assessed by journal file, for illegal request client
End counted, will excessively frequently client ip pipe off a period of time to reduce server process affairs amount, lifting
Systematic function.
As shown in Fig. 2 the present invention also provides a kind of WEB site safeties guard system, including:
First acquisition module 1, the IP address for obtaining the client for sending HTTP request;
First search module 2, for searching for the IP address in default IP blacklists and default IP white lists, obtains
One Search Results;
First extraction module 3, for when first Search Results are not to search the IP address, extracting HTTP please
File extension in asking, obtains the HTTP request requested resource type;
Second extraction module 4, for when the resource type is non-static file, extracting the HTTP request in
URI;
Second search module 5, for searching for the URI in default URI white lists, obtains the second Search Results;
Matching module 6, for when second Search Results are not to search the URI, recognizing the HTTP request
In whether include default condition code;If so, then:The HTTP request and default safety regulation are matched, matching result is obtained;
If the matching result intercepts the HTTP request for the match is successful;Otherwise, the HTTP request requested resource is sent
To client.
Further, the matching module includes:
First acquisition unit, for obtaining the name of the required parameter in the HTTP request, obtains the first parameter name;
First interception unit, if for the parameter famous prime minister in first parameter name and default parameter name blacklist
Together, then the HTTP request is intercepted.
Further, the matching module also includes:
Second acquisition unit, for obtaining the browser type that client is used from the HTTP request, obtains first
Browser type;
Second interception unit, if being mismatched for first browser type and default browser type, intercepts
The HTTP request.
Further, also include:
Load-on module, for loading the IP blacklists, the IP white lists, the URI white lists and the safety rule
Then to internal memory.
Further, also include:
Preserving module, for preserving the HTTP request for intercepting, forms journal file.
Seen from the above description, the WEB site safety guard systems for being provided by the present invention, can improve detection HTTP request
The efficiency of security.
Embodiments of the invention one are:
Load default IP blacklists, IP white lists, URI white lists and safety regulation to internal memory;
Obtain the IP address of the client for sending HTTP request;If not searched in default IP blacklists and default IP white lists
Rope to the IP address, then:
The file extension in HTTP request is extracted, the HTTP request requested resource type is obtained;If the money
Source Type is non-static file, then:
The URI in the HTTP request is extracted, if not searching the URI in default URI white lists,:
Whether recognize in the HTTP request includes default condition code;If so, then:
The HTTP request is matched with default safety regulation;Specially:Obtain the required parameter in the HTTP request
Name, obtains the first parameter name;
If first parameter name is identical with the parameter name in default parameter name blacklist, intercepting the HTTP please
Ask;Otherwise:
The browser type that client is used is obtained from the HTTP request, the first browser type is obtained;
If first browser type is mismatched with default browser type, the HTTP request is intercepted;
The HTTP request for intercepting is preserved, journal file is formed.
Embodiments of the invention two are:
The IP address of the client for sending HTTP request is obtained, is searched in default IP white lists with the presence or absence of IP ground
Location, if in the presence of sending the HTTP request requested resource to client;If not existing, default IP blacklists are searched for
In whether there is the IP address, if in the presence of intercepting the HTTP request, and the HTTP request is preserved into journal file.
If not existing the IP address in IP blacklists and IP white lists, the file extension in HTTP request is extracted,
File extension according to extracting judges HTTP request requested resource type, if the resource type of request is CSS style
The static files such as file, picture, then do not go on safety detection, directly returns to static file to client, otherwise, carries out
URI is detected.
The URI for asking resource is obtained according to HTTP request, is searched for and be whether there is the URI in default URI white lists, if
In the presence of, illustrate that requested resource is the resource without safety issue, such as the homepage of the page, the identifying code page, then directly return
The resource of HTTP request is returned to client, safety regulation matching is otherwise carried out.
Default safety regulation includes detection parameter http_referer, and the reference path to user's request matched
Filter;Detection parameter http_user_agent, the user browser information filtering to the Header of HTTP request;Detection parameter
Http_accept_language, the Accept_Language information filterings of the browser to sending HTTP request;Detection parameter
URI, the URL to HTTP request is filtered;Detection parameter Cookie, to the cookie information filtering in HTTP request;Detection
Parameter Get, the required parameter to the GET request mode of HTTP is filtered;Detection parameter POST, to the POST request side of HTTP
The required parameter of formula is filtered.Above-mentioned safety regulation can arbitrary arrangement combination, form set of security rules, and be set of security rules
A condition code is configured, when described document information is included in HTTP request, then using corresponding set of security rules to the HTTP request
Detected.If HTTP request meets being matched with safety regulation, HTTP request requested resource is sent to client, it is no
Then, the HTTP request is intercepted, and preserves the HTTP request to journal file.
Embodiments of the invention three:
The website of Struts2 technologies is used for having, client can be constructed:http://host/struts2-
blank/example/X.actionaction:%25 { (new+java.lang.ProcessBuild er (new+
Java.lang.String [] ' command', ' goes', ' here'})) .start () link, command goes here
It is path and the parameter for destroying script that can change into, such as fdisk-f etc., the purpose for causing brokenly loop systems to run.
The present invention can be by matching some keywords of the Struts2 such as action, java.lang, command to reach
The upper of Struts2 illegal requests is recognized, these illegal requests are intercepted.
In sum, the present invention is provided a kind of WEB site safeties means of defence and system, by default IP blacklists
With the security of the IP address of the client that the detection of IP white lists sends HTTP request, if the IP address not in IP blacklists and
In IP white lists, then determine whether whether HTTP request requested resource is the static files such as CSS, picture, if so, directly
Static file resource is returned to client, otherwise determines whether whether the URI that HTTP request is asked is the white names of default URI
The resource without security risk set in list, such as homepage, the identifying code page.If cannot determine the HTTP by above-mentioned steps
Whether the security of request, then further include default condition code, if comprising default condition code in identification HTTP request
Safety detection is carried out according to default safety regulation.Described document information is the feature of the resource of safety detection to be carried out, and is such as intended to examine
Script file is surveyed, condition code can be set to "<script>”.Each safety regulation is corresponding with a condition code, only when
When in HTTP request comprising matching this feature code, safety detection operation just is carried out using list of rules detailed in safety regulation,
Improve the efficiency of detection HTTP request security.
Embodiments of the invention are the foregoing is only, the scope of the claims of the invention is not thereby limited, it is every to utilize this hair
The equivalents that bright specification and accompanying drawing content are made, or the technical field of correlation is directly or indirectly used in, similarly include
In scope of patent protection of the invention.
Claims (10)
1. a kind of WEB site safeties means of defence, it is characterised in that including:
Obtain the IP address of the client for sending HTTP request;
The IP address is searched in default IP blacklists and default IP white lists, the first Search Results are obtained;
When first Search Results are not to search the IP address, the file extension in HTTP request is extracted, obtained
The HTTP request requested resource type;
When the resource type is non-static file, the URI in the HTTP request is extracted;
The URI is searched in default URI white lists, the second Search Results are obtained;
When second Search Results are not to search the URI, whether default spy is included in the identification HTTP request
Levy code;If so, then matching the HTTP request and default safety regulation, matching result is obtained;
If the matching result intercepts the HTTP request for the match is successful;Otherwise, send what the HTTP request was asked
Resource is to client.
2. WEB site safeties means of defence according to claim 1, it is characterised in that the matching HTTP request
With default safety regulation, specially:
The required parameter name in the HTTP request is obtained, the first parameter name is obtained;
If first parameter name is identical with the parameter name in default parameter name blacklist, the HTTP request is intercepted.
3. WEB site safeties means of defence according to claim 1, it is characterised in that the matching HTTP request
With default safety regulation, specially:
The browser type that client is used is obtained from the HTTP request, the first browser type is obtained;
If first browser type is mismatched with default browser type, the HTTP request is intercepted.
4. WEB site safeties means of defence according to claim 1, it is characterised in that also include:
Load the IP blacklists, the IP white lists, the URI white lists and the safety regulation to internal memory.
5. WEB site safeties means of defence according to claim 1, it is characterised in that also include:
The HTTP request for intercepting is preserved, journal file is formed.
6. a kind of WEB site safeties guard system, it is characterised in that including:
First acquisition module, the IP address for obtaining the client for sending HTTP request;
First search module, for searching for the IP address in default IP blacklists and default IP white lists, obtains first and searches
Hitch is really;
First extraction module, for when first Search Results for do not search the IP address when, extract HTTP request in
File extension, obtain the HTTP request requested resource type;
Second extraction module, for when the resource type is non-static file, extracting the URI in the HTTP request;
Second search module, for searching for the URI in default URI white lists, obtains the second Search Results;
Matching module, for when second Search Results are not to search the URI, recognize in the HTTP request whether
Including default condition code;If so, then matching the HTTP request and default safety regulation, matching result is obtained;If described
Matching result then intercepts the HTTP request for the match is successful, otherwise sends the HTTP request requested resource to client
End.
7. WEB site safeties guard system according to claim 6, it is characterised in that the matching module includes:
First acquisition unit, for obtaining the name of the required parameter in the HTTP request, obtains the first parameter name;
First interception unit, if identical with the parameter name in default parameter name blacklist for first parameter name,
Intercept the HTTP request.
8. WEB site safeties guard system according to claim 6, it is characterised in that the matching module also includes:
Second acquisition unit, for obtaining the browser type that client is used from the HTTP request, obtains first and browses
Device type;
Second interception unit, if being mismatched for first browser type and default browser type, intercepts described
HTTP request.
9. WEB site safeties guard system according to claim 6, it is characterised in that also include:
Load-on module, for loading the IP blacklists, the IP white lists, the URI white lists and the safety regulation extremely
Internal memory.
10. WEB site safeties guard system according to claim 6, it is characterised in that also include:Preserving module, is used for
The HTTP request for intercepting is preserved, journal file is formed.
Priority Applications (4)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202010304157.9A CN111541674A (en) | 2016-12-23 | 2016-12-23 | WEB site safety protection method and system with high detection efficiency |
CN202010303797.8A CN111541673A (en) | 2016-12-23 | 2016-12-23 | Efficient method and system for detecting HTTP request security |
CN201611202994.0A CN106713318B (en) | 2016-12-23 | 2016-12-23 | WEB site safety protection method and system |
CN202010303787.4A CN111541672A (en) | 2016-12-23 | 2016-12-23 | Method and system for detecting security of HTTP (hyper text transport protocol) request |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201611202994.0A CN106713318B (en) | 2016-12-23 | 2016-12-23 | WEB site safety protection method and system |
Related Child Applications (3)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202010303787.4A Division CN111541672A (en) | 2016-12-23 | 2016-12-23 | Method and system for detecting security of HTTP (hyper text transport protocol) request |
CN202010304157.9A Division CN111541674A (en) | 2016-12-23 | 2016-12-23 | WEB site safety protection method and system with high detection efficiency |
CN202010303797.8A Division CN111541673A (en) | 2016-12-23 | 2016-12-23 | Efficient method and system for detecting HTTP request security |
Publications (2)
Publication Number | Publication Date |
---|---|
CN106713318A true CN106713318A (en) | 2017-05-24 |
CN106713318B CN106713318B (en) | 2020-04-07 |
Family
ID=58903063
Family Applications (4)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202010303787.4A Withdrawn CN111541672A (en) | 2016-12-23 | 2016-12-23 | Method and system for detecting security of HTTP (hyper text transport protocol) request |
CN202010304157.9A Withdrawn CN111541674A (en) | 2016-12-23 | 2016-12-23 | WEB site safety protection method and system with high detection efficiency |
CN201611202994.0A Active CN106713318B (en) | 2016-12-23 | 2016-12-23 | WEB site safety protection method and system |
CN202010303797.8A Withdrawn CN111541673A (en) | 2016-12-23 | 2016-12-23 | Efficient method and system for detecting HTTP request security |
Family Applications Before (2)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202010303787.4A Withdrawn CN111541672A (en) | 2016-12-23 | 2016-12-23 | Method and system for detecting security of HTTP (hyper text transport protocol) request |
CN202010304157.9A Withdrawn CN111541674A (en) | 2016-12-23 | 2016-12-23 | WEB site safety protection method and system with high detection efficiency |
Family Applications After (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202010303797.8A Withdrawn CN111541673A (en) | 2016-12-23 | 2016-12-23 | Efficient method and system for detecting HTTP request security |
Country Status (1)
Country | Link |
---|---|
CN (4) | CN111541672A (en) |
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108234453A (en) * | 2017-12-12 | 2018-06-29 | 杭州安恒信息技术有限公司 | A kind of web safety defense methods of rule-based Java |
CN109558427A (en) * | 2018-11-30 | 2019-04-02 | 上海找钢网信息科技股份有限公司 | Intelligent inquiry system and method based on steel industry data platform |
CN110012096A (en) * | 2019-04-03 | 2019-07-12 | 中国工商银行股份有限公司 | Mobile client service updates management method, apparatus and system |
CN113992423A (en) * | 2021-11-05 | 2022-01-28 | 枣庄科技职业学院 | Computer network firewall with high safety and use method thereof |
US20230025896A1 (en) * | 2021-07-23 | 2023-01-26 | Palo Alto Networks, Inc. | Tree-based learning of application programming interface specification |
Families Citing this family (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113542287A (en) * | 2021-07-21 | 2021-10-22 | 山东浪潮通软信息科技有限公司 | Network request management method and device |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2006119508A2 (en) * | 2005-05-05 | 2006-11-09 | Ironport Systems, Inc. | Detecting unwanted electronic mail messages based on probabilistic analysis of referenced resources |
CN101252443A (en) * | 2008-03-20 | 2008-08-27 | 华为技术有限公司 | Apparatus and method for detecting message security |
CN103095810A (en) * | 2012-12-28 | 2013-05-08 | 三维通信股份有限公司 | Multi-functional middleware recognizing system based on Web technology |
CN103825900A (en) * | 2014-02-28 | 2014-05-28 | 广州云宏信息科技有限公司 | Website access method and device and filter form downloading and updating method and system |
CN104361283A (en) * | 2014-12-05 | 2015-02-18 | 网宿科技股份有限公司 | Web attack protection method |
CN105635064A (en) * | 2014-10-31 | 2016-06-01 | 杭州华三通信技术有限公司 | CSRF attack detection method and device |
Family Cites Families (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7707245B2 (en) * | 2000-02-22 | 2010-04-27 | Harvey Lunenfeld | Metasearching a client's request for displaying different order books on the client |
CN100440811C (en) * | 2006-12-25 | 2008-12-03 | 杭州华三通信技术有限公司 | Detection method and device for network attack |
US8271650B2 (en) * | 2009-08-25 | 2012-09-18 | Vizibility Inc. | Systems and method of identifying and managing abusive requests |
US9215209B2 (en) * | 2013-11-08 | 2015-12-15 | U.S. Bancorp, National Association | Source request monitoring |
CN103607385B (en) * | 2013-11-14 | 2017-01-18 | 北京奇虎科技有限公司 | Method and apparatus for security detection based on browser |
CN104954346B (en) * | 2014-03-31 | 2018-12-18 | 北京奇安信科技有限公司 | Attack recognition method and device based on object analysis |
CN103973684B (en) * | 2014-05-07 | 2017-05-24 | 北京神州绿盟信息安全科技股份有限公司 | Rule compiling and matching method and device |
CN105938472A (en) * | 2015-08-26 | 2016-09-14 | 杭州迪普科技有限公司 | Web access control method and device |
CN110417748A (en) * | 2019-07-08 | 2019-11-05 | 新华三信息安全技术有限公司 | A kind of attack detection method and device |
-
2016
- 2016-12-23 CN CN202010303787.4A patent/CN111541672A/en not_active Withdrawn
- 2016-12-23 CN CN202010304157.9A patent/CN111541674A/en not_active Withdrawn
- 2016-12-23 CN CN201611202994.0A patent/CN106713318B/en active Active
- 2016-12-23 CN CN202010303797.8A patent/CN111541673A/en not_active Withdrawn
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2006119508A2 (en) * | 2005-05-05 | 2006-11-09 | Ironport Systems, Inc. | Detecting unwanted electronic mail messages based on probabilistic analysis of referenced resources |
CN101252443A (en) * | 2008-03-20 | 2008-08-27 | 华为技术有限公司 | Apparatus and method for detecting message security |
CN103095810A (en) * | 2012-12-28 | 2013-05-08 | 三维通信股份有限公司 | Multi-functional middleware recognizing system based on Web technology |
CN103825900A (en) * | 2014-02-28 | 2014-05-28 | 广州云宏信息科技有限公司 | Website access method and device and filter form downloading and updating method and system |
CN105635064A (en) * | 2014-10-31 | 2016-06-01 | 杭州华三通信技术有限公司 | CSRF attack detection method and device |
CN104361283A (en) * | 2014-12-05 | 2015-02-18 | 网宿科技股份有限公司 | Web attack protection method |
Cited By (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108234453A (en) * | 2017-12-12 | 2018-06-29 | 杭州安恒信息技术有限公司 | A kind of web safety defense methods of rule-based Java |
CN109558427A (en) * | 2018-11-30 | 2019-04-02 | 上海找钢网信息科技股份有限公司 | Intelligent inquiry system and method based on steel industry data platform |
CN110012096A (en) * | 2019-04-03 | 2019-07-12 | 中国工商银行股份有限公司 | Mobile client service updates management method, apparatus and system |
US20230025896A1 (en) * | 2021-07-23 | 2023-01-26 | Palo Alto Networks, Inc. | Tree-based learning of application programming interface specification |
US11997110B2 (en) * | 2021-07-23 | 2024-05-28 | Palo Alto Networks, Inc. | Tree-based learning of application programming interface specification |
CN113992423A (en) * | 2021-11-05 | 2022-01-28 | 枣庄科技职业学院 | Computer network firewall with high safety and use method thereof |
CN113992423B (en) * | 2021-11-05 | 2023-01-17 | 枣庄科技职业学院 | Use method of computer network firewall |
Also Published As
Publication number | Publication date |
---|---|
CN111541674A (en) | 2020-08-14 |
CN111541672A (en) | 2020-08-14 |
CN111541673A (en) | 2020-08-14 |
CN106713318B (en) | 2020-04-07 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN106713318A (en) | WEB site security protection method and system | |
US10469531B2 (en) | Fraud detection network system and fraud detection method | |
CN101895516B (en) | Method and device for positioning cross-site scripting attack source | |
CN106101145B (en) | A kind of website vulnerability detection method and device | |
CA2595758C (en) | System for detecting vulnerabilities in web applications using client-side application interfaces | |
US8112799B1 (en) | Method, system, and computer program product for avoiding cross-site scripting attacks | |
US9531734B2 (en) | Method and apparatus for intercepting or cleaning-up plugins | |
CN102467633A (en) | Method and system for safely browsing webpage | |
CN107209831B (en) | System and method for identifying network attacks | |
CN106357696A (en) | Detection method and detection system for SQL injection attack | |
CN109768992B (en) | Webpage malicious scanning processing method and device, terminal device and readable storage medium | |
CN105184159A (en) | Web page falsification identification method and apparatus | |
CN101964026A (en) | Method and system for detecting web page horse hanging | |
CN102769632A (en) | Method and system for grading detection and prompt of fishing website | |
CN104462152A (en) | Webpage recognition method and device | |
JP2004318816A (en) | Communication relay device, communication relay method, and program | |
CN107846407A (en) | A kind of method and system of batch detection SSRF leaks | |
CN105635064B (en) | CSRF attack detection method and device | |
CN102185859A (en) | Computer system and data interaction method | |
Shahriar et al. | Injecting comments to detect JavaScript code injection attacks | |
CN113518077A (en) | Malicious web crawler detection method, device, equipment and storage medium | |
CN107800686A (en) | A kind of fishing website recognition methods and device | |
CN103336693B (en) | The creation method of refer chain, device and security detection equipment | |
Lalia et al. | XSS attack detection approach based on scripts features analysis | |
KR101428727B1 (en) | A System and a Method for Detecting Spread and Pass Sites of Malicious Code |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
PE01 | Entry into force of the registration of the contract for pledge of patent right | ||
PE01 | Entry into force of the registration of the contract for pledge of patent right |
Denomination of invention: A web site security protection method and system Effective date of registration: 20210127 Granted publication date: 20200407 Pledgee: Fuzhou Gulou sub branch of Fujian Straits Bank Co.,Ltd. Pledgor: NEWDOONE SCIENCE & TECHNOLOGY Co.,Ltd. Registration number: Y2021350000016 |