CN106878345A - A kind of method and device for distorting protection - Google Patents

A kind of method and device for distorting protection Download PDF

Info

Publication number
CN106878345A
CN106878345A CN201710277205.8A CN201710277205A CN106878345A CN 106878345 A CN106878345 A CN 106878345A CN 201710277205 A CN201710277205 A CN 201710277205A CN 106878345 A CN106878345 A CN 106878345A
Authority
CN
China
Prior art keywords
content
pages
section
information
feature information
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201710277205.8A
Other languages
Chinese (zh)
Inventor
范毅波
吴庆
许雪峰
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hangzhou DPTech Technologies Co Ltd
Original Assignee
Hangzhou DPTech Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hangzhou DPTech Technologies Co Ltd filed Critical Hangzhou DPTech Technologies Co Ltd
Priority to CN201710277205.8A priority Critical patent/CN106878345A/en
Publication of CN106878345A publication Critical patent/CN106878345A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1416Event detection, e.g. attack signature detection

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computing Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

The present invention provides a kind of method for distorting protection, and methods described includes:After client device sends accessing page request to server, the response message of accessing page request is received;According to default content of pages segment length, content of pages section to be visited is extracted from least one response message;Rule is obtained according to default characteristic information, fisrt feature information is obtained according to content of pages to be visited section;In the check information, the corresponding second feature information of content of pages section to be visited is searched;If fisrt feature information is identical with second feature information, at least one response message is sent to client device.From above technical scheme, the embodiment of the present invention is by being segmented the characteristic information for obtaining and verifying content of pages, realize the timely transmission to response message, avoid the need for caching whole response messages just verified caused by it is more long time-consuming, client device is shortened from sending access request to the feedback time for obtaining web page contents, better user experience.

Description

A kind of method and device for distorting protection
Technical field
The application is related to communication technical field, more particularly to distorts the method and device of protection.
Background technology
In network communications, webpage tamper is that the content of pages of the storage of Web server is distorted, and it is to calculating Machine system will not produce directly loss in itself, but carry out ditch by website to the needs such as E-Government or ecommerce and user For logical application, it is meant that E-Government or ecommerce will be forced to stop external service.The Website page being tampered Often spread speed is fast, reading crowd is more, replicates easy, difficulty of eliminating the effects of the act afterwards.Webpage tamper event is pacified as internet One of full problem the most serious.
Existing guard technology of distorting is mainly based on digital watermark technology, i.e., watermark calculating is done to each page, Page digital watermarking is checked when accessing, is processed according to comparing result.The technology can apply to client device with service Intermediate equipment between device, for example:Firewall box, by obtaining the content of pages that server sends to client, and to the page Data content carries out watermark identification in content, is identified watermark;When recognizing that watermark compares consistent with original watermark, by the page Content is sent to client;When recognizing that watermark compares inconsistent with original watermark, the content of pages is abandoned.
Distort guard technology existing, in client device access, it is necessary to firewall box caching is whole in advance Content of pages, is verified with the watermark to full page content, when the web page contents that user is asked are larger, its caching consumption When it is also more long, so cause client device from send access request to obtain web page contents feedback take also more long, user Experience is poor.
The content of the invention
The embodiment of the present invention provides the method and apparatus for distorting protection, is led for solving existing webpage tamper guard technology The time that the client device of cause obtains web page contents is more long, the problem of poor user experience.
A kind of first aspect according to embodiments of the present invention, there is provided method for distorting protection, it is characterised in that methods described It is applied to when the content of pages that client device access server is preserved, according to the check information for pre-saving, to described Content of pages is protected, and the check information preserves the feature of the content of pages section of any content of pages in the server Information, wherein, the content of pages section, is the subsegment that any content of pages is divided according to default content of pages segment length, institute State characteristic information and obtain rule acquisition according to default characteristic information by content of pages section, methods described includes:
After the client device sends accessing page request to the server, the accessing page request is received Response message;
According to default content of pages segment length, content of pages section to be visited is extracted from response message described at least one;
Rule is obtained according to default characteristic information, fisrt feature information is obtained according to the content of pages section to be visited;
In the check information, the corresponding second feature information of content of pages section to be visited is searched;
If the fisrt feature information is identical with the second feature information, by least one response message hair Give client device.
A kind of first aspect according to embodiments of the present invention, there is provided device for distorting protection, it is characterised in that described device It is applied to when the content of pages that client device access server is preserved, according to the check information for pre-saving, to described Content of pages is protected, and the check information preserves the feature of the content of pages section of any content of pages in the server Information, wherein, the content of pages section, is the subsegment that any content of pages is divided according to default content of pages segment length, institute State characteristic information and obtain rule acquisition according to default characteristic information by content of pages section, described device includes:
Receiving unit, for after the client device sends accessing page request to the server, receiving described The response message of accessing page request;
Extraction unit, for according to default content of pages segment length, being extracted from response message described at least one and waiting to visit Ask content of pages section;
Acquiring unit, for obtaining rule according to default characteristic information, the is obtained according to the content of pages to be visited section One characteristic information;
Searching unit, in the check information, searching the corresponding second feature information of content of pages section to be visited;
Transmitting element, for when the fisrt feature information is identical with the second feature information, at least one by described in Individual response message is sent to client device.
From above technical scheme, the content of pages segmentation that the embodiment of the present invention preserves server obtains feature letter Breath, after the response message for obtaining client device accessing page request from server, obtains and verifies in the page by being segmented The characteristic information of appearance, realizes the timely transmission to response message, i.e.,:Certain section of page corresponding to the response message for feeding back in the ban After the completion of the characteristic information verification of content, you can send the response message for first feeding back in time to client device.Work as client When the web page contents that equipment is accessed are larger, it is to avoid need to cache whole response messages in the prior art just to be verified and made Into caching more long it is time-consuming, shorten client device from sending access request to the feedback time for obtaining web page contents, user Experience is preferable.
Brief description of the drawings
Fig. 1 distorts an application scenarios schematic diagram of the method for protection for the embodiment of the present invention;
Fig. 2 is one embodiment flow chart of the method that the present invention distorts protection;
Fig. 3 is another embodiment flow chart for the method that the present invention distorts protection;
Fig. 4 is a kind of hardware structure diagram of the device place equipment that the present invention distorts protection;
Fig. 5 is one embodiment block diagram of the device that the present invention distorts protection.
Specific embodiment
In order that those skilled in the art are better understood from the technical scheme in the embodiment of the present invention, and make of the invention real Applying the above-mentioned purpose of example, feature and advantage can be more obvious understandable, below in conjunction with the accompanying drawings to the technology in the embodiment of the present invention Scheme is described in further detail.
Fig. 1 distorts an application scenarios schematic diagram of the method for protection for the embodiment of the present invention.
As shown in figure 1, the application scenarios include:Client device and Web server, shown client device can be with Page request is sent to Web server, Web server can feed back the corresponding content of pages of the request after receiving the request.If The content of pages of the storage of Web server is tampered, and this will not produce directly loss to computer system in itself, but for electricity For the application that the needs such as sub- government affairs or ecommerce and user are linked up by website, it is meant that E-Government or electronics Commercial affairs will be forced to stop external service.Often spread speed is fast for the Website page being tampered, reading crowd is more, replicates easy, Eliminate the effects of the act afterwards difficulty.Webpage tamper event has turned into one of internet security problem the most serious.
Guard technology is distorted existing, by between shown client device and Web server fire wall is set, During client device access, firewall box caches full page content in advance, and school is carried out with the watermark to full page content Test, when the web page contents that user is asked are larger, its caching is time-consuming also more long, so cause client device from sending access The feedback for obtaining web page contents is asked to take also more long, poor user experience.
With reference to the application scenarios shown in Fig. 1, the embodiment of the present invention is described in detail.
Referring to Fig. 2, Fig. 2 is one embodiment flow chart of the method that the present invention distorts protection, and the embodiment is applied to work as During the content of pages that client device access server is preserved, according to the check information for pre-saving, to the content of pages Protected, the check information preserves the characteristic information of the content of pages section of any content of pages in the server, its In, the content of pages section, is the subsegment that any content of pages is divided according to default content of pages segment length, the feature letter Breath obtains rule and obtains by content of pages section according to default characteristic information, the described method comprises the following steps:
Step 201:After the client device sends accessing page request to the server, receive the page and visit Ask the response message of request.
In an optional example, above-mentioned check information preserves content of pages protection list, and above-mentioned content of pages is prevented Shield list is preserved and identified by protection content of pages;After receiving the response message of above-mentioned accessing page request, above-mentioned page is judged The content of pages that face access request is accessed is identified whether in above-mentioned content of pages protection list;If above-mentioned page access please The mark of content of pages of access is sought not in above-mentioned content of pages protection list, then by the response report of above-mentioned accessing page request Text is sent to client device.
In another optional example, when the content of pages in above-mentioned server needs modification, if to be modified The target identification of content of pages then protects above-mentioned target identification from above-mentioned content of pages in above-mentioned content of pages protection list Deleted in list;After the completion of above-mentioned content of pages to be modified is changed in above-mentioned server, according to above-mentioned amended page Face content, updates the characteristic information of the content of pages section of content of pages to be modified in above-mentioned check information;By above-mentioned target Mark is added in above-mentioned content of pages protection list.
Step 202:According to default content of pages segment length, the page to be visited is extracted from response message described at least one Inclusive segment.
In this step, above-mentioned content of pages section to be visited can be extracted only from a message, now, preset content of pages One general value of segment length can be 1460 bytes.
Step 203:Rule is obtained according to default characteristic information, fisrt feature is obtained according to the content of pages section to be visited Information.
In this step, features described above information can be the cryptographic Hash calculated according to content of pages to be visited section, specifically, can Being MD5 (Message-Digest Algorithm 5, Message-Digest Algorithm 5) value.
Step 204:In the check information, the corresponding second feature information of content of pages section to be visited is searched.
In an optional example, the check information preserves the second feature information of page info section in server Mode can be:
According to the page info segment length of 1460 bytes, any page info is divided into multiple page info sections;
According to default MD5 values computation rule, the MD5 values of each above-mentioned page info section are calculated;
The sequencing of any page info is constituted by page info section, the MD5 values of above-mentioned page info section are preserved In multiple Hash nodes of Hash list;
Wherein, above-mentioned Hash list is corresponding with the URL of any page info, and its corresponding relation is stored in the verification In information.
Step 205:If the fisrt feature information is identical with the second feature information, should by described at least one Answer message and be sent to client device.
In an optional example, above-mentioned check information can also preserve any content of pages in above-mentioned server Content of pages section;If above-mentioned fisrt feature information is differed with above-mentioned second feature information, by above-mentioned check information The corresponding content of pages section of two characteristic informations is sent to above-mentioned client device.
In another optional example, above-mentioned check information can also preserve any content of pages in above-mentioned server The field length of content of pages section;If the fisrt feature information is identical with the second feature information, described in confirming After the field length of the field length content of pages section corresponding with the second feature information of content of pages section to be visited is consistent, At least one response message is sent to client device.
Referring to Fig. 3, Fig. 3 is another embodiment flow chart for the method that the present invention distorts protection, and the embodiment is to distorting The process of protection has been described in detail, and methods described is applied to the content of pages preserved when client device access server When, according to the check information for pre-saving, to protect the content of pages, the check information preserves the service The characteristic information of the content of pages section of any content of pages in device, wherein, the content of pages section, for any content of pages is pressed According to the subsegment that default content of pages segment length is divided, the characteristic information is obtained by content of pages section according to default characteristic information Regular acquisition is taken, the check information also preserves the field length of the content of pages section of any content of pages in the server And content of pages protects list, the content of pages protection list to preserve and identified by protection content of pages, methods described Including:
Step 301:After above-mentioned client device sends accessing page request to above-mentioned server, receive the above-mentioned page and visit Ask the response message of request.
Step 302:Judge identifying whether in content of pages protection name for the content of pages that above-mentioned accessing page request is accessed Dan Zhong, if it is not, then performing step 303, if it is performs step 304.
In this step, the mark of above-mentioned content of pages can be above-mentioned content of pages URL (Uniform in the server Resource Locator, URL).
In an optional example, when the content of pages in above-mentioned server needs modification, if page to be modified Above-mentioned target identification is then protected name by the target identification of face content in above-mentioned content of pages protection list from above-mentioned content of pages Deleted in list;After the completion of above-mentioned content of pages to be modified is changed in above-mentioned server, according to the above-mentioned amended page Content, updates the characteristic information of the content of pages section of content of pages to be modified in above-mentioned check information;By above-mentioned target mark Knowledge is added in above-mentioned content of pages protection list.
Step 303:The response message of above-mentioned accessing page request is sent to client device.
Step 304:According to default content of pages segment length, the page to be visited is extracted from least one above-mentioned response message Inclusive segment.
In this step, above-mentioned content of pages section to be visited can be extracted only from a message, now, preset content of pages One general value of segment length can be 1460 bytes.
Step 305:Rule is obtained according to default characteristic information, fisrt feature is obtained according to above-mentioned content of pages section to be visited Information.
In this step, features described above information can be the cryptographic Hash calculated according to content of pages to be visited section, specifically, can Being MD5 (Message-Digest Algorithm 5, Message-Digest Algorithm 5) value.
Step 306:In above-mentioned check information, the corresponding second feature information of content of pages section to be visited is searched.
In an optional example, the check information preserves the second feature information of page info section in server Mode can be:
According to the page info segment length of 1460 bytes, any page info is divided into multiple page info sections;
According to default MD5 values computation rule, the MD5 values of each above-mentioned page info section are calculated;
The sequencing of any page info is constituted by page info section, the MD5 values of above-mentioned page info section are preserved In multiple Hash nodes of Hash list;
Wherein, above-mentioned Hash list is corresponding with the URL of any page info, and its corresponding relation is stored in the verification In information.
Step 307:Judge whether above-mentioned fisrt feature information is identical with above-mentioned second feature information, be to perform step 308, otherwise perform step 309.
Step 308:It is corresponding with above-mentioned second feature information in the field length for confirming above-mentioned content of pages section to be visited After the field length of content of pages section is consistent, above-mentioned at least one response message is sent to client device.
Step 309:The corresponding content of pages section of second feature information in above-mentioned check information is sent to above-mentioned client Equipment.
In this step, can also after second feature information corresponding content of pages section is sent to above-mentioned client device, By the corresponding URL report and alarms daily record of Hash list where above-mentioned second feature information, the content of pages pointed by the URL is marked It is tampered.
In an optional example, above-mentioned check information preserves content of pages protection list, and above-mentioned content of pages is prevented Shield list is preserved and identified by protection content of pages;After receiving the response message of above-mentioned accessing page request, above-mentioned page is judged The content of pages that face access request is accessed is identified whether in above-mentioned content of pages protection list;If above-mentioned page access please The mark of content of pages of access is sought not in above-mentioned content of pages protection list, then by the response report of above-mentioned accessing page request Text is sent to client device.
In another optional example, when the content of pages in above-mentioned server needs modification, if to be modified The target identification of content of pages then protects above-mentioned target identification from above-mentioned content of pages in above-mentioned content of pages protection list Deleted in list;After the completion of above-mentioned content of pages to be modified is changed in above-mentioned server, according to above-mentioned amended page Face content, updates the characteristic information of the content of pages section of content of pages to be modified in above-mentioned check information;By above-mentioned target Mark is added in above-mentioned content of pages protection list.
From above technical scheme, the content of pages segmentation that the embodiment of the present invention preserves server obtains feature letter Breath, after the response message for obtaining client device accessing page request from server, obtains and verifies in the page by being segmented The characteristic information of appearance, realizes the timely transmission to response message, i.e.,:Certain section of page corresponding to the response message for feeding back in the ban After the completion of the characteristic information verification of content, you can send the response message for first feeding back in time to client device.Work as client When the web page contents that equipment is accessed are larger, it is to avoid need to cache whole response messages in the prior art just to be verified and made Into caching more long it is time-consuming, shorten client device from sending access request to the feedback time for obtaining web page contents, user Experience is preferable.
The embodiment of the present invention is illustrated below by a specific application example, application example combination Fig. 1 shows The application scenarios for going out are described, where it is assumed that shown client device have sent page request 1 to shown Web server, use With requests for page content A, it is now to that the content of pages A that shown Web server is returned is carried out distorting protection, protection process is such as Under:
After shown client device sends page request 1 to shown Web server, the response report of page request 1 is received Text;
Judge the URL of above-mentioned content of pages A in above-mentioned content of pages protection list;
Content of pages section to be visited is extracted in first response message for extracting above-mentioned page request 1;
According to default hash value algorithms, the MD5 values of content of pages section to be visited are calculated;
URL according to above-mentioned content of pages A transfers the corresponding Hash list A of the URL from check information;
Compare the above-mentioned MD5 values for calculating and first MD5 value of Hash node storage in Hash list A, if identical First response message is then forwarded, judges that content of pages A is tampered if differing, stop connecing for above-mentioned response message Receive and send, by the URL report and alarm daily records of content of pages A, mark the content of pages pointed by the URL to be tampered;
Follow-up response message is received and judged successively, if the content of pages section of follow-up any response message judges content of pages A is tampered, then stop the reception and transmission of above-mentioned response message, and by the URL report and alarm daily records of content of pages A, mark should Content of pages pointed by URL is tampered.
Embodiment with the foregoing method for distorting protection is corresponding, present invention also provides the implementation of the device for distorting protection Example.
The embodiment that the application distorts the device of protection can be realized by software, it is also possible to by hardware or software and hardware With reference to mode realize.It is the treatment by equipment where it as the device on a logical meaning as a example by implemented in software Device runs what is formed during corresponding computer program instructions in nonvolatile memory are read into internal memory.From hardware view Speech, as shown in figure 4, a kind of hardware structure diagram of the device place equipment of protection is distorted for the application, except the treatment shown in Fig. 4 Outside device, internal memory, network interface and nonvolatile memory, the equipment in embodiment where device is generally according to the equipment Actual functional capability, can also include other hardware, this is repeated no more.
Fig. 5 is refer to, is one embodiment block diagram of the device that the present invention updates cache resources, described device is applied to work as During the content of pages that client device access server is preserved, according to the check information for pre-saving, to the content of pages Protected, the check information preserves the characteristic information of the content of pages section of any content of pages in the server, its In, the content of pages section, is the subsegment that any content of pages is divided according to default content of pages segment length, the feature letter Breath obtains rule and obtains by content of pages section according to default characteristic information, and described device includes:Receiving unit 510, extracts Unit 520, acquiring unit 530, searching unit 540, transmitting element 550.
Wherein, receiving unit 510, after in the client device to server transmission accessing page request, Receive the response message of the accessing page request;
Extraction unit 520, for according to default content of pages segment length, being extracted from response message described at least one and being treated Accession page inclusive segment;
Acquiring unit 530, for obtaining rule according to default characteristic information, obtains according to the content of pages section to be visited Fisrt feature information;
Searching unit 540, in the check information, searching the corresponding second feature letter of content of pages section to be visited Breath;
Transmitting element 550, for when the fisrt feature information is identical with the second feature information, will described at least One response message is sent to client device.
From above technical scheme, the content of pages segmentation that the embodiment of the present invention preserves server obtains feature letter Breath, after the response message for obtaining client device accessing page request from server, obtains and verifies in the page by being segmented The characteristic information of appearance, realizes the timely transmission to response message, i.e.,:Certain section of page corresponding to the response message for feeding back in the ban After the completion of the characteristic information verification of content, you can send the response message for first feeding back in time to client device.Work as client When the web page contents that equipment is accessed are larger, it is to avoid need to cache whole response messages in the prior art just to be verified and made Into caching more long it is time-consuming, shorten client device from sending access request to the feedback time for obtaining web page contents, user Experience is preferable.
In an optional example, the check information is preserved in the page of any content of pages in the server Hold section;
The transmitting element 550, is additionally operable to when the fisrt feature information is differed with the second feature information, will The corresponding content of pages section of second feature information is sent to the client device in the check information.
In another optional example, the check information preserves the page of any content of pages in the server The field length of inclusive segment;
The transmitting element 550, is additionally operable to when the fisrt feature information is identical with the second feature information, then exist Confirm that the field of the field length content of pages section corresponding with the second feature information of the content of pages section to be visited is long After degree is consistent, at least one response message is sent to client device.
In another optional example, the check information preserves content of pages protection list, the content of pages Protection list is preserved and identified by protection content of pages;
Described device is also included (not shown in Fig. 5):Judging unit.
Judging unit, for after the response message for receiving the accessing page request, judging the accessing page request The content of pages of access identify whether the content of pages protection list in;
The transmitting element 550, is additionally operable to the mark when the content of pages of accessing page request access not described When in content of pages protection list, the response message of the accessing page request is sent to client device.
In another optional example, described device is also included (not shown in Fig. 5):Unit is deleted, updating block adds Plus unit.
Delete unit, for the content of pages in the server need modification, and content of pages to be modified mesh When mark mark is in content of pages protection list, the target identification is deleted from content of pages protection list;
Updating block, after the completion of being changed in the server when the content of pages to be modified, according to described Amended content of pages, updates the characteristic information of the content of pages section of content of pages to be modified in the check information;
Adding device, for the target identification to be added in the content of pages protection list.
The function of unit and the implementation process of effect correspond to step in specifically referring to the above method in said apparatus Implementation process, will not be repeated here.
For device embodiment, because it corresponds essentially to embodiment of the method, so related part is referring to method reality Apply the part explanation of example.Device embodiment described above is only schematical, wherein described as separating component The unit of explanation can be or may not be physically separate, and the part shown as unit can be or can also It is not physical location, you can with positioned at a place, or can also be distributed on multiple NEs.Can be according to reality Selection some or all of module therein is needed to realize the purpose of application scheme.Those of ordinary skill in the art are not paying In the case of going out creative work, you can to understand and implement.
The preferred embodiment of the application is the foregoing is only, is not used to limit the application, all essences in the application Within god and principle, any modification, equivalent substitution and improvements done etc. should be included within the scope of the application protection.

Claims (10)

1. a kind of method for distorting protection, it is characterised in that methods described is applied to be preserved when client device access server Content of pages when, according to the check information for pre-saving, to protect the content of pages, the check information is preserved There is the characteristic information of the content of pages section of any content of pages in the server, wherein, the content of pages section, for this is any The subsegment that content of pages is divided according to default content of pages segment length, the characteristic information is by content of pages section according to default Characteristic information obtains rule and obtains, and methods described includes:
After the client device sends accessing page request to the server, the response of the accessing page request is received Message;
According to default content of pages segment length, content of pages section to be visited is extracted from response message described at least one;
Rule is obtained according to default characteristic information, fisrt feature information is obtained according to the content of pages section to be visited;
In the check information, the corresponding second feature information of content of pages section to be visited is searched;
If the fisrt feature information is identical with the second feature information, at least one response message is sent to Client device.
2. method according to claim 1, it is characterised in that also include:
The check information preserves the content of pages section of any content of pages in the server;
If the fisrt feature information is differed with the second feature information, second feature in the check information is believed Cease corresponding content of pages section and be sent to the client device.
3. method according to claim 1, it is characterised in that also include:
The check information preserves the field length of the content of pages section of any content of pages in the server;
If the fisrt feature information is identical with the second feature information, at least one response message is sent to Client device, including:
If the fisrt feature information is identical with the second feature information, the content of pages section to be visited is being confirmed After the field length of field length content of pages section corresponding with the second feature information is consistent, by least one response Message is sent to client device.
4. method according to claim 1, it is characterised in that also include:
The check information preserves content of pages protection list, and the content of pages protection list is preserved by the protection page The mark of appearance;
After receiving the response message of the accessing page request, the mark of the content of pages that the accessing page request is accessed is judged Whether in content of pages protection list;
If the mark of the content of pages that the accessing page request is accessed is not in content of pages protection list, by institute The response message for stating accessing page request is sent to client device.
5. method according to claim 4, it is characterised in that also include:
When the content of pages in the server needs modification, if the target identification of content of pages to be modified is in the page In the Content Guard list of face, then the target identification is deleted from content of pages protection list;
After the completion of the content of pages to be modified is changed in the server, according to the amended content of pages, The characteristic information of the content of pages section of content of pages to be modified is updated in the check information;
The target identification is added in the content of pages protection list.
6. a kind of device for distorting protection, it is characterised in that described device is applied to be preserved when client device access server Content of pages when, according to the check information for pre-saving, to protect the content of pages, the check information is preserved There is the characteristic information of the content of pages section of any content of pages in the server, wherein, the content of pages section, for this is any The subsegment that content of pages is divided according to default content of pages segment length, the characteristic information is by content of pages section according to default Characteristic information obtains rule and obtains, and described device includes:
Receiving unit, for after the client device sends accessing page request to the server, receiving the page The response message of access request;
Extraction unit, for according to default content of pages segment length, page to be visited being extracted from response message described at least one Face inclusive segment;
Acquiring unit, for obtaining rule according to default characteristic information, obtains first special according to the content of pages section to be visited Reference ceases;
Searching unit, in the check information, searching the corresponding second feature information of content of pages section to be visited;
Transmitting element, for when the fisrt feature information is identical with the second feature information, described at least one being answered Answer message and be sent to client device.
7. device according to claim 6, it is characterised in that also include:
The check information preserves the content of pages section of any content of pages in the server;
The transmitting element, is additionally operable to when the fisrt feature information is differed with the second feature information, by the school Test the corresponding content of pages section of second feature information in information and be sent to the client device.
8. device according to claim 6, it is characterised in that also include:
The check information preserves the field length of the content of pages section of any content of pages in the server;
The transmitting element, is additionally operable to when the fisrt feature information is identical with the second feature information, then confirming institute The field length for stating the field length content of pages section corresponding with the second feature information of content of pages section to be visited is consistent Afterwards, at least one response message is sent to client device.
9. device according to claim 1, it is characterised in that also include:
The check information preserves content of pages protection list, and the content of pages protection list is preserved by the protection page The mark of appearance;
Judging unit, for after the response message for receiving the accessing page request, judging that the accessing page request is accessed Content of pages identify whether the content of pages protection list in;
The transmitting element, is additionally operable to the mark when the content of pages of accessing page request access not in the content of pages When in protection list, the response message of the accessing page request is sent to client device.
10. device according to claim 9, it is characterised in that also include:
Delete unit, for the content of pages in the server need modification, and content of pages to be modified target mark Know when in content of pages protection list, the target identification is deleted from content of pages protection list;
Updating block, after the completion of being changed in the server when the content of pages to be modified, according to the modification Content of pages afterwards, updates the characteristic information of the content of pages section of content of pages to be modified in the check information;
Adding device, for the target identification to be added in the content of pages protection list.
CN201710277205.8A 2017-04-25 2017-04-25 A kind of method and device for distorting protection Pending CN106878345A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710277205.8A CN106878345A (en) 2017-04-25 2017-04-25 A kind of method and device for distorting protection

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710277205.8A CN106878345A (en) 2017-04-25 2017-04-25 A kind of method and device for distorting protection

Publications (1)

Publication Number Publication Date
CN106878345A true CN106878345A (en) 2017-06-20

Family

ID=59161625

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710277205.8A Pending CN106878345A (en) 2017-04-25 2017-04-25 A kind of method and device for distorting protection

Country Status (1)

Country Link
CN (1) CN106878345A (en)

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109284616A (en) * 2018-08-17 2019-01-29 优视科技有限公司 Data access and data distributing method, device, equipment and storage medium
CN109981555A (en) * 2017-12-28 2019-07-05 腾讯科技(深圳)有限公司 To the processing method of web data, device, equipment, terminal and storage medium
CN110289997A (en) * 2019-06-17 2019-09-27 杭州迪普科技股份有限公司 A kind of log message checking method, apparatus and system
CN110334486A (en) * 2019-06-28 2019-10-15 潍柴动力股份有限公司 Application integrity method of calibration and equipment
CN114978710A (en) * 2022-05-25 2022-08-30 中国农业银行股份有限公司 Webpage data tamper-proof processing method and device and electronic equipment

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103368963A (en) * 2013-07-15 2013-10-23 网宿科技股份有限公司 HTTP message tamper-proofing method in content distribution network
US20140006803A1 (en) * 2011-03-21 2014-01-02 Irdeto B.V. System And Method For Securely Binding And Node-Locking Program Execution To A Trusted Signature Authority
CN103685307A (en) * 2013-12-25 2014-03-26 北京奇虎科技有限公司 Method, system, client and server for detecting phishing fraud webpage based on feature library
CN103929440A (en) * 2014-05-09 2014-07-16 国家电网公司 Web page tamper prevention device based on web server cache matching and method thereof
CN103942497A (en) * 2013-09-11 2014-07-23 杭州安恒信息技术有限公司 Forensics type website vulnerability scanning method and system
CN105184159A (en) * 2015-08-27 2015-12-23 深圳市深信服电子科技有限公司 Web page falsification identification method and apparatus
WO2016130029A1 (en) * 2015-02-10 2016-08-18 Nord-Systems Sp. Z O.O. Method of classifying data with access and integrity control

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20140006803A1 (en) * 2011-03-21 2014-01-02 Irdeto B.V. System And Method For Securely Binding And Node-Locking Program Execution To A Trusted Signature Authority
CN103368963A (en) * 2013-07-15 2013-10-23 网宿科技股份有限公司 HTTP message tamper-proofing method in content distribution network
CN103942497A (en) * 2013-09-11 2014-07-23 杭州安恒信息技术有限公司 Forensics type website vulnerability scanning method and system
CN103685307A (en) * 2013-12-25 2014-03-26 北京奇虎科技有限公司 Method, system, client and server for detecting phishing fraud webpage based on feature library
CN103929440A (en) * 2014-05-09 2014-07-16 国家电网公司 Web page tamper prevention device based on web server cache matching and method thereof
WO2016130029A1 (en) * 2015-02-10 2016-08-18 Nord-Systems Sp. Z O.O. Method of classifying data with access and integrity control
CN105184159A (en) * 2015-08-27 2015-12-23 深圳市深信服电子科技有限公司 Web page falsification identification method and apparatus

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109981555A (en) * 2017-12-28 2019-07-05 腾讯科技(深圳)有限公司 To the processing method of web data, device, equipment, terminal and storage medium
CN109284616A (en) * 2018-08-17 2019-01-29 优视科技有限公司 Data access and data distributing method, device, equipment and storage medium
CN109284616B (en) * 2018-08-17 2022-02-11 阿里巴巴(中国)有限公司 Data access and data issuing method, device, equipment and storage medium
CN110289997A (en) * 2019-06-17 2019-09-27 杭州迪普科技股份有限公司 A kind of log message checking method, apparatus and system
CN110289997B (en) * 2019-06-17 2022-04-26 杭州迪普科技股份有限公司 Log message checking method, device and system
CN110334486A (en) * 2019-06-28 2019-10-15 潍柴动力股份有限公司 Application integrity method of calibration and equipment
CN110334486B (en) * 2019-06-28 2021-10-08 潍柴动力股份有限公司 Application program integrity checking method and device
CN114978710A (en) * 2022-05-25 2022-08-30 中国农业银行股份有限公司 Webpage data tamper-proof processing method and device and electronic equipment

Similar Documents

Publication Publication Date Title
CN107729352B (en) Page resource loading method and terminal equipment
CN106878345A (en) A kind of method and device for distorting protection
US20150271202A1 (en) Method, device, and system for detecting link layer hijacking, user equipment, and analyzing server
CN110198328B (en) Client identification method and device, computer equipment and storage medium
CN113489713B (en) Network attack detection method, device, equipment and storage medium
US11503072B2 (en) Identifying, reporting and mitigating unauthorized use of web code
CN108282441B (en) Advertisement blocking method and device
CN111737692B (en) Application program risk detection method and device, equipment and storage medium
CN108667770A (en) A kind of loophole test method, server and the system of website
CN111371757B (en) Malicious communication detection method and device, computer equipment and storage medium
CN111698237A (en) Method and system for adding watermark to WEB page
CN103118033B (en) A kind of defend user website to be tampered method and device
CN116324766A (en) Optimizing crawling requests by browsing profiles
CN114928484A (en) Honeypot generation method and device, electronic equipment and storage medium
CN113900907A (en) Mapping construction method and system
CN113079157A (en) Method and device for acquiring network attacker position and electronic equipment
CN107995167B (en) Equipment identification method and server
CN108322912B (en) Method and device for distinguishing short messages
CN107438053B (en) Domain name identification method and device and server
CN114254218A (en) External link access acceleration method and device and computer storage medium
CN113609425A (en) Webpage data processing method and system
CN110287087B (en) Method and device for detecting application
TWI750252B (en) Method and device for recording website access log
JP6378808B2 (en) Connection destination information determination device, connection destination information determination method, and program
CN104468475A (en) Information processing method and electronic equipment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20170620