CN106878345A - A kind of method and device for distorting protection - Google Patents
A kind of method and device for distorting protection Download PDFInfo
- Publication number
- CN106878345A CN106878345A CN201710277205.8A CN201710277205A CN106878345A CN 106878345 A CN106878345 A CN 106878345A CN 201710277205 A CN201710277205 A CN 201710277205A CN 106878345 A CN106878345 A CN 106878345A
- Authority
- CN
- China
- Prior art keywords
- content
- pages
- section
- information
- feature information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- General Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Signal Processing (AREA)
- Computer Networks & Wireless Communication (AREA)
- Computing Systems (AREA)
- Theoretical Computer Science (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Information Transfer Between Computers (AREA)
Abstract
The present invention provides a kind of method for distorting protection, and methods described includes:After client device sends accessing page request to server, the response message of accessing page request is received;According to default content of pages segment length, content of pages section to be visited is extracted from least one response message;Rule is obtained according to default characteristic information, fisrt feature information is obtained according to content of pages to be visited section;In the check information, the corresponding second feature information of content of pages section to be visited is searched;If fisrt feature information is identical with second feature information, at least one response message is sent to client device.From above technical scheme, the embodiment of the present invention is by being segmented the characteristic information for obtaining and verifying content of pages, realize the timely transmission to response message, avoid the need for caching whole response messages just verified caused by it is more long time-consuming, client device is shortened from sending access request to the feedback time for obtaining web page contents, better user experience.
Description
Technical field
The application is related to communication technical field, more particularly to distorts the method and device of protection.
Background technology
In network communications, webpage tamper is that the content of pages of the storage of Web server is distorted, and it is to calculating
Machine system will not produce directly loss in itself, but carry out ditch by website to the needs such as E-Government or ecommerce and user
For logical application, it is meant that E-Government or ecommerce will be forced to stop external service.The Website page being tampered
Often spread speed is fast, reading crowd is more, replicates easy, difficulty of eliminating the effects of the act afterwards.Webpage tamper event is pacified as internet
One of full problem the most serious.
Existing guard technology of distorting is mainly based on digital watermark technology, i.e., watermark calculating is done to each page,
Page digital watermarking is checked when accessing, is processed according to comparing result.The technology can apply to client device with service
Intermediate equipment between device, for example:Firewall box, by obtaining the content of pages that server sends to client, and to the page
Data content carries out watermark identification in content, is identified watermark;When recognizing that watermark compares consistent with original watermark, by the page
Content is sent to client;When recognizing that watermark compares inconsistent with original watermark, the content of pages is abandoned.
Distort guard technology existing, in client device access, it is necessary to firewall box caching is whole in advance
Content of pages, is verified with the watermark to full page content, when the web page contents that user is asked are larger, its caching consumption
When it is also more long, so cause client device from send access request to obtain web page contents feedback take also more long, user
Experience is poor.
The content of the invention
The embodiment of the present invention provides the method and apparatus for distorting protection, is led for solving existing webpage tamper guard technology
The time that the client device of cause obtains web page contents is more long, the problem of poor user experience.
A kind of first aspect according to embodiments of the present invention, there is provided method for distorting protection, it is characterised in that methods described
It is applied to when the content of pages that client device access server is preserved, according to the check information for pre-saving, to described
Content of pages is protected, and the check information preserves the feature of the content of pages section of any content of pages in the server
Information, wherein, the content of pages section, is the subsegment that any content of pages is divided according to default content of pages segment length, institute
State characteristic information and obtain rule acquisition according to default characteristic information by content of pages section, methods described includes:
After the client device sends accessing page request to the server, the accessing page request is received
Response message;
According to default content of pages segment length, content of pages section to be visited is extracted from response message described at least one;
Rule is obtained according to default characteristic information, fisrt feature information is obtained according to the content of pages section to be visited;
In the check information, the corresponding second feature information of content of pages section to be visited is searched;
If the fisrt feature information is identical with the second feature information, by least one response message hair
Give client device.
A kind of first aspect according to embodiments of the present invention, there is provided device for distorting protection, it is characterised in that described device
It is applied to when the content of pages that client device access server is preserved, according to the check information for pre-saving, to described
Content of pages is protected, and the check information preserves the feature of the content of pages section of any content of pages in the server
Information, wherein, the content of pages section, is the subsegment that any content of pages is divided according to default content of pages segment length, institute
State characteristic information and obtain rule acquisition according to default characteristic information by content of pages section, described device includes:
Receiving unit, for after the client device sends accessing page request to the server, receiving described
The response message of accessing page request;
Extraction unit, for according to default content of pages segment length, being extracted from response message described at least one and waiting to visit
Ask content of pages section;
Acquiring unit, for obtaining rule according to default characteristic information, the is obtained according to the content of pages to be visited section
One characteristic information;
Searching unit, in the check information, searching the corresponding second feature information of content of pages section to be visited;
Transmitting element, for when the fisrt feature information is identical with the second feature information, at least one by described in
Individual response message is sent to client device.
From above technical scheme, the content of pages segmentation that the embodiment of the present invention preserves server obtains feature letter
Breath, after the response message for obtaining client device accessing page request from server, obtains and verifies in the page by being segmented
The characteristic information of appearance, realizes the timely transmission to response message, i.e.,:Certain section of page corresponding to the response message for feeding back in the ban
After the completion of the characteristic information verification of content, you can send the response message for first feeding back in time to client device.Work as client
When the web page contents that equipment is accessed are larger, it is to avoid need to cache whole response messages in the prior art just to be verified and made
Into caching more long it is time-consuming, shorten client device from sending access request to the feedback time for obtaining web page contents, user
Experience is preferable.
Brief description of the drawings
Fig. 1 distorts an application scenarios schematic diagram of the method for protection for the embodiment of the present invention;
Fig. 2 is one embodiment flow chart of the method that the present invention distorts protection;
Fig. 3 is another embodiment flow chart for the method that the present invention distorts protection;
Fig. 4 is a kind of hardware structure diagram of the device place equipment that the present invention distorts protection;
Fig. 5 is one embodiment block diagram of the device that the present invention distorts protection.
Specific embodiment
In order that those skilled in the art are better understood from the technical scheme in the embodiment of the present invention, and make of the invention real
Applying the above-mentioned purpose of example, feature and advantage can be more obvious understandable, below in conjunction with the accompanying drawings to the technology in the embodiment of the present invention
Scheme is described in further detail.
Fig. 1 distorts an application scenarios schematic diagram of the method for protection for the embodiment of the present invention.
As shown in figure 1, the application scenarios include:Client device and Web server, shown client device can be with
Page request is sent to Web server, Web server can feed back the corresponding content of pages of the request after receiving the request.If
The content of pages of the storage of Web server is tampered, and this will not produce directly loss to computer system in itself, but for electricity
For the application that the needs such as sub- government affairs or ecommerce and user are linked up by website, it is meant that E-Government or electronics
Commercial affairs will be forced to stop external service.Often spread speed is fast for the Website page being tampered, reading crowd is more, replicates easy,
Eliminate the effects of the act afterwards difficulty.Webpage tamper event has turned into one of internet security problem the most serious.
Guard technology is distorted existing, by between shown client device and Web server fire wall is set,
During client device access, firewall box caches full page content in advance, and school is carried out with the watermark to full page content
Test, when the web page contents that user is asked are larger, its caching is time-consuming also more long, so cause client device from sending access
The feedback for obtaining web page contents is asked to take also more long, poor user experience.
With reference to the application scenarios shown in Fig. 1, the embodiment of the present invention is described in detail.
Referring to Fig. 2, Fig. 2 is one embodiment flow chart of the method that the present invention distorts protection, and the embodiment is applied to work as
During the content of pages that client device access server is preserved, according to the check information for pre-saving, to the content of pages
Protected, the check information preserves the characteristic information of the content of pages section of any content of pages in the server, its
In, the content of pages section, is the subsegment that any content of pages is divided according to default content of pages segment length, the feature letter
Breath obtains rule and obtains by content of pages section according to default characteristic information, the described method comprises the following steps:
Step 201:After the client device sends accessing page request to the server, receive the page and visit
Ask the response message of request.
In an optional example, above-mentioned check information preserves content of pages protection list, and above-mentioned content of pages is prevented
Shield list is preserved and identified by protection content of pages;After receiving the response message of above-mentioned accessing page request, above-mentioned page is judged
The content of pages that face access request is accessed is identified whether in above-mentioned content of pages protection list;If above-mentioned page access please
The mark of content of pages of access is sought not in above-mentioned content of pages protection list, then by the response report of above-mentioned accessing page request
Text is sent to client device.
In another optional example, when the content of pages in above-mentioned server needs modification, if to be modified
The target identification of content of pages then protects above-mentioned target identification from above-mentioned content of pages in above-mentioned content of pages protection list
Deleted in list;After the completion of above-mentioned content of pages to be modified is changed in above-mentioned server, according to above-mentioned amended page
Face content, updates the characteristic information of the content of pages section of content of pages to be modified in above-mentioned check information;By above-mentioned target
Mark is added in above-mentioned content of pages protection list.
Step 202:According to default content of pages segment length, the page to be visited is extracted from response message described at least one
Inclusive segment.
In this step, above-mentioned content of pages section to be visited can be extracted only from a message, now, preset content of pages
One general value of segment length can be 1460 bytes.
Step 203:Rule is obtained according to default characteristic information, fisrt feature is obtained according to the content of pages section to be visited
Information.
In this step, features described above information can be the cryptographic Hash calculated according to content of pages to be visited section, specifically, can
Being MD5 (Message-Digest Algorithm 5, Message-Digest Algorithm 5) value.
Step 204:In the check information, the corresponding second feature information of content of pages section to be visited is searched.
In an optional example, the check information preserves the second feature information of page info section in server
Mode can be:
According to the page info segment length of 1460 bytes, any page info is divided into multiple page info sections;
According to default MD5 values computation rule, the MD5 values of each above-mentioned page info section are calculated;
The sequencing of any page info is constituted by page info section, the MD5 values of above-mentioned page info section are preserved
In multiple Hash nodes of Hash list;
Wherein, above-mentioned Hash list is corresponding with the URL of any page info, and its corresponding relation is stored in the verification
In information.
Step 205:If the fisrt feature information is identical with the second feature information, should by described at least one
Answer message and be sent to client device.
In an optional example, above-mentioned check information can also preserve any content of pages in above-mentioned server
Content of pages section;If above-mentioned fisrt feature information is differed with above-mentioned second feature information, by above-mentioned check information
The corresponding content of pages section of two characteristic informations is sent to above-mentioned client device.
In another optional example, above-mentioned check information can also preserve any content of pages in above-mentioned server
The field length of content of pages section;If the fisrt feature information is identical with the second feature information, described in confirming
After the field length of the field length content of pages section corresponding with the second feature information of content of pages section to be visited is consistent,
At least one response message is sent to client device.
Referring to Fig. 3, Fig. 3 is another embodiment flow chart for the method that the present invention distorts protection, and the embodiment is to distorting
The process of protection has been described in detail, and methods described is applied to the content of pages preserved when client device access server
When, according to the check information for pre-saving, to protect the content of pages, the check information preserves the service
The characteristic information of the content of pages section of any content of pages in device, wherein, the content of pages section, for any content of pages is pressed
According to the subsegment that default content of pages segment length is divided, the characteristic information is obtained by content of pages section according to default characteristic information
Regular acquisition is taken, the check information also preserves the field length of the content of pages section of any content of pages in the server
And content of pages protects list, the content of pages protection list to preserve and identified by protection content of pages, methods described
Including:
Step 301:After above-mentioned client device sends accessing page request to above-mentioned server, receive the above-mentioned page and visit
Ask the response message of request.
Step 302:Judge identifying whether in content of pages protection name for the content of pages that above-mentioned accessing page request is accessed
Dan Zhong, if it is not, then performing step 303, if it is performs step 304.
In this step, the mark of above-mentioned content of pages can be above-mentioned content of pages URL (Uniform in the server
Resource Locator, URL).
In an optional example, when the content of pages in above-mentioned server needs modification, if page to be modified
Above-mentioned target identification is then protected name by the target identification of face content in above-mentioned content of pages protection list from above-mentioned content of pages
Deleted in list;After the completion of above-mentioned content of pages to be modified is changed in above-mentioned server, according to the above-mentioned amended page
Content, updates the characteristic information of the content of pages section of content of pages to be modified in above-mentioned check information;By above-mentioned target mark
Knowledge is added in above-mentioned content of pages protection list.
Step 303:The response message of above-mentioned accessing page request is sent to client device.
Step 304:According to default content of pages segment length, the page to be visited is extracted from least one above-mentioned response message
Inclusive segment.
In this step, above-mentioned content of pages section to be visited can be extracted only from a message, now, preset content of pages
One general value of segment length can be 1460 bytes.
Step 305:Rule is obtained according to default characteristic information, fisrt feature is obtained according to above-mentioned content of pages section to be visited
Information.
In this step, features described above information can be the cryptographic Hash calculated according to content of pages to be visited section, specifically, can
Being MD5 (Message-Digest Algorithm 5, Message-Digest Algorithm 5) value.
Step 306:In above-mentioned check information, the corresponding second feature information of content of pages section to be visited is searched.
In an optional example, the check information preserves the second feature information of page info section in server
Mode can be:
According to the page info segment length of 1460 bytes, any page info is divided into multiple page info sections;
According to default MD5 values computation rule, the MD5 values of each above-mentioned page info section are calculated;
The sequencing of any page info is constituted by page info section, the MD5 values of above-mentioned page info section are preserved
In multiple Hash nodes of Hash list;
Wherein, above-mentioned Hash list is corresponding with the URL of any page info, and its corresponding relation is stored in the verification
In information.
Step 307:Judge whether above-mentioned fisrt feature information is identical with above-mentioned second feature information, be to perform step
308, otherwise perform step 309.
Step 308:It is corresponding with above-mentioned second feature information in the field length for confirming above-mentioned content of pages section to be visited
After the field length of content of pages section is consistent, above-mentioned at least one response message is sent to client device.
Step 309:The corresponding content of pages section of second feature information in above-mentioned check information is sent to above-mentioned client
Equipment.
In this step, can also after second feature information corresponding content of pages section is sent to above-mentioned client device,
By the corresponding URL report and alarms daily record of Hash list where above-mentioned second feature information, the content of pages pointed by the URL is marked
It is tampered.
In an optional example, above-mentioned check information preserves content of pages protection list, and above-mentioned content of pages is prevented
Shield list is preserved and identified by protection content of pages;After receiving the response message of above-mentioned accessing page request, above-mentioned page is judged
The content of pages that face access request is accessed is identified whether in above-mentioned content of pages protection list;If above-mentioned page access please
The mark of content of pages of access is sought not in above-mentioned content of pages protection list, then by the response report of above-mentioned accessing page request
Text is sent to client device.
In another optional example, when the content of pages in above-mentioned server needs modification, if to be modified
The target identification of content of pages then protects above-mentioned target identification from above-mentioned content of pages in above-mentioned content of pages protection list
Deleted in list;After the completion of above-mentioned content of pages to be modified is changed in above-mentioned server, according to above-mentioned amended page
Face content, updates the characteristic information of the content of pages section of content of pages to be modified in above-mentioned check information;By above-mentioned target
Mark is added in above-mentioned content of pages protection list.
From above technical scheme, the content of pages segmentation that the embodiment of the present invention preserves server obtains feature letter
Breath, after the response message for obtaining client device accessing page request from server, obtains and verifies in the page by being segmented
The characteristic information of appearance, realizes the timely transmission to response message, i.e.,:Certain section of page corresponding to the response message for feeding back in the ban
After the completion of the characteristic information verification of content, you can send the response message for first feeding back in time to client device.Work as client
When the web page contents that equipment is accessed are larger, it is to avoid need to cache whole response messages in the prior art just to be verified and made
Into caching more long it is time-consuming, shorten client device from sending access request to the feedback time for obtaining web page contents, user
Experience is preferable.
The embodiment of the present invention is illustrated below by a specific application example, application example combination Fig. 1 shows
The application scenarios for going out are described, where it is assumed that shown client device have sent page request 1 to shown Web server, use
With requests for page content A, it is now to that the content of pages A that shown Web server is returned is carried out distorting protection, protection process is such as
Under:
After shown client device sends page request 1 to shown Web server, the response report of page request 1 is received
Text;
Judge the URL of above-mentioned content of pages A in above-mentioned content of pages protection list;
Content of pages section to be visited is extracted in first response message for extracting above-mentioned page request 1;
According to default hash value algorithms, the MD5 values of content of pages section to be visited are calculated;
URL according to above-mentioned content of pages A transfers the corresponding Hash list A of the URL from check information;
Compare the above-mentioned MD5 values for calculating and first MD5 value of Hash node storage in Hash list A, if identical
First response message is then forwarded, judges that content of pages A is tampered if differing, stop connecing for above-mentioned response message
Receive and send, by the URL report and alarm daily records of content of pages A, mark the content of pages pointed by the URL to be tampered;
Follow-up response message is received and judged successively, if the content of pages section of follow-up any response message judges content of pages
A is tampered, then stop the reception and transmission of above-mentioned response message, and by the URL report and alarm daily records of content of pages A, mark should
Content of pages pointed by URL is tampered.
Embodiment with the foregoing method for distorting protection is corresponding, present invention also provides the implementation of the device for distorting protection
Example.
The embodiment that the application distorts the device of protection can be realized by software, it is also possible to by hardware or software and hardware
With reference to mode realize.It is the treatment by equipment where it as the device on a logical meaning as a example by implemented in software
Device runs what is formed during corresponding computer program instructions in nonvolatile memory are read into internal memory.From hardware view
Speech, as shown in figure 4, a kind of hardware structure diagram of the device place equipment of protection is distorted for the application, except the treatment shown in Fig. 4
Outside device, internal memory, network interface and nonvolatile memory, the equipment in embodiment where device is generally according to the equipment
Actual functional capability, can also include other hardware, this is repeated no more.
Fig. 5 is refer to, is one embodiment block diagram of the device that the present invention updates cache resources, described device is applied to work as
During the content of pages that client device access server is preserved, according to the check information for pre-saving, to the content of pages
Protected, the check information preserves the characteristic information of the content of pages section of any content of pages in the server, its
In, the content of pages section, is the subsegment that any content of pages is divided according to default content of pages segment length, the feature letter
Breath obtains rule and obtains by content of pages section according to default characteristic information, and described device includes:Receiving unit 510, extracts
Unit 520, acquiring unit 530, searching unit 540, transmitting element 550.
Wherein, receiving unit 510, after in the client device to server transmission accessing page request,
Receive the response message of the accessing page request;
Extraction unit 520, for according to default content of pages segment length, being extracted from response message described at least one and being treated
Accession page inclusive segment;
Acquiring unit 530, for obtaining rule according to default characteristic information, obtains according to the content of pages section to be visited
Fisrt feature information;
Searching unit 540, in the check information, searching the corresponding second feature letter of content of pages section to be visited
Breath;
Transmitting element 550, for when the fisrt feature information is identical with the second feature information, will described at least
One response message is sent to client device.
From above technical scheme, the content of pages segmentation that the embodiment of the present invention preserves server obtains feature letter
Breath, after the response message for obtaining client device accessing page request from server, obtains and verifies in the page by being segmented
The characteristic information of appearance, realizes the timely transmission to response message, i.e.,:Certain section of page corresponding to the response message for feeding back in the ban
After the completion of the characteristic information verification of content, you can send the response message for first feeding back in time to client device.Work as client
When the web page contents that equipment is accessed are larger, it is to avoid need to cache whole response messages in the prior art just to be verified and made
Into caching more long it is time-consuming, shorten client device from sending access request to the feedback time for obtaining web page contents, user
Experience is preferable.
In an optional example, the check information is preserved in the page of any content of pages in the server
Hold section;
The transmitting element 550, is additionally operable to when the fisrt feature information is differed with the second feature information, will
The corresponding content of pages section of second feature information is sent to the client device in the check information.
In another optional example, the check information preserves the page of any content of pages in the server
The field length of inclusive segment;
The transmitting element 550, is additionally operable to when the fisrt feature information is identical with the second feature information, then exist
Confirm that the field of the field length content of pages section corresponding with the second feature information of the content of pages section to be visited is long
After degree is consistent, at least one response message is sent to client device.
In another optional example, the check information preserves content of pages protection list, the content of pages
Protection list is preserved and identified by protection content of pages;
Described device is also included (not shown in Fig. 5):Judging unit.
Judging unit, for after the response message for receiving the accessing page request, judging the accessing page request
The content of pages of access identify whether the content of pages protection list in;
The transmitting element 550, is additionally operable to the mark when the content of pages of accessing page request access not described
When in content of pages protection list, the response message of the accessing page request is sent to client device.
In another optional example, described device is also included (not shown in Fig. 5):Unit is deleted, updating block adds
Plus unit.
Delete unit, for the content of pages in the server need modification, and content of pages to be modified mesh
When mark mark is in content of pages protection list, the target identification is deleted from content of pages protection list;
Updating block, after the completion of being changed in the server when the content of pages to be modified, according to described
Amended content of pages, updates the characteristic information of the content of pages section of content of pages to be modified in the check information;
Adding device, for the target identification to be added in the content of pages protection list.
The function of unit and the implementation process of effect correspond to step in specifically referring to the above method in said apparatus
Implementation process, will not be repeated here.
For device embodiment, because it corresponds essentially to embodiment of the method, so related part is referring to method reality
Apply the part explanation of example.Device embodiment described above is only schematical, wherein described as separating component
The unit of explanation can be or may not be physically separate, and the part shown as unit can be or can also
It is not physical location, you can with positioned at a place, or can also be distributed on multiple NEs.Can be according to reality
Selection some or all of module therein is needed to realize the purpose of application scheme.Those of ordinary skill in the art are not paying
In the case of going out creative work, you can to understand and implement.
The preferred embodiment of the application is the foregoing is only, is not used to limit the application, all essences in the application
Within god and principle, any modification, equivalent substitution and improvements done etc. should be included within the scope of the application protection.
Claims (10)
1. a kind of method for distorting protection, it is characterised in that methods described is applied to be preserved when client device access server
Content of pages when, according to the check information for pre-saving, to protect the content of pages, the check information is preserved
There is the characteristic information of the content of pages section of any content of pages in the server, wherein, the content of pages section, for this is any
The subsegment that content of pages is divided according to default content of pages segment length, the characteristic information is by content of pages section according to default
Characteristic information obtains rule and obtains, and methods described includes:
After the client device sends accessing page request to the server, the response of the accessing page request is received
Message;
According to default content of pages segment length, content of pages section to be visited is extracted from response message described at least one;
Rule is obtained according to default characteristic information, fisrt feature information is obtained according to the content of pages section to be visited;
In the check information, the corresponding second feature information of content of pages section to be visited is searched;
If the fisrt feature information is identical with the second feature information, at least one response message is sent to
Client device.
2. method according to claim 1, it is characterised in that also include:
The check information preserves the content of pages section of any content of pages in the server;
If the fisrt feature information is differed with the second feature information, second feature in the check information is believed
Cease corresponding content of pages section and be sent to the client device.
3. method according to claim 1, it is characterised in that also include:
The check information preserves the field length of the content of pages section of any content of pages in the server;
If the fisrt feature information is identical with the second feature information, at least one response message is sent to
Client device, including:
If the fisrt feature information is identical with the second feature information, the content of pages section to be visited is being confirmed
After the field length of field length content of pages section corresponding with the second feature information is consistent, by least one response
Message is sent to client device.
4. method according to claim 1, it is characterised in that also include:
The check information preserves content of pages protection list, and the content of pages protection list is preserved by the protection page
The mark of appearance;
After receiving the response message of the accessing page request, the mark of the content of pages that the accessing page request is accessed is judged
Whether in content of pages protection list;
If the mark of the content of pages that the accessing page request is accessed is not in content of pages protection list, by institute
The response message for stating accessing page request is sent to client device.
5. method according to claim 4, it is characterised in that also include:
When the content of pages in the server needs modification, if the target identification of content of pages to be modified is in the page
In the Content Guard list of face, then the target identification is deleted from content of pages protection list;
After the completion of the content of pages to be modified is changed in the server, according to the amended content of pages,
The characteristic information of the content of pages section of content of pages to be modified is updated in the check information;
The target identification is added in the content of pages protection list.
6. a kind of device for distorting protection, it is characterised in that described device is applied to be preserved when client device access server
Content of pages when, according to the check information for pre-saving, to protect the content of pages, the check information is preserved
There is the characteristic information of the content of pages section of any content of pages in the server, wherein, the content of pages section, for this is any
The subsegment that content of pages is divided according to default content of pages segment length, the characteristic information is by content of pages section according to default
Characteristic information obtains rule and obtains, and described device includes:
Receiving unit, for after the client device sends accessing page request to the server, receiving the page
The response message of access request;
Extraction unit, for according to default content of pages segment length, page to be visited being extracted from response message described at least one
Face inclusive segment;
Acquiring unit, for obtaining rule according to default characteristic information, obtains first special according to the content of pages section to be visited
Reference ceases;
Searching unit, in the check information, searching the corresponding second feature information of content of pages section to be visited;
Transmitting element, for when the fisrt feature information is identical with the second feature information, described at least one being answered
Answer message and be sent to client device.
7. device according to claim 6, it is characterised in that also include:
The check information preserves the content of pages section of any content of pages in the server;
The transmitting element, is additionally operable to when the fisrt feature information is differed with the second feature information, by the school
Test the corresponding content of pages section of second feature information in information and be sent to the client device.
8. device according to claim 6, it is characterised in that also include:
The check information preserves the field length of the content of pages section of any content of pages in the server;
The transmitting element, is additionally operable to when the fisrt feature information is identical with the second feature information, then confirming institute
The field length for stating the field length content of pages section corresponding with the second feature information of content of pages section to be visited is consistent
Afterwards, at least one response message is sent to client device.
9. device according to claim 1, it is characterised in that also include:
The check information preserves content of pages protection list, and the content of pages protection list is preserved by the protection page
The mark of appearance;
Judging unit, for after the response message for receiving the accessing page request, judging that the accessing page request is accessed
Content of pages identify whether the content of pages protection list in;
The transmitting element, is additionally operable to the mark when the content of pages of accessing page request access not in the content of pages
When in protection list, the response message of the accessing page request is sent to client device.
10. device according to claim 9, it is characterised in that also include:
Delete unit, for the content of pages in the server need modification, and content of pages to be modified target mark
Know when in content of pages protection list, the target identification is deleted from content of pages protection list;
Updating block, after the completion of being changed in the server when the content of pages to be modified, according to the modification
Content of pages afterwards, updates the characteristic information of the content of pages section of content of pages to be modified in the check information;
Adding device, for the target identification to be added in the content of pages protection list.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710277205.8A CN106878345A (en) | 2017-04-25 | 2017-04-25 | A kind of method and device for distorting protection |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710277205.8A CN106878345A (en) | 2017-04-25 | 2017-04-25 | A kind of method and device for distorting protection |
Publications (1)
Publication Number | Publication Date |
---|---|
CN106878345A true CN106878345A (en) | 2017-06-20 |
Family
ID=59161625
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201710277205.8A Pending CN106878345A (en) | 2017-04-25 | 2017-04-25 | A kind of method and device for distorting protection |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106878345A (en) |
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109284616A (en) * | 2018-08-17 | 2019-01-29 | 优视科技有限公司 | Data access and data distributing method, device, equipment and storage medium |
CN109981555A (en) * | 2017-12-28 | 2019-07-05 | 腾讯科技(深圳)有限公司 | To the processing method of web data, device, equipment, terminal and storage medium |
CN110289997A (en) * | 2019-06-17 | 2019-09-27 | 杭州迪普科技股份有限公司 | A kind of log message checking method, apparatus and system |
CN110334486A (en) * | 2019-06-28 | 2019-10-15 | 潍柴动力股份有限公司 | Application integrity method of calibration and equipment |
CN114978710A (en) * | 2022-05-25 | 2022-08-30 | 中国农业银行股份有限公司 | Webpage data tamper-proof processing method and device and electronic equipment |
Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103368963A (en) * | 2013-07-15 | 2013-10-23 | 网宿科技股份有限公司 | HTTP message tamper-proofing method in content distribution network |
US20140006803A1 (en) * | 2011-03-21 | 2014-01-02 | Irdeto B.V. | System And Method For Securely Binding And Node-Locking Program Execution To A Trusted Signature Authority |
CN103685307A (en) * | 2013-12-25 | 2014-03-26 | 北京奇虎科技有限公司 | Method, system, client and server for detecting phishing fraud webpage based on feature library |
CN103929440A (en) * | 2014-05-09 | 2014-07-16 | 国家电网公司 | Web page tamper prevention device based on web server cache matching and method thereof |
CN103942497A (en) * | 2013-09-11 | 2014-07-23 | 杭州安恒信息技术有限公司 | Forensics type website vulnerability scanning method and system |
CN105184159A (en) * | 2015-08-27 | 2015-12-23 | 深圳市深信服电子科技有限公司 | Web page falsification identification method and apparatus |
WO2016130029A1 (en) * | 2015-02-10 | 2016-08-18 | Nord-Systems Sp. Z O.O. | Method of classifying data with access and integrity control |
-
2017
- 2017-04-25 CN CN201710277205.8A patent/CN106878345A/en active Pending
Patent Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20140006803A1 (en) * | 2011-03-21 | 2014-01-02 | Irdeto B.V. | System And Method For Securely Binding And Node-Locking Program Execution To A Trusted Signature Authority |
CN103368963A (en) * | 2013-07-15 | 2013-10-23 | 网宿科技股份有限公司 | HTTP message tamper-proofing method in content distribution network |
CN103942497A (en) * | 2013-09-11 | 2014-07-23 | 杭州安恒信息技术有限公司 | Forensics type website vulnerability scanning method and system |
CN103685307A (en) * | 2013-12-25 | 2014-03-26 | 北京奇虎科技有限公司 | Method, system, client and server for detecting phishing fraud webpage based on feature library |
CN103929440A (en) * | 2014-05-09 | 2014-07-16 | 国家电网公司 | Web page tamper prevention device based on web server cache matching and method thereof |
WO2016130029A1 (en) * | 2015-02-10 | 2016-08-18 | Nord-Systems Sp. Z O.O. | Method of classifying data with access and integrity control |
CN105184159A (en) * | 2015-08-27 | 2015-12-23 | 深圳市深信服电子科技有限公司 | Web page falsification identification method and apparatus |
Cited By (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109981555A (en) * | 2017-12-28 | 2019-07-05 | 腾讯科技(深圳)有限公司 | To the processing method of web data, device, equipment, terminal and storage medium |
CN109284616A (en) * | 2018-08-17 | 2019-01-29 | 优视科技有限公司 | Data access and data distributing method, device, equipment and storage medium |
CN109284616B (en) * | 2018-08-17 | 2022-02-11 | 阿里巴巴(中国)有限公司 | Data access and data issuing method, device, equipment and storage medium |
CN110289997A (en) * | 2019-06-17 | 2019-09-27 | 杭州迪普科技股份有限公司 | A kind of log message checking method, apparatus and system |
CN110289997B (en) * | 2019-06-17 | 2022-04-26 | 杭州迪普科技股份有限公司 | Log message checking method, device and system |
CN110334486A (en) * | 2019-06-28 | 2019-10-15 | 潍柴动力股份有限公司 | Application integrity method of calibration and equipment |
CN110334486B (en) * | 2019-06-28 | 2021-10-08 | 潍柴动力股份有限公司 | Application program integrity checking method and device |
CN114978710A (en) * | 2022-05-25 | 2022-08-30 | 中国农业银行股份有限公司 | Webpage data tamper-proof processing method and device and electronic equipment |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN107729352B (en) | Page resource loading method and terminal equipment | |
CN106878345A (en) | A kind of method and device for distorting protection | |
US20150271202A1 (en) | Method, device, and system for detecting link layer hijacking, user equipment, and analyzing server | |
CN110198328B (en) | Client identification method and device, computer equipment and storage medium | |
CN113489713B (en) | Network attack detection method, device, equipment and storage medium | |
US11503072B2 (en) | Identifying, reporting and mitigating unauthorized use of web code | |
CN108282441B (en) | Advertisement blocking method and device | |
CN111737692B (en) | Application program risk detection method and device, equipment and storage medium | |
CN108667770A (en) | A kind of loophole test method, server and the system of website | |
CN111371757B (en) | Malicious communication detection method and device, computer equipment and storage medium | |
CN111698237A (en) | Method and system for adding watermark to WEB page | |
CN103118033B (en) | A kind of defend user website to be tampered method and device | |
CN116324766A (en) | Optimizing crawling requests by browsing profiles | |
CN114928484A (en) | Honeypot generation method and device, electronic equipment and storage medium | |
CN113900907A (en) | Mapping construction method and system | |
CN113079157A (en) | Method and device for acquiring network attacker position and electronic equipment | |
CN107995167B (en) | Equipment identification method and server | |
CN108322912B (en) | Method and device for distinguishing short messages | |
CN107438053B (en) | Domain name identification method and device and server | |
CN114254218A (en) | External link access acceleration method and device and computer storage medium | |
CN113609425A (en) | Webpage data processing method and system | |
CN110287087B (en) | Method and device for detecting application | |
TWI750252B (en) | Method and device for recording website access log | |
JP6378808B2 (en) | Connection destination information determination device, connection destination information determination method, and program | |
CN104468475A (en) | Information processing method and electronic equipment |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20170620 |