CN109067772A - A kind of component and safety protecting method for security protection - Google Patents

A kind of component and safety protecting method for security protection Download PDF

Info

Publication number
CN109067772A
CN109067772A CN201811050225.2A CN201811050225A CN109067772A CN 109067772 A CN109067772 A CN 109067772A CN 201811050225 A CN201811050225 A CN 201811050225A CN 109067772 A CN109067772 A CN 109067772A
Authority
CN
China
Prior art keywords
access request
security protection
module
safety
security
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201811050225.2A
Other languages
Chinese (zh)
Inventor
田军太
杨洋
刘桃
田攀
段继军
罗军
王刚强
王赢方
王威
段常珑
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
SICHUAN ZHONGDIAN VENUS INFORMATION TECHNOLOGY Co Ltd
State Grid Information and Telecommunication Co Ltd
Original Assignee
SICHUAN ZHONGDIAN VENUS INFORMATION TECHNOLOGY Co Ltd
State Grid Information and Telecommunication Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by SICHUAN ZHONGDIAN VENUS INFORMATION TECHNOLOGY Co Ltd, State Grid Information and Telecommunication Co Ltd filed Critical SICHUAN ZHONGDIAN VENUS INFORMATION TECHNOLOGY Co Ltd
Priority to CN201811050225.2A priority Critical patent/CN109067772A/en
Publication of CN109067772A publication Critical patent/CN109067772A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0281Proxies
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0209Architectural arrangements, e.g. perimeter networks or demilitarized zones
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0227Filtering policies
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/1466Active attacks involving interception, injection, modification, spoofing of data unit addresses, e.g. hijacking, packet injection or TCP sequence number attacks

Abstract

The invention discloses one kind to be used for safety protection component and safety protecting method, which includes: TSM Security Agent module, safety protection module and response echo module;TSM Security Agent module, for after receiving access request, access request to be pushed to the safety protection module;Safety protection module, for determining the type of access request, the type according to access request determines security protection mode, and access request is filtered and is intercepted according to determining security protection mode;Response echo module, for the response results of access request to be carried out secondary encapsulation, and the response results that secondary encapsulation is crossed feed back to user terminal and show.It can thus be appreciated that, being integrated in safety protection component much has targetedly security protection mode, but also security protection is more comprehensive, and, it also achieves under the premise of without being implanted into protection code or third party's securing software, to the purpose of filtering and the interception of access request.

Description

A kind of component and safety protecting method for security protection
Technical field
The present invention relates to network safety filed more particularly to a kind of components and safety protecting method for security protection.
Background technique
With the continuous development of IP network technology, the intelligent monitoring technology of IP based network is rapidly developed, and is asked safely Topic is also more and more prominent, and the most common network attack mode is exactly penetration attack.Network penetration attacks are to large-scale network master A kind of gradual attack method of detour that machine server farm uses passes through long-term in a planned way gradually penetration attack entrance Network finally fully controls whole network.Why network penetration attacks can succeed, be because network on always have it is some or Big or small safety defect or loophole, attacker obtains more information using these small defects step by step, and utilizes and newly obtain The information taken expands these defects, eventually leads to the fall in whole network defence line, and controls the permission of whole network.
In the prior art, usually using third party's network firewall or addition targetedly safety filtering code to business In system, but the generally existing knowledge of these modes is not shared, protects incomplete drawback.
Summary of the invention
In view of this, a kind of component and safety protecting method for security protection disclosed by the embodiments of the present invention, solves Knowledge is not shared, protects incomplete problem in the prior art.
A kind of component for security protection, comprising:
TSM Security Agent module, safety protection module and response echo module;
The TSM Security Agent module, for after receiving access request, the access request to be forwarded to the safety Protection module;
The safety protection module, for determining the type of the access request, the type according to the access request is true Dingan County's full protection mode, and the access request is filtered and is intercepted according to the determining security protection mode, it obtains Security protection filter result;
The response echoes module, for determining echo message according to the security protection filter result, and described will return User terminal is fed back to after display information progress secondary encapsulation to be shown.
Optionally, the safety protection module, comprising:
Cross-domain interception submodule, for being intercepted to the predetermined keyword for the cross-domain attack for including in access request;
SQL injection attack intercepts submodule, for intercepting to the SQL keyword in the access request;
Clear-text passwords intercepts submodule, for carrying out position to the password of setting when the access request is that password is arranged Number limitation;
File download intercept submodule, for in the access request backtracking path and erroneous path intercept;
Brute Force submodule, for being monitored to access frequency, abandoning access frequency is more than the first preset threshold Access request;
It is more than the second predeterminated frequency to access frequency that ddos attack, which intercepts submodule for being monitored to access frequency, Access request, and provide black and white lists interface;
File, which uploads, intercepts submodule, for detecting in the access request whether include the file of preset format, and hinders Only the file of preset format is uploaded onto the server;
Frame intercepts submodule, the webpage for including in a manner of IFrame by other webpages in test access request It is filtered.
Optionally, the safety protection module, is also used to:
Add the security protection submodule with new security protection mode.
Optionally, the safety protection module, comprising:
Tactful configuration module, for after the access request for receiving TSM Security Agent push, according to the security protection It requests to determine security protection mode.
Optionally, further includes:
Integrated configuration module, for providing unified access port, so as in access service system.
Optionally, further includes:
Statistical analysis module, for being counted to corresponding with the access request in preset database according to access request According to being analyzed, to provide data-driven foundation to the safety protection module.
Optionally, further includes:
Sensitive Cookie intercepts submodule 400, secondary encapsulation is carried out for the response result to the access request, with screen Cover password field.
The present invention also provides a kind of safety protecting method, the safety protecting method is applied to the security protection group Part, comprising:
Receive access request;
Determine the safety inspection type of the access request;
Determining security protection mode is concentrated from preset security protection mode according to the safety inspection type;
Safety detection is carried out to the access request by the identified security protection mode, obtains security protection knot Fruit;
Echo message is determined according to the security protection filter result, and will be anti-after echo message progress secondary encapsulation User terminal of feeding is shown.
Optionally, described that safety detection is carried out to the access request by the identified security protection mode, it obtains To security protection filter result, comprising:
Whether the currently determining security protection mode of judgement is capable of handling the access request;
If the access request can not be handled, the other security protection sides of selection are concentrated in preset security protection mode Formula.
Optionally, the security protection mode collection includes:
Cross-domain interception, SQL injection attack intercept, clear-text passwords intercepts, file download interception, Brute Force, ddos attack It intercepts, file uploads interception, Frame is intercepted.
The embodiment of the invention discloses a kind of components and safety protecting method for security protection, comprising: TSM Security Agent Module, safety protection module and response echo module;The TSM Security Agent module, for inciting somebody to action after receiving access request The access request is pushed to the safety protection module;The safety protection module, for determining the class of the access request Type, the type according to the access request determine security protection mode, and according to the determining security protection mode to described Access request is filtered and intercepts;The response echoes module, secondary for carrying out the response results of the access request Encapsulation, and the response results that secondary encapsulation is crossed feed back to user terminal and show.It follows that in safety protection component Being integrated with much has targetedly security protection mode, but also security protection is more comprehensive, also, also achieves in nothing Under the premise of protection code or third party's securing software need to be implanted into, to the purpose of filtering and the interception of access request.
Detailed description of the invention
In order to more clearly explain the embodiment of the invention or the technical proposal in the existing technology, to embodiment or will show below There is attached drawing needed in technical description to be briefly described, it should be apparent that, the accompanying drawings in the following description is only this The embodiment of invention for those of ordinary skill in the art without creative efforts, can also basis The attached drawing of offer obtains other attached drawings.
Fig. 1 shows a kind of structural schematic diagram of component for security protection disclosed by the embodiments of the present invention;
Fig. 2 shows the structural schematic diagrams of safety protection module;
Fig. 3 shows a kind of another structural schematic diagram of safety protection component;
Fig. 4 shows a kind of flow diagram of safety protecting method disclosed by the embodiments of the present invention.
Specific embodiment
Following will be combined with the drawings in the embodiments of the present invention, and technical solution in the embodiment of the present invention carries out clear, complete Site preparation description, it is clear that described embodiments are only a part of the embodiments of the present invention, instead of all the embodiments.It is based on Embodiment in the present invention, it is obtained by those of ordinary skill in the art without making creative efforts every other Embodiment shall fall within the protection scope of the present invention.
Applicant it has been investigated that, in the prior art for the security protection of penetration attack, that there are knowledge is not shared, protects Incomplete drawback, in order to solve problem above, the embodiment of the invention discloses a kind of safety protection component and security protection sides Method, comprising: TSM Security Agent module, safety protection module and response echo module;The TSM Security Agent module, for receiving To after access request, the access request is pushed to the safety protection module;The safety protection module, for determining The type for stating access request, the type according to the access request determine security protection mode, and according to the determining safety Protection method is filtered and intercepts to the access request;The response echoes module, for by the sound of the access request Should result carry out secondary encapsulation, and the response results that secondary encapsulation is crossed feed back to user terminal and show.It follows that Being integrated in safety protection component much has targetedly security protection mode, but also security protection is more comprehensive, and And it also achieves filtering under the premise of without being implanted into protection code or third party's securing software, to access request and blocks The purpose cut.
With reference to Fig. 1, a kind of structural schematic diagram of component for security protection disclosed by the embodiments of the present invention is shown, In the present embodiment, which includes:
TSM Security Agent module 100, safety protection module 200 and response echo module 300;
The TSM Security Agent module 100, for after receiving access request, the access request to be forwarded to the peace Full protection module 200;
The safety protection module 200, the type for determining the type of the access request, according to the access request It determines security protection mode, and the access request is filtered and is intercepted according to the determining security protection mode, obtain To security protection filter result;
The response echoes module 300, for determining echo message according to the security protection filter result, and will be described User terminal is fed back to after echo message progress secondary encapsulation to be shown.
In the present embodiment, the security protection that a variety of function of safety protection may be implemented is integrated in safety protection module 200 Submodule, i.e. every kind of function of safety protection correspond to a kind of security protection mode, pass through the visit of the security protection mode to receiving Ask that request is filtered and intercepts.
Specifically, as shown in Fig. 2, safety protection module 200 includes:
Cross-domain interception submodule 201, for being intercepted to the predetermined keyword for the cross-domain attack for including in access request;
In the present embodiment, cross-domain interception submodule mainly carries out necessary keyword interception to cross-domain attack, such as right In XSS cross site scripting loophole, order the problems such as executing loophole, XML Entity injection.
SQL injection attack intercepts submodule 202, for intercepting to the SQL keyword in the access request;
Clear-text passwords intercepts submodule 203, for being carried out to the password of setting when the access request is that password is arranged Digit limitation;
File download intercept submodule 204, for in the access request backtracking path and erroneous path block It cuts;
Brute Force submodule 205, for being monitored to access frequency, abandoning access frequency is more than the first preset threshold Access request;
Ddos attack intercepts submodule 206, is more than the second default frequency to access frequency for being monitored to access frequency The access request of rate, and black and white lists interface is provided;
In the present embodiment, the first default access frequency is greater than the second default access frequency, wherein the first default access frequency It can be understood as overclocking access frequency, the second default access frequency can be understood as overfrequency access frequency.
File, which uploads, intercepts submodule 207, for detect in the access request whether include preset format file, and The file of preset format is prevented to upload onto the server;
In the present embodiment, the file of preset format can be user or technical staff is arranged according to the actual situation, example It such as may include: to execute file, script file.
Frame intercepts submodule 208, the net for including in a manner of IFrame by other webpages in test access request Page is filtered, the browser-cross access attack in a manner of achieving the purpose that.
In addition to this, in order to improve the comprehensive of safety protection component, safety protection module can be extended, addition tool There is the security protection submodule of new function, specifically, the safety protection module is also used to:
Add the security protection submodule with new security protection mode.
Since each operation system is different to security protection demand, need anti-using different function of safety protection or safety Shield strategy, it is understood that be also to be integrated with the security protection submodule with different function in safety protection module, determine Which security protection submodule chosen, safety detection carried out to access request, specifically, safety protection module 200 further include:
Tactful configuration module 209, for being prevented after the access request for receiving the TSM Security Agent push according to the safety Shield requests to determine security protection mode.
In the present embodiment, safety protection module asks abnormal access after access request is filtered and is intercepted Abnormal response results can be generated by asking, and in order to allow user to understand the abnormal conditions, need exception information feeding back to user terminal, Therefore, response echo module determines echo message according to the security protection filter result, and the echo message is carried out two User terminal is fed back to after secondary encapsulation to be shown.
Safety protection module, according to security protection filter result, can generate after access request is filtered and is intercepted Some error messages, such as: middleware information, program error information, the sensitive cookie in response message.
By above-mentioned introduction it is found that the safety protection component of the present embodiment uses request-processing-response type structure, Constitute a complete security protection system.
In the present embodiment, in the case where accessing successful situation, it can access to operation system, and generate response result, In the case where the response result includes sensitivity cookie, in order to guarantee the safety of operation system, need to the response result Secondary encapsulation is carried out, password field is masked, specifically, as shown in Figure 3, further includes:
Sensitive Cookie intercepts submodule 400, secondary encapsulation is carried out for the response result to the access request, with screen Cover password field;
In the present embodiment, in order to which the component to be integrated into operation system, a kind of integrated configuration module 500 is additionally provided, For providing unified access port, so as in access service system.
In the present embodiment, filtering function of the integrated configuration module based on JAVA WEB is passed through using responsibility chain design pattern Single-filter acts on behalf of the mode of more filtering functions, and combines built-in configuration file, provides and is uniformly accessed into mouth.
It can also include a statistical analysis to provide data-driven foundation to safety protection module in the present embodiment Module 600, for analyzing data corresponding with the access request in preset database according to access request.
The component for security protection provided in the present embodiment, comprising: TSM Security Agent module, safety protection module and Response echo module;TSM Security Agent module, for after receiving access request, access request to be pushed to security protection mould Block;Safety protection module, for determining the type of access request, the type according to access request determines security protection mode, and The access request is filtered and is intercepted according to the security protection mode determined;The response echoes module, is used for The response results of the access request are subjected to secondary encapsulation, and the response results that secondary encapsulation is crossed feed back to user terminal into Row display.It follows that being integrated in safety protection component much has targetedly security protection mode, but also safety Protection is more comprehensive, also, also achieves under the premise of without being implanted into protection code or third party's securing software, to visit Ask the filtering of request and the purpose of interception.
With reference to Fig. 4, a kind of flow diagram of safety protecting method disclosed by the embodiments of the present invention is shown, in this implementation In example, this method is applied to above-mentioned safety protection component, this method comprises:
S401: access request is received;
S402: the safety inspection type of the access request is determined;
S403: determining security protection mode is concentrated from preset security protection mode according to the safety inspection type;
S404: safety detection is carried out to the access request by the identified security protection mode, obtains safety Protect filter result;
S405: echo message is determined according to the security protection filter result, and the echo message is subjected to secondary envelope User terminal is fed back to after dress to be shown.
In the present embodiment, TSM Security Agent module receives access request, and sends safety protection module for the access request, Safety protection module determines the safety inspection type of access request, and according to the safety inspection type and preset security protection side Formula, which is concentrated, determines security protection mode;Safety detection is carried out to access request by the determining security protection mode, and is obtained Security protection filter result;Response echo module, determines echo message according to security protection filter result, and by the echo message User terminal is fed back to after progress secondary encapsulation to be shown.
In the present embodiment, it should be noted that security protection mode collection can be understood as having not in safety protection module With the security protection submodule of function of safety protection.
Security protection mode collection includes:
Cross-domain interception, SQL injection attack intercept, clear-text passwords intercepts, file download interception, Brute Force, ddos attack It intercepts, file uploads interception, Frame is intercepted.
Since, comprising multiple security protection submodules, each security protection submodule corresponds to difference in safety protection module Function of safety protection, in order to guarantee to carry out targetedly safety detection, S404 to access request, comprising:
Whether the currently determining security protection mode of judgement is capable of handling the access request;
If the access request can not be handled, the other security protection sides of selection are concentrated in preset security protection mode Formula.
Method through this embodiment so that security protection is more comprehensive, also, is also achieved without being implanted into protection Under the premise of code or third party's securing software, to the purpose of filtering and the interception of access request.
It should be noted that all the embodiments in this specification are described in a progressive manner, each embodiment weight Point explanation is the difference from other embodiments, and the same or similar parts between the embodiments can be referred to each other.
The foregoing description of the disclosed embodiments enables those skilled in the art to implement or use the present invention. Various modifications to these embodiments will be readily apparent to those skilled in the art, as defined herein General Principle can be realized in other embodiments without departing from the spirit or scope of the present invention.Therefore, of the invention It is not intended to be limited to the embodiments shown herein, and is to fit to and the principles and novel features disclosed herein phase one The widest scope of cause.

Claims (10)

1. a kind of component for security protection characterized by comprising
TSM Security Agent module, safety protection module and response echo module;
The TSM Security Agent module, for after receiving access request, the access request to be forwarded to the security protection Module;
The safety protection module, for determining the type of the access request, the type according to the access request determines peace Full protection mode, and the access request is filtered and is intercepted according to the determining security protection mode, obtain safety Protect filter result;
The response echoes module, for determining echo message according to the security protection filter result, and the echo is believed User terminal is fed back to after breath progress secondary encapsulation to be shown.
2. component according to claim 1, which is characterized in that the safety protection module, comprising:
Cross-domain interception submodule, for being intercepted to the predetermined keyword for the cross-domain attack for including in access request;
SQL injection attack intercepts submodule, for intercepting to the SQL keyword in the access request;
Clear-text passwords intercepts submodule, for carrying out digit limit to the password of setting when the access request is that password is arranged System;
File download intercept submodule, for in the access request backtracking path and erroneous path intercept;
Brute Force submodule abandons the access that access frequency is more than the first preset threshold for being monitored to access frequency Request;
It is more than the visit of the second predeterminated frequency to access frequency that ddos attack, which intercepts submodule for being monitored to access frequency, It asks request, and black and white lists interface is provided;
File, which uploads, intercepts submodule, for detecting in the access request whether include the file of preset format, and prevents pre- If the file of format is uploaded onto the server;
Frame intercepts submodule, and the webpage for including in a manner of IFrame by other webpages in test access request carries out Filtering.
3. component according to claim 2, which is characterized in that the safety protection module is also used to:
Add the security protection submodule with new security protection mode.
4. component according to claim 1, which is characterized in that the safety protection module, comprising:
Tactful configuration module, for being requested according to the security protection after the access request for receiving the TSM Security Agent push Determine security protection mode.
5. component according to claim 1, which is characterized in that further include:
Integrated configuration module, for providing unified access port, so as in access service system.
6. component according to claim 1, which is characterized in that further include:
Statistical analysis module, for according to access request, to data corresponding with the access request in preset database into Row analysis, to provide data-driven foundation to the safety protection module.
7. component according to claim 1, which is characterized in that further include:
Sensitive Cookie intercepts submodule 400, carries out secondary encapsulation for the response result to the access request, close to shield Code field.
8. a kind of safety protecting method, which is characterized in that the safety protecting method is applied to the safety protection component, packet It includes:
Receive access request;
Determine the safety inspection type of the access request;
Determining security protection mode is concentrated from preset security protection mode according to the safety inspection type;
Safety detection is carried out to the access request by the identified security protection mode, obtains security protection filtering knot Fruit;
Echo message is determined according to the security protection filter result, and is fed back to after the echo message is carried out secondary encapsulation User terminal is shown.
9. according to the method described in claim 8, it is characterized in that, by the identified security protection mode to the visit It asks that request carries out safety detection, obtains security protection filter result, comprising:
Whether the currently determining security protection mode of judgement is capable of handling the access request;
If the access request can not be handled, the other security protection modes of selection are concentrated in preset security protection mode.
10. according to the method described in claim 9, it is characterized in that, the security protection mode collection includes:
It is cross-domain intercept, SQL injection attack interceptions, clear-text passwords interception, file download interception, Brute Force, ddos attack interception, File uploads interception, Frame is intercepted.
CN201811050225.2A 2018-09-10 2018-09-10 A kind of component and safety protecting method for security protection Pending CN109067772A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201811050225.2A CN109067772A (en) 2018-09-10 2018-09-10 A kind of component and safety protecting method for security protection

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201811050225.2A CN109067772A (en) 2018-09-10 2018-09-10 A kind of component and safety protecting method for security protection

Publications (1)

Publication Number Publication Date
CN109067772A true CN109067772A (en) 2018-12-21

Family

ID=64761100

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201811050225.2A Pending CN109067772A (en) 2018-09-10 2018-09-10 A kind of component and safety protecting method for security protection

Country Status (1)

Country Link
CN (1) CN109067772A (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111737687A (en) * 2020-06-30 2020-10-02 中国工商银行股份有限公司 Access control method, system, electronic device and medium for webpage application system
CN111953668A (en) * 2020-07-30 2020-11-17 中国工商银行股份有限公司 Network security information processing method and device
CN112039845A (en) * 2020-07-24 2020-12-04 网宿科技股份有限公司 Request processing method and safety protection system
CN112039846A (en) * 2020-07-24 2020-12-04 网宿科技股份有限公司 Request processing method and safety protection system

Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101370305A (en) * 2008-09-23 2009-02-18 中兴通讯股份有限公司 Method and system for protecting data traffic security
KR101282297B1 (en) * 2012-03-20 2013-07-10 박상현 The apparatus and method of unity security with transaction pattern analysis and monitoring in network
CN103516727A (en) * 2013-09-30 2014-01-15 重庆电子工程职业学院 Network active defense system and updating method thereof
CN105227559A (en) * 2015-10-13 2016-01-06 南京联成科技发展有限公司 The information security management framework that a kind of automatic detection HTTP actively attacks
CN105376210A (en) * 2014-12-08 2016-03-02 哈尔滨安天科技股份有限公司 Account threat identification and defense method and system
CN105871775A (en) * 2015-01-19 2016-08-17 中国移动通信集团公司 Security protection method and DPMA protection model
CN106209919A (en) * 2016-09-18 2016-12-07 深圳市深信服电子科技有限公司 A kind of network safety protection method and network security protection system
CN106657006A (en) * 2016-11-17 2017-05-10 北京中电普华信息技术有限公司 Software information safety protection method and device
CN107888546A (en) * 2016-09-29 2018-04-06 腾讯科技(深圳)有限公司 network attack defence method, device and system

Patent Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101370305A (en) * 2008-09-23 2009-02-18 中兴通讯股份有限公司 Method and system for protecting data traffic security
KR101282297B1 (en) * 2012-03-20 2013-07-10 박상현 The apparatus and method of unity security with transaction pattern analysis and monitoring in network
CN103516727A (en) * 2013-09-30 2014-01-15 重庆电子工程职业学院 Network active defense system and updating method thereof
CN105376210A (en) * 2014-12-08 2016-03-02 哈尔滨安天科技股份有限公司 Account threat identification and defense method and system
CN105871775A (en) * 2015-01-19 2016-08-17 中国移动通信集团公司 Security protection method and DPMA protection model
CN105227559A (en) * 2015-10-13 2016-01-06 南京联成科技发展有限公司 The information security management framework that a kind of automatic detection HTTP actively attacks
CN106209919A (en) * 2016-09-18 2016-12-07 深圳市深信服电子科技有限公司 A kind of network safety protection method and network security protection system
CN107888546A (en) * 2016-09-29 2018-04-06 腾讯科技(深圳)有限公司 network attack defence method, device and system
CN106657006A (en) * 2016-11-17 2017-05-10 北京中电普华信息技术有限公司 Software information safety protection method and device

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111737687A (en) * 2020-06-30 2020-10-02 中国工商银行股份有限公司 Access control method, system, electronic device and medium for webpage application system
CN111737687B (en) * 2020-06-30 2024-02-06 中国工商银行股份有限公司 Access control method, system, electronic equipment and medium of webpage application system
CN112039845A (en) * 2020-07-24 2020-12-04 网宿科技股份有限公司 Request processing method and safety protection system
CN112039846A (en) * 2020-07-24 2020-12-04 网宿科技股份有限公司 Request processing method and safety protection system
CN112039846B (en) * 2020-07-24 2023-08-15 网宿科技股份有限公司 Request processing method and safety protection system
CN111953668A (en) * 2020-07-30 2020-11-17 中国工商银行股份有限公司 Network security information processing method and device
CN111953668B (en) * 2020-07-30 2023-04-07 中国工商银行股份有限公司 Network security information processing method and device

Similar Documents

Publication Publication Date Title
CN109067772A (en) A kind of component and safety protecting method for security protection
US9838419B1 (en) Detection and remediation of watering hole attacks directed against an enterprise
US20170034210A1 (en) Client side human user indicator
US10728216B2 (en) Web application security architecture
CN103701795B (en) The recognition methods of the attack source of Denial of Service attack and device
CN108664793B (en) Method and device for detecting vulnerability
Jackson Intrusion detection system (IDS) product survey
KR101414084B1 (en) System and for Malicious Application Detection on Mobile Device and Method thereof
KR100732689B1 (en) Web Security Method and apparatus therefor
CN106982194A (en) Vulnerability scanning method and device
CN110209583A (en) Safety detecting method, device, system, equipment and storage medium
CN111353151B (en) Vulnerability detection method and device for network application
KR101282297B1 (en) The apparatus and method of unity security with transaction pattern analysis and monitoring in network
CN108900640A (en) Node calls link generation method, device, computer equipment and storage medium
CN109743294A (en) Interface access control method, device, computer equipment and storage medium
CN110535806A (en) Monitor method, apparatus, equipment and the computer storage medium of abnormal website
CN110351237B (en) Honeypot method and device for numerical control machine tool
CN105812200A (en) Abnormal behavior detection method and device
CN109428857B (en) Detection method and device for malicious detection behaviors
CN108768960A (en) Method for detecting virus, device, storage medium and computer equipment
CN111212035A (en) Host computer defect confirming and automatic repairing method and system based on same
KR20210030361A (en) Systems and methods for reporting computer security incidents
CN110287053A (en) The method that distributed system is uniformly processed extremely
CN112769833A (en) Method and device for detecting command injection attack, computer equipment and storage medium
CN111597419A (en) Abnormal access detection method and device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20181221

RJ01 Rejection of invention patent application after publication