CN109948333A - A kind of safety defense method and device of account attack - Google Patents
A kind of safety defense method and device of account attack Download PDFInfo
- Publication number
- CN109948333A CN109948333A CN201910175419.3A CN201910175419A CN109948333A CN 109948333 A CN109948333 A CN 109948333A CN 201910175419 A CN201910175419 A CN 201910175419A CN 109948333 A CN109948333 A CN 109948333A
- Authority
- CN
- China
- Prior art keywords
- logging request
- account
- character string
- attack
- preset
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The embodiment of the invention discloses the safety defense methods and device of a kind of attack of account to obtain the character string identification in first logging request if method includes: to monitor the first logging request of logon account;Operation is decrypted to the character string identification according to preset decryption method, character string after being decrypted, and from acquisition time is stabbed in character string after the decryption;If judgement knows that the timestamp is unsatisfactory for preset condition, confirm that first logging request refuses first logging request for account attack, and determine the logon account login failure.By using JNI technology, prevent attacker from carrying out code decompiling, and the character string identification of timestamp is had by adding in the first logging request, facilitate subsequent verified, capture account attack, carry out hitting library or strong broken attack after preventing attacker from getting partial account number password, can the attack to account effectively defendd.
Description
Technical field
The present embodiments relate to fields of communication technology, and in particular to a kind of safety defense method and dress of account attack
It sets.
Background technique
With the fashionable of internet and development, everybody requires to leave the account credentials of oneself in internet with easily
Manage the information of oneself, the assets such as finance.And the product of every a company, one of most important part also must be account systems
System.At the same time, account gradually becomes very valuable, and network hacker is lucrative, then breaks through account using the trial of various technologies
Family system is to obtain interests.Country is also using internet security as the top priority of internet development.
Common account is stolen, and the mode of breaking through has: XSS (Cross Site Scripting, cross-site scripting attack), SQL
(Structured Query Language, structured query language) injection attacks, hit library, break by force etc..XSS attack full name
Cross-site scripting attack, in order not to obscure with the abbreviation of cascading style sheets (Cascading Style Sheets, CSS), therefore will be across
XSS is abbreviated as in script of standing attack, and XSS is a kind of computer security loophole in web application, it allows malice web user will
Code, which is implanted to, to be supplied in the page that other users use.And the code has the login banner for obtaining encryption, thus then may be used
Pretend the user in the case where not obtain user's cleartext information using website service, or even directly breaks through using the account system
All platforms.SQL injection attack is one of the conventional means that hacker attacks database, as B/S mode application is opened
The development of hair, the programmer for writing application program using this mode is also more and more, but due to the level and warp of programmer
Test it is also irregular, a large portion programmer when writing code, not to the legitimacy of user input data into
Row judgement, making application program, there are security risks.User can submit one piece of data library inquiry code, the knot returned according to program
Fruit, acquisition is certain, and he wants the data learnt, here it is so-called SQLInjection, i.e. SQL injection.Such as: some websites are stepped on
Record the SQL query code of verifying are as follows: strSQL=" SELECT*FROM users WHERE (name=" '+userName+ " ')
And (pw=" '+passWord+ " ');" malice filling userName=" 1 ' OR ' 1 '=' 1 ";" 1 ' the OR ' 1 ' with passWord=
=' 1 ";When, the SQL statement that will lead to script is filled out as strSQL=" SELECT*FROM users WHERE (name=' 1 '
OR ' 1 '=' 1 ') and (1 ' OR ' 1 ' of pw='=' 1 ');" sql command namely actually run will become following such
StrSQL=" SELECT*FROM users;" therefore reach no account number cipher, it also can Website login.So SQL injection attacks quilt
It is commonly called as the game of filling a vacancy for hacker;After having got user login information, then it can carry out hitting library, most people are using mutual
When account of networking, the password used is all almost consistent, then has an opportunity to take advantage of to this, when getting a certain amount of account information, then may be used
To attempt more websites, here it is hit library attack;And breaking by force is account using machine to a known users name
Carry out unlimited password attempt.
In existing internet environment, due to code decompiling, it is easy to attacker be allowed to get part or all of account
Password, then carries out hitting library or strong broken attack, and the prior art can not the attack to account effectively defendd.
Summary of the invention
Since existing method is there are the above problem, the embodiment of the present invention propose a kind of attack of account safety defense method and
Device.
In a first aspect, the embodiment of the present invention proposes a kind of safety defense method of account attack, comprising:
If monitoring the first logging request of logon account, the character string identification in first logging request is obtained;
Operation is decrypted to the character string identification according to preset decryption method, character string after being decrypted, and from
Acquisition time is stabbed in character string after the decryption;
If judgement knows that the timestamp is unsatisfactory for preset condition, confirm that first logging request is attacked for account,
Refuse first logging request, and determines the logon account login failure;
Wherein, the character string identification be the preset encryption method that is stored according to Java local interface JNI dynamic base into
Character string after row encryption;The timestamp is the current time added when generating first logging request.
Second aspect, the embodiment of the present invention also propose a kind of Prevention-Security device of account attack, comprising:
Character string obtains module, if obtaining described first for monitoring the first logging request of logon account and logging in
Character string identification in request;
Character string deciphering module is obtained for operation to be decrypted to the character string identification according to preset decryption method
Character string after to decryption, and from acquisition time is stabbed in character string after the decryption;
Request refusal module, if confirming that described first steps on for judging to know that the timestamp is unsatisfactory for preset condition
Record request is that account is attacked, and refuses first logging request, and determine the logon account login failure;
Wherein, the character string identification be the preset encryption method that is stored according to Java local interface JNI dynamic base into
Character string after row encryption;The timestamp is the current time added when generating first logging request.
The third aspect, the embodiment of the present invention also propose a kind of electronic equipment, comprising:
At least one processor;And
At least one processor being connect with the processor communication, in which:
The memory is stored with the program instruction that can be executed by the processor, and the processor calls described program to refer to
Order is able to carry out the above method.
Fourth aspect, the embodiment of the present invention also propose a kind of non-transient computer readable storage medium, the non-transient meter
Calculation machine readable storage medium storing program for executing stores computer program, and the computer program makes the computer execute the above method.
As shown from the above technical solution, the embodiment of the present invention is by using JNI technology, and preventing attacker from carrying out, code is counter to be compiled
Translate, and by the first logging request add have timestamp character string identification, facilitate it is subsequent verified, capture account
Attack carries out hitting library or strong broken attack after preventing attacker from getting partial account number password, can have to the attack of account
The defence of effect.
Detailed description of the invention
In order to more clearly explain the embodiment of the invention or the technical proposal in the existing technology, to embodiment or will show below
There is attached drawing needed in technical description to be briefly described, it should be apparent that, the accompanying drawings in the following description is only this
Some embodiments of invention for those of ordinary skill in the art without creative efforts, can be with
Other attached drawings are obtained according to these figures.
Fig. 1 is a kind of flow diagram of the safety defense method for account attack that one embodiment of the invention provides;
Fig. 2 is a kind of structural schematic diagram of the Prevention-Security device for account attack that one embodiment of the invention provides;
Fig. 3 is the logic diagram for the electronic equipment that one embodiment of the invention provides.
Specific embodiment
With reference to the accompanying drawing, further description of the specific embodiments of the present invention.Following embodiment is only used for more
Technical solution of the present invention is clearly demonstrated, and not intended to limit the protection scope of the present invention.
Fig. 1 shows a kind of flow diagram of the safety defense method of account attack provided in this embodiment, comprising:
If S101, the first logging request for monitoring logon account, obtain the character string in first logging request
Mark.
Wherein, the logon account refers to the account currently logged in.
First logging request is the request for the login current account that present terminal is initiated.
The character string identification is the character after being encrypted according to the preset encryption method that JNI dynamic base stores
String.
S102, operation is decrypted to the character string identification according to preset decryption method, character string after being decrypted,
And from acquisition time is stabbed in character string after the decryption.
Wherein, the timestamp is the current time added when generating first logging request.
Above-mentioned character string encryption method is for example: by specific character string inverted sequence, splicing current time stamp, reuses MD5 volume
Code is encrypted.Correspondingly, decrypting process is its inverse process.
If S103, judgement know that the timestamp is unsatisfactory for preset condition, confirm that first logging request is account
Attack refuses first logging request, and determines the logon account login failure.
Specifically, in order to ensure the safety of registration terminal, the present embodiment uses Android JNI (Java in client
Local interface) iOS dynamic base one encryption method of storage, in all requests with account service interaction, all with this side of encryption
Method generates an encrypted character string identification, is added in request.By using JNI technology, it can prevent attacker from carrying out
Code decompiling obtains account number cipher and encryption information.In addition, in order to reinforce safety, before character string identification encryption
Available login after operation is decrypted after server gets the first logging request in the timestamp for adding current time
Time, when the time phase difference that the login time and server receive the first logging request is larger, such as 1 hour, then prove
One logging request is sent not by legal terminal, and there are account attacks;Conversely, when the login time and server receive
Time phase difference to the first logging request is smaller, such as 1s, then proves the first logging request by reliably moving end equipment hair
It send.
The present embodiment prevents attacker from carrying out code decompiling by using JNI technology, and by the first logging request
It is middle addition have timestamp character string identification, facilitate it is subsequent verified, capture account attack, prevent attacker from getting portion
Carry out hitting library or strong broken attack after point account number cipher, can the attack to account effectively defendd.
Further, on the basis of above method embodiment, S101 is specifically included:
If S1011, the first logging request for monitoring logon account, judge whether initiate first logging request
For robot.
If what first logging request was initiated in S1012, judgement is not robot, obtain in first logging request
Character string identification.
If what first logging request was initiated in S1013, judgement is robot, refuse first logging request, and
Determine the logon account login failure.
Described whether judge to initiate first logging request be robot, is specifically included:
It shows that noise is greater than the slidable puzzle of preset value, prompts user to be slided manually, and the cunning according to used in user
Whether what dynamic time and sliding position determined initiation first logging request is robot.
Specifically, after server receives the first logging request, it is necessary first to distinguish the type for logging in side, the type packet
It includes: PC browser, iOS client, Android client, mobile terminal browser, customization POS machine client and customization barcode scanning gun
Client.If logging in side is PC browser or mobile terminal browser, using the method for slidable puzzle to determine whether being machine
People allows user to slide into sliding block in a certain range using the great picture of noise, and detection can be completed.
When by judging that logon account is robot, it can quickly determine that account is attacked, carrying out account defence.
S105, the IP address and MAC Address for obtaining first logging request, and update IP address described in blacklist and institute
State the quantity of MAC Address.
If S106, judgement know that the quantity of IP address described in the blacklist or the MAC Address is greater than threshold value, right
The IP address or the MAC Address carry out the first preset time period and freeze to handle.
Wherein, the blacklist is initiated for storing the IP address and MAC Address that logging request is rejected as some IP
When logging request is rejected again, then to IP, count is incremented.
Specifically, by judging whether timestamp in the first logging request and request originator are that robot can stop greatly
Part machine Brute Force, but artificially cracking after a degree of information leakage can not be stopped.Such as: the password of user z is
" 12345z~", wherein the length information of " 12345z " and password is obtained by attacker, it is only necessary to guess last word
What symbol is, the cost artificially cracked is not also high, it is therefore desirable to prevent this and happen.
For example: setting current account is in 3 minutes, if login failure number is more than 10 times, carries out 1 hour jelly
Knot processing, can not log in.
By judging IP address or the quantity of MAC Address in blacklist, artificially cracking after preventing information leakage is account
Attack provides more fully Prevention-Security.
Further, on the basis of above method embodiment, the method also includes:
If S107, judgement know that login failure number of the logon account in the second preset time period is greater than threshold value,
Then logon account progress third preset time period is freezed to handle.
If S108, reaching the third preset time period, defrosting processing is carried out to the logon account.
If S109, the second logging request for monitoring logon account and determining the login according to second logging request
Account Logon failure then issues the first terminal of first logging request and issues the second terminal of second logging request
It whether is same terminal.
If S110, the first terminal and the second terminal are same terminal, the 4th is carried out to the first terminal
Preset time period is freezed to handle.
Specifically, in the attack of actual account, it is necessary first to the number that some account is continuously attacked is considered, when reaching
When threshold value, need that the account is carried out freezing to handle.But it if only considering the number that account is attacked, is easy to evade: certain
It is only primary to an account attack in the every time of equipment, but continuously attack multiple accounts;Or account attacks clique
Account attack is carried out simultaneously by multiple equipment, and the MAC Address of every equipment is different, but its IP address is identical.In order to
The above problem is avoided, the present embodiment all records its IP address of equipment and MAC Address for each trial and error, and triggering logs in trial and error every time
When inquiry trial and error record, if occurring the continuous trial and error of 10 and the above account in some IP address or MAC Address, then sentencing
Break to hit library behavior, directly closes the IP address of the equipment 24 hours.
In addition, freezing if current account triggers again after freezing, and the equipment of trial and error is unique, then 24 are carried out to the equipment
Hour freezes to handle.
It should be noted that all there is the possibility accidentally injured in almost all of account defence method, for the situation, this implementation
Example provides user and appeals function, such as: if user is capable of providing cell-phone number and mobile phone identifying code, and carry out fingerprint and face knowledge
Not, system records the information of fingerprint and recognition of face, then carries out defrosting processing to current account.
In addition, attacking for SQL injection, set biography can be carried out using precompile sentence collection PreparedStatement
Value, the safety of Lai Tigao account.Such as: in account system product design, guidance user avoids the spcial character of SQL injection
String to avoid the risk that may occur, and is all added in the interfaces in all access account libraries with the presence or absence of splicing character string
Verification, directly reports an error if having, and non-development zones person uses the lower method of security level, to improve the safety of account.
Fig. 2 shows a kind of structural schematic diagram of the Prevention-Security device of account attack provided in this embodiment, the dresses
Set includes: that character string obtains module 201, character string deciphering module 202 and request refusal module 203, in which:
If the character string obtains the first logging request that module 201 is used to monitor logon account, described the is obtained
Character string identification in one logging request;
The character string deciphering module 202 is used to that behaviour to be decrypted to the character string identification according to preset decryption method
Make, character string after being decrypted, and from acquisition time is stabbed in character string after the decryption;
If request refusal module 203 is unsatisfactory for preset condition for judging to know the timestamp, described in confirmation
First logging request is account attack, refuses first logging request, and determine the logon account login failure;
Wherein, the character string identification be the preset encryption method that is stored according to Java local interface JNI dynamic base into
Character string after row encryption;The timestamp is the current time added when generating first logging request.
Specifically, if the character string obtains module 201 and monitors the first logging request of logon account, obtain described in
Character string identification in first logging request;The character string deciphering module 202 is according to preset decryption method to the character
Operation is decrypted in string mark, character string after being decrypted, and from acquisition time is stabbed in character string after the decryption;The request
If the refusal judgement of module 203 knows that the timestamp is unsatisfactory for preset condition, confirm that first logging request is attacked for account
It hits, refuses first logging request, and determine the logon account login failure.
The present embodiment prevents attacker from carrying out code decompiling by using JNI technology, and by the first logging request
It is middle addition have timestamp character string identification, facilitate it is subsequent verified, capture account attack, prevent attacker from getting portion
Carry out hitting library or strong broken attack after point account number cipher, can the attack to account effectively defendd.
Further, on the basis of above-mentioned apparatus embodiment, the character string obtains module 201 and is specifically used for:
If monitoring the first logging request of logon account, whether judge to initiate first logging request is machine
People;
If the character for not being robot, obtaining in first logging request of first logging request is initiated in judgement
String mark.
Further, on the basis of above-mentioned apparatus embodiment, described device further include:
Login failure module refuses described first if being robot for judge initiation first logging request
Logging request, and determine the logon account login failure.
Further, on the basis of above-mentioned apparatus embodiment, it is big that the login failure module is specifically used for display noise
In the slidable puzzle of preset value, user is prompted to be slided manually, and the sliding time according to used in user and sliding position are true
Whether initiate first logging request surely is robot.
Further, on the basis of above-mentioned apparatus embodiment, described device further include:
Quantity update module, for obtaining the internet protocol address and media access control of first logging request
MAC Address, and update the quantity of IP address described in blacklist and the MAC Address;
First freezes processing module, if for judging to know IP address described in the blacklist or the MAC Address
Quantity is greater than threshold value, then carries out the first preset time period to the IP address or the MAC Address and freeze to handle.
Further, on the basis of above-mentioned apparatus embodiment, described device further include:
Second freezes processing module, if for judging to know that login of the logon account in the second preset time period is lost
Number is lost greater than threshold value, then logon account progress third preset time period is freezed to handle.
Further, on the basis of above-mentioned apparatus embodiment, described device further include:
Defrosting processing module, if being carried out at defrosting for reaching the third preset time period to the logon account
Reason;
Terminal judgment module, if for monitoring the second logging request of logon account and according to second logging request
It determines the logon account login failure, then issues the first terminal of first logging request and issue second login and ask
Whether the second terminal asked is same terminal;
Third freezes processing module, if being same terminal for the first terminal and the second terminal, to described
First terminal the 4th preset time period of progress is freezed to handle.
The Prevention-Security device of the attack of account described in the present embodiment can be used for executing above method embodiment, principle
Similar with technical effect, details are not described herein again.
Referring to Fig. 3, the electronic equipment, comprising: processor (processor) 301, memory (memory) 302 and total
Line 303;
Wherein,
The processor 301 and memory 302 complete mutual communication by the bus 303;
The processor 301 is used to call the program instruction in the memory 302, to execute above-mentioned each method embodiment
Provided method.
The present embodiment discloses a kind of computer program product, and the computer program product includes being stored in non-transient calculating
Computer program on machine readable storage medium storing program for executing, the computer program include program instruction, when described program instruction is calculated
When machine executes, computer is able to carry out method provided by above-mentioned each method embodiment.
The present embodiment provides a kind of non-transient computer readable storage medium, the non-transient computer readable storage medium
Computer instruction is stored, the computer instruction makes the computer execute method provided by above-mentioned each method embodiment.
The apparatus embodiments described above are merely exemplary, wherein described, unit can as illustrated by the separation member
It is physically separated with being or may not be, component shown as a unit may or may not be physics list
Member, it can it is in one place, or may be distributed over multiple network units.It can be selected according to the actual needs
In some or all of the modules achieve the purpose of the solution of this embodiment.Those of ordinary skill in the art are not paying creativeness
Labour in the case where, it can understand and implement.
Through the above description of the embodiments, those skilled in the art can be understood that each embodiment can
It realizes by means of software and necessary general hardware platform, naturally it is also possible to pass through hardware.Based on this understanding, on
Stating technical solution, substantially the part that contributes to existing technology can be embodied in the form of software products in other words, should
Computer software product may be stored in a computer readable storage medium, such as ROM/RAM, magnetic disk, CD, including several fingers
It enables and using so that a computer equipment (can be personal computer, server or the network equipment etc.) executes each implementation
Method described in certain parts of example or embodiment.
It is noted that the above embodiments are merely illustrative of the technical solutions of the present invention, rather than its limitations;Although reference
Invention is explained in detail for previous embodiment, those skilled in the art should understand that: it still can be right
Technical solution documented by foregoing embodiments is modified or equivalent replacement of some of the technical features;And this
It modifies or replaces, the spirit and model of technical solution of various embodiments of the present invention that it does not separate the essence of the corresponding technical solution
It encloses.
Claims (10)
1. a kind of safety defense method of account attack characterized by comprising
If monitoring the first logging request of logon account, the character string identification in first logging request is obtained;
Operation is decrypted to the character string identification according to preset decryption method, character string after being decrypted, and from described
Acquisition time is stabbed in character string after decryption;
If judgement knows that the timestamp is unsatisfactory for preset condition, confirm first logging request for account attack, refusal
First logging request, and determine the logon account login failure;
Wherein, the character string identification is to be added according to the preset encryption method that Java local interface JNI dynamic base stores
Close treated character string;The timestamp is the current time added when generating first logging request.
If 2. the method according to claim 1, wherein first logging request for monitoring logon account,
The character string identification in first logging request is then obtained, is specifically included:
If monitoring the first logging request of logon account, whether judge to initiate first logging request is robot;
If the character string mark for not being robot, obtaining in first logging request of first logging request is initiated in judgement
Know.
3. according to the method described in claim 2, it is characterized in that, the method also includes:
If judgement initiation first logging request is robot, refuse first logging request, and step on described in determination
Record Account Logon failure.
4. according to the method in claim 2 or 3, which is characterized in that first logging request was initiated in the judgement is
No is robot, is specifically included:
It shows that noise is greater than the slidable puzzle of preset value, prompts user to be slided manually, and when the sliding according to used in user
Between and sliding position determine whether initiate first logging request is robot.
5. the method according to claim 1, wherein also being wrapped after the determination logon account login failure
It includes:
The internet protocol address and MAC address of first logging request are obtained, and updates blacklist
The quantity of the IP address and the MAC Address;
If judgement knows that the quantity of IP address described in the blacklist or the MAC Address is greater than threshold value, to the IP
Location or the MAC Address carry out the first preset time period and freeze to handle.
6. the method according to claim 1, wherein the method also includes:
If judgement knows that login failure number of the logon account in the second preset time period is greater than threshold value, stepped on to described
Record account progress third preset time period is freezed to handle.
7. the method according to claim 1, wherein the method also includes:
If reaching the third preset time period, defrosting processing is carried out to the logon account;
If monitoring the second logging request of logon account and determining that the logon account logs according to second logging request
Failure then issues the first terminal of first logging request and issues whether the second terminal of second logging request is same
One terminal;
If the first terminal and the second terminal are same terminal, the 4th preset time period is carried out to the first terminal
Freeze handle.
8. a kind of Prevention-Security device of account attack characterized by comprising
Character string obtains module, if obtaining first logging request for monitoring the first logging request of logon account
In character string identification;
Character string deciphering module is solved for operation to be decrypted to the character string identification according to preset decryption method
Character string after close, and from acquisition time is stabbed in character string after the decryption;
Request refusal module, if confirming that first login is asked for judging to know that the timestamp is unsatisfactory for preset condition
It asks as account attack, refuses first logging request, and determine the logon account login failure;
Wherein, the character string identification is to be added according to the preset encryption method that Java local interface JNI dynamic base stores
Close treated character string;The timestamp is the current time added when generating first logging request.
9. a kind of electronic equipment characterized by comprising
At least one processor;And
At least one processor being connect with the processor communication, in which:
The memory is stored with the program instruction that can be executed by the processor, and the processor calls described program to instruct energy
Enough methods executed as described in claim 1 to 7 is any.
10. a kind of non-transient computer readable storage medium, which is characterized in that the non-transient computer readable storage medium is deposited
Computer program is stored up, the computer program makes the computer execute the method as described in claim 1 to 7 is any.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910175419.3A CN109948333A (en) | 2019-03-08 | 2019-03-08 | A kind of safety defense method and device of account attack |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910175419.3A CN109948333A (en) | 2019-03-08 | 2019-03-08 | A kind of safety defense method and device of account attack |
Publications (1)
Publication Number | Publication Date |
---|---|
CN109948333A true CN109948333A (en) | 2019-06-28 |
Family
ID=67009383
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201910175419.3A Pending CN109948333A (en) | 2019-03-08 | 2019-03-08 | A kind of safety defense method and device of account attack |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN109948333A (en) |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113343278A (en) * | 2021-07-05 | 2021-09-03 | 湖南快乐阳光互动娱乐传媒有限公司 | Login request verification method and device for preventing CSRF attack |
CN113726799A (en) * | 2021-09-01 | 2021-11-30 | 百度在线网络技术(北京)有限公司 | Processing method, device, system and equipment for application layer attack |
US20230199022A1 (en) * | 2021-12-16 | 2023-06-22 | Paypal, Inc. | Security engine audit rules to prevent incorrect network address blocking |
Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104702559A (en) * | 2013-12-05 | 2015-06-10 | 中国人民公安大学 | Improved ECC-based double-factor identity authentication protocol |
CN104915602A (en) * | 2015-04-22 | 2015-09-16 | 飞天诚信科技股份有限公司 | PIN code protection method under Android platform |
CN104980449A (en) * | 2015-08-03 | 2015-10-14 | 携程计算机技术(上海)有限公司 | Network request security certification method and system |
US9213825B1 (en) * | 2014-02-21 | 2015-12-15 | American Megatrends, Inc. | User authentication using two-dimensional barcodes |
CN106603555A (en) * | 2016-12-29 | 2017-04-26 | 杭州迪普科技股份有限公司 | Method and device for preventing library-hit attacks |
CN107295024A (en) * | 2017-08-24 | 2017-10-24 | 四川长虹电器股份有限公司 | It is a kind of to realize the method that web front end is landed safely and accessed |
CN107786338A (en) * | 2016-08-25 | 2018-03-09 | 大连楼兰科技股份有限公司 | Shared platform in dynamic password verification |
CN108023874A (en) * | 2017-11-15 | 2018-05-11 | 平安科技(深圳)有限公司 | Calibration equipment, method and the computer-readable recording medium of single-sign-on |
-
2019
- 2019-03-08 CN CN201910175419.3A patent/CN109948333A/en active Pending
Patent Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104702559A (en) * | 2013-12-05 | 2015-06-10 | 中国人民公安大学 | Improved ECC-based double-factor identity authentication protocol |
US9213825B1 (en) * | 2014-02-21 | 2015-12-15 | American Megatrends, Inc. | User authentication using two-dimensional barcodes |
CN104915602A (en) * | 2015-04-22 | 2015-09-16 | 飞天诚信科技股份有限公司 | PIN code protection method under Android platform |
CN104980449A (en) * | 2015-08-03 | 2015-10-14 | 携程计算机技术(上海)有限公司 | Network request security certification method and system |
CN107786338A (en) * | 2016-08-25 | 2018-03-09 | 大连楼兰科技股份有限公司 | Shared platform in dynamic password verification |
CN106603555A (en) * | 2016-12-29 | 2017-04-26 | 杭州迪普科技股份有限公司 | Method and device for preventing library-hit attacks |
CN107295024A (en) * | 2017-08-24 | 2017-10-24 | 四川长虹电器股份有限公司 | It is a kind of to realize the method that web front end is landed safely and accessed |
CN108023874A (en) * | 2017-11-15 | 2018-05-11 | 平安科技(深圳)有限公司 | Calibration equipment, method and the computer-readable recording medium of single-sign-on |
Non-Patent Citations (1)
Title |
---|
PHLSHEJI: "android中使用jni对字符串加解密实现分析", 《HTTPS://WWW.CNBLOGS.COM/BHLSHEJI/P/5230771.HTML》 * |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113343278A (en) * | 2021-07-05 | 2021-09-03 | 湖南快乐阳光互动娱乐传媒有限公司 | Login request verification method and device for preventing CSRF attack |
CN113343278B (en) * | 2021-07-05 | 2022-07-26 | 湖南快乐阳光互动娱乐传媒有限公司 | Login request verification method and device for preventing CSRF attack |
CN113726799A (en) * | 2021-09-01 | 2021-11-30 | 百度在线网络技术(北京)有限公司 | Processing method, device, system and equipment for application layer attack |
US20230199022A1 (en) * | 2021-12-16 | 2023-06-22 | Paypal, Inc. | Security engine audit rules to prevent incorrect network address blocking |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN107211016B (en) | Session security partitioning and application profiler | |
Petsas et al. | Two-factor authentication: is the world ready? Quantifying 2FA adoption | |
CN105306473B (en) | A kind of method for preventing injection attacks, client, server and system | |
EP2933981B1 (en) | Method and system of user authentication | |
CN104768139B (en) | A kind of method and device that short message is sent | |
CN108989263A (en) | Short message verification code attack guarding method, server and computer readable storage medium | |
CN105939326A (en) | Message processing method and device | |
Mozumder et al. | Cloud computing security breaches and threats analysis | |
CN103607385A (en) | Method and apparatus for security detection based on browser | |
EP3888326A1 (en) | Detection of remote fraudulent activity in a client-server-system | |
CN109948333A (en) | A kind of safety defense method and device of account attack | |
CN110958239B (en) | Method and device for verifying access request, storage medium and electronic device | |
CN108259619A (en) | Network request means of defence and network communicating system | |
CN107426243A (en) | A kind of network safety protection method and device | |
Barron et al. | Click this, not that: extending web authentication with deception | |
CN113572793B (en) | Access request capturing method and device, computer equipment and storage medium | |
CN108449354A (en) | A kind of reinforcing server log safety method, device and server based on agreement of knocking at the door | |
US20170149777A1 (en) | Systems and method for cross-channel device binding | |
CN117640154A (en) | Defensive strategy generation method and device, storage medium and terminal | |
Netto et al. | An integrated approach for detecting ransomware using static and dynamic analysis | |
CN111417122A (en) | Attack prevention method and device | |
CN113794679B (en) | Method and system for preventing automatic script number robbing | |
CN109145543A (en) | A kind of identity identifying method | |
CN109522708B (en) | Method and device for safely controlling running environment of application program | |
CN113709130A (en) | Risk identification method and device based on honeypot system |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20190628 |
|
RJ01 | Rejection of invention patent application after publication |