CN109992967A - A kind of method and system for realizing automatic detection file security when file uploads - Google Patents
A kind of method and system for realizing automatic detection file security when file uploads Download PDFInfo
- Publication number
- CN109992967A CN109992967A CN201910185971.0A CN201910185971A CN109992967A CN 109992967 A CN109992967 A CN 109992967A CN 201910185971 A CN201910185971 A CN 201910185971A CN 109992967 A CN109992967 A CN 109992967A
- Authority
- CN
- China
- Prior art keywords
- file
- characteristic
- module
- uploads
- identification module
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/562—Static detection
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Virology (AREA)
- Health & Medical Sciences (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- General Health & Medical Sciences (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
- Information Transfer Between Computers (AREA)
Abstract
The invention discloses a kind of to realize the automatic method and system for detecting file security when file uploads, when method includes that S1. file uploads, basic verification is carried out to file, checks whether file format meets general format and check whether file size meets no more than threshold value;If any do not meet, upload is terminated;If all met, enter S2;S2. the file for going up crossing is read, file byte stream is converted into character crossfire;Subsequently into S3;S3. analysis is scanned to the file for going up crossing, judges whether the file content of scanning meets jsp, aspx, php or html file characteristic, if met, terminate upload;If do not met all, success is uploaded.System then accordingly includes correction verification module, read module, scan module, identification module and processing module.The present invention can promote file and upload safety.
Description
Technical field
The present invention relates to field of information security technology, and in particular to a kind of that automatic detection file peace is realized when file uploads
The method and system of full property.
Background technique
File uploads in the construction of system using very extensive, and traditional file uploading file is only to the format of file
And size has done some limitations, there is no being analyzed from file content, in this way or is easy to be utilized by criminal, it is illegal
Molecule pretends to upload webshall and other wooden horse files by file, once wooden horse file is performed, it will to server
And application brings serious harm.
Summary of the invention
In view of this, in order to solve the above technical problems, it is an object of the invention to propose that being able to ascend file uploads safety
Property the method and system that automatic detection file security is realized when file uploads.
Used technical solution are as follows:
A method of it realizing automatic detection file security when file uploads, includes the following steps:
S1. when file uploads, basic verification is carried out to file, checks whether file format meets general format and inspection
Look into whether file size meets no more than threshold value;If any do not meet, upload is terminated;If all met, enter S2;
S2. the file for going up crossing is read, file byte stream is converted into character crossfire;Subsequently into S3;
S3. analysis is scanned to the file for going up crossing, it is special judges whether the file content of scanning meets jsp file
Sign, aspx file characteristic, php file characteristic or html file characteristic terminate upload if met;If do not met all,
Then upload success.
Further, in S1, general format be doc, docx, xls, xlsx, pdf, txt, jpg, gif, png, zip,
The one or more of rar, JPG and jpeg.
Further, in S2, the threshold value is 1-10M.
A kind of system for realizing automatic detection file security when file uploads, comprising:
Correction verification module, is used to check whether file format to meet general format and check whether file size is no more than
Threshold value;
Read module is used to for file byte stream to be converted into character crossfire;
Scan module is used to be scanned the character string stream of read module;
Identification module, is used to judge whether the file content of scanning to meet jsp file characteristic, aspx file characteristic, php
File characteristic or html file characteristic,
Processing module is used to deal with to the inspection result of inspection module and the recognition result of identification module, to inspection
Module is tested, if any do not meet, terminates upload;If all met, enter identification module;To identification module, if
It is any to meet, then terminate upload;If do not met all, success is uploaded.
Further, the identification module includes jsp file characteristic identification module, aspx file characteristic identification module, php
File characteristic identification module and html file characteristic identification module.
The beneficial effects of the present invention are:
The present invention is combined by file uploading file and file scan technology, and it is just automatic right when file uploads to realize
File security is scanned, once there are safety issues for discovery file, terminates upload immediately, so as to be promoted on file
Pass safety.It is 50 points as script technological document uploads safety, it can be by this skill upgrading to 70 points, to optimize existing
File uploading file, so that file uploads relatively reliable, safety.
Detailed description of the invention
In order to illustrate more clearly of the present invention, simply attached drawing will be made to attached drawing used in specific embodiment below
Explanation.
Fig. 1 is a kind of flow chart of method that automatic detection file security is realized when file uploads.
Fig. 2 is the first display interface figure of the article page of embodiment 1;
Fig. 3 is second of display interface figure of the article page of embodiment 1;
Fig. 4 is the third display interface figure of the article page of embodiment 1;
Fig. 5 is the 4th kind of display interface figure of the article page of embodiment 1.
Specific embodiment
With reference to the accompanying drawing, the present invention is clearly and completely described, but protection scope of the present invention is not limited to
This.
It is shown in Figure 1, a method of it realizing automatic detection file security when file uploads, including walks as follows
It is rapid:
S1. when file uploads, basic verification is carried out to file, checks whether file format meets general format and inspection
Look into whether file size meets no more than threshold value;If any do not meet, that is, be not accordant to the old routine format or be more than threshold value, then terminate
It uploads;If all met, that is, meet general format, is also no more than threshold value;Then enter S2;
S2. the file for going up crossing is read, file byte stream is converted into character crossfire;Such as using
InputStreamReader is the bridge that byte stream leads to character stream.
Such as // define the byte stream for being directed toward D:/TEXT.TXT
FileInputStream fileInputStream=new
FileInputStream("d:/text.txt");
// byte stream is converted into InputStreamReader
InputStreamReader inputStreamReader=new
InputStreamReader(fileInputStream);
//InputStreamReader is converted into the bufferedReader with caching
BufferedReader bufferedReader=new
BufferedReader(inputSteamReader);
Subsequently into S3;
S3. analysis is scanned to the file for going up crossing, it is special judges whether the file content of scanning meets jsp file
Sign, aspx file characteristic, php file characteristic or html file characteristic terminate upload if met;If do not met all,
Then upload success.
In above-mentioned steps S1, general format be usually doc, docx, xls, xlsx, pdf, txt, jpg, gif, png, zip,
One or more of rar, JPG and jpeg;By taking the general format all enumerated as an example, check whether file format meets
Doc, docx, xls, xlsx, pdf, txt, jpg, gif, png, zip, rar, JPG or jpeg format, if do not met all,
I.e. file format is non-[doc, docx, xls, xlsx, pdf, txt, jpg, gif, png, zip, rar, JPG, jpeg] format, then
It terminates and uploads;
In above-mentioned steps S1, threshold value is preset critical value, any sizes values in including but not limited to 1-10M, such as
It is including but not limited to 1M, 2M, 3M, 5M or 10M, actual size can according to need setting, such as may be set to be
500Kb.It checks whether file size meets no more than threshold value, such as illustrates so that threshold value is 10M as an example, if it is greater than 10M, then eventually
Only upload.
In above-mentioned steps S1, check whether file format meets general format and check whether file size is more than threshold value
Sequence, no matter front and back be all possible, it can first check file format whether meet general format, then reexamine file
Whether size is more than threshold value;Can also first check whether file size is more than threshold value, then reexamine whether file format meets
General format.Fig. 1 illustrate only one of sequence.
In above-mentioned steps S3, the judgement of jsp file characteristic, aspx file characteristic, php file characteristic and html file characteristic
It can gradually carry out in any order.For example, can according to jsp file characteristic, aspx file characteristic, php file characteristic and
The sequence of html file characteristic successively judges, can also in other orders, such as according to spx file characteristic, html file characteristic,
Php file characteristic, aspx file characteristic sequence successively judge;Or exactly the opposite sequence is judged with the first sequence
It is possible.As long as by this four files of jsp file characteristic, aspx file characteristic, php file characteristic and html file characteristic
Feature fully judge one by one.Fig. 1 illustrate only one of sequence.
Jsp file characteristic, aspx file characteristic, php file characteristic and html file characteristic are described as follows below:
(1) .jsp (Java Server Pages) be advocated by Sun Microsystems company, many companies participate in one
A kind of dynamic web page technique established is acted, is analyzed and such as belongs to jsp file characteristic, then content of pages must include following code piece
Section:
< %@page language=" java " import=" java.util.* "
PageEncoding=" ISO-8859-1 " % >
(2) .aspx file characteristic generally comprises following code segment:
< %@Page Language=" C# " AutoEventWireup=" true "
CodeBehind=" edit.aspx.cs "
Inherits=" DTcms.Web.admin.apply.credit.edit " % >
(3) whether .php file characteristic generally judges file beginning comprising following code segment:
<? php
// it is PHP code herein
>
(4) .html file characteristic generally comprises following label:
<html>
<head>
<title>my first html page</title>
</head>
<body>
<p>the content of body element can be shown in a browser.</p>
<p>the content of title element can be shown in the title bar of browser.</p>
</body>
</html>
Correspondingly, a kind of system for realizing automatic detection file security when file uploads, comprising:
Correction verification module, is used to check whether file format to meet general format and check whether file size is no more than
Threshold value;
Read module is used to for file byte stream to be converted into character crossfire;
Scan module is used to be scanned the character string stream of read module;
Identification module, is used to judge whether the file content of scanning to meet jsp file characteristic, aspx file characteristic, php
File characteristic or html file characteristic,
Processing module is used to deal with to the inspection result of inspection module and the recognition result of identification module, to inspection
Test the processing of module: such as correction verification module checks whether file format meets general format and check whether file size does not surpass
After crossing threshold value, if any do not meet, upload is terminated;If all met, enter identification module;To the place of identification module
Reason: such as identification module judges whether the file content of scanning meets jsp file characteristic, aspx file characteristic, php file characteristic
Or after html file characteristic, if any meet, upload is terminated;If do not met all, success is uploaded.
Wherein, correction verification module is that file verifies component substantially, namely judges file suffixes and file for being mainly responsible for
Whether size meets the requirements.
Read module is file content reading assembly, namely binary stream is changed into character crossfire for being mainly responsible for.
Identification module includes jsp file characteristic identification module, aspx file characteristic identification module, the identification of php file characteristic
Module and html file characteristic identification module.
Wherein jsp file characteristic identification module is jsp file identification component, for being mainly responsible for through file content and
Jsp file characteristic, whether identification file is jsp file.
Aspx file characteristic identification module be aspx file identification component, for be mainly responsible for according to aspx file characteristic with
And file content, whether identification file is aspx file.
Php file characteristic identification module is php file identification component, for being mainly responsible for according to php file characteristic and
File content, whether identification file is php file.
Html file characteristic identification module be html file identification component, for be mainly responsible for according to html file characteristic with
And file content, whether identification file is html file.
Below by taking a kind of surface chart of practical application as an example, the present invention is further illustrated:
Embodiment 1
A method of it realizing automatic detection file security when file uploads, includes the following steps:
S1. when file uploads, basic verification is carried out to file, checks whether file format meets general format and inspection
Look into whether file size meets no more than threshold value;The surface chart of article page shown in Figure 2, the display reminding in interface
Information: jpg, png file can only be uploaded, and is no more than 500kb.
If any do not meet, that is, be not accordant to the old routine format or be more than threshold value, then terminate upload;If all met, i.e.,
Both general format (for jpg or png file) had been met, and had also been no more than threshold value (for 500kb);Then enter S2;
S2. the file for going up crossing is read, file byte stream is converted into character crossfire;Subsequently into S3;
S3. analysis is scanned to the file for going up crossing, it is special judges whether the file content of scanning meets jsp file
Sign, aspx file characteristic, php file characteristic or html file characteristic terminate upload if met;If do not met all,
Then upload success.Shown in Figure 3, when the file that detection uploads is confirmed as jsp file through scanning, display reminding is believed in interface
Breath: through scanning, this file is Java file, forbids uploading!It is shown in Figure 4, when the file that detection uploads is confirmed as through scanning
.Net file, the display reminding information in interface: this file is .net file, forbids uploading!It is shown in Figure 5, when scanning does not have
It is found after problem, article saves successfully, the display reminding information in interface: congratulations, article save successfully!
After this method, so that file uploads relatively reliable, safety.
The series of detailed descriptions listed above are illustrated only for possible embodiments of the invention,
The protection scope that they are not intended to limit the invention, it is all without departing from equivalent embodiment made by technical spirit of the present invention or change
It should all be included in the protection scope of the present invention.
Claims (5)
1. a kind of method for realizing automatic detection file security when file uploads, which comprises the steps of:
S1. when file uploads, basic verification is carried out to file, checks whether file format meets general format and check text
Whether part size meets no more than threshold value;If any do not meet, upload is terminated;If all met, enter S2;
S2. the file for going up crossing is read, file byte stream is converted into character crossfire;Subsequently into S3;
S3. analysis is scanned to the file for going up crossing, judge scanning file content whether meet jsp file characteristic,
Aspx file characteristic, php file characteristic or html file characteristic terminate upload if met;If do not met all,
It uploads successfully.
2. the method according to claim 1 for realizing automatic detection file security when file uploads, which is characterized in that
In S1, general format is one kind of doc, docx, xls, xlsx, pdf, txt, jpg, gif, png, zip, rar, JPG and jpeg
Or it is two or more.
3. the method according to claim 1 for realizing automatic detection file security when file uploads, which is characterized in that
In S2, the threshold value is 1-10M.
4. a kind of system for realizing automatic detection file security when file uploads characterized by comprising
Correction verification module, is used to check whether file format to meet general format and check whether file size is no more than threshold
Value;
Read module is used to for file byte stream to be converted into character crossfire;
Scan module is used to be scanned the character string stream of read module;
Identification module, is used to judge whether the file content of scanning to meet jsp file characteristic, aspx file characteristic, php file
Feature or html file characteristic,
Processing module is used to deal with to the inspection result of inspection module and the recognition result of identification module, to inspection mould
Block terminates upload if any do not meet;If all met, enter identification module;To identification module, if any
Meet, then terminates upload;If do not met all, success is uploaded.
5. the system according to claim 4 for realizing automatic detection file security when file uploads, which is characterized in that
The identification module includes jsp file characteristic identification module, aspx file characteristic identification module, php file characteristic identification module
With html file characteristic identification module.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910185971.0A CN109992967A (en) | 2019-03-12 | 2019-03-12 | A kind of method and system for realizing automatic detection file security when file uploads |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910185971.0A CN109992967A (en) | 2019-03-12 | 2019-03-12 | A kind of method and system for realizing automatic detection file security when file uploads |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN109992967A true CN109992967A (en) | 2019-07-09 |
Family
ID=67130610
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910185971.0A Pending CN109992967A (en) | 2019-03-12 | 2019-03-12 | A kind of method and system for realizing automatic detection file security when file uploads |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109992967A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112565410A (en) * | 2020-12-05 | 2021-03-26 | 李凡 | Mobile communication storage management system based on distributed storage technology |
Citations (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101217376A (en) * | 2007-12-28 | 2008-07-09 | 腾讯科技(深圳)有限公司 | A verification method and device of uploaded documents |
| KR20090031393A (en) * | 2009-03-05 | 2009-03-25 | 김동규 | Web shell monitoring system and method based on pattern detection |
| US20090282485A1 (en) * | 2008-05-12 | 2009-11-12 | Bennett James D | Network browser based virus detection |
| CN103559441A (en) * | 2013-10-28 | 2014-02-05 | 中国科学院信息工程研究所 | Cross-platform detection method and system for malicious files in cloud environment |
| CN103731430A (en) * | 2014-01-09 | 2014-04-16 | 北京哈工大计算机网络与信息安全技术研究中心 | Struts 2-architecture-based file uploading safety control method |
| CN105069355A (en) * | 2015-08-26 | 2015-11-18 | 厦门市美亚柏科信息股份有限公司 | Static detection method and apparatus for webshell deformation |
| CN105100065A (en) * | 2015-06-26 | 2015-11-25 | 北京奇虎科技有限公司 | Cloud-based webshell attack detection method, cloud-based webshell attack detection device and gateway |
| US20180046941A1 (en) * | 2016-08-12 | 2018-02-15 | Qualcomm Incorporated | Systems and methods for multi-instance learning-based classification for streaming inputs |
| CN108509775A (en) * | 2018-02-08 | 2018-09-07 | 暨南大学 | A kind of malice PNG image-recognizing methods based on machine learning |
| CN109086608A (en) * | 2018-07-20 | 2018-12-25 | 西安四叶草信息技术有限公司 | A kind of detection file uploads method, terminal device and the server of loophole |
| CN109327451A (en) * | 2018-10-30 | 2019-02-12 | 深信服科技股份有限公司 | A kind of method, system, device and medium that the upload verifying of defence file bypasses |
-
2019
- 2019-03-12 CN CN201910185971.0A patent/CN109992967A/en active Pending
Patent Citations (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101217376A (en) * | 2007-12-28 | 2008-07-09 | 腾讯科技(深圳)有限公司 | A verification method and device of uploaded documents |
| US20090282485A1 (en) * | 2008-05-12 | 2009-11-12 | Bennett James D | Network browser based virus detection |
| KR20090031393A (en) * | 2009-03-05 | 2009-03-25 | 김동규 | Web shell monitoring system and method based on pattern detection |
| CN103559441A (en) * | 2013-10-28 | 2014-02-05 | 中国科学院信息工程研究所 | Cross-platform detection method and system for malicious files in cloud environment |
| CN103731430A (en) * | 2014-01-09 | 2014-04-16 | 北京哈工大计算机网络与信息安全技术研究中心 | Struts 2-architecture-based file uploading safety control method |
| CN105100065A (en) * | 2015-06-26 | 2015-11-25 | 北京奇虎科技有限公司 | Cloud-based webshell attack detection method, cloud-based webshell attack detection device and gateway |
| CN105069355A (en) * | 2015-08-26 | 2015-11-18 | 厦门市美亚柏科信息股份有限公司 | Static detection method and apparatus for webshell deformation |
| US20180046941A1 (en) * | 2016-08-12 | 2018-02-15 | Qualcomm Incorporated | Systems and methods for multi-instance learning-based classification for streaming inputs |
| CN108509775A (en) * | 2018-02-08 | 2018-09-07 | 暨南大学 | A kind of malice PNG image-recognizing methods based on machine learning |
| CN109086608A (en) * | 2018-07-20 | 2018-12-25 | 西安四叶草信息技术有限公司 | A kind of detection file uploads method, terminal device and the server of loophole |
| CN109327451A (en) * | 2018-10-30 | 2019-02-12 | 深信服科技股份有限公司 | A kind of method, system, device and medium that the upload verifying of defence file bypasses |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112565410A (en) * | 2020-12-05 | 2021-03-26 | 李凡 | Mobile communication storage management system based on distributed storage technology |
| CN112565410B (en) * | 2020-12-05 | 2022-10-14 | 南京鼎山信息科技有限公司 | Mobile communication storage management system based on distributed storage technology |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN105844140A (en) | Website login brute force crack method and system capable of identifying verification code | |
| EP1635268A3 (en) | Freeform digital ink annotation recognition | |
| MY127694A (en) | Character recognition, including method and system for processing checks with invalidated micr lines. | |
| WO2008042252A3 (en) | Method and sysem for converting mail order/telephone order transactions into e-commerce transactions | |
| EP1884872A3 (en) | Method and system for using application development data to instantiate support information | |
| CN109992967A (en) | A kind of method and system for realizing automatic detection file security when file uploads | |
| CN110866108A (en) | Sensitive data detection system and detection method thereof | |
| CN115588202B (en) | Contour detection-based method and system for extracting characters in electrical design drawing | |
| CN103425931A (en) | Abnormal web script detection method and system | |
| US20160012024A1 (en) | Method and system for automatic generation and validation of html5 compliant scripts | |
| CN117036073B (en) | Invoice auditing and automatic reimbursement system based on Internet | |
| CN101471781A (en) | Method and system for processing script injection event | |
| CN114781008B (en) | Data identification method and device for security detection of terminal firmware of Internet of things | |
| CN106557450A (en) | A kind of express delivery extraction equipment identity identifying method and express delivery extraction equipment | |
| JP2001022615A5 (en) | ||
| CN110147659A (en) | Noninductive verification method based on machine learning | |
| CN107145801A (en) | The confidential document automatic discovering method that a kind of suffix name is distorted | |
| CN113283878B (en) | Conversion processing system and method between paper contract and electronic contract | |
| Morrison et al. | Creating and documenting electronic texts: a guide to good practice | |
| KR101725399B1 (en) | Apparatus and method for detection and execution prevention for malicious script based on host level | |
| US20030102374A1 (en) | Method and system for mail security and traceability | |
| US20100329537A1 (en) | Computer-implemented methods of identifying an optical character recognition (ocr) font to assist an operator in setting up a bank remittance coupon application | |
| JP2007226687A (en) | Inspection system, inspection method, program, and recording medium | |
| CN111475703B (en) | Analysis method for grabbing network specific data | |
| CN103400419B (en) | The human-computer interaction device that a kind of ticket one detects and detection method thereof |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20190709 |
|
| RJ01 | Rejection of invention patent application after publication |