CN110134890A - A kind of method for preventing website data from maliciously being traversed, system, equipment and medium - Google Patents
A kind of method for preventing website data from maliciously being traversed, system, equipment and medium Download PDFInfo
- Publication number
- CN110134890A CN110134890A CN201910395076.1A CN201910395076A CN110134890A CN 110134890 A CN110134890 A CN 110134890A CN 201910395076 A CN201910395076 A CN 201910395076A CN 110134890 A CN110134890 A CN 110134890A
- Authority
- CN
- China
- Prior art keywords
- network address
- rule
- numerical portion
- correspondence
- former
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/90—Details of database functions independent of the retrieved data types
- G06F16/95—Retrieval from the web
- G06F16/955—Retrieval from the web using information identifiers, e.g. uniform resource locators [URL]
- G06F16/9566—URL specific, e.g. using aliases, detecting broken or misspelled links
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F40/00—Handling natural language data
- G06F40/10—Text processing
- G06F40/12—Use of codes for handling textual entities
- G06F40/151—Transformation
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Databases & Information Systems (AREA)
- General Health & Medical Sciences (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- Data Mining & Analysis (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Artificial Intelligence (AREA)
- Audiology, Speech & Language Pathology (AREA)
- Computational Linguistics (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
- Information Transfer Between Computers (AREA)
Abstract
The invention discloses a kind of method for preventing website data from maliciously being traversed, system, equipment and media, comprising: obtains former network address;The former network address is handled based on ad hoc rules, to generate new network address;The former network address is replaced using the new network address.The numerical portion for the former network address that Website server generates is converted into complicated letter by the present invention, conversion process elapsed time is short, and new network address includes close friend to the page, and effectively increases network address and crack difficulty, raising crawls cost, to avoid website by the risk of malice traversal crawl.
Description
Technical field
The present invention relates to technical field of network security, and in particular to a kind of method for preventing website data from maliciously being traversed,
System, equipment and medium.
Background technique
With the continuous development of Internet technology, the data volume of the network carrying is increasing, and data type is more and more abundant,
The following security risk is also more and more, particularly with the website of carrying userspersonal information, becomes by malicious attack
Or the object crawled, attacker traverse website data using web page interlinkage (network address), obtain valuable information, and is tried to gain with this
Interests are taken, under normal circumstances, the network address comprising number is easier to traverse website by the growth of malicious exploitation number, this makes phase
Answering the data safety of website cannot ensure, bring information security hidden danger to user.
Summary of the invention
In view of the above-mentioned problems, the present invention provides a kind of method for preventing website data from maliciously being traversed, system, equipment and Jie
Numerical portion in network address is converted to complicated letter by matter, and increase cracks difficulty, and raising crawls cost, avoids network address by malice
Using traversing website data.
The present invention specifically: a method of prevent website data from maliciously being traversed characterized by comprising
Obtain former network address;
The former network address is handled based on ad hoc rules, to generate new network address;
The former network address is replaced using the new network address.
Further, the former network address of the acquisition specifically includes:
Obtain the former network address that Website server generates.
Further, described that the former network address is handled based on ad hoc rules, to generate new network address, specifically include:
Extract the numerical portion in the former network address;
The numerical portion is converted into English alphabet by the rule of correspondence, generates new network address.
Further, described that the numerical portion is converted into English alphabet by the rule of correspondence, it specifically includes:
According to the rule of correspondence of 10 Arabic numerals and 26 English alphabets, the numerical portion is converted into English by turn
Text is female;
The rule of correspondence is set by administrator, and is regularly updated.
Further, after the numerical portion being converted to English alphabet by turn, the method also includes:
According to insertion rule, letters,confusion is inserted into English alphabet after conversion.
Further, described regular according to insertion, it is inserted into letters,confusion in English alphabet after conversion, is specifically included:
First of the alphabetic string of the English alphabet, last, the position that is rounded downwards of alphabetic string total length half
It sets, respectively radom insertion English alphabet.
The invention also provides a kind of systems for preventing website data from maliciously being traversed characterized by comprising
Former website acquisition module, for obtaining the former network address of Website server generation;
Digital extraction module, for extracting the numerical portion in the former network address;
New network address generation module generates new network address for the numerical portion to be converted to English alphabet by the rule of correspondence;
Network address comes into force module, for replacing the former network address using the new network address.
Further, described that the numerical portion is converted into English alphabet by the rule of correspondence, it specifically includes:
According to the rule of correspondence of 10 Arabic numerals and 26 English alphabets, the numerical portion is converted into English by turn
Text is female;
The rule of correspondence is set by administrator, and is regularly updated.
Further, after the numerical portion being converted to English alphabet by turn, further includes:
According to insertion rule, letters,confusion is inserted into English alphabet after conversion.
Further, described regular according to insertion, it is inserted into letters,confusion in English alphabet after conversion, is specifically included:
First of the alphabetic string of the English alphabet, last, the position that is rounded downwards of alphabetic string total length half
It sets, respectively radom insertion English alphabet.
A kind of electronic equipment, comprising: shell, processor, memory, circuit board and power circuit, wherein circuit board placement
In the space interior that shell surrounds, processor and memory setting are on circuit boards;Power circuit, for being above-mentioned electronic equipment
Each circuit or device power supply;Memory is for storing executable program code;Processor is stored by reading in memory
Executable program code run program corresponding with executable program code, above-mentioned prevent website data from being disliked for executing
The method for traversal of anticipating.
A kind of computer readable storage medium, the computer-readable recording medium storage have one or more program,
One or more of programs can be executed by one or more processor, with realize it is above-mentioned prevent website data by malice time
The method gone through.
The beneficial effects of the present invention are embodied in:
The numerical portion for the former network address that Website server generates is converted into complicated letter, conversion process consumption by the present invention
Time is short, and new network address includes close friend to the page, and effectively increases network address and crack difficulty, and raising crawls cost, to avoid website
By the risk of malice traversal crawl.
Detailed description of the invention
It, below will be to specific in order to illustrate more clearly of the specific embodiment of the invention or technical solution in the prior art
Embodiment or attached drawing needed to be used in the description of the prior art are briefly described.In all the appended drawings, similar element
Or part is generally identified by similar appended drawing reference.In attached drawing, each element or part might not be drawn according to actual ratio.
Fig. 1 is a kind of a certain method flow diagram for preventing website data from maliciously being traversed of embodiment of the present invention;
Fig. 2 is a kind of method flow diagram for preventing website data from maliciously being traversed of another embodiment of the present invention;
Fig. 3 is a kind of system construction drawing for preventing website data from maliciously being traversed of the embodiment of the present invention;
Fig. 4 is a kind of electronic equipment of embodiment of the present invention structural schematic diagram.
Specific embodiment
It is described in detail below in conjunction with embodiment of the attached drawing to technical solution of the present invention.Following embodiment is only used for
Clearly illustrate technical solution of the present invention, therefore be only used as example, and cannot be used as a limitation and limit protection model of the invention
It encloses.
It should be noted that unless otherwise indicated, technical term or scientific term used in this application should be this hair
The ordinary meaning that bright one of ordinary skill in the art are understood.
As shown in Figure 1, a kind of a certain embodiment of method for preventing website data from maliciously being traversed of the present invention, comprising:
As shown in Fig. 2, for a kind of embodiment of the method for preventing website data from maliciously being traversed of the present invention, comprising:
S11: the former network address that Website server generates is obtained;
S12: the numerical portion in the former network address is extracted;
S13: the numerical portion is converted into English alphabet by the rule of correspondence, generates new network address;
S14: the former network address is replaced using the new network address.
Preferably, described that the numerical portion is converted into English alphabet by the rule of correspondence, it specifically includes:
According to the rule of correspondence of 10 Arabic numerals and 26 English alphabets, the numerical portion is converted into English by turn
Text is female;
In order to avoid attacker finds conversion rule, the rule of correspondence is cracked, the rule of correspondence is set by administrator,
And it regularly updates.
The rule of correspondence of 10 Arabic numerals and 26 English alphabets is exemplified below:
0-p, o, i
1-z, a, q, x, s, w
2-c, v
3-e, d
4-r, t
5-m, l
6-b, n
7-k, h
8-g, f
9-y, u, j
At this point, the numerical portion in network address, such as 123456, can be converted into zcermb, acetln etc..
Preferably, after the numerical portion being converted to English alphabet by turn, further includes:
According to insertion rule, letters,confusion is inserted into English alphabet after conversion;It further increases network address and cracks difficulty,
Raising crawls cost.
Preferably, described regular according to insertion, it is inserted into letters,confusion in English alphabet after conversion, is specifically included:
First of the alphabetic string of the English alphabet, last, the position that is rounded downwards of alphabetic string total length half
It sets, respectively radom insertion English alphabet;The example above is adopted, the numerical portion in network address, such as 123456 can be converted into
Szcehrmbd, sacehtlnf etc..
According to the example above,
https://www.chatm.com/123456
https://www.chatm.com/123457
It can convert are as follows:
https://www.chatm.com/szcehrmbd
https://www.chatm.com/sacehtlhf
As shown in figure 3, for a kind of system embodiment for preventing website data from maliciously being traversed of the present invention, comprising:
Former website acquisition module 21, for obtaining the former network address of Website server generation;
Digital extraction module 22, for extracting the numerical portion in the former network address;
New network address generation module 23, for the numerical portion to be converted to English alphabet by the rule of correspondence, generates new net
Location;
Network address comes into force module 24, for replacing the former network address using the new network address.
Preferably, described that the numerical portion is converted into English alphabet by the rule of correspondence, it specifically includes:
According to the rule of correspondence of 10 Arabic numerals and 26 English alphabets, the numerical portion is converted into English by turn
Text is female;
In order to avoid attacker finds conversion rule, the rule of correspondence is cracked, the rule of correspondence is set by administrator,
And it regularly updates.
Preferably, after the numerical portion being converted to English alphabet by turn, further includes:
According to insertion rule, letters,confusion is inserted into English alphabet after conversion;It further increases network address and cracks difficulty,
Raising crawls cost.
Preferably, described regular according to insertion, it is inserted into letters,confusion in English alphabet after conversion, is specifically included:
First of the alphabetic string of the English alphabet, last, the position that is rounded downwards of alphabetic string total length half
It sets, respectively radom insertion English alphabet.
The embodiment of the present invention also provides a kind of electronic equipment, as shown in figure 4, embodiment illustrated in fig. 1 of the present invention may be implemented
Process, as shown in figure 3, above-mentioned electronic equipment may include: shell 31, processor 32, memory 33, circuit board 34 and power supply
Circuit 35, wherein circuit board 34 is placed in the space interior that shell 31 surrounds, and processor 32 and memory 33 are arranged in circuit board
On 34;Power circuit 35, for each circuit or the device power supply for above-mentioned electronic equipment;Memory 33 is executable for storing
Program code;Processor 32 is run by reading the executable program code stored in memory 33 and executable program code
Corresponding program, for executing method described in aforementioned any embodiment.
Processor 32 to the specific implementation procedures of above-mentioned steps and processor 32 by operation executable program code come
The step of further executing may refer to the description of embodiment illustrated in fig. 1 of the present invention, and details are not described herein.
The electronic equipment exists in a variety of forms, including but not limited to:
(1) server: providing the equipment of the service of calculating, and the composition of server includes that processor, hard disk, memory, system are total
Line etc., server is similar with general computer architecture, but due to needing to provide highly reliable service, in processing energy
Power, stability, reliability, safety, scalability, manageability etc. are more demanding;
(2) other electronic equipments with data interaction function.
The embodiment of the present invention also provides a kind of computer readable storage medium, the computer-readable recording medium storage
There is one or more program, one or more of programs can be executed by one or more processor, aforementioned to realize
Prevent the method that website data is maliciously traversed.
Present system embodiment part process is close with embodiment of the method, more simple for the statement of system embodiment
Single, relevant portion please refers to embodiment of the method.
The numerical portion for the former network address that Website server generates is converted into complicated letter, conversion process consumption by the present invention
Time is short, and new network address includes close friend to the page, and effectively increases network address and crack difficulty, and raising crawls cost, to avoid website
By the risk of malice traversal crawl.
Finally, it should be noted that the above embodiments are only used to illustrate the technical solution of the present invention., rather than its limitations;To the greatest extent
Pipe present invention has been described in detail with reference to the aforementioned embodiments, those skilled in the art should understand that: its according to
So be possible to modify the technical solutions described in the foregoing embodiments, or to some or all of the technical features into
Row equivalent replacement;And these are modified or replaceed, various embodiments of the present invention technology that it does not separate the essence of the corresponding technical solution
The range of scheme should all cover within the scope of the claims and the description of the invention.
Claims (10)
1. a kind of method for preventing website data from maliciously being traversed characterized by comprising
Obtain former network address;
The former network address is handled based on ad hoc rules, to generate new network address;
The former network address is replaced using the new network address.
2. the method as described in claim 1, which is characterized in that the former network address of the acquisition specifically includes:
Obtain the former network address that Website server generates.
3. the method as described in claim 1, which is characterized in that it is described that the former network address is handled based on ad hoc rules,
To generate new network address, specifically include:
Extract the numerical portion in the former network address;
The numerical portion is converted into English alphabet by the rule of correspondence, generates new network address.
4. method as claimed in claim 3, which is characterized in that described that the numerical portion is converted to English by the rule of correspondence
Letter specifically includes:
According to the rule of correspondence of 10 Arabic numerals and 26 English alphabets, the numerical portion is converted into English words by turn
It is female;
The rule of correspondence is set by administrator, and is regularly updated.
5. a kind of system for preventing website data from maliciously being traversed characterized by comprising
Former website acquisition module, for obtaining the former network address of Website server generation;
Digital extraction module, for extracting the numerical portion in the former network address;
New network address generation module generates new network address for the numerical portion to be converted to English alphabet by the rule of correspondence;
Network address comes into force module, for replacing the former network address using the new network address.
6. system as claimed in claim 5, which is characterized in that described that the numerical portion is converted to English by the rule of correspondence
Letter specifically includes:
According to the rule of correspondence of 10 Arabic numerals and 26 English alphabets, the numerical portion is converted into English words by turn
It is female;
The rule of correspondence is set by administrator, and is regularly updated.
7. system as claimed in claim 6, which is characterized in that after the numerical portion is converted to English alphabet by turn, also
Include:
According to insertion rule, letters,confusion is inserted into English alphabet after conversion.
8. system as claimed in claim 7, which is characterized in that it is described regular according to insertion, in English alphabet after conversion
It is inserted into letters,confusion, is specifically included:
First of the alphabetic string of the English alphabet, last, the position that is rounded downwards of alphabetic string total length half, point
Other radom insertion English alphabet.
9. a kind of electronic equipment, which is characterized in that the electronic equipment includes: shell, processor, memory, circuit board and electricity
Source circuit, wherein circuit board is placed in the space interior that shell surrounds, and processor and memory setting are on circuit boards;Power supply
Circuit, for each circuit or the device power supply for above-mentioned electronic equipment;Memory is for storing executable program code;Processing
Device runs program corresponding with executable program code by reading the executable program code stored in memory, for holding
Method of the row as described in claim 1-4 is any.
10. a kind of computer readable storage medium, which is characterized in that the computer-readable recording medium storage have one or
Multiple programs, one or more of programs can be executed by one or more processor, to realize that claim 1-4 such as appoints
Method described in one.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910395076.1A CN110134890A (en) | 2019-05-13 | 2019-05-13 | A kind of method for preventing website data from maliciously being traversed, system, equipment and medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910395076.1A CN110134890A (en) | 2019-05-13 | 2019-05-13 | A kind of method for preventing website data from maliciously being traversed, system, equipment and medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN110134890A true CN110134890A (en) | 2019-08-16 |
Family
ID=67573654
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910395076.1A Pending CN110134890A (en) | 2019-05-13 | 2019-05-13 | A kind of method for preventing website data from maliciously being traversed, system, equipment and medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN110134890A (en) |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20090144326A1 (en) * | 2006-11-03 | 2009-06-04 | Franck Chastagnol | Site Directed Management of Audio Components of Uploaded Video Files |
| CN102402558A (en) * | 2010-09-16 | 2012-04-04 | 腾讯科技(深圳)有限公司 | Method and system for providing message containing website |
| CN102752267A (en) * | 2011-04-20 | 2012-10-24 | 阿里巴巴集团控股有限公司 | Method and device for providing website information |
-
2019
- 2019-05-13 CN CN201910395076.1A patent/CN110134890A/en active Pending
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20090144326A1 (en) * | 2006-11-03 | 2009-06-04 | Franck Chastagnol | Site Directed Management of Audio Components of Uploaded Video Files |
| CN102402558A (en) * | 2010-09-16 | 2012-04-04 | 腾讯科技(深圳)有限公司 | Method and system for providing message containing website |
| CN102752267A (en) * | 2011-04-20 | 2012-10-24 | 阿里巴巴集团控股有限公司 | Method and device for providing website information |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111241389B (en) | Sensitive word filtering method and device based on matrix, electronic equipment and storage medium | |
| CN101523373B (en) | Character position-based password recovery | |
| US20130227640A1 (en) | Method and apparatus for website scanning | |
| US10637643B2 (en) | Methods and apparatuses of digital data processing | |
| CN101986292A (en) | Method and system for processing forms based on an image | |
| JP7297791B2 (en) | Method, Apparatus, and System for Detecting Obfuscated Code in Application Software Files | |
| CN111831814B (en) | Pre-training method and device for abstract generation model, electronic equipment and storage medium | |
| CN103593440A (en) | Method and device for reading and writing log file | |
| CN102882987A (en) | Domain filter list storing and matching method and device | |
| CN104899499A (en) | Internet image search based Web verification code generation method | |
| RU2701040C1 (en) | Method and a computer for informing on malicious web resources | |
| CN109714356A (en) | A kind of recognition methods of abnormal domain name, device and electronic equipment | |
| CN103593442B (en) | The De-weight method and device of daily record data | |
| US20120193424A1 (en) | Method of encoding and decoding data on a matrix code symbol | |
| CN102567521A (en) | Webpage data capturing and filtering method | |
| CN107977344A (en) | Date storage method, acquisition methods and server | |
| CN110147431A (en) | Key word matching method, device, computer equipment and storage medium | |
| CN110417746A (en) | Cross-site scripting attack defence method, device, equipment and storage medium | |
| CN104346337A (en) | Method and device for intercepting junk information | |
| CN110134890A (en) | A kind of method for preventing website data from maliciously being traversed, system, equipment and medium | |
| CN109271607A (en) | User Page layout detection method and device, electronic equipment | |
| CN105335531B (en) | A kind of compression of document, decompressing method and device | |
| CN105512305B (en) | A kind of document compression, document decompressing method and device based on serializing | |
| CN109995518A (en) | Method for generating cipher code and device | |
| CN104317872B (en) | Key message acquisition methods and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20190816 |
|
| RJ01 | Rejection of invention patent application after publication |