CN110572378B - Method, terminal and server for preventing web hijacking based on mark tracking - Google Patents
Method, terminal and server for preventing web hijacking based on mark tracking Download PDFInfo
- Publication number
- CN110572378B CN110572378B CN201910780692.9A CN201910780692A CN110572378B CN 110572378 B CN110572378 B CN 110572378B CN 201910780692 A CN201910780692 A CN 201910780692A CN 110572378 B CN110572378 B CN 110572378B
- Authority
- CN
- China
- Prior art keywords
- node
- html
- server
- data
- key
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1466—Active attacks involving interception, injection, modification, spoofing of data unit addresses, e.g. hijacking, packet injection or TCP sequence number attacks
Abstract
The embodiment of the invention discloses a method, a terminal and a server for preventing web hijacking based on mark tracking, wherein the method comprises the following steps: each node in the html sent by the server has a unique fingerprint, the fingerprint is sent to the client after passing through the confusion code, the client initializes the fingerprint of the node through the same algorithm as the server, and then compares whether the results before and after comparison are consistent, and when the results are inconsistent, the injected node is confirmed and deleted. By adopting the invention, the cracking difficulty aiming at the injection type hijacking can be increased, thereby improving the prevention effect aiming at the conventional injection hijacking.
Description
Technical Field
The invention relates to the technical field of internet, in particular to a method, a terminal and a server for preventing web hijacking based on mark tracking.
Background
web hijacking is common, some operator networks or pseudo base stations inject third-party advertisements or marketing contents into web pages returned by a server through network requests of hijacking users, and even if the web pages are safe network requests based on https technology, hijacking parties can also inject the third-party advertisements or the marketing contents through a man-in-the-middle attack means. Injection hijacking not only seriously affects user experience, but also easily causes users to misunderstand the quality of product providers.
Disclosure of Invention
The embodiment of the invention provides a method, a terminal and a server for preventing web hijacking based on mark tracking, which can increase the cracking difficulty of injection type hijacking, thereby improving the prevention effect of conventional injection hijacking behaviors.
The first aspect of the embodiments of the present invention provides a method for preventing web hijacking based on tag tracking, which may include:
after receiving the html sent by the server, the client initializes the js file in the html to obtain the current data-key of each node;
the client compares whether the current data-key of each node is consistent with the data-key before initialization in the html;
and when the comparison result is inconsistent or the data-key before initialization does not exist, the client determines that the current node is the injection node and deletes the injection node.
Further, the method further comprises:
before sending html, the server generates a NodeID for each node in the html rendering process;
the server receives different random character strings RandomStr carried by each request;
the server further generates fingerprint information finger print of each node as hash (RandomStr + NodeID) according to the NodeID and RandomStr of each node;
the server also writes the fingerprint information of each node into the data-key of each node of the html.
Further, the method further comprises:
the server also mixes the fingerprint information code of each node into a js file main.js;
the server is also inserted into the html through the script tag and outputs the html to the client.
Further, the method further comprises:
the server also pre-generates 0 or more NodeIDs in the main.js file;
and if a legal newly added DOM node exists in the process of executing the js file, the server sequentially retrieves corresponding fingerprint information from the pre-generated NodeID.
Further, the process of obtaining the current data-key of each node by initializing the client is consistent with the process of obtaining the data-key in the html by the server.
A second aspect of the embodiments of the present invention provides a tag tracking based web hijacking prevention terminal, which may include:
the data initialization module is used for initializing js files in the html to obtain the current data-key of each node after receiving the html sent by the server;
the data comparison module is used for comparing whether the current data-key of each node is consistent with the data-key before initialization in the html;
and the injection hijacking module is used for determining the current node as an injection node and deleting the current node when the comparison result is inconsistent or the data-key before initialization does not exist.
A third aspect of an embodiment of the present invention provides a server for preventing web hijacking based on tag tracking, where the server includes:
the NodeID generation module is used for generating a NodeID for each node in the html rendering process before sending html;
the random Str receiving module is used for receiving different random character strings carried by each request;
a fingerprint information generating module, configured to further generate fingerprint information finger print of each node as hash (RandomStr + NodeID) according to the NodeID and RandomStr of each node;
and the fingerprint writing module is used for writing the fingerprint information of each node into the data-key of each node of the html.
Further, the server further includes:
the fingerprint coding module is used for mixing the fingerprint information code of each node into a js file main.js;
and the html output module is used for inserting the script tag into the html and outputting the html to the client together with the html so that the client breaks hijack injection in the html according to the fingerprint information.
Further, the server further includes:
a NodeID pre-generation module, which is used for pre-generating 0 or more NodeIDs in the main.js file;
and the fingerprint obtaining module is used for obtaining the corresponding fingerprint information from the pre-generated NodeID in sequence if a legal newly added DOM node exists in the executing process of the js file.
A fourth aspect of the embodiments of the present invention provides a computer device, where the computer device includes a processor and a memory, where the memory stores at least one instruction, at least one program, a code set, or a set of instructions, and the at least one instruction, the at least one program, the code set, or the set of instructions is loaded and executed by the processor to implement the tag tracking based web hijacking prevention method in the foregoing aspect.
A fifth aspect of the embodiments of the present invention provides a computer storage medium, where at least one instruction, at least one program, a code set, or a set of instructions is stored in the computer storage medium, and the at least one instruction, the at least one program, the code set, or the set of instructions is loaded and executed by a processor to implement the tag tracking based web hijacking prevention method in the foregoing aspect.
In the embodiment of the invention, each node in the html sent by the server has a unique fingerprint, and the fingerprint is sent to the client after being subjected to confusion coding, so that the cracking difficulty for injection type hijacking is increased; the client initializes the fingerprints of the nodes through the same algorithm as the server, compares whether the results before and after the initialization are consistent, and determines and deletes the injection nodes when the results are inconsistent, so that the prevention effect of the conventional injection hijacking behavior is improved.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the drawings without creative efforts.
Fig. 1 is a schematic flowchart of a method for preventing web hijacking based on tag tracking according to an embodiment of the present invention;
fig. 2 is a schematic structural diagram of a tag tracking-based web hijacking prevention terminal according to an embodiment of the present invention;
fig. 3 is a schematic structural diagram of a server for preventing web hijacking based on tag tracking according to an embodiment of the present invention;
fig. 4 is a schematic structural diagram of a computer device according to an embodiment of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The terms "including" and "having," and any variations thereof, in the description and claims of this invention and the above-described drawings are intended to cover a non-exclusive inclusion, and the terms "first" and "second" are used for distinguishing designations only and do not denote any order or magnitude of a number. For example, a process, method, system, article, or apparatus that comprises a list of steps or elements is not limited to only those steps or elements listed, but may alternatively include other steps or elements not listed, or inherent to such process, method, article, or apparatus.
In the embodiment of the invention, the method for preventing web hijacking based on mark tracking can be applied to computer equipment, the computer equipment can be a server issuing html or a client, and the client can be a mobile phone, a notebook, a PC (personal computer) terminal or other terminal equipment.
As shown in fig. 1, the method for preventing web hijacking based on tag tracking may at least include the following steps:
it should be noted that, in this embodiment, the description is mainly made on an application level in the client from a method for preventing web hijacking.
S101, after receiving the html sent by the server, initializing js files in the html to obtain the current data-key of each node.
It can be understood that, after receiving a network request from a client, a server may return an html corresponding to the request to the client, and in order to prevent injection hijacking, the server may generate an independent integer NodeID for each node in the html based on a depth traversal algorithm before issuing the html, it should be noted that the NodeID also represents the sequence of different nodes due to the existence of the traversal sequence. Further, the server may receive a random string RandomStr carried by each network request (the RandomStr corresponding to each request is different), and then may generate fingerprint information fingerprint of each node as hash (RandomStr + NodeID) according to the NodeID and the RandomStr of each node, and further may write the fingerprint information into the data-key of each node in html.
And furthermore, the server can encode and obfuscate the fingerprint information of each node into the code of a js file main.
In the specific implementation, after receiving the html, the client can analyze a js file main in the html, and then initialize each node in the file to obtain the current data-key. It should be noted that, in order to ensure the performability of the comparison, the process of obtaining the current data-key by initializing the client needs to be consistent with the process of obtaining the data-key in the html by the server, that is, the client performs initialization in main.
In an alternative embodiment, the server may need to have a new DOM node legal for future pages (possibly executed with JS). In order to avoid the situation that no corresponding node fingerprint information exists after a similar newly added DOM node is added, the server can pre-generate 0 or more NodeIDs in main.js and generate node fingerprint information by means of convention, and if a new legal DOM node is added subsequently, the server can sequentially draw corresponding fingerprint information from the pre-generated NodeIDs. It can be understood that if the future page has no legal new DOM nodes, the server may not generate nodeids in advance.
S102, comparing whether the current data-key of each node is consistent with the data-key before initialization in the html.
In a specific implementation, the client can compare whether the current data-key of each node is consistent with the data-key before initialization in html. The specific comparison method can detect based on the sequence of the nodes so as to quickly locate the inconsistent nodes when the inconsistency occurs.
S103, when the comparison result is inconsistent or the data-key before initialization does not exist, determining the current node as an injection node, and deleting the current node.
It can be understood that, as for the comparison result, if the html sent by the server is consistent, it indicates that all the nodes in the html sent by the server are normal nodes. If the data-keys are inconsistent or the data-keys which are not included in the data-keys before initialization exist in the current data-keys, the abnormal nodes exist in the html sent by the server, and the client can further analyze the addresses of the abnormal nodes according to the sequence of the nodes and delete the addresses, so that the operation of cracking, hijacking and injection is realized.
In the embodiment of the invention, each node in the html sent by the server has a unique fingerprint, and the fingerprint is sent to the client after being subjected to confusion coding, so that the cracking difficulty for injection type hijacking is increased; the client initializes the fingerprints of the nodes through the same algorithm as the server, compares whether the results before and after the initialization are consistent, and determines and deletes the injection nodes when the results are inconsistent, so that the prevention effect of the conventional injection hijacking behavior is improved.
The following describes a detailed description of the tag tracking based web hijacking prevention terminal according to an embodiment of the present invention with reference to fig. 2. It should be noted that, the tag tracking based web hijacking prevention terminal shown in fig. 2 is used for executing the method of the embodiment shown in fig. 1 of the present invention, for convenience of description, only the part related to the embodiment of the present invention is shown, and details of the specific technology are not disclosed, please refer to the embodiment shown in fig. 1 of the present invention.
Referring to fig. 2, a schematic structural diagram of a tag tracking based web hijacking prevention terminal is provided in an embodiment of the present invention. As shown in fig. 2, the terminal 10 according to an embodiment of the present invention may include: a data initialization module 101, a data comparison module 102 and an injection hijacking module 103.
And the data initialization module 101 is configured to initialize a js file in the html to obtain the current data-key of each node after receiving the html sent by the server.
And the data comparison module 102 is used for comparing whether the current data-key of each node is consistent with the data-key before initialization in the html.
And the injection hijacking module 103 is used for determining that the current node is the injection node and deleting the current node when the comparison result is inconsistent or the data-key before initialization does not exist.
It should be noted that the terminal is a client, and a specific execution process of the terminal may refer to the specific description in the foregoing method embodiment, which is not described herein again.
In the embodiment of the invention, the client initializes the fingerprints of the nodes by the same algorithm as the server, compares whether the results before and after are consistent, and confirms and deletes the injection nodes when the results are inconsistent, thereby improving the prevention effect aiming at the conventional injection hijacking behavior.
The following describes a web hijacking prevention server based on tag tracking according to an embodiment of the present invention in detail with reference to fig. 3. It should be noted that, the server for preventing web hijacking based on tag tracking shown in fig. 3 is used for executing the method of the embodiment of the present invention shown in fig. 1, for convenience of description, only the part related to the embodiment of the present invention is shown, and details of the specific technology are not disclosed, please refer to the embodiment of the present invention shown in fig. 1.
Referring to fig. 3, a schematic structural diagram of a server for preventing web hijacking based on tag tracking is provided in an embodiment of the present invention. As shown in fig. 3, the server 20 of the embodiment of the present invention may include: a NodeID generating module 201, a RandomStr receiving module 202, a fingerprint information generating module 203, a fingerprint writing module 204, a fingerprint encoding module 205, an html output module 206, a NodeID pre-generating module 207 and a fingerprint getting module 208.
The NodeID generation module 201 is configured to generate a NodeID for each node in the html rendering process before sending html.
A RandomStr receiving module 202, configured to receive a random string RandomStr that is different and carried by each request.
The fingerprint information generating module 203 is configured to further generate fingerprint information finger print of each node as a hash (RandomStr + NodeID) according to the NodeID and RandomStr of each node.
And the fingerprint writing module 204 is used for writing the fingerprint information of each node into the data-key of each node of the html.
A fingerprint coding module 205, configured to mix the fingerprint information code of each node into a js file main.js;
and the html output module 206 is used for inserting the script tag into the html and outputting the html to the client together with the html, so that the client breaks hijack injection in the html according to the fingerprint information.
A NodeID pre-generation module 207, configured to pre-generate 0 or more nodeids in the main.
And the fingerprint obtaining module 208 is configured to obtain corresponding fingerprint information in sequence from the pre-generated nodeids if there is a valid newly added DOM node in the js file execution process.
It should be noted that, for a specific execution process of the service, reference may be made to the description about the server in the foregoing method embodiment, and details are not described here again.
In the embodiment of the invention, each node in the html sent by the server has a unique fingerprint, and the fingerprint is sent to the client after passing through the confusion code, so that the cracking difficulty for the injection type hijacking is increased.
The embodiment of the present invention further provides a computer storage medium, where the computer storage medium may store a plurality of instructions, and the instructions are suitable for being loaded by a processor and executing the method steps in the embodiment shown in fig. 1, and a specific execution process may refer to specific descriptions of the embodiment shown in fig. 1, which is not described herein again.
The embodiment of the application also provides a computer device, namely a server or a client. As shown in fig. 4, the computer device 30 may include: the at least one processor 301, e.g., CPU, the at least one network interface 304, the user interface 303, the memory 305, the at least one communication bus 302, and optionally, a display screen 306. Wherein a communication bus 302 is used to enable the connection communication between these components. The user interface 303 may include a touch screen, a keyboard or a mouse, among others. The network interface 304 may optionally include a standard wired interface, a wireless interface (e.g., WI-FI interface), and a communication connection may be established with the server via the network interface 304. Memory 305 may be a high-speed RAM memory or a non-volatile memory (non-volatile memory), such as at least one disk memory, and memory 305 includes a flash in an embodiment of the invention. The memory 305 may alternatively be at least one memory system located remotely from the processor 301. As shown in fig. 4, memory 305, which is a type of computer storage medium, may include an operating system, a network communication module, a user interface module, and program instructions.
It should be noted that the network interface 304 may be connected to a receiver, a transmitter or other communication module, and the other communication module may include, but is not limited to, a WiFi module, a bluetooth module, etc., and it is understood that the computer device in the embodiment of the present invention may also include a receiver, a transmitter, other communication module, etc.
after receiving the html sent by the server, initializing a js file in the html to obtain the current data-key of each node;
comparing whether the current data-key of each node is consistent with the data-key before initialization in the html;
and when the comparison result is inconsistent or the data-key before initialization does not exist, determining the current node as the injection node, and deleting the injection node.
In some embodiments, the apparatus 30 is further configured to:
before sending html, generating a NodeID for each node in the html rendering process;
receiving different random character strings RandomStr carried by each request;
generating fingerprint information finger print of each node as hash (RandomStr + NodeID) according to the NodeID and RandomStr of each node;
and writing the fingerprint information of each node into the data-key of each node of the html.
In some embodiments, the apparatus 30 is further configured to:
obfuscating the fingerprint information code of each node into a js file main.js;
and inserting the script tag into the html and outputting the html to the client together with the html.
In some embodiments, the apparatus 30 is further configured to:
pre-generating 0 or more NodeIDs in the main.js file;
and if a legal newly added DOM node exists in the process of executing the js file, sequentially acquiring corresponding fingerprint information from the pre-generated NodeID.
In some embodiments, the process of initializing and obtaining the current data-key of each node by the client is consistent with the process of obtaining the data-key in the html by the server.
In the embodiment of the invention, each node in the html sent by the server has a unique fingerprint, and the fingerprint is sent to the client after being subjected to confusion coding, so that the cracking difficulty for injection type hijacking is increased; the client initializes the fingerprints of the nodes through the same algorithm as the server, compares whether the results before and after the initialization are consistent, and determines and deletes the injection nodes when the results are inconsistent, so that the prevention effect of the conventional injection hijacking behavior is improved.
It will be understood by those skilled in the art that all or part of the processes of the methods of the embodiments described above can be implemented by a computer program, which can be stored in a computer-readable storage medium, and when executed, can include the processes of the embodiments of the methods described above. The storage medium may be a magnetic disk, an optical disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), or the like.
The above disclosure is only for the purpose of illustrating the preferred embodiments of the present invention, and it is therefore to be understood that the invention is not limited by the scope of the appended claims.
Claims (9)
1. A method for preventing web hijacking based on mark tracking is characterized by comprising the following steps:
after receiving an html sent by a server, a client initializes a js file in the html to obtain the current data-key of each node;
the client compares whether the current data-key of each node is consistent with the data-key before initialization in the html;
when the comparison result is inconsistent or the data-key before initialization does not exist, the client determines that the current node is an injection node and deletes the current node;
before sending the html, the server generates a NodeID for each node in the html rendering process;
the server receives different random character strings RandomStr carried by each request;
the server further generates fingerprint information finger print of each node as hash (RandomStr + NodeID) according to the NodeID of each node and the RandomStr;
the server also writes the fingerprint information of each node into the data-key of each node of the html.
2. The method of claim 1, further comprising:
the server also mixes the fingerprint information code of each node into a js file main.js;
the server is also inserted into the html through a script tag and outputs the html to the client together with the html.
3. The method of claim 2, further comprising:
the server also pre-generates 0 or more NodeIDs in the main.js file;
and if a legal newly added DOM node exists in the process of executing the js file, the server sequentially retrieves corresponding fingerprint information from the pre-generated NodeID.
4. The method of claim 2,
the process of obtaining the current data-key of each node by the client side through initialization is consistent with the process of obtaining the data-key in the html through the server.
5. A tag tracking based web hijack resistant terminal, comprising:
the data initialization module is used for initializing js files in the html to obtain the current data-key of each node after receiving the html sent by the server;
the data comparison module is used for comparing whether the current data-key of each node is consistent with the data-key before initialization in the html;
the injection hijack module is used for determining the current node as an injection node and deleting the current node when the comparison result is inconsistent or the data-key before initialization does not exist;
further comprising: before sending the html, the server generates a NodeID for each node in the html rendering process;
the server receives different random character strings RandomStr carried by each request;
the server further generates fingerprint information finger print of each node as hash (RandomStr + NodeID) according to the NodeID of each node and the RandomStr;
the server also writes the fingerprint information of each node into the data-key of each node of the html.
6. A server for preventing web hijacking based on tag tracking, comprising:
the NodeID generation module is used for generating a NodeID for each node in the html rendering process before sending html;
the random Str receiving module is used for receiving different random character strings carried by each request;
a fingerprint information generating module, configured to further generate fingerprint information finger print of each node as hash (RandomStr + NodeID) according to the NodeID of each node and the RandomStr;
and the fingerprint writing module is used for writing the fingerprint information of each node into the data-key of each node of the html, and the data-key is used for the client to judge whether the current node is a legal node in the server.
7. The server of claim 6, further comprising:
the fingerprint coding module is used for mixing the fingerprint information code of each node into a js file main.js;
and the html output module is used for inserting the script tag into the html and outputting the html to the client together with the html so that the client can crack hijack injection in the html according to the fingerprint information.
8. A computer device, characterized in that it comprises a processor and a memory in which at least one instruction, at least one program, set of codes or set of instructions is stored, which is loaded and executed by the processor to implement a method for tag tracking based web hijacking prevention as claimed in any one of claims 1 to 4.
9. A computer-readable storage medium, characterized in that at least one instruction, at least one program, a set of codes, or a set of instructions is stored in the storage medium, which is loaded and executed by a processor to implement the method for tag tracking based web hijacking prevention according to any one of claims 1 to 4.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910780692.9A CN110572378B (en) | 2019-08-22 | 2019-08-22 | Method, terminal and server for preventing web hijacking based on mark tracking |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910780692.9A CN110572378B (en) | 2019-08-22 | 2019-08-22 | Method, terminal and server for preventing web hijacking based on mark tracking |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN110572378A CN110572378A (en) | 2019-12-13 |
| CN110572378B true CN110572378B (en) | 2021-11-23 |
Family
ID=68774471
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910780692.9A Active CN110572378B (en) | 2019-08-22 | 2019-08-22 | Method, terminal and server for preventing web hijacking based on mark tracking |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN110572378B (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112214549A (en) * | 2020-10-10 | 2021-01-12 | 中育数据(广州)科技有限公司 | File feature code generation method and device and electronic equipment |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8434149B1 (en) * | 2007-12-21 | 2013-04-30 | Symantec Corporation | Method and apparatus for identifying web attacks |
| CN108073828A (en) * | 2016-11-16 | 2018-05-25 | 阿里巴巴集团控股有限公司 | A kind of webpage integrity assurance, apparatus and system |
| CN108494762A (en) * | 2018-03-15 | 2018-09-04 | 广州优视网络科技有限公司 | Web access method, device and computer readable storage medium, terminal |
| CN108809943A (en) * | 2018-05-14 | 2018-11-13 | 苏州闻道网络科技股份有限公司 | Web publishing method and its device |
| CN109597972A (en) * | 2018-12-10 | 2019-04-09 | 杭州全维技术股份有限公司 | A kind of webpage dynamic change and altering detecting method based on web page frame |
| CN109688130A (en) * | 2018-12-24 | 2019-04-26 | 北京奇虎科技有限公司 | Webpage kidnaps detection method, device and computer storage medium |
-
2019
- 2019-08-22 CN CN201910780692.9A patent/CN110572378B/en active Active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8434149B1 (en) * | 2007-12-21 | 2013-04-30 | Symantec Corporation | Method and apparatus for identifying web attacks |
| CN108073828A (en) * | 2016-11-16 | 2018-05-25 | 阿里巴巴集团控股有限公司 | A kind of webpage integrity assurance, apparatus and system |
| CN108494762A (en) * | 2018-03-15 | 2018-09-04 | 广州优视网络科技有限公司 | Web access method, device and computer readable storage medium, terminal |
| CN108809943A (en) * | 2018-05-14 | 2018-11-13 | 苏州闻道网络科技股份有限公司 | Web publishing method and its device |
| CN109597972A (en) * | 2018-12-10 | 2019-04-09 | 杭州全维技术股份有限公司 | A kind of webpage dynamic change and altering detecting method based on web page frame |
| CN109688130A (en) * | 2018-12-24 | 2019-04-26 | 北京奇虎科技有限公司 | Webpage kidnaps detection method, device and computer storage medium |
Non-Patent Citations (1)
| Title |
|---|
| 移动端Web浏览器HTTP流量注入分析;谢梦非;《中国优秀硕士学位论文全文数据库(电子期刊)》;20180615;全文 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN110572378A (en) | 2019-12-13 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9887999B2 (en) | Login method and apparatus | |
| US9235586B2 (en) | Reputation checking obtained files | |
| Upathilake et al. | A classification of web browser fingerprinting techniques | |
| CN109951435B (en) | Equipment identifier providing method and device and risk control method and device | |
| CN107911222B (en) | Digital signature generating method, digital signature verifying method, digital signature generating apparatus, digital signature verifying apparatus, and storage medium storing digital signature verifying program | |
| CN111355726B (en) | Identity authorization login method and device, electronic equipment and storage medium | |
| CN107896219B (en) | Method, system and related device for detecting website vulnerability | |
| CN110166543B (en) | Application program processing method and device and computer equipment | |
| WO2014189900A1 (en) | Protecting data | |
| CN107016074B (en) | Webpage loading method and device | |
| CN104468531A (en) | Authorization method, device and system for sensitive data | |
| CN104933363A (en) | Method and device for detecting malicious file | |
| CN104052722A (en) | Web address security detection method, apparatus and system | |
| CN110493207B (en) | Data processing method and device, electronic equipment and storage medium | |
| CN109547426B (en) | Service response method and server | |
| CN103207863A (en) | Page cross-domain interacting method and terminal | |
| CN112703496B (en) | Content policy based notification to application users regarding malicious browser plug-ins | |
| CN106649446B (en) | Information pushing method and device | |
| CN103763104A (en) | Method and system for dynamic verification | |
| CN112131564A (en) | Encrypted data communication method, apparatus, device, and medium | |
| CN112789615A (en) | Determining security risks in binary software code based on extracted and accessed network addresses | |
| CN110572378B (en) | Method, terminal and server for preventing web hijacking based on mark tracking | |
| CN109088872B (en) | Using method and device of cloud platform with service life, electronic equipment and medium | |
| CN109145589B (en) | Application program acquisition method and device | |
| CN110572376B (en) | Method, terminal and server for preventing network hijacking based on mark tracking |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| CP03 | Change of name, title or address | ||
| CP03 | Change of name, title or address |
Address after: 200135 Room 308, floor 3, unit 2, No. 231, Expo Village Road, China (Shanghai) pilot Free Trade Zone, Pudong New Area, Shanghai Patentee after: Wheel interconnection technology (Shanghai) Co.,Ltd. Address before: 200125 Room 501, 5 / F, building 3, 3601 Dongfang Road, Pudong New Area, Shanghai Patentee before: SHANGHAI YIDIAN SPACE NETWORK Co.,Ltd. |