CN111131303A - Request data verification system and method - Google Patents
Request data verification system and method Download PDFInfo
- Publication number
- CN111131303A CN111131303A CN201911409126.3A CN201911409126A CN111131303A CN 111131303 A CN111131303 A CN 111131303A CN 201911409126 A CN201911409126 A CN 201911409126A CN 111131303 A CN111131303 A CN 111131303A
- Authority
- CN
- China
- Prior art keywords
- request data
- data
- verification
- request
- verifying
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
- H04L63/123—Applying verification of the received information received data contents, e.g. message integrity
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1466—Active attacks involving interception, injection, modification, spoofing of data unit addresses, e.g. hijacking, packet injection or TCP sequence number attacks
Abstract
The embodiment of the invention discloses a system and a method for verifying request data, wherein the method comprises the following steps: the method comprises the steps that a universal interceptor receives request data sent by a user from an external network platform to an internal network platform, and after first-dimension verification is carried out on the request data, the request data are continuously transmitted; a form field interceptor receives the request data transmitted from the universal interceptor, and continuously transmits the request data after checking page form information of the request data; the logic interceptor receives the request data transmitted from the form field interceptor, verifies an application programming interface of the request data, and transmits the request data to the intranet platform; and after the request data is intercepted, displaying the intercepted position of the request data through a data interception prompter. Therefore, the safety of the outer network platform for accessing the intranet service is improved, the cost of the intranet system access platform is reduced, and the access efficiency is improved.
Description
Technical Field
The invention relates to the field of network security, in particular to a system and a method for verifying request data.
Background
The intranet system is the inside use of enterprise mostly, can pass through the business of extranet platform access intranet platform after crawling through reverse proxy or reptile, when visiting, need with the request data after visiting leading-in to the intranet system, but with request data feedback intranet platform be, handle less to the security, there are various potential safety hazard problems, if receive malicious attack, will be catastrophic, so must accomplish effectual protection. The security guarantee is guaranteed by the service system itself from the system level, when the intranet service is accessed through the extranet platform, because the number of the access systems is large, development teams to which the service systems belong are different, service lines are different, security improvement is carried out according to standards, communication, design, development, test and scheduling time is too long and tedious, and because the access systems are increased according to service changes, the development work can be endless for a long time, so that the cost of the intranet system access platform is high, the system opening efficiency is greatly influenced, and how to design a technical innovation for checking the request data in the process of feeding the request data back to the intranet platform is needed.
Disclosure of Invention
In order to solve the problems in the prior art, embodiments of the present invention provide a system and a method for verifying request data, which can improve the security of an extranet platform accessing an intranet service, reduce the cost of an intranet system access platform, and improve the access efficiency.
In order to solve the technical problems, the invention adopts the technical scheme that:
in a first aspect, an embodiment of the present invention provides a system for verifying request data, including:
the universal interception module is used for receiving request data sent by a user from an external network platform to an internal network platform, carrying out first dimension verification on the request data, and continuously transmitting the request data after the request data passes the verification;
the form field intercepting module is used for receiving the request data transmitted from the general intercepting module, verifying page form information of the request data, and continuously transmitting the request data after the request data passes the verification;
the logic interception module is used for receiving the request data transmitted from the form field interception module, verifying an application programming interface of the request data, and transmitting the request data to the intranet platform after the request data passes the verification;
and the verification prompt module is used for displaying the intercepted position of the request data after the request data is intercepted.
Further, the universal interception module comprises: the system comprises a cross-site attack verification unit, a blacklist interception unit, a frequency interception unit and a page start-stop unit; the cross-site attack verification unit is used for verifying cross-site request forgery, cross-site scripting attack and SQL injection on the request data; the page starting and stopping unit is used for automatically degrading and closing the page of the request data under the condition of marking.
Further, the check of cross-site request forgery checks the position of a Referer field in an HTTP request header in the request data first, then checks whether a Token string placed in the request data in advance exists, and checks the timeliness of the Token string.
Further, the form field intercepting module comprises a form rule checking unit, a data integrity checking unit and a re-submission prevention checking unit, wherein the form rule checking unit is used for comparing the forms requesting data according to a preset rule; the data integrity checking unit is used for checking a data signature in the request data; the anti-rereading verification unit is used for verifying the uniqueness of a preset character string in the request data.
Further, the verifying the data signature comprises: presetting a key, a timestamp and a character string in the request data, splicing the key, the timestamp and the character string through an algorithm encryptor to form a signature string, and comparing the authenticity of the signature string when the request data passes through a data integrity verification unit.
On the other hand, the embodiment of the invention also provides a method for verifying the request data, which comprises the following steps:
the method comprises the steps that a universal interceptor receives request data sent by a user from an external network platform to an internal network platform, first dimension verification is carried out on the request data, and when the request data passes the verification, the universal interceptor continues to transmit the request data;
the form field interceptor receives the request data transmitted from the universal interceptor, checks page form information of the request data, and continues to transmit the request data after the request data passes the check;
the logic interceptor receives the request data transmitted from the form field interceptor, verifies an application programming interface of the request data, and transmits the request data to the intranet platform after the request data passes the verification;
and after the request data is intercepted, displaying the intercepted position of the request data through a data interception prompter.
Further, the checking of the request data by the first dimension check includes: cross-site attack verification, blacklist interception, IP address frequency interception and page start-stop processing; the cross-site attack check is used for carrying out cross-site request forgery, cross-site script attack and SQL injection check on the request data; and the page starting and stopping processing automatically degrades and closes according to the labeling condition of the request data page.
Further, the check of cross-site request forgery checks the position of a Referer field in an HTTP request header in the request data first, then checks whether a Token string placed in the request data in advance exists, and checks the timeliness of the Token string.
Further, the verification of the page form information comprises form rule verification, data integrity verification and re-submission prevention verification, wherein the form rule verification is to compare the forms requesting the data according to a preset rule; the data integrity check is to check a data signature in the request data; the anti-rerun check is to check the uniqueness of a preset character string in the request data.
Further, the verification of the data signature comprises the following steps: presetting a key, a timestamp and a character string in the request data, then splicing the key, the timestamp and the character string through an algorithm encryptor to form a signature string, and comparing the authenticity of the signature string when the request data passes through a data integrity verification unit.
The technical scheme provided by the embodiment of the invention has the following beneficial effects:
the embodiment of the invention provides a verification system and a method of request data, which finish triple verification of the request data in the process of sending the request data of an intranet service accessed by an extranet platform to the intranet platform, analyze various access system forms, realize multiple protection mechanisms such as basic safety protection, page form verification, special customized logic verification and the like, ensure the system access safety, achieve the purposes of finishing basic protection, customized protection and data verification at the platform end, forwarding the request to the intranet system to finish service logic processing after verification is passed, ensure the safety of the request data when a user carries out the operation of the request data, realize the verification method of the request data, have no invasion and no logic influence on the intranet system, do not need to carry out code transformation on the service system, save manpower and time cost for a large number of service system transformation, save evaluation and control time for opening the extranet access by the intranet flow, the requirement of opening the service party to the outside can be rapidly completed, the cost of the intranet system access platform is obviously reduced, and the access efficiency is improved.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present invention, the drawings needed to be used in the description of the embodiments will be briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without creative efforts.
FIG. 1 is a schematic diagram of an operating logic of a system for verifying requested data according to an embodiment of the present invention;
FIG. 2 is a schematic diagram of a verification process of the method for verifying requested data according to an embodiment of the present invention;
fig. 3 is a schematic flowchart of a method for verifying request data according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The first embodiment is as follows:
as shown in fig. 1, the present embodiment provides a verification system for requested data, including:
the universal interception module is used for receiving request data sent by a user from an external network platform to an internal network platform, carrying out first dimension verification on the request data, and continuously transmitting the request data after the request data passes the verification;
the form field intercepting module is used for receiving the request data transmitted from the general intercepting module, verifying page form information of the request data, and continuously transmitting the request data after the request data passes the verification;
the logic interception module is used for receiving the request data transmitted from the form field interception module, verifying an application programming interface of the request data, and transmitting the request data to the intranet platform after the request data passes the verification;
and the verification prompt module is used for displaying the intercepted position of the request data after the request data is intercepted.
Specifically, in the process of sending request data of an intranet service accessed by an extranet platform to the intranet platform, triple verification of the request data is completed, multiple access system forms are analyzed, multiple protection mechanisms such as basic safety protection, page form verification, special customized logic verification and the like are realized, system access safety is guaranteed, the basic protection, the customized protection and the data verification are completed at the platform end, the request is forwarded to the intranet system after verification is passed to complete service logic processing, a user can perform safety guarantee on the request data when performing operation on the request data, and the verification method of the request data is realized without invasion and logic influence on the intranet system, code transformation of the service system is not needed, manpower and time cost for transformation of a large number of service systems are saved, evaluation wind control time for open intranet flow and extranet access is saved, and the open requirements of service parties can be quickly completed, the cost of an intranet system access platform is obviously reduced, and the access efficiency is improved.
Preferably, the universal interception module comprises: the system comprises a cross-site attack verification unit, a blacklist interception unit, a frequency interception unit and a page start-stop unit; the cross-site attack verification unit is used for verifying cross-site request forgery, cross-site scripting attack and SQL injection on the request data; the page starting and stopping unit is used for automatically degrading and closing the page of the request data under the condition of marking. Further, the check of cross-site request forgery checks the position of a Referer field in an HTTP request header in the request data first, then checks whether a Token string placed in the request data in advance exists, and checks the timeliness of the Token string. In addition, the verification of the cross-site scripting attack specifically means that XSS (cross-site scripting attack) attack is prevented, the prevention means that some sensitive scripting commands are removed from some parameters in a Request, and the submitted data are replaced and modified in a key word filtering mode through HTML escape and Script scripts. The blacklist interception unit is used for acquiring the user request IP, comparing the user request IP with the configured IP or IP section, and returning an abnormal prompt if the user request IP is not matched with the configured IP or IP section. The frequency interception unit is realized by a Redis counter, the failure time is set according to the configuration, and when the same IP user accesses the same page within the configured time period and reaches the set times, the system returns the abnormal prompt information. The first dimension verification performed by the universal interception module is verification or interception of basic protection control, the verification is relatively comprehensive, and the safety feedback of the request data to the intranet platform is ensured. The SQL injection means that the web application program does not judge the legality of the data input by the user or filter the data badly, an attacker can add extra SQL sentences at the end of a query sentence defined in advance in the web application program, illegal operation is realized under the condition that an administrator is not aware of the SQL sentences, and accordingly the database server is deceived to execute unauthorized random query, corresponding data information is further obtained, and therefore the injected vulnerability can be detected through the SQL injection verification through advanced configuration, or encryption keywords are added into the request data, the SQL injection attack is prevented through the keywords, and the safety of the request data is guaranteed.
Preferably, in order to further improve the security of the forms and the fields in the request data, the form field intercepting module includes a form rule checking unit, a data integrity checking unit and a re-submission prevention checking unit, and the form rule checking unit is used for comparing the forms of the request data according to a preset rule; the data integrity checking unit is used for checking a data signature in the request data; the anti-rereading verification unit is used for verifying the uniqueness of a preset character string in the request data. Specifically, the anti-re-submission verification unit adopts a Token verification method, the Token used by the page each time is submitted is unique, and the page is cleared after the submission is finished, so that the uniqueness of each request is ensured. When a user enters a page, a server randomly generates a Token character string (which is stored in a Redis cache and the failure time is set) and transmits the Token character string to the page for storage, the Token is taken when data is submitted, whether the Token exists or not is checked in an interceptor, if the Token does not exist, the operation is illegal, and the purpose of preventing resubmission can be achieved. Further, the verifying the data signature comprises: presetting a key, a timestamp and a character string in the request data, splicing the key, the timestamp and the character string through an algorithm encryptor to form a signature string, and comparing the authenticity of the signature string when the request data passes through a data integrity verification unit.
Example two:
as shown in fig. 3, the present embodiment provides a method for verifying request data, including the following steps:
s1: the method comprises the steps that a universal interceptor receives request data sent by a user from an external network platform to an internal network platform, first dimension verification is carried out on the request data, and when the request data passes the verification, the universal interceptor continues to transmit the request data;
s2: the form field interceptor receives the request data transmitted from the universal interceptor, checks page form information of the request data, and continues to transmit the request data after the request data passes the check;
s3: the logic interceptor receives the request data transmitted from the form field interceptor, verifies an application programming interface of the request data, and transmits the request data to the intranet platform after the request data passes the verification;
and after the request data is intercepted, displaying the intercepted position of the request data through a data interception prompter.
Specifically, as shown in fig. 2, in the process of verifying the request data, the request data of the intranet service accessed by the extranet platform is sent to the intranet platform, so that triple verification of the request data is completed, multiple protection mechanisms such as basic security protection, page form verification, special customized logic verification and the like are realized, system access security is guaranteed, basic protection, customized protection and data verification are completed at the platform end, after verification is passed, the request is forwarded to the intranet system to complete service logic processing, a user can guarantee the security of the request data when performing the operation of the request data, and the verification method of the request data is realized without invasion and logic influence on the intranet system, code transformation of the intranet system is not needed, labor and time costs for transformation of a large number of service systems are saved, and review and air control time for opening the extranet access by the intranet flow is saved, the requirement of opening the service party to the outside can be rapidly completed, the cost of the intranet system access platform is obviously reduced, and the access efficiency is improved.
Preferably, the checking of the request data by the first dimension check includes: cross-site attack verification, blacklist interception, IP address frequency interception and page start-stop processing; the cross-site attack check is used for carrying out cross-site request forgery, cross-site script attack and SQL injection check on the request data; and the page starting and stopping processing automatically degrades and closes according to the labeling condition of the request data page. Further, the check of cross-site request forgery checks the position of a Referer field in an HTTP request header in the request data first, then checks whether a Token string placed in the request data in advance exists, and checks the timeliness of the Token string. The verification of the cross-site scripting attack specifically means that XSS (cross-site scripting attack) attack is prevented, the prevention means that some sensitive scripting commands are removed from some parameters in a Request, and the submitted data is replaced and modified in a key word filtering mode through HTML escape and Script scripts. The blacklist interception unit is used for acquiring the user request IP, comparing the user request IP with the configured IP or IP section, and returning an abnormal prompt if the user request IP is not matched with the configured IP or IP section. The frequency interception unit is realized by a Redis counter, the failure time is set according to the configuration, and when the same IP user accesses the same page within the configured time period and reaches the set times, the system returns the abnormal prompt information. The first dimension verification performed by the universal interception module is verification or interception of basic protection control, the verification is relatively comprehensive, and the safety feedback of the request data to the intranet platform is ensured.
Preferably, the verification of the page form information comprises form rule verification, data integrity verification and re-submission prevention verification, wherein the form rule verification is to compare the forms requesting data according to a preset rule; the data integrity check is to check a data signature in the request data; the anti-rerun check is to check the uniqueness of a preset character string in the request data. Specifically, the anti-resubmission verification passes through a Token verification method, the Token used by the page each time is submitted is unique, and the page is cleared after the submission is finished, so that the uniqueness of each request is ensured. When a user enters a page, a server randomly generates a Token character string (which is stored in a Redis cache and the failure time is set) and transmits the Token character string to the page for storage, the Token is taken when data is submitted, whether the Token exists or not is checked in an interceptor, if the Token does not exist, the operation is illegal, and the purpose of preventing resubmission can be achieved. Further, the verification of the data signature comprises the following steps: presetting a key, a timestamp and a character string in the request data, then splicing the key, the timestamp and the character string through an algorithm encryptor to form a signature string, and comparing the authenticity of the signature string when the request data passes through a data integrity verification unit.
All the above-mentioned optional technical solutions can be combined arbitrarily to form the optional embodiments of the present invention, and are not described herein again.
It should be noted that: in the verification system for request data provided in the above embodiment, when the request data is verified, only the division of the functional modules is illustrated, and in practical application, the function distribution may be completed by different functional modules according to needs, that is, the internal structure of the verification system for request data is divided into different functional modules, so as to complete all or part of the functions described above. In addition, the verification system for the requested data and the verification method for the requested data provided by the above embodiments belong to the same concept, and specific implementation processes thereof are detailed in the method embodiments and are not described herein again.
It will be understood by those skilled in the art that all or part of the steps for implementing the above embodiments may be implemented by hardware, or may be implemented by a program instructing relevant hardware, where the program may be stored in a computer-readable storage medium, and the above-mentioned storage medium may be a read-only memory, a magnetic disk or an optical disk, etc.
The above description is only for the purpose of illustrating the preferred embodiments of the present invention and is not to be construed as limiting the invention, and any modifications, equivalents, improvements and the like that fall within the spirit and principle of the present invention are intended to be included therein.
Claims (10)
1. A system for verifying requested data, comprising:
the universal interception module is used for receiving request data sent by a user from an external network platform to an internal network platform, carrying out first dimension verification on the request data, and continuously transmitting the request data after the request data passes the verification;
the form field intercepting module is used for receiving the request data transmitted from the general intercepting module, verifying page form information of the request data, and continuously transmitting the request data after the request data passes the verification;
the logic interception module is used for receiving the request data transmitted from the form field interception module, verifying an application programming interface of the request data, and transmitting the request data to the intranet platform after the request data passes the verification;
and the verification prompt module is used for displaying the intercepted position of the request data after the request data is intercepted.
2. The system for verifying the requested data according to claim 1, wherein the universal interception module comprises: the system comprises a cross-site attack verification unit, a blacklist interception unit, a frequency interception unit and a page start-stop unit; the cross-site attack verification unit is used for verifying cross-site request forgery, cross-site scripting attack and SQL injection on the request data; the page starting and stopping unit is used for automatically degrading and closing the page of the request data under the condition of marking.
3. The system for checking request data according to claim 2, wherein the checking for cross-site request forgery checks a position of a Referer field in an HTTP request header in the request data first, then checks whether a Token string placed in the request data in advance exists, and checks timeliness of the Token string.
4. The system for verifying the request data according to claim 1, wherein the form field intercepting module comprises a form rule verifying unit, a data integrity verifying unit and a re-submission prevention verifying unit, and the form rule verifying unit is used for comparing the forms of the request data according to a preset rule; the data integrity checking unit is used for checking a data signature in the request data; the anti-rereading verification unit is used for verifying the uniqueness of a preset character string in the request data.
5. The system for verifying the requested data as recited in claim 4, wherein the verification of the data signature comprises: presetting a key, a timestamp and a character string in the request data, splicing the key, the timestamp and the character string through an algorithm encryptor to form a signature string, and comparing the authenticity of the signature string when the request data passes through a data integrity verification unit.
6. A method for verifying requested data, comprising the steps of:
the method comprises the steps that a universal interceptor receives request data sent by a user from an external network platform to an internal network platform, first dimension verification is carried out on the request data, and when the request data passes the verification, the universal interceptor continues to transmit the request data;
the form field interceptor receives the request data transmitted from the universal interceptor, checks page form information of the request data, and continues to transmit the request data after the request data passes the check;
the logic interceptor receives the request data transmitted from the form field interceptor, verifies an application programming interface of the request data, and transmits the request data to the intranet platform after the request data passes the verification;
and after the request data is intercepted, displaying the intercepted position of the request data through a data interception prompter.
7. The method for verifying the requested data according to claim 6, wherein the verifying the requested data by the first dimension comprises: cross-site attack verification, blacklist interception, IP address frequency interception and page start-stop processing; the cross-site attack check is used for carrying out cross-site request forgery, cross-site script attack and SQL injection check on the request data; and the page starting and stopping processing automatically degrades and closes according to the labeling condition of the request data page.
8. The method for checking request data according to claim 7, wherein the checking for cross-site request forgery checks a position of a Referer field in an HTTP request header in the request data first, then checks whether a Token string placed in the request data in advance exists, and checks timeliness of the Token string.
9. The method for checking the requested data according to claim 6, wherein the checking of the page form information includes form rule checking, data integrity checking and re-submission prevention checking, and the form rule checking is to compare the forms of the requested data according to a preset rule; the data integrity check is to check a data signature in the request data; the anti-rerun check is to check the uniqueness of a preset character string in the request data.
10. The method for verifying the request data according to claim 9, wherein the verification of the data signature comprises the steps of: presetting a key, a timestamp and a character string in the request data, then splicing the key, the timestamp and the character string through an algorithm encryptor to form a signature string, and comparing the authenticity of the signature string when the request data passes through a data integrity verification unit.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911409126.3A CN111131303A (en) | 2019-12-31 | 2019-12-31 | Request data verification system and method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911409126.3A CN111131303A (en) | 2019-12-31 | 2019-12-31 | Request data verification system and method |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN111131303A true CN111131303A (en) | 2020-05-08 |
Family
ID=70506561
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201911409126.3A Pending CN111131303A (en) | 2019-12-31 | 2019-12-31 | Request data verification system and method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111131303A (en) |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111953668A (en) * | 2020-07-30 | 2020-11-17 | 中国工商银行股份有限公司 | Network security information processing method and device |
| CN112084114A (en) * | 2020-09-16 | 2020-12-15 | 京东数字科技控股股份有限公司 | Method and apparatus for testing an interface |
| CN112804269A (en) * | 2021-04-14 | 2021-05-14 | 中建电子商务有限责任公司 | Method for realizing website interface anti-crawler |
| CN115361242A (en) * | 2022-10-24 | 2022-11-18 | 长沙市智为信息技术有限公司 | Web attack detection method based on multidimensional feature network |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20170041144A1 (en) * | 2015-08-07 | 2017-02-09 | Adobe Systems Incorporated | Cross-site request forgery defense |
| CN107426181A (en) * | 2017-06-20 | 2017-12-01 | 竞技世界(北京)网络技术有限公司 | The hold-up interception method and device of malice web access request |
| CN109660499A (en) * | 2018-09-13 | 2019-04-19 | 阿里巴巴集团控股有限公司 | It attacks hold-up interception method and device, calculate equipment and storage medium |
| CN109857484A (en) * | 2019-01-17 | 2019-06-07 | 北京城市网邻信息技术有限公司 | For the processing method and system of interface call request |
| CN110278192A (en) * | 2019-05-20 | 2019-09-24 | 平安科技(深圳)有限公司 | Method, apparatus, computer equipment and the readable storage medium storing program for executing of extranet access Intranet |
| CN110389765A (en) * | 2019-07-24 | 2019-10-29 | 深圳市盟天科技有限公司 | A kind of parameter verification method and parameter verification system |
-
2019
- 2019-12-31 CN CN201911409126.3A patent/CN111131303A/en active Pending
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20170041144A1 (en) * | 2015-08-07 | 2017-02-09 | Adobe Systems Incorporated | Cross-site request forgery defense |
| CN107426181A (en) * | 2017-06-20 | 2017-12-01 | 竞技世界(北京)网络技术有限公司 | The hold-up interception method and device of malice web access request |
| CN109660499A (en) * | 2018-09-13 | 2019-04-19 | 阿里巴巴集团控股有限公司 | It attacks hold-up interception method and device, calculate equipment and storage medium |
| CN109857484A (en) * | 2019-01-17 | 2019-06-07 | 北京城市网邻信息技术有限公司 | For the processing method and system of interface call request |
| CN110278192A (en) * | 2019-05-20 | 2019-09-24 | 平安科技(深圳)有限公司 | Method, apparatus, computer equipment and the readable storage medium storing program for executing of extranet access Intranet |
| CN110389765A (en) * | 2019-07-24 | 2019-10-29 | 深圳市盟天科技有限公司 | A kind of parameter verification method and parameter verification system |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111953668A (en) * | 2020-07-30 | 2020-11-17 | 中国工商银行股份有限公司 | Network security information processing method and device |
| CN112084114A (en) * | 2020-09-16 | 2020-12-15 | 京东数字科技控股股份有限公司 | Method and apparatus for testing an interface |
| CN112804269A (en) * | 2021-04-14 | 2021-05-14 | 中建电子商务有限责任公司 | Method for realizing website interface anti-crawler |
| CN115361242A (en) * | 2022-10-24 | 2022-11-18 | 长沙市智为信息技术有限公司 | Web attack detection method based on multidimensional feature network |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Alwan et al. | Detection and prevention of SQL injection attack: a survey | |
| CN110881044B (en) | Computer firewall dynamic defense security platform | |
| Wei et al. | Preventing SQL injection attacks in stored procedures | |
| Kemalis et al. | SQL-IDS: a specification-based approach for SQL-injection detection | |
| CN106357696B (en) | SQL injection attack detection method and system | |
| CN111131303A (en) | Request data verification system and method | |
| US8762731B2 (en) | Multi-system security integration | |
| Bugliesi et al. | CookiExt: Patching the browser against session hijacking attacks | |
| US8943599B2 (en) | Certifying server side web applications against security vulnerabilities | |
| US11108803B2 (en) | Determining security vulnerabilities in application programming interfaces | |
| CN104484607A (en) | Universal method and universal system for performing safety testing on Android application programs | |
| Tajpour et al. | Web application security by sql injection detectiontools | |
| CN103297437A (en) | Safety server access method for mobile intelligent terminal | |
| CN110968872A (en) | File vulnerability detection processing method and device, electronic equipment and storage medium | |
| CN105516066A (en) | Method and device for identifying existence of intermediary | |
| CN117155716B (en) | Access verification method and device, storage medium and electronic equipment | |
| Toreini et al. | DOMtegrity: ensuring web page integrity against malicious browser extensions | |
| CN115348086B (en) | Attack protection method and device, storage medium and electronic equipment | |
| CN116415300A (en) | File protection method, device, equipment and medium based on eBPF | |
| CN108282443A (en) | A kind of reptile Activity recognition method and apparatus | |
| CN106130996B (en) | A kind of website attack protection verifying system and method | |
| Alanazi et al. | The history of web application security risks | |
| CN112769731A (en) | Process control method, device, server and storage medium | |
| CN109688108A (en) | A kind of defence file uploads the security mechanism and its implementation method of loophole | |
| CN113037724B (en) | Method and device for detecting illegal access |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20200508 |