CN112398833A - Network WEB vulnerability identification and blocking system and method - Google Patents
Network WEB vulnerability identification and blocking system and method Download PDFInfo
- Publication number
- CN112398833A CN112398833A CN202011217757.8A CN202011217757A CN112398833A CN 112398833 A CN112398833 A CN 112398833A CN 202011217757 A CN202011217757 A CN 202011217757A CN 112398833 A CN112398833 A CN 112398833A
- Authority
- CN
- China
- Prior art keywords
- request information
- voting
- module
- detection
- information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 14
- 230000000903 blocking effect Effects 0.000 title claims abstract description 13
- 238000001514 detection method Methods 0.000 claims abstract description 31
- 238000001914 filtration Methods 0.000 claims abstract description 15
- 238000002347 injection Methods 0.000 claims abstract description 10
- 239000007924 injection Substances 0.000 claims abstract description 10
- 230000007547 defect Effects 0.000 description 4
- 235000014510 cooky Nutrition 0.000 description 2
- 238000009825 accumulation Methods 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000004891 communication Methods 0.000 description 1
- 239000002360 explosive Substances 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 230000002265 prevention Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/32—User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L69/00—Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
- H04L69/22—Parsing or analysis of headers
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Software Systems (AREA)
- Computing Systems (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Computer And Data Communications (AREA)
Abstract
A network WEB vulnerability identification and blocking system is provided with a request information filtering module for detecting the security of request information; the analysis request information module is used for coding and analyzing the request information; the task distribution module is arranged for distributing the request information after copying; the information detection voting module is arranged for identifying and voting the safety information of the request information; and the request information execution module is arranged for executing the request task. The working method comprises the following steps: acquiring user request information; II, secondly: judging whether the request format meets the requirements, if so, entering the next step, otherwise, rejecting to execute; thirdly, the method comprises the following steps: analyzing the user request information; fourthly, the method comprises the following steps: copying user request information and then respectively sending the copied user request information to a biological password detection voting unit, an injection instruction filtering detection voting unit and a database consistency detection voting unit; fifthly: judging voting results, if the voting results pass all the voting results, entering the next step, and if the voting results fail to pass all the voting results, refusing to execute the voting; sixthly, the method comprises the following steps: and executing the task requested by the user.
Description
Technical Field
The invention relates to the technical field of information security, in particular to a network WEB vulnerability identification and blocking system and a network WEB vulnerability identification and blocking method.
Background
Network security includes two aspects: on the one hand, physical security is included, which means that tangible objects such as communication, computer equipment and related facilities in a network system are protected from being wetted by rainwater. Another aspect also includes what we commonly speak of logical security. Including information integrity, confidentiality, availability, etc. Physical security and logical security are very important, and network security is affected when no protection is provided on any aspect, so that the security protection must be reasonably arranged while considering the two aspects.
The power is related to the national civilization, the importance of the power is self-evident, along with the popularization of a power information system and the continuous accumulation of data, the dependence of power production, scheduling and marketing on the information system is higher and higher, and more Web application systems based on a B/S framework are continuously built and put into use. Along with the explosive growth trend of the attack means based on the application layer, the attack means are continuously renovated, and serious hidden danger is brought to the safety of the service system. The main risks of the power enterprise Web application system are derived from operating system bugs and defects existing in the development of the system, an attacker can attack the application system by means of the bugs and defects, the current main Web application security bugs comprise SQL injection, XSS cross-site, Cookies bugs, access control errors, PHP specific bugs, variable abuse, uploading bugs and the like, and the main attack means derived and developed according to the bugs and defects comprise: s Q L injection (S Q linking), cross site scripting (XSS) attacks, Cookie spoofing attacks, application layer DoS attacks, web page horse-hanging attacks, malicious programs (backdoors), buffer overflows, etc.
How to solve the information security in the electric power system will directly relate to the security of the whole electric power system, the prevention mode adopted at present is single, and the automaticity and the initiative are not enough.
Disclosure of Invention
Aiming at the defects of the prior art, the invention provides a system and a method for identifying and blocking network WEB vulnerabilities, which are characterized in that multi-level judgment, multiple strategy modes and high safety are adopted, and the specific technical scheme is as follows:
a network WEB vulnerability identification and blocking system is provided with a request information filtering module for detecting the security of request information;
the analysis request information module is used for coding and analyzing the request information;
the task distribution module is arranged for distributing the request information after copying;
the information detection voting module is arranged for identifying and voting the safety information of the request information;
and the request information execution module is arranged for executing the request task.
To better implement the invention:
the information detection voting module is specifically a biological password detection voting unit, an injection instruction filtering detection voting unit and a database consistency detection voting unit.
The method for identifying and blocking the system of the network WEB vulnerability comprises the following specific steps:
the method comprises the following steps: acquiring user request information;
step two: judging whether the request format meets the requirements through a request information filtering module, if so, entering the next step, and otherwise, rejecting to execute;
step three: analyzing the user request information;
step four: copying user request information and then respectively sending the copied user request information to a biological password detection voting unit, an injection instruction filtering detection voting unit and a database consistency detection voting unit;
step five: judging voting results, if the voting results pass through all the voting results, entering the next step, if the voting results do not pass through all the voting results, refusing to execute the voting results, and feeding back the voting results to a corresponding system;
step six: and executing the task requested by the user.
The invention has the beneficial effects that: the request information of the user is filtered, so that the correctness of the format of the request information is ensured, the pressure of processing by a back-end system is relieved, and the illegal request is blocked; the biological password detection voting unit, the injection instruction filtering detection voting unit and the database consistency detection voting unit are adopted to simultaneously detect and vote the request information, the response speed is high, the execution is refused if the request information is inconsistent, and the safety is high.
Drawings
FIG. 1 is a schematic flow chart of the present invention.
Detailed Description
The following detailed description of the preferred embodiments of the present invention, taken in conjunction with the accompanying drawings, will make the advantages and features of the invention easier to understand by those skilled in the art, and thus will clearly and clearly define the scope of the invention.
A network WEB vulnerability identification and blocking system comprises: the system is provided with a request information filtering module for detecting the security of request information;
the analysis request information module is used for coding and analyzing the request information;
the task distribution module is arranged for distributing the request information after copying;
the system is provided with an information detection voting module for identifying and voting the safety information of the request information, wherein the information detection voting module is specifically a biological password detection voting unit, an injection instruction filtering detection voting unit and a database consistency detection voting unit;
and the request information execution module is arranged for executing the request task.
As shown in fig. 1: the method for identifying and blocking the system of the network WEB vulnerability comprises the following specific steps:
the method comprises the following steps: acquiring user request information, and encrypting the request information at a sending end of the user information;
step two: judging whether the request format meets the requirements through a request information filtering module, if so, entering the next step, and otherwise, rejecting to execute;
step three: analyzing the user request information;
step four: copying user request information and then respectively sending the copied user request information to a biological password detection voting unit, an injection instruction filtering detection voting unit and a database consistency detection voting unit, wherein the biological password can be a fingerprint, an iris and the like;
step five: judging voting results, if the voting results pass through all the voting results, entering the next step, if the voting results do not pass through all the voting results, refusing to execute the voting results, and feeding back the voting results to a corresponding system or an administrator system;
step six: and executing the task requested by the user.
Claims (3)
1. A network WEB vulnerability identification and blocking system is characterized in that: the system is provided with a request information filtering module for detecting the security of request information;
the analysis request information module is used for coding and analyzing the request information;
the task distribution module is arranged for distributing the request information after copying;
the information detection voting module is arranged for identifying and voting the safety information of the request information;
and the request information execution module is arranged for executing the request task.
2. The system for identifying and blocking network WEB vulnerabilities according to claim 1, wherein: the information detection voting module is specifically a biological password detection voting unit, an injection instruction filtering detection voting unit and a database consistency detection voting unit.
3. The method for identifying and blocking the network WEB vulnerability according to claim 1, which comprises the following specific steps:
the method comprises the following steps: acquiring user request information;
step two: judging whether the request format meets the requirements through a request information filtering module, if so, entering the next step, and otherwise, rejecting to execute;
step three: analyzing the user request information;
step four: copying user request information and then respectively sending the copied user request information to a biological password detection voting unit, an injection instruction filtering detection voting unit and a database consistency detection voting unit;
step five: judging voting results, if the voting results pass through all the voting results, entering the next step, if the voting results do not pass through all the voting results, refusing to execute the voting results, and feeding back the voting results to a corresponding system;
step six: and executing the task requested by the user.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011217757.8A CN112398833A (en) | 2020-11-04 | 2020-11-04 | Network WEB vulnerability identification and blocking system and method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011217757.8A CN112398833A (en) | 2020-11-04 | 2020-11-04 | Network WEB vulnerability identification and blocking system and method |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN112398833A true CN112398833A (en) | 2021-02-23 |
Family
ID=74598826
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202011217757.8A Pending CN112398833A (en) | 2020-11-04 | 2020-11-04 | Network WEB vulnerability identification and blocking system and method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112398833A (en) |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110728575A (en) * | 2019-07-15 | 2020-01-24 | 国家电网有限公司 | WEB security depth monitoring method for electric power transaction platform |
| CN111191229A (en) * | 2019-12-24 | 2020-05-22 | 国网天津市电力公司 | Power Web application mimicry defense system |
-
2020
- 2020-11-04 CN CN202011217757.8A patent/CN112398833A/en active Pending
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110728575A (en) * | 2019-07-15 | 2020-01-24 | 国家电网有限公司 | WEB security depth monitoring method for electric power transaction platform |
| CN111191229A (en) * | 2019-12-24 | 2020-05-22 | 国网天津市电力公司 | Power Web application mimicry defense system |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101667232B (en) | Terminal credible security system and method based on credible computing | |
| CN110233817B (en) | Container safety system based on cloud computing | |
| CN102801717B (en) | Login validation method and system | |
| WO2007089786B1 (en) | Identifying unauthorized privilege escalations | |
| US20070044151A1 (en) | System integrity manager | |
| CN111478970A (en) | Power grid Web application mimicry defense system | |
| CN112926048B (en) | Abnormal information detection method and device | |
| CN103051707A (en) | Dynamic user behavior-based cloud forensics method and dynamic user behavior-based cloud forensics system | |
| WO2017034072A1 (en) | Network security system and security method | |
| KR101951730B1 (en) | Total security system in advanced persistent threat | |
| KR102079304B1 (en) | Apparatus and method of blocking malicious code based on whitelist | |
| KR101089157B1 (en) | System and method for logically separating servers from clients on network using virtualization of client | |
| CN112769851A (en) | Mimicry defense system based on Internet of vehicles | |
| CN115758355A (en) | Lesojous software defense method and system based on fine-grained access control | |
| CN113132318A (en) | Active defense method and system for information safety of power distribution automation system master station | |
| CN111049828B (en) | Network attack detection and response method and system | |
| CN115314286A (en) | Safety guarantee system | |
| CN114928462A (en) | Web safety protection method based on user behavior recognition | |
| CN1743992A (en) | Computer operating system safety protecting method | |
| CN114095228A (en) | Safe access method, system and device for data of Internet of things based on block chain and edge calculation and storage medium | |
| CN104023033A (en) | Safety production method for cloud services | |
| CN112398833A (en) | Network WEB vulnerability identification and blocking system and method | |
| Zhang | Research on Information Security Threats and Defense Strategies of Smart Grid | |
| CN113259939B (en) | Terminal credibility authentication method and system based on electronic signature | |
| CN115567233B (en) | Big data electronic information safety monitoring system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20210223 |