CN113132373B - Web attack defense method of active interference strategy - Google Patents

Web attack defense method of active interference strategy Download PDF

Info

Publication number
CN113132373B
CN113132373B CN202110400119.8A CN202110400119A CN113132373B CN 113132373 B CN113132373 B CN 113132373B CN 202110400119 A CN202110400119 A CN 202110400119A CN 113132373 B CN113132373 B CN 113132373B
Authority
CN
China
Prior art keywords
attacker
client
resources
functions
defense
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202110400119.8A
Other languages
Chinese (zh)
Other versions
CN113132373A (en
Inventor
王崇维
温泉
王晓菲
姜国庆
李宁
杨华
张茜
王亚洲
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Institute of Computer Technology and Applications
Original Assignee
Beijing Institute of Computer Technology and Applications
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Institute of Computer Technology and Applications filed Critical Beijing Institute of Computer Technology and Applications
Priority to CN202110400119.8A priority Critical patent/CN113132373B/en
Publication of CN113132373A publication Critical patent/CN113132373A/en
Application granted granted Critical
Publication of CN113132373B publication Critical patent/CN113132373B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0807Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1416Event detection, e.g. attack signature detection
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/1466Active attacks involving interception, injection, modification, spoofing of data unit addresses, e.g. hijacking, packet injection or TCP sequence number attacks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/02Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]

Abstract

The invention relates to a Web attack defense method of an active interference strategy, and relates to the technical field of network security. Because the Bypass attack and Bypass of the attacker cannot be completely avoided by other defense measures such as WAF and the like, the method can further supplement the existing defense measures, and can always consume a large amount of resources on the equipment of the attacker unless the attacker closes the webpage, thereby achieving the defense effect. Because the Web server only embeds corresponding codes in the interface returned to the client of the attacker, the consumption of the server can be ignored, and the performance consumption of the server is reduced.

Description

Web attack defense method for active interference strategy
Technical Field
The invention relates to the technical field of network security, in particular to a Web attack defense method for an active interference strategy.
Background
With the increase of the computing power of the server and the popularization of cloud computing, individuals, enterprises and the like have more opportunities to open own services in the internet, wherein most of the services are Web services. The development of the Web technology promotes the birth of various Web applications, but meanwhile, network attack events aiming at the Web applications are also endless. Various attacks seriously compromise the security and reliability of the service, and various protective measures are brought forward.
For Web attacks, the current solution is to use WAF (WebApplicationFirewall), i.e. a Web application firewall. The WAF can detect the flow from the visitor to the Web service in real time and can block the attack behavior according to the relevant rules, but actually, the attacker still can achieve the effect of bypassing the WAF by transforming the attack load of the attacker, thereby achieving the purpose of attacking the Web service.
Disclosure of Invention
Technical problem to be solved
The technical problem to be solved by the invention is as follows: how to further thwart the malicious behavior of an attacker in the existing Web defense technology.
(II) technical scheme
In order to solve the technical problem, the invention provides a Web attack defense method of an active interference strategy, which comprises the following steps:
step 1, determining the influence range of a client script
When the client accesses various Web services and executes various functions, monitoring the performance indexes of the equipment, and determining some performance indexes as target influence ranges as the influence ranges of the client scripts;
step 2, collecting client API function
Collecting API functions which can affect equipment, screening and verifying the API functions, and obtaining the API functions which finally meet the requirements;
step 3, code deployment
Deploying the acquired API functions to a server, wherein the functions can be utilized in a single form or a combined form, debugging corresponding parameters, and embedding the debugged script codes into a normal Web page when determining that an attacker attacks the Web service, so that the equipment of the attacker can be influenced finally;
and 4, after the attacker triggers, executing the following steps:
(1) Attacking of attackers
The confirmation mechanism of the primary attack is matched characteristic load or sensitive file access detection;
after the attacker is confirmed, recording the characteristics of the attacker, wherein the characteristics comprise parameters in a client access request header; at the server, recording the remote IP of the client as a characteristic; in addition, the server side returns Token to the client side, and sets LocalStorage to determine the unique identity of the attacker;
(2) Initiation of proactive jamming policy defense
After the defense is triggered, the characteristics of the attacker are recorded, and then corresponding script codes are embedded into any access request matched with the characteristics, so that the performance of the client equipment of the attacker is reduced correspondingly.
Preferably, the target influence range determined in step 1 includes the following indexes: CPU occupancy rate, memory occupancy rate, disk occupancy rate and network throughput occupancy rate.
Preferably, step 2 is specifically:
collecting client API functions: collecting functions related to numerical calculation and resource access in all API functions opened by a client, specifically functions related to calculation resources, storage resources, memory resources and network resources;
screening client API functions: further screening each collected function, checking whether the function needs manual authorization of a client side, discarding the function needing interaction with an attacker and authorized by the attacker, and executing the rest functions at the client side;
and (3) verification: each API function that produces the preset amount of resource usage can be finally utilized by attempting to individually utilize the remaining functions to see whether the preset amount of resource consumption can be performed.
Preferably, the recorded characteristics of the attacker comprise Cookie, accept, user-Agent, accept-Encoding and Accept-Language.
Preferably, after the active interference policy defense is started, if the same feature does not make other malicious requests for the Web service within a preset time, the active interference defense for the feature is cancelled at the server.
Preferably, all the utilized API functions are executed asynchronously in an infinite loop during the defense process.
Preferably, in step 2, the finally determined utilized API function includes: 1) Performing operations on the overlarge numerical value, including encryption and encoding; 2) Establishing a large amount of hidden canvas and multimedia resources; 3) And loading remote resources including video resources, picture resources and audio resources in local.
Preferably, the performance of the client device of the attacker is finally reduced correspondingly, including the increase of the CPU occupancy rate, the increase of the memory occupancy rate, the increase of the disk occupancy rate and the increase of the network throughput occupancy rate, which affects the normal use of the client device.
Preferably, the script code includes javascript and webissue code.
The invention also provides application of the method in the technical field of network security.
(III) advantageous effects
The invention provides a defense method for a Web attacker by adopting an active interference strategy, which can further prevent the malicious attacker from accessing Web service. Corresponding script codes are inserted into a front-end interface returned by the Web service, an API function provided by an attacker client is called, a large amount of useless operation, storage and the like are carried out, and equipment resources of the attacker are consumed. Meanwhile, the system can also collect relevant fingerprints and environmental information, access and operate local resources of attackers, and can facilitate forensics investigation in the future. The existing experiment proves that the performance of the equipment where the client of the attacker is located can be obviously reduced by the method, the malicious request initiated by the attacker to the Web can be effectively prevented, and the existing defense method is improved.
It can be seen that the invention has the following technical effects:
(1) Because the Bypass attack and Bypass of the attacker cannot be completely avoided by other defense measures such as WAF and the like, the method can further supplement the existing defense measures, and can always consume a large amount of resources on the equipment of the attacker unless the attacker closes the webpage, thereby achieving the defense effect.
(2) Because the Web server only embeds corresponding codes in the interface returned to the attacker client, the consumption of the server can be ignored, and the performance consumption of the server is reduced.
Drawings
FIG. 1 is a partial flow chart of the Web attack defense method of the active interference strategy of the present invention, which shows the establishment and deployment flow design of the present invention, relating to the preparation process before the defense of the active interference strategy;
fig. 2 is a flowchart after the attack is triggered after the defense is effectively deployed, and details of a mechanism and a flow after the attack triggers the defense method are given.
Detailed Description
In order to make the objects, contents, and advantages of the present invention more apparent, the following detailed description of the present invention will be made in conjunction with the accompanying drawings and examples.
The invention aims to provide a method for actively interfering a Web attacker. The method can further block the malicious behavior of an attacker on the basis of the existing Web defense technology. Through the API provided by the Web client, the identity of an attacker is simulated by utilizing a front-end script code, additional operations such as various infinite loop function operations are performed locally at the client of the attacker, other URL access requests are initiated, a large number of meaningless data files are cached, the performance of equipment of the attacker is seriously consumed by the actions, and the purpose of hindering the attacker is finally achieved. The method is a defense means for the Web attacker in the conventional Internet environment.
The method comprises the steps of firstly collecting API functions which are provided by a client and occupy larger resources, including computing resources, storage resources, memory resources, network resources and the like, then screening functions which do not need active authorization of the client, reserving the API functions which can be directly executed, then verifying the influence effect of each API on the performance of client equipment, finally utilizing API codes meeting requirements and then deploying the API codes to a server side, and waiting for triggering of an attacker.
Fig. 1 is a partial flow chart of the implementation of the present solution, which relates to a preparation process before active interference policy defense. The method specifically comprises the following steps:
step 1, determining the influence range of client script
When the client accesses various Web services and executes various functions, the performance index of the equipment is monitored, and the target influence range with larger fluctuation is determined. The target influence range determined in this embodiment includes the following indexes:
(1) CPU occupancy rate
Any code execution is accompanied with occupation of CPU operation, so that various calculation functions and drawing functions can be infinitely circularly executed, and parameters are set to be larger data, so that the occupation rate of a large amount of CPUs can be improved.
(2) Memory occupancy rate
When a function is called in a recursive manner, or complex elements are rendered on the same page, the memory occupancy will rise significantly.
(3) Occupancy rate of disk (local storage occupancy rate)
Some functions can load remote resources to the local, and due to the cache policy of the client, under the condition that records are not cleared manually, data always occupies disk resources, so that the disk of an attacker is consumed persistently.
(4) Occupancy rate of network throughput (network IO)
The function interacting with the URL occupies the network throughput of the equipment, the selectable modes are methods such as GET, POST and the like, and the performance of the attacker network can be greatly reduced by utilizing the method to interact data with various URLs for a long time.
(5) Others are
In addition, the equipment of the attacker can be used as a springboard to detect other resources of the local intranet and the intranet, such as other Web resources of the intranet, and the result is returned to the server. Even if an attacker does not use a renderable client, a large amount of garbage data can be returned to the attacker, thereby causing certain influence.
Step 2, collecting client API function
And acquiring the API functions which can obviously influence the equipment, screening and obtaining the API functions which finally meet the requirements.
(1) Collecting
In all API functions opened by the client, functions related to numerical calculation and resource access (specifically, functions related to calculation resources, storage resources, memory resources, and network resources) are collected.
(2) Screening
Each collected function is further screened to see if it requires manual authorization by the client, and for functions that require interaction with an attacker and are authorized by him, the functions are discarded, and the remaining functions should ensure that they are easy to execute at the client, after which they can be further verified.
(3) Authentication
The remaining functions are tried to be utilized separately to see whether the consumption of a large amount of resources can be performed, and each function which can generate a large amount of resource occupation can be finally utilized.
Step 3, code deployment
Collected API functions are deployed to a server and can be utilized in a single form or a combination of forms. And debugging the corresponding parameters, and embedding the debugged script codes (javascript and Webassertion codes) into the normal Web page when determining that the attacker attacks the Web service, so that the equipment of the attacker can be influenced finally.
In this step, the acquired API function is debugged, and after the corresponding parameters are set, the API function is deployed at the server to wait for the trigger of the attacker, and the whole trigger flow is shown in fig. 2. Fig. 2 is a detailed mechanism after an attacker triggers the defense method, and relates to execution of various functions, achieved effects, influences on the attacker, and the like.
And 4, executing the following steps after the attacker triggers:
(1) Attacking of attackers
The confirmation of the initial attack is similar to the attack confirmation mechanism of other defense methods, such as matching feature loads, sensitive file access detection and the like.
After confirming that the client is the attacker, recording the characteristics of the attacker so as to ensure that other normal clients are not accidentally injured. The universal characteristic is that the client accesses parameters in a request header, such as Cookie, accept, user-Agent, accept-Encoding and Accept-Language; at the server, recording the remote IP of the client as a characteristic; in addition, the server can also return Token to the client, set LocalStorage and the like, and the unique identity of the attacker can be determined according to the Token and the LocalStorage and the like.
(2) Initiation of proactive jamming policy defense
After the defense is triggered, the characteristics of the attacker are recorded, and then the corresponding script code is embedded into any access request matched with the characteristics.
Cancellation of active interference policy defense: if the same characteristic does not make other malicious requests for the Web service for a long time, active interference defense for the characteristic is cancelled at the server side.
The final effect is:
all the utilized API functions can be executed infinitely and circularly, and the method utilized in this embodiment is: 1) Operations on the overlarge numerical values, such as encryption, encoding and the like; 2) A large amount of hidden canvas, multimedia resources and the like are established; 3) And loading remote resources including video resources, picture resources, audio resources and the like to the local.
Finally, the performance of the client equipment of the attacker is greatly reduced, including the increase of the CPU occupancy rate, the increase of the memory occupancy rate, the increase of the disk occupancy rate, the increase of the network throughput occupancy rate and the like, so that the normal use of the client equipment is influenced, and the final defense purpose of the active interference strategy is realized.
The above description is only a preferred embodiment of the present invention, and it should be noted that, for those skilled in the art, several modifications and variations can be made without departing from the technical principle of the present invention, and these modifications and variations should also be regarded as the protection scope of the present invention.

Claims (7)

1. A Web attack defense method for an active interference strategy is characterized by comprising the following steps:
step 1, determining the influence range of a client script
When the client accesses various Web services and executes various functions, the performance indexes of the equipment are monitored, and a target influence range is determined as the influence range of the client script, wherein the target influence range comprises the following performance indexes: CPU occupancy rate, memory occupancy rate, disk occupancy rate and network throughput occupancy rate;
step 2, collecting client API function
Collecting API functions which can affect equipment, screening and verifying the API functions, and obtaining the API functions which finally meet the requirements;
the step 2 specifically comprises the following steps:
collecting client API functions: collecting functions related to numerical calculation and resource access in all API functions opened by a client, specifically functions related to calculation resources, storage resources, memory resources and network resources;
screening client API functions: further screening each collected function, checking whether the function needs manual authorization of the client, discarding the function needing interaction with an attacker and authorized by the attacker, wherein the rest functions can be executed at the client;
and (3) verification: trying to utilize the remaining functions individually to check whether the preset amount of resources can be consumed, wherein each API function capable of generating the preset amount of resource occupation can be utilized finally;
step 3, code deployment
Deploying the acquired API functions to a server, wherein the functions can be utilized in a single form or a combined form, debugging corresponding parameters, and embedding the debugged script codes into a normal Web page when determining that an attacker attacks the Web service, so that the equipment of the attacker can be influenced finally;
and 4, after the attacker triggers, executing the following steps:
(1) Attacking of attackers
The confirmation mechanism of the primary attack is matched characteristic load or sensitive file access detection;
after the attacker is confirmed, recording the characteristics of the attacker, wherein the characteristics comprise parameters in a client access request header; at the server, recording the remote IP of the client as a characteristic; in addition, the server returns Token to the client, and sets LocalStorage to determine the unique identity of the attacker;
(2) Initiation of proactive jamming policy defense
After the defense is triggered, the characteristics of the attacker are recorded, and then corresponding script codes are embedded into any access request matched with the characteristics, so that the performance of the client equipment of the attacker is reduced correspondingly.
2. The method of claim 1, wherein the recorded characteristics of the attacker include Cookie, accept, user-Agent, accept-Encoding, accept-Language.
3. The method of claim 2, wherein after the active interference policy defense is initiated, if the same feature has not been requested for another malicious request to the Web service within a predetermined time, the active interference defense is cancelled at the server for the feature.
4. The method of claim 3, wherein during the defense, all utilized API functions are executed asynchronously loop-free.
5. The method of claim 1, wherein in step 2, the finally determined utilized API function comprises: 1) Performing operations on the overlarge numerical value, including encryption and encoding; 2) Establishing a large amount of hidden canvas and multimedia resources; 3) And loading remote resources including video resources, picture resources and audio resources in local.
6. The method of claim 2, wherein the performance of the ultimate attacker client device decreases accordingly, including increased CPU utilization, increased memory utilization, increased disk utilization, and increased network throughput, affecting its normal use.
7. The method of claim 1, wherein the scripting code comprises javascript and Webassembly code.
CN202110400119.8A 2021-04-14 2021-04-14 Web attack defense method of active interference strategy Active CN113132373B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110400119.8A CN113132373B (en) 2021-04-14 2021-04-14 Web attack defense method of active interference strategy

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110400119.8A CN113132373B (en) 2021-04-14 2021-04-14 Web attack defense method of active interference strategy

Publications (2)

Publication Number Publication Date
CN113132373A CN113132373A (en) 2021-07-16
CN113132373B true CN113132373B (en) 2022-12-02

Family

ID=76776287

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110400119.8A Active CN113132373B (en) 2021-04-14 2021-04-14 Web attack defense method of active interference strategy

Country Status (1)

Country Link
CN (1) CN113132373B (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114244600B (en) * 2021-12-15 2023-11-24 杭州默安科技有限公司 Method for interfering malicious program
CN115051847B (en) * 2022-06-07 2024-01-19 中国电子信息产业集团有限公司第六研究所 Method, device and electronic equipment for determining attack level of denial of service attack
CN115086030A (en) * 2022-06-14 2022-09-20 中国电信股份有限公司 Fingerprint attack protection method and device for HTTPS encrypted traffic, electronic equipment and medium

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104967628A (en) * 2015-07-16 2015-10-07 浙江大学 Deceiving method of protecting web application safety
CN109347794A (en) * 2018-09-06 2019-02-15 国家电网有限公司 A kind of Web server safety defense method
CN110611564A (en) * 2019-07-30 2019-12-24 云南昆钢电子信息科技有限公司 System and method for defending API replay attack based on timestamp
CN111917691A (en) * 2019-05-10 2020-11-10 张长河 WEB dynamic self-adaptive defense system and method based on false response
CN112491892A (en) * 2020-11-27 2021-03-12 杭州安恒信息安全技术有限公司 Network attack inducing method, device, equipment and medium

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8196204B2 (en) * 2008-05-08 2012-06-05 Lawrence Brent Huston Active computer system defense technology
US9497215B2 (en) * 2014-07-23 2016-11-15 Cisco Technology, Inc. Stealth mitigation for simulating the success of an attack

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104967628A (en) * 2015-07-16 2015-10-07 浙江大学 Deceiving method of protecting web application safety
CN109347794A (en) * 2018-09-06 2019-02-15 国家电网有限公司 A kind of Web server safety defense method
CN111917691A (en) * 2019-05-10 2020-11-10 张长河 WEB dynamic self-adaptive defense system and method based on false response
CN110611564A (en) * 2019-07-30 2019-12-24 云南昆钢电子信息科技有限公司 System and method for defending API replay attack based on timestamp
CN112491892A (en) * 2020-11-27 2021-03-12 杭州安恒信息安全技术有限公司 Network attack inducing method, device, equipment and medium

Also Published As

Publication number Publication date
CN113132373A (en) 2021-07-16

Similar Documents

Publication Publication Date Title
CN113132373B (en) Web attack defense method of active interference strategy
Burnett et al. Encore: Lightweight measurement of web censorship with cross-origin requests
Borders et al. Quantifying information leaks in outbound web traffic
CA2789824C (en) System and method for near-real time network attack detection, and system and method for unified detection via detection routing
Lam et al. Puppetnets: Misusing web browsers as a distributed attack infrastructure
CN109495423A (en) A kind of method and system preventing network attack
US11770385B2 (en) Systems and methods for malicious client detection through property analysis
Xu et al. Detecting infection onset with behavior-based policies
CN107634967A (en) A kind of the CSRFToken systems of defense and method of CSRF attacks
Qassrawi et al. Client honeypots: Approaches and challenges
US11503072B2 (en) Identifying, reporting and mitigating unauthorized use of web code
CN111464526A (en) Network intrusion detection method, device, equipment and readable storage medium
CN107465702A (en) Method for early warning and device based on wireless network invasion
CN110933082B (en) Method, device and equipment for identifying lost host and storage medium
CN113518064A (en) Defense method and device for challenging black hole attack, computer equipment and storage medium
Pham et al. Understanding website behavior based on user agent
Maes et al. Browser protection against cross-site request forgery
CN107294994B (en) CSRF protection method and system based on cloud platform
RU2673711C1 (en) Method for detecting anomalous events on basis of convolution array of safety events
CN107682346A (en) A kind of fast positioning and identifying system and method for CSRF attacks
CN112637171A (en) Data traffic processing method, device, equipment, system and storage medium
CN113542287A (en) Network request management method and device
Seifert et al. Application of divide-and-conquer algorithm paradigm to improve the detection speed of high interaction client honeypots
Simmons et al. Preventing unauthorized islanding: cyber-threat analysis
KR102521895B1 (en) Network security device and network security method based on event history

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant