CN113542185B - Method and device for preventing hijacking of page, electronic equipment and storage medium - Google Patents
Method and device for preventing hijacking of page, electronic equipment and storage medium Download PDFInfo
- Publication number
- CN113542185B CN113542185B CN202010285476.XA CN202010285476A CN113542185B CN 113542185 B CN113542185 B CN 113542185B CN 202010285476 A CN202010285476 A CN 202010285476A CN 113542185 B CN113542185 B CN 113542185B
- Authority
- CN
- China
- Prior art keywords
- page
- address information
- hijacking
- hijacked
- information set
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 62
- 230000002159 abnormal effect Effects 0.000 claims abstract description 111
- 230000002265 prevention Effects 0.000 claims abstract description 29
- 230000001960 triggered effect Effects 0.000 claims abstract description 15
- 238000012545 processing Methods 0.000 claims description 54
- 238000012544 monitoring process Methods 0.000 claims description 12
- 238000004590 computer program Methods 0.000 claims description 9
- 238000004806 packaging method and process Methods 0.000 claims description 2
- 238000010586 diagram Methods 0.000 description 12
- 230000008569 process Effects 0.000 description 12
- 238000004891 communication Methods 0.000 description 10
- 238000004458 analytical method Methods 0.000 description 6
- 230000006870 function Effects 0.000 description 6
- 238000012986 modification Methods 0.000 description 5
- 230000004048 modification Effects 0.000 description 5
- 230000003287 optical effect Effects 0.000 description 4
- 238000012360 testing method Methods 0.000 description 3
- 230000005856 abnormality Effects 0.000 description 2
- 230000008901 benefit Effects 0.000 description 2
- 239000000835 fiber Substances 0.000 description 2
- 230000000644 propagated effect Effects 0.000 description 2
- 238000012216 screening Methods 0.000 description 2
- 239000004065 semiconductor Substances 0.000 description 2
- 230000008859 change Effects 0.000 description 1
- 238000010276 construction Methods 0.000 description 1
- 238000007405 data analysis Methods 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 239000004973 liquid crystal related substance Substances 0.000 description 1
- 238000005259 measurement Methods 0.000 description 1
- 239000013307 optical fiber Substances 0.000 description 1
- 230000008447 perception Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 238000011144 upstream manufacturing Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/30—Network architectures or network communication protocols for network security for supporting lawful interception, monitoring or retaining of communications or communication related information
- H04L63/306—Network architectures or network communication protocols for network security for supporting lawful interception, monitoring or retaining of communications or communication related information intercepting packet switched data communications, e.g. Web, Internet or IMS communications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/90—Details of database functions independent of the retrieved data types
- G06F16/95—Retrieval from the web
- G06F16/955—Retrieval from the web using information identifiers, e.g. uniform resource locators [URL]
- G06F16/9566—URL specific, e.g. using aliases, detecting broken or misspelled links
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1483—Countermeasures against malicious traffic service impersonation, e.g. phishing, pharming or web spoofing
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- General Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Databases & Information Systems (AREA)
- Computing Systems (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Data Mining & Analysis (AREA)
- Technology Law (AREA)
- Information Transfer Between Computers (AREA)
Abstract
The invention discloses a method and a device for preventing hijacking of pages, electronic equipment and a storage medium, and relates to the technical field of computers. One embodiment of the method comprises the following steps: acquiring a page request to be sent, wherein the page request comprises target address information, and the page request is triggered by a browser in an application; judging whether the target address information belongs to a hijacking address information set, wherein the hijacking address information set comprises address information of a hijacked page, and the hijacking address information set is determined by a server according to abnormal data sent by a client; if yes, intercepting the page request; and if not, sending the page request. The embodiment can avoid the problem that the page hijacking prevention method applied to the web browser is not suitable for the page hijacking prevention of the browser in the APP, so that the page hijacking prevention of the browser in the APP is invalid and the page is hijacked.
Description
Technical Field
The present invention relates to the field of computer technologies, and in particular, to a method and apparatus for preventing hijacking of a page, an electronic device, and a storage medium.
Background
Hijacking pages is a problem encountered in page access, so how to prevent the pages from being hijacked becomes an important issue. The existing method for preventing hijacking pages is usually a method for preventing hijacking pages applied to web (world wide web) browsers, but the method for preventing hijacking pages applied to web browsers is not fully applicable to the APP browser for the application browser in the APP (Applic ation, application program), so that when the page anti-jacking method of the web browser is used for preventing hijacking pages of the APP browser, the problem that the page anti-jacking is invalid and the page is hijacked is easily caused.
Disclosure of Invention
In view of the above, embodiments of the present invention provide a method, an apparatus, a system, and a storage medium for preventing hijacking of a page, which can avoid the problem that the hijacking of a browser page in an APP is invalid and the page is hijacked because the method for preventing hijacking of a page for a web browser is not applicable to hijacking of a browser page in the APP.
To achieve the above object, according to one aspect of the embodiments of the present invention, a method for preventing hijacking of a page is provided.
The method for preventing hijacking of the page, which is provided by the embodiment of the invention, is used for the client and comprises the following steps: acquiring a page request to be sent, wherein the page request comprises target address information to be accessed, and the page request is triggered by a browser in an application; judging whether the target address information belongs to a hijacking address information set or not, wherein the hijacking address information set comprises address information of a hijacked page, and the hijacking address information set is determined by a server according to abnormal data sent by a client; if yes, intercepting the page request; and if not, sending the page request.
In one embodiment, before the obtaining the page request to be sent, the method further includes:
Acquiring the abnormal data, wherein the abnormal data comprises user complaint information and/or page abnormal information;
The abnormal data is sent to a server;
and receiving a hijacking address information set sent by the server, wherein the hijacking address information set is determined by the server according to the abnormal data.
In yet another embodiment, if the exception data includes the page exception information, the acquiring the exception data includes:
monitoring operation data of a user on a page in the browser;
determining operation data corresponding to the hijacked page according to the operation data;
and determining the data of the hijacked page and the operation data corresponding to the hijacked page as the page abnormal information.
In yet another embodiment, further comprising:
receiving address information of a to-be-determined hijacking page sent by the server;
Processing the address information of the page to be hijacked to obtain processing data of the page to be hijacked;
and sending the processing data of the pending hijacking page to the server.
In yet another embodiment, the sending the page request includes:
determining IP address information corresponding to the target address information;
and packaging the page request based on the IP address information, and sending the packaged page request.
In yet another embodiment, before said determining whether the target address information belongs to a hijacking address information set, further comprises:
judging whether the target address information belongs to a normal address information set or not;
If the target address information belongs to a normal address information set, sending the page request;
the determining whether the target address information belongs to a hijacking address information set includes:
If the target address information does not belong to the normal address information set, judging whether the target address information belongs to the hijacking address information set.
To achieve the above object, according to still another aspect of the embodiments of the present invention, there is provided a method for preventing hijacking of a page.
The method for preventing hijacking of the page, provided by the embodiment of the invention, is used for the server and comprises the following steps: abnormal data sent by a client is received; judging whether the page corresponding to the abnormal data is hijacked or not according to the abnormal data; if yes, adding the address information corresponding to the abnormal data to a hijacking address information set, wherein the hijacking address information set comprises address information of a hijacked page; and sending the hijacking address information set to the client so that the client can perform page hijacking prevention on a page request to be sent according to the hijacking address information set.
In one embodiment, before the step of determining whether the page corresponding to the abnormal data is hijacked according to the abnormal data, the method further includes:
Determining address information of a page to be hijacked from the abnormal data;
sending the address information of the to-be-determined hijacking page to the client;
Receiving processing data of the to-be-hijacked page sent by the client;
judging whether the page corresponding to the abnormal data is hijacked according to the abnormal data comprises the following steps:
and judging whether the pending hijacking page is hijacked or not according to the processing data of the pending hijacking page.
To achieve the above object, according to another aspect of the present invention, there is provided a device for preventing hijacking of a page.
The invention relates to a device for preventing hijacking of a page, which is arranged at a client and comprises: the system comprises an acquisition unit, a processing unit and a processing unit, wherein the acquisition unit is used for acquiring a page request to be sent, the page request comprises target address information to be accessed, and the page request is triggered by a browser in an application; the judging unit is used for judging whether the target address information belongs to a hijacking address information set or not, wherein the hijacking address information set comprises address information after a page is hijacked, and the hijacking address information set is determined by a server according to abnormal data sent by the client; the interception unit is used for intercepting the page request if yes; and the sending unit is used for sending the page request if not.
In one embodiment, the obtaining unit is further configured to obtain the anomaly data, where the anomaly data includes user complaint information and/or page anomaly information;
the sending unit is used for sending the abnormal data to a server;
The apparatus further comprises:
the receiving unit is used for receiving the hijacking address information set sent by the server, wherein the hijacking address information set is determined by the server according to the abnormal data.
In yet another embodiment, if the anomaly data includes the page anomaly information, the acquiring unit is specifically configured to:
monitoring operation data of a user on a page in the browser;
determining operation data corresponding to the hijacked page according to the operation data;
and determining the data of the hijacked page and the operation data corresponding to the hijacked page as the page abnormal information.
In yet another embodiment, the receiving unit is further configured to receive address information of a to-be-hijacked page sent by the server;
The apparatus further comprises:
The processing unit is used for processing the address information of the page to be hijacked to obtain the processing data of the page to be hijacked;
the sending unit is further configured to send the processing data of the pending hijacking page to the server.
In yet another embodiment, the apparatus further comprises:
The determining unit is used for determining IP address information corresponding to the target address information if the target address information does not belong to the hijacking address information set;
The sending unit is further configured to encapsulate the page request based on the IP address information, and send the encapsulated page request.
In yet another embodiment, the judging unit is further configured to judge whether the target address information belongs to a normal address information set;
The sending unit is further configured to send the page request if the target address information belongs to a normal address information set;
the judging unit is specifically configured to judge whether the target address information belongs to a hijacking address information set if the target address information does not belong to a normal address information set.
To achieve the above object, according to another aspect of the present invention, there is provided another device for preventing hijacking of a page.
The invention relates to another device for preventing hijacking of pages, which is arranged at a server and comprises: the receiving unit is used for receiving the abnormal data sent by the client; the judging unit is used for judging whether the page corresponding to the abnormal data is hijacked or not according to the abnormal data; the determining unit is used for adding the address information corresponding to the abnormal data to the hijacking address information set if yes; and the sending unit is used for sending the hijacking address information set to the client so that the client can perform page hijacking prevention on a page request to be sent according to the hijacking address information set.
In one embodiment, the determining unit is further configured to determine address information of a page to be hijacked from the exception data;
The sending unit is further configured to send address information of the to-be-determined hijacking page to the client;
the receiving unit is further configured to receive processing data of the to-be-hijacked page sent by the client;
The judging unit is further configured to judge whether the hijacking page is hijacked according to the processing data of the hijacking page.
To achieve the above object, according to still another aspect of an embodiment of the present invention, there is provided an electronic apparatus.
An electronic device according to an embodiment of the present invention includes: one or more processors; and the storage device is used for storing one or more programs, and when the one or more programs are executed by the one or more processors, the one or more processors realize the method for preventing the page hijacking provided by the embodiment of the invention.
To achieve the above object, according to still another aspect of an embodiment of the present invention, a computer-readable medium is provided.
The embodiment of the invention provides a computer readable medium, on which a computer program is stored, the program when executed by a processor implementing the method for preventing hijacking of pages.
One embodiment of the above invention has the following advantages or benefits: in the embodiment of the invention, for the page request to be sent triggered by the browser in the application, the client can judge whether the target address in the page request belongs to the hijacking address information set or not through the hijacking address information set; because the hijacking address information set is determined by the server according to the abnormal data sent by the client, the target address information belongs to the hijacking address information set, which indicates that the page requested by the page request is hijacked, and the client can intercept the page request to avoid the page from hijacking. Therefore, the server determines the hijacking address information set and sends the hijacking address information set to the client, the client judges whether the page request triggered by the browser in the application is hijacked according to the hijacking address information set, and intercepts the page request after the hijacking is determined, so that the page can be accurately prevented from being hijacked, and the problems that the page hijacking prevention of the browser in the APP is invalid and the page is hijacked because the page hijacking prevention method applied to the web browser cannot be used for the page hijacking prevention of the browser in the application are avoided. And the server can determine the hijacking address information set according to the abnormal data of the client, and can timely and accurately determine the page hijacking address, namely the hijacking address information set, so that timely and effective page hijacking prevention can be realized.
Further effects of the above-described non-conventional alternatives are described below in connection with the embodiments.
Drawings
The drawings are included to provide a better understanding of the invention and are not to be construed as unduly limiting the invention. Wherein:
FIG. 1 is a schematic diagram of one main flow of a method of page hijacking prevention according to an embodiment of the present invention;
FIG. 2 is a schematic diagram of yet another main flow of a method of page hijacking prevention according to an embodiment of the invention;
FIG. 3 is a schematic diagram of a main flow of a method for determining a set of hijacked address information according to an embodiment of the present invention;
FIG. 4 is a schematic diagram of the main units of a page hijacking prevention apparatus according to an embodiment of the invention;
Fig. 5 is a further schematic diagram of the main units of a page hijacking prevention device according to an embodiment of the invention;
FIG. 6 is a diagram of an exemplary system architecture in which embodiments of the present invention may be applied;
FIG. 7 is a schematic diagram of a computer system suitable for use in implementing embodiments of the present invention.
Detailed Description
Exemplary embodiments of the present invention will now be described with reference to the accompanying drawings, in which various details of the embodiments of the present invention are included to facilitate understanding, and are to be considered merely exemplary. Accordingly, those of ordinary skill in the art will recognize that various changes and modifications of the embodiments described herein can be made without departing from the scope and spirit of the invention. Also, descriptions of well-known functions and constructions are omitted in the following description for clarity and conciseness.
It is noted that embodiments of the invention and features of the embodiments may be combined with each other without conflict.
The embodiment of the invention provides a page hijacking prevention system, which can be used for preventing hijacking of pages, such as a browser page in application, especially a browser page comprising H5. In the scenario of browser page hijacking prevention in an application, a system for page hijacking prevention may include a server and a client. The method comprises the steps that an application comprising a browser is installed in a client, after the browser in the application is triggered to send a page request, the client processes the page request to be sent, whether the page requested by the page request is hijacked or not is judged through a hijacking address information set sent by a server, interception is conducted when the hijacking is judged, and therefore hijacking prevention of the page is achieved. The server side can conduct data interaction with the client side, and the server side analyzes abnormal data sent by the client side to determine a hijacking address information set, so that the client side can timely and effectively conduct page hijacking prevention.
The embodiment of the invention provides a method for preventing hijacking of a page, which can be executed by a client, and is shown in fig. 1, and comprises the following steps.
S101: and acquiring a page request to be sent.
The page request comprises target address information of a page to be requested by the page request, and the page request is triggered by a browser in the application.
In the application, the browser can send the page through triggering of a user and the like to request the page to be displayed, and the browser can determine the page request of the page to be displayed according to the page data or a jump protocol and the like and send the page request through the client. Before sending the page request, the client can acquire the page request to be sent, and judge whether the page requested by the page request to be sent is hijacked or not according to the target address information in the page request.
It should be noted that, in the embodiment of the present invention, the address information may be a domain name and schema (a page jump protocol) in the page request, and specifically may be URL (Uniform Resource Locator ). An address resolution screening module can be arranged in the client, and the page request can be monitored and intercepted through the address resolution screening module, namely, the page request is acquired. The page request may specifically include a network request, which may represent a page request sent through a network, and a skip protocol, which may represent a skip protocol for applications to each other or to other browsers, etc.
S102: and judging whether the target address information belongs to a hijacking address information set.
The hijacking address information set comprises address information of a hijacked page, and the hijacked address information set is determined by the server according to abnormal data sent by the client.
The client sends the abnormal data to the server, and the server can analyze the address information of the hijacked page according to the abnormal data, so that a hijacked address information set can be obtained. Because the address information in the hijacking address information set comprises the address information of the hijacked page, the client compares the target address information with the address information in the hijacking address information set, and judges whether the page requested by the page request to be sent is the hijacked page or not by judging whether the target address information belongs to the hijacking address information set or not, namely, whether the page requested by the page request to be sent is hijacked or not.
Through the judgment of the step, if the target address information belongs to the hijacking address information set, the target address information is the address information of the hijacked page, so that the page requested by the page request is hijacked, and the page request cannot be normally sent; if the target address information does not belong to the hijacking address information set, the target address information is not currently the address information of the hijacked page, so that the page request can be normally sent.
In one implementation manner of the embodiment of the present invention, the client may further configure a normal address information set, that is, determine a set of address information that is not a hijacked page, so if the target address belongs to the normal address information set, it may be determined that the requested page is not a hijacked page, and the page request may be sent normally. It is also possible to perform before this step: judging whether the target address information belongs to a normal address information set; if the target address information belongs to the normal address information set, sending a page request; the step may be specifically performed as: if the target address information does not belong to the normal address information set, judging whether the target address information belongs to the hijacking address information set.
After the client obtains the page request to be sent, the target address information can be compared with the normal address information set first, and whether the target address information belongs to the normal address information set is judged. If the target address information belongs to the normal address information set, the page requested by the page request is not hijacked, so that the client sends the page request; if the target address information does not belong to the normal address information set, it cannot be determined whether the page requested by the page request is hijacked at this time, so the client may execute this step again to determine whether the page requested by the page request is hijacked.
S103: if yes, intercepting a page request; if not, sending a page request.
If the target address information belongs to the hijacking address information set, the target address information is the address information of the hijacked page, and the page request is intercepted to ensure that the page cannot be hijacked. If the target address information does not belong to the hijacking address information set, the target address information is not the address information of the hijacked page, and the page request can be normally sent.
It should be noted that, in the embodiment of the present invention, after intercepting a page request, a client may jump a requested page to a preset page, that is, change target address information to preset address information, so as to display the preset page in a browser, where the preset page may be a reminding page specifically so as to remind a user that the requested page is hijacked, and so on.
In the embodiment of the invention, if the target address information does not belong to the hijacking address information set, the page request can be normally sent. After the page request is sent through the client, the communication device connected with the client allocates IP (Internet Protocol ) address information for the page request, and then re-encapsulates the page request according to the allocated IP address information, and then sends out the re-encapsulated page request. Since the communication device may be tampered with the IP address information or the assigned IP address information may be wrong when repackaging the page request, these problems may also cause hijacking of the page accessed by the page request. Therefore, in order to avoid the above situation, a DNS (Domain NAME SYSTEM, domain name system (service) protocol) resolution module may be locally configured in the client, and IP address information may be configured and encapsulated for the page request to be sent through the DNS resolution module, so as to avoid hijacking the page caused by encapsulating the IP address for the page request through the communication device.
One implementation of an embodiment of the present invention may be: if the target address information does not belong to the hijacking address information set, determining IP address information corresponding to the target address information; and encapsulating the page request based on the IP address information, and sending the encapsulated page request. After determining to send the page request, the DNS analysis module in the client allocates IP address information to the page request through the DNS analysis module, namely, determines IP address information corresponding to the target address information, encapsulates the page request based on the IP address information, and sends the encapsulated page request.
In the embodiment of the invention, for the page request to be sent, the client can judge whether the target address in the page request belongs to the hijacked address information set by hijacking the address information set; because the hijacking address information set is determined by the server according to the abnormal data sent by the client, the target address information belongs to the hijacking address information set, which indicates that the page requested by the page request is hijacked, and the client can intercept the page request. The client judges whether the page request triggered by the browser of the application is hijacked or not according to the hijacking address information set, intercepts the page request after the hijacking is confirmed, and therefore the page can be accurately prevented from being hijacked, and the problems that the page hijacking prevention method of the browser in the application is invalid and the page is hijacked due to the fact that the page hijacking prevention method of the browser in the application is not suitable for the page hijacking prevention of the browser in the application are solved.
The embodiment of the invention provides a method for preventing hijacking of a page, which can be used for a server to execute, and as shown in fig. 2, the method comprises the following steps.
S201: and receiving the abnormal data sent by the client.
The server side can receive the abnormal data sent by the client side, and the client side can send the abnormal data in real time, so that the server side can process the abnormal data in time. The anomaly data may include user complaint information and/or page anomaly information.
S202: and judging whether the page corresponding to the abnormal data is hijacked or not according to the abnormal data.
After the server receives the abnormal data, the server analyzes the abnormal data and judges whether the page corresponding to the abnormal data is hijacked, namely the hijacked page is analyzed from the abnormal data. The server side can analyze and compare abnormal data through big data to judge whether the page corresponding to the abnormal data is hijacked.
In one implementation manner of the embodiment of the invention, for some abnormal data, the number of samples used for analysis is small, but the trigger range is wide, whether the corresponding page is hijacked or not can not be accurately judged based on the samples, at this time, the server side can collect samples in a network dial-up measurement mode, and analysis and judgment are performed after enough samples are collected. It may also include, prior to this step: analyzing address information of a page to be hijacked from the abnormal data; sending the address information of the page to be hijacked to the client; receiving processing data of a to-be-hijacked page sent by a client; the step may be specifically performed as: and judging whether the hijacking page is hijacked or not according to the processing data of the hijacking page.
The method comprises the steps that address information of a to-be-hijacked page is analyzed from abnormal data, the to-be-hijacked page is the page which cannot be determined whether to be hijacked or not, the abnormal data corresponding to the to-be-hijacked page are usually small in sample size but wide in trigger range, so that a server can determine the address information of the to-be-hijacked page, the address information of the to-be-hijacked page is sent to a client, the client can process the address information of the to-be-hijacked page conveniently, more processing data are obtained and then sent to the server, and after the server receives the processing data of the to-be-hijacked page, the processing data of the to-be-hijacked page can be integrated, and whether the to-be-hijacked page is the hijacked page or not is judged based on the processing data of the to-be-hijacked page.
It should be noted that, the address information of the hijacking page to be determined may be a URL of the hijacking page to be determined.
S203: if yes, adding the address information corresponding to the abnormal data to the hijacking address information set.
The hijacking address information set comprises address information of the hijacked page, namely the address information set of the hijacked page determined by the server. The server judges the hijacked pages through the abnormal data analysis library, so that the address information of the hijacked pages can be determined, and then the address information of the hijacked pages is added to the hijacked address information set.
S204: and sending the hijacking address information set to the client so that the client can judge whether the page requested by the page request is hijacked or not according to the hijacking address information set.
After the hijacking address information set is determined, the hijacking address information set can be sent to the client side, so that the client side can judge whether the page requested by each page request is hijacked according to the hijacking address information set, and the aim of preventing the hijacking of the page is achieved. The page request may be the page request acquired by the client in step S101.
It should be noted that, in the running process of the client, the abnormal data can be sent to the server in real time, so that the server can analyze the abnormal data in real time and determine the address information of the hijacked page in time, so that the server can determine the address information of the new hijacked page in real time by executing the embodiment of the invention, update the address information into the hijacked address information set, and then send the updated hijacked address information set to the client section, so that the client can update the hijacked address information set in time, thereby effectively realizing the anti-hijacking of the page.
In the embodiment of the invention, the server side can determine the hijacking address information set according to the abnormal data sent by the client side and send the hijacking address information set to the client side, so that the client side can judge whether the page request triggered by the applied browser is hijacked according to the hijacking address information set, and intercept the page request after the hijacking is determined, thereby accurately preventing the page from being hijacked. And the server side determines the hijacking address information set according to the abnormal data of the client side, and can timely and accurately determine the page hijacking address, namely the hijacking address information set, so that timely and effective page hijacking prevention can be realized.
The following describes in detail the manner of determining the hijacking address information set in the embodiment of the present invention with reference to the embodiments shown in fig. 1 and fig. 2, and as shown in fig. 3, the method includes the following steps.
S301: the client monitors operation data of a user on a page in the browser.
The client can monitor the operation data of the browser in the application of the user so as to analyze and restore the user operation and analyze the hijacked page. Especially for the scene comprising the H5 page in the browser, the client can analyze the original page operated by the user and the H5 page, so that the hijacked page can be well determined.
S302: and the client determines the operation data corresponding to the hijacked page according to the operation data.
After monitoring the operation data of the page in the browser by the user, the client can analyze the operation data to determine the operation data corresponding to the hijacked page.
S303: the client determines the complaint information of the user, the data of the hijacked page and the operation data corresponding to the hijacked page as abnormal data.
The data of the hijacked page and the operation data corresponding to the hijacked page can be obtained according to the operation data monitored by the client. The user complaint information is complaint information in the process that the user uses the browser, and a customer complaint pool can be configured in the client side and used for counting and recording the user complaint information.
Specifically, the client may configure a data statistics module and a customer complaint module, the data statistics module may record user operation data, and the customer complaint module may collect customer complaint information.
S304: the client sends the abnormal data to the server.
After the client acquires the abnormal data through the process, the abnormal data can be sent to the server, so that the server can analyze the abnormal data.
S305: and the server judges whether the page corresponding to the abnormal data is hijacked or not according to the abnormal data.
After the server receives the abnormal data sent by the client, the server can analyze the abnormal data and judge whether the page corresponding to the abnormal data is hijacked or not.
The manner in which the server determines whether the page corresponding to the abnormal data is hijacked is not limited. For example, the server may preset an alarm value, and if the number of complaints about a certain page in the abnormal data reaches the alarm value, it may determine that the page has an abnormality, which is a hijacked page. For another example, an alarm proportion may be preset, and if the proportion of the number of abnormal accesses to a certain page in the abnormal data to the total number of accesses reaches the alarm proportion, it may be determined that the page has an abnormality, and the page is hijacked. For another example, the service side may set a complaint level, and determine whether to be hijacked according to the complaint level of the page.
In one implementation manner of the embodiment of the invention, for some abnormal data, the number of samples used for analysis is small, but the trigger range is wide, and based on the samples, whether the corresponding pages are hijacked or not cannot be accurately judged, namely the corresponding pages of the samples are to-be-hijacked pages, at this time, a server can collect samples in a network dial testing mode, and analysis and judgment are carried out after enough samples are collected. The server side can send the address information of the to-be-determined hijacking pages to the client side for network dial testing, the client side can process the address information of the to-be-determined hijacking pages to obtain processing data of the to-be-determined hijacking pages, the processing data of the to-be-determined hijacking pages are returned to the server side, and the server side judges whether the to-be-determined hijacking pages are hijacked or not according to the processing data of the to-be-determined hijacking pages.
A network monitoring module may be configured in the client through which to monitor network rates, abnormal URLs, formats of requested data, download rates, file sizes, etc. After the client receives the address information of the to-be-hijacked page sent by the server, the user non-perception test can be performed, and the tested processing data is fed back to the server. When the network dials, the server can send other information of the to-be-determined hijacking page to the client, such as resource files (html, js, css, img image resources, etc.), besides the address information of the to-be-determined hijacking page to the client, so that the client can dial the network conveniently.
S306: if yes, the server adds the address information corresponding to the abnormal data to a hijacking address information set, wherein the hijacking address information set comprises address information of the hijacked page.
The execution process of this step is the same as that of step S203, and will not be described here again.
S307: the server side sends hijacking address information set to the client side.
The execution process of this step is the same as that of step S204, and will not be described here again.
It should be noted that, the service segment may analyze big data according to the abnormal data, combine the common network hijacking feature, analyze the abnormal data in a targeted manner, and then propose a modification suggestion and upload the modification suggestion to an upstream service party or CDN so as to avoid hijacking the page.
In the embodiment of the invention, the client sends the abnormal data to the server, and the server sends the determined hijacking address information set to the client, so that the client can judge whether the page request triggered by the browser of the application is hijacked according to the hijacking address information set, and intercept the page request after the hijacking is determined, thereby accurately preventing the page from being hijacked. And the server can determine the hijacking address information set according to the abnormal data of the client, and can timely and accurately determine the page hijacking address, namely the hijacking address information set, so that timely and effective page hijacking prevention can be realized.
In order to solve the problems in the prior art, an embodiment of the present invention provides a device 400 for preventing hijacking of a page, which is disposed at a client, as shown in fig. 4, the device 400 includes:
an obtaining unit 401, configured to obtain a page request to be sent, where the page request includes target address information, and the page request is triggered by an in-application browser;
A judging unit 402, configured to judge whether the target address information belongs to a hijacking address information set, where the hijacking address information set includes address information after a page is hijacked, and the hijacking address information set is determined by a server according to abnormal data sent by the client;
an interception unit 403, configured to intercept the page request if yes;
and the sending unit 404 is configured to send the page request if not.
It should be understood that the manner of implementing the embodiment of the present invention is the same as that of implementing the embodiment shown in fig. 1, and will not be described herein.
In an implementation manner of the embodiment of the present invention, the obtaining unit 401 is further configured to obtain the abnormal data, where the abnormal data includes user complaint information and/or page abnormal information;
a sending unit 404, configured to send the abnormal data to a server;
The apparatus 400 further comprises:
the receiving unit is used for receiving the hijacking address information set sent by the server, wherein the hijacking address information set is determined by the server according to the abnormal data.
In still another implementation manner of the embodiment of the present invention, if the anomaly data includes the page anomaly information, the obtaining unit 401 is specifically configured to:
monitoring operation data of a user on a page in the browser;
determining operation data corresponding to the hijacked page according to the operation data;
and determining the data of the hijacked page and the operation data corresponding to the hijacked page as the page abnormal information.
In still another implementation manner of the embodiment of the present invention, the receiving unit is further configured to receive address information of a to-be-hijacked page sent by the server;
The apparatus 400 further comprises:
The processing unit is used for processing the address information of the page to be hijacked to obtain the processing data of the page to be hijacked;
the sending unit 404 is further configured to send the processing data of the pending hijack page to the server.
In yet another implementation manner of the embodiment of the present invention, the apparatus 400 further includes:
The determining unit is used for determining IP address information corresponding to the target address information if the target address information does not belong to the hijacking address information set;
The sending unit 404 is further configured to encapsulate the page request based on the IP address information, and send the encapsulated page request.
In yet another implementation manner of the embodiment of the present invention, the determining unit 402 is further configured to determine whether the target address information belongs to a normal address information set;
The sending unit 404 is further configured to send the page request if the target address information belongs to a normal address information set;
The judging unit is specifically configured to judge whether the target address information belongs to the hijacking address information set if the target address information does not belong to the normal address information set.
It should be understood that the manner of implementing the embodiments of the present invention is the same as that of implementing the embodiments shown in fig. 1 or 3, and will not be described herein.
In the embodiment of the invention, for the page request to be sent, the client can judge whether the target address in the page request belongs to the hijacked address information set by hijacking the address information set; because the hijacking address information set is determined by the server according to the abnormal data sent by the client, the target address information belongs to the hijacking address information set, which indicates that the page requested by the page request is hijacked, and the client can intercept the page request. The client judges whether the page request triggered by the browser of the application is hijacked or not according to the hijacking address information set, intercepts the page request after the hijacking is confirmed, and therefore the page can be accurately prevented from being hijacked, and the problems that the page hijacking prevention method of the browser in the application is invalid and the page is hijacked due to the fact that the page hijacking prevention method of the browser in the application is not suitable for the page hijacking prevention of the browser in the application are solved.
In order to solve the problems in the prior art, an embodiment of the present invention provides a device 500 for preventing hijacking of a page, which is disposed at a server, as shown in fig. 5, where the device 500 includes:
a receiving unit 501, configured to receive abnormal data sent by a client;
a judging unit 502, configured to judge, according to the abnormal data, whether a page corresponding to the abnormal data is hijacked;
A determining unit 503, configured to if yes, add address information corresponding to the abnormal data to a hijacking address information set;
And the sending unit 504 is configured to send the hijacking address information set to the client, so that the client determines, according to the hijacking address information set, whether the page requested by the page request is hijacked.
It should be understood that the manner of implementing the embodiment of the present invention is the same as that of implementing the embodiment shown in fig. 2, and will not be described herein.
In one implementation manner of the embodiment of the present invention, the determining unit 503 is further configured to determine address information of a page to be hijacked from the abnormal data;
The sending unit 504 is further configured to send address information of the hijacking page to the client;
the receiving unit 501 is further configured to receive processing data of the pending hijacking page sent by the client;
The judging unit 502 is further configured to judge whether the hijacking page is hijacked according to the processing data of the hijacking page.
It should be understood that the manner of implementing the embodiments of the present invention is the same as that of implementing the embodiments shown in fig. 2 or 3, and will not be described herein.
In the embodiment of the invention, the server side can determine the hijacking address information set according to the abnormal data sent by the client side and send the hijacking address information set to the client side, so that the client side can judge whether the page request triggered by the applied browser is hijacked according to the hijacking address information set, and intercept the page request after the hijacking is determined, thereby accurately preventing the page from being hijacked. And the server side determines the hijacking address information set according to the abnormal data of the client side, and can timely and accurately determine the page hijacking address, namely the hijacking address information set, so that timely and effective page hijacking prevention can be realized.
According to an embodiment of the present invention, the present invention also provides an electronic device and a readable storage medium.
The electronic device of the present invention includes: at least one processor; and a memory communicatively coupled to the at least one processor; the memory stores instructions executable by the one processor, and the instructions are executed by the at least one processor, so that the at least one processor executes the method for preventing hijacking of the page provided by the embodiment of the invention.
Fig. 6 illustrates an exemplary system architecture 600 of a page anti-hijacking method or a page anti-hijacking device to which embodiments of the present invention may be applied.
As shown in fig. 6, the system architecture 600 may include terminal devices 601, 602, 603, a network 604, and a server 605. The network 604 is used as a medium to provide communication links between the terminal devices 601, 602, 603 and the server 605. The network 604 may include various connection types, such as wired, wireless communication links, or fiber optic cables, among others.
A user may interact with the server 605 via the network 604 using the terminal devices 601, 602, 603 to receive or send messages, etc. Various communication client applications such as shopping class applications, web browser applications, search class applications, instant messaging tools, mailbox clients, social platform software, etc. (by way of example only) may be installed on the terminal devices 601, 602, 603.
The terminal devices 601, 602, 603 may be various electronic devices having a display screen and supporting web browsing, including but not limited to smartphones, tablets, laptop and desktop computers, and the like.
The server 605 may be a server providing various services, such as a background management server (by way of example only) providing support for shopping-type websites browsed by users using terminal devices 601, 602, 603. The background management server may analyze and process the received data such as the product information query request, and feed back the processing result (e.g., product information—only an example) to the terminal device.
It should be noted that, the method for preventing hijacking of a page provided in the embodiment of the present invention is generally executed by the server 605, and accordingly, the device for preventing hijacking of a page is generally disposed in the server 605. The method for preventing hijacking of the page provided by the embodiment of the invention is generally executed by the terminal devices 601, 602 and 603, and correspondingly, the device for preventing hijacking of the page is generally arranged in the terminal devices 601, 602 and 603.
It should be understood that the number of terminal devices, networks and servers in fig. 6 is merely illustrative. There may be any number of terminal devices, networks, and servers, as desired for implementation.
Referring now to FIG. 7, there is illustrated a schematic diagram of a computer system 700 suitable for use in implementing embodiments of the present invention. The computer system shown in fig. 7 is only an example, and should not be construed as limiting the functionality and scope of use of the embodiments of the invention.
As shown in fig. 7, the computer system 700 includes a Central Processing Unit (CPU) 701, which can perform various appropriate actions and processes according to a program stored in a Read Only Memory (ROM) 702 or a program loaded from a storage section 708 into a Random Access Memory (RAM) 703. In the RAM 703, various programs and data required for the operation of the system 700 are also stored. The CPU 701, ROM 702, and RAM 703 are connected to each other through a bus 704. An input/output (I/O) interface 705 is also connected to bus 704.
The following components are connected to the I/O interface 705: an input section 706 including a keyboard, a mouse, and the like; an output portion 707 including a Cathode Ray Tube (CRT), a Liquid Crystal Display (LCD), and the like, a speaker, and the like; a storage section 708 including a hard disk or the like; and a communication section 709 including a network interface card such as a LAN card, a modem, or the like. The communication section 709 performs communication processing via a network such as the internet. The drive 710 is also connected to the I/O interface 705 as needed. A removable medium 711 such as a magnetic disk, an optical disk, a magneto-optical disk, a semiconductor memory, or the like is mounted on the drive 710 as necessary, so that a computer program read therefrom is mounted into the storage section 708 as necessary.
In particular, according to embodiments of the present disclosure, the processes described above with reference to flowcharts may be implemented as computer software programs. For example, embodiments of the present disclosure include a computer program product comprising a computer program embodied on a computer readable medium, the computer program comprising program code for performing the method shown in the flow chart. In such an embodiment, the computer program may be downloaded and installed from a network via the communication portion 709, and/or installed from the removable medium 711. The above-described functions defined in the system of the present invention are performed when the computer program is executed by a Central Processing Unit (CPU) 701.
The computer readable medium shown in the present invention may be a computer readable signal medium or a computer readable storage medium, or any combination of the two. The computer readable storage medium can be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or a combination of any of the foregoing. More specific examples of the computer-readable storage medium may include, but are not limited to: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In the context of this document, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. In the present invention, however, the computer-readable signal medium may include a data signal propagated in baseband or as part of a carrier wave, with the computer-readable program code embodied therein. Such a propagated data signal may take any of a variety of forms, including, but not limited to, electro-magnetic, optical, or any suitable combination of the foregoing. A computer readable signal medium may also be any computer readable medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device. Program code embodied on a computer readable medium may be transmitted using any appropriate medium, including but not limited to: wireless, wire, fiber optic cable, RF, etc., or any suitable combination of the foregoing.
The flowcharts and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present invention. In this regard, each block in the flowchart or block diagrams may represent a unit, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams or flowchart illustration, and combinations of blocks in the block diagrams or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
The units involved in the embodiments of the present invention may be implemented in software or in hardware. The described units may also be provided in a processor, for example, described as: a processor includes an acquisition unit, a determination unit, and an interception unit. The names of these units do not constitute a limitation on the unit itself in some cases, and for example, the acquisition unit may also be described as "a unit that acquires the function of the unit".
As another aspect, the present invention also provides a computer-readable medium that may be contained in the apparatus described in the above embodiments; or may be present alone without being fitted into the device. The computer readable medium carries one or more programs which, when executed by a device, cause the device to perform the method of page hijacking prevention provided by the present invention.
The above embodiments do not limit the scope of the present invention. It will be apparent to those skilled in the art that various modifications, combinations, sub-combinations and alternatives can occur depending upon design requirements and other factors. Any modifications, equivalent substitutions and improvements made within the spirit and principles of the present invention should be included in the scope of the present invention.
Claims (10)
1. A method for preventing hijacking of a page, which is used for a client, and comprises the following steps:
acquiring a page request to be sent, wherein the page request comprises target address information, and the page request is triggered by a browser in an application;
Judging whether the target address information belongs to a hijacking address information set or not, wherein the hijacking address information set comprises address information of a hijacked page, and the hijacking address information set is determined by a server according to abnormal data sent by a client;
If yes, intercepting the page request; if not, sending the page request;
the client comprises a network monitoring module; the method further comprises the steps of:
receiving address information and a resource file of a to-be-determined hijacking page sent by the server, wherein the address information of the to-be-determined hijacking page is determined from the abnormal data;
Processing the address information of the page to be hijacked and the resource file to obtain processing data of the page to be hijacked; the network monitoring module is used for processing the address information and the resource file of the page to be hijacked, and the processing data comprise network rate, the format of the requested data, downloading rate and file size;
and sending the processing data of the pending hijacking page to the server side to enable the server side to determine the hijacking address information set.
2. The method of claim 1, further comprising, prior to the obtaining the page request to be sent:
Acquiring the abnormal data, wherein the abnormal data comprises user complaint information and/or page abnormal information;
The abnormal data is sent to a server;
and receiving a hijacking address information set sent by the server, wherein the hijacking address information set is determined by the server according to the abnormal data.
3. The method of claim 2, wherein if the exception data includes the page exception information, the obtaining the exception data comprises:
monitoring operation data of a user on a page in the browser;
determining operation data corresponding to the hijacked page according to the operation data;
and determining the data of the hijacked page and the operation data corresponding to the hijacked page as the page abnormal information.
4. The method of claim 1, wherein the sending the page request comprises:
determining IP address information corresponding to the target address information;
and packaging the page request based on the IP address information, and sending the packaged page request.
5. The method of claim 1, further comprising, prior to said determining whether the target address information belongs to a hijacked address information set:
judging whether the target address information belongs to a normal address information set or not;
If the target address information belongs to a normal address information set, sending the page request;
the determining whether the target address information belongs to a hijacking address information set includes:
if the target address information does not belong to the normal address information set, judging whether the target address information belongs to the hijacking address information set.
6. The method for preventing the hijacking of the page is characterized by comprising the following steps of:
abnormal data sent by a client is received;
judging whether the page corresponding to the abnormal data is hijacked or not according to the abnormal data;
if yes, adding the address information corresponding to the abnormal data to a hijacking address information set, wherein the hijacking address information set comprises address information of a hijacked page;
the hijacking address information set is sent to the client so that the client can judge whether the page requested by the page request is hijacked or not according to the hijacking address information set;
judging whether the page corresponding to the abnormal data is hijacked according to the abnormal data comprises the following steps:
Judging whether the page to be hijacked is hijacked or not according to processing data of the page to be hijacked, wherein the processing data is obtained by processing the address information and the resource file of the page to be hijacked determined by the server from the abnormal data through a network monitoring module after the client receives the address information and the resource file of the page to be hijacked determined by the server, and the processing data comprises a network rate, a requested data format, a downloading rate and a file size.
7. The device for preventing hijacking of the page is characterized by being arranged at a client and comprising:
the system comprises an acquisition unit, a processing unit and a processing unit, wherein the acquisition unit is used for acquiring a page request to be sent, the page request comprises target address information to be accessed, and the page request is triggered by a browser in an application;
The judging unit is used for judging whether the target address information belongs to a hijacking address information set or not, wherein the hijacking address information set comprises address information after a page is hijacked, and the hijacking address information set is determined by a server according to abnormal data sent by the client;
the interception unit is used for intercepting the page request if yes;
a sending unit, configured to send the page request if not;
the client comprises a network monitoring module;
The receiving unit is also used for receiving the address information of the to-be-hijacked page sent by the server;
The apparatus further comprises:
the processing unit is used for processing the address information of the page to be hijacked and the resource file to obtain processing data of the page to be hijacked; the network monitoring module is used for processing the address information and the resource file of the page to be hijacked, and the processing data comprise network rate, the format of the requested data, downloading rate and file size;
The sending unit is further configured to send the processing data of the pending hijacking page to the server, so that the server determines the hijacking address information set.
8. The device for preventing hijacking of the page is characterized by being arranged at a server and comprising:
the receiving unit is used for receiving the abnormal data sent by the client;
The judging unit is used for judging whether the page corresponding to the abnormal data is hijacked or not according to the abnormal data;
The determining unit is used for determining that the address information corresponding to the abnormal data is added to the hijacking address information set if yes;
The sending unit is used for sending the hijacking address information set to the client so that the client can perform page hijacking prevention on a page request to be sent according to the hijacking address information set;
The judging unit is further configured to judge whether the hijacking page is hijacked according to processing data of the hijacking page, where the processing data is obtained by processing the address information and the resource file of the hijacking page determined by the server from the abnormal data through the network monitoring module after the client receives the address information and the resource file of the hijacking page, and the processing data includes a network rate, a format of requested data, a downloading rate, and a file size.
9. An electronic device, comprising:
one or more processors;
storage means for storing one or more programs,
When executed by the one or more processors, causes the one or more processors to implement the method of any of claims 1-6.
10. A computer readable medium, on which a computer program is stored, characterized in that the program, when being executed by a processor, implements the method according to any of claims 1-6.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010285476.XA CN113542185B (en) | 2020-04-13 | 2020-04-13 | Method and device for preventing hijacking of page, electronic equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010285476.XA CN113542185B (en) | 2020-04-13 | 2020-04-13 | Method and device for preventing hijacking of page, electronic equipment and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN113542185A CN113542185A (en) | 2021-10-22 |
| CN113542185B true CN113542185B (en) | 2024-05-21 |
Family
ID=78088215
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010285476.XA Active CN113542185B (en) | 2020-04-13 | 2020-04-13 | Method and device for preventing hijacking of page, electronic equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113542185B (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115242862A (en) * | 2022-07-28 | 2022-10-25 | 盐城金堤科技有限公司 | Network request control method, device, medium and electronic equipment |
Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103902888A (en) * | 2012-12-24 | 2014-07-02 | 腾讯科技(深圳)有限公司 | Website trust automatic rating method, server-side and system |
| CN104935605A (en) * | 2015-06-30 | 2015-09-23 | 北京奇虎科技有限公司 | Detection method, device and system for fishing websites |
| CN105160246A (en) * | 2015-09-30 | 2015-12-16 | 北京奇虎科技有限公司 | Method for identifying hijacked browser and browser |
| WO2017054716A1 (en) * | 2015-09-30 | 2017-04-06 | 北京奇虎科技有限公司 | Method for recognizing hijacked browser and browser |
| CN106953740A (en) * | 2017-01-24 | 2017-07-14 | 阿里巴巴集团控股有限公司 | The processing method of page access data, client, server and system in |
| CN108494728A (en) * | 2018-02-07 | 2018-09-04 | 平安普惠企业管理有限公司 | Blacklist base establishing method, device, equipment and the medium for preventing flow from kidnapping |
| CN109150928A (en) * | 2017-06-15 | 2019-01-04 | 北京京东尚科信息技术有限公司 | Method and apparatus for handling request |
| CN109729100A (en) * | 2019-03-12 | 2019-05-07 | Oppo广东移动通信有限公司 | A kind of web data kidnaps monitoring method, device and computer readable storage medium |
-
2020
- 2020-04-13 CN CN202010285476.XA patent/CN113542185B/en active Active
Patent Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103902888A (en) * | 2012-12-24 | 2014-07-02 | 腾讯科技(深圳)有限公司 | Website trust automatic rating method, server-side and system |
| CN104935605A (en) * | 2015-06-30 | 2015-09-23 | 北京奇虎科技有限公司 | Detection method, device and system for fishing websites |
| CN105160246A (en) * | 2015-09-30 | 2015-12-16 | 北京奇虎科技有限公司 | Method for identifying hijacked browser and browser |
| WO2017054716A1 (en) * | 2015-09-30 | 2017-04-06 | 北京奇虎科技有限公司 | Method for recognizing hijacked browser and browser |
| CN106953740A (en) * | 2017-01-24 | 2017-07-14 | 阿里巴巴集团控股有限公司 | The processing method of page access data, client, server and system in |
| CN109150928A (en) * | 2017-06-15 | 2019-01-04 | 北京京东尚科信息技术有限公司 | Method and apparatus for handling request |
| CN108494728A (en) * | 2018-02-07 | 2018-09-04 | 平安普惠企业管理有限公司 | Blacklist base establishing method, device, equipment and the medium for preventing flow from kidnapping |
| CN109729100A (en) * | 2019-03-12 | 2019-05-07 | Oppo广东移动通信有限公司 | A kind of web data kidnaps monitoring method, device and computer readable storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN113542185A (en) | 2021-10-22 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US8516601B2 (en) | Online privacy management | |
| CN106302445B (en) | Method and apparatus for handling request | |
| CN112269959B (en) | Control method and device for display content, readable medium and electronic equipment | |
| CN111740992B (en) | Website security vulnerability detection method, device, medium and electronic equipment | |
| CN110928934A (en) | Data processing method and device for business analysis | |
| CN113505302A (en) | Method, device and system for supporting dynamic acquisition of buried point data and electronic equipment | |
| CN111984896A (en) | Buried point data acquisition method and device, computer equipment and readable storage medium | |
| CN111783005B (en) | Method, device and system for displaying web page, computer system and medium | |
| CN113542185B (en) | Method and device for preventing hijacking of page, electronic equipment and storage medium | |
| US10929884B2 (en) | System and method for preventing a delivery of advertising contents | |
| CN115470432A (en) | Page rendering method and device, electronic equipment and computer readable medium | |
| CN112015383A (en) | Login method and device | |
| US11115462B2 (en) | Distributed system | |
| CN112579447A (en) | Browser testing method and device | |
| CN110825603A (en) | Page first loading time determining method and device, electronic equipment and storage medium | |
| CN115202973A (en) | Application running state determining method and device, electronic equipment and medium | |
| CN112817874B (en) | User interface testing method, device, equipment and medium | |
| CN113761433A (en) | Service processing method and device | |
| CN114024867A (en) | Network anomaly detection method and device | |
| CN109981806B (en) | Domain name processing and registering method and system, and computer system | |
| CN114979132B (en) | Cluster component state detection method and device | |
| CN113904964B (en) | Website front-end performance monitoring method and device, electronic equipment and medium | |
| CN112445498B (en) | Program installation method and device, electronic equipment and storage medium | |
| CN116886441B (en) | Website detection method and device, electronic equipment and readable medium | |
| CN113127851B (en) | Data collection method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |