CN114710331A - Security defense method and network security equipment - Google Patents
Security defense method and network security equipment Download PDFInfo
- Publication number
- CN114710331A CN114710331A CN202210290173.6A CN202210290173A CN114710331A CN 114710331 A CN114710331 A CN 114710331A CN 202210290173 A CN202210290173 A CN 202210290173A CN 114710331 A CN114710331 A CN 114710331A
- Authority
- CN
- China
- Prior art keywords
- defense
- security
- constructing
- network
- model
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Withdrawn
Links
- 230000007123 defense Effects 0.000 title claims abstract description 145
- 238000000034 method Methods 0.000 title claims abstract description 36
- 230000006870 function Effects 0.000 claims abstract description 59
- 230000002265 prevention Effects 0.000 claims description 18
- 238000010276 construction Methods 0.000 claims description 12
- 238000012545 processing Methods 0.000 claims description 10
- 238000001514 detection method Methods 0.000 claims description 9
- 238000004590 computer program Methods 0.000 claims description 6
- 238000001914 filtration Methods 0.000 description 8
- 230000008569 process Effects 0.000 description 7
- 238000013515 script Methods 0.000 description 4
- 241000700605 Viruses Species 0.000 description 3
- 230000004048 modification Effects 0.000 description 3
- 238000012986 modification Methods 0.000 description 3
- 230000002159 abnormal effect Effects 0.000 description 2
- 230000009471 action Effects 0.000 description 2
- 230000006399 behavior Effects 0.000 description 2
- 238000002347 injection Methods 0.000 description 2
- 239000007924 injection Substances 0.000 description 2
- 230000004044 response Effects 0.000 description 2
- 230000006978 adaptation Effects 0.000 description 1
- 230000008901 benefit Effects 0.000 description 1
- 230000002457 bidirectional effect Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 238000007689 inspection Methods 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
- 230000000149 penetrating effect Effects 0.000 description 1
- 239000000243 solution Substances 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1458—Denial of Service
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/02—Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
- Computer And Data Communications (AREA)
Abstract
The present specification provides a method of security defense and a network security device, the method comprising: and constructing a security defense model, wherein the security defense model comprises two or more security defense functions, and the security defense model is utilized to perform security defense on the network equipment. The method can effectively improve the network security.
Description
Technical Field
The present disclosure relates to the field of information security, and in particular, to a method for security defense and a network security device.
Background
With the development of network informatization, more and more applications based on Web services are provided, and the security of the Web services is more and more emphasized by people. Once the Web server is attacked, not only the normal service cannot be provided, but also the internal information is leaked.
The Web server is also called www (world WIDE Web) server, and the main function is to provide Web information browsing services. The WWW is the Internet's multimedia information query tool, the fastest growing and most widely used service today. When a Web browser (client) connects to a Web server and requests a file, the Web server will process the request and send the file to the browser, with the accompanying information telling the browser how to view the file (i.e., the file type). The Web server not only stores information, but also allows users to run scripts and programs based on information provided by a Web browser.
Because the Web server provides services for various clients, users are various, so that the application systems are directly exposed in an unsafe network environment, the Web server is free from security threats at all times, and the threats mainly comprise denial of service, distributed denial of service, SQL injection attack and cross-site scripting attack. Since government websites, financial websites and educational websites generally have higher website ranking weight in internet search engines such as Baidu, Google and dog searching, hackers can cheat the personal related information of customers by inserting illegal links or website horse hanging means in the webpages of the websites, so as to exchange higher economic benefit value.
Disclosure of Invention
In order to improve network security, the embodiment of the disclosure provides a security defense method and a network security device.
The embodiment of the disclosure provides a security defense method, which comprises the following steps:
constructing a security defense model, wherein the security defense model comprises two or more security defense functions;
and carrying out security defense on the network equipment by utilizing the security defense model.
Wherein the constructing of the security defense model comprises:
and determining defense levels for constructing a security defense model, wherein each defense level at least comprises one security defense function.
The method further comprises the following steps:
constructing a safety defense function library, wherein the safety defense function library at least comprises: DDos attack resistance, network access control, intrusion prevention detection, HTTP attack prevention and webpage tamper resistance.
The method comprises the following steps of determining defense levels for constructing a security defense model, wherein each defense level at least comprises a security defense function, and the method comprises the following steps:
and acquiring a corresponding number of target security defense functions from the defense function library according to the determined number of defense levels for constructing the security defense model, and enabling the target security defense functions according to the defense level sequence.
By the method, the network security can be effectively improved.
An embodiment of the present disclosure further provides a network security device, where the network security device includes:
the safety defense system comprises a construction module, a data processing module and a data processing module, wherein the construction module is used for constructing a safety defense model which comprises two or more safety defense functions;
and the processing module is used for carrying out security defense on the network equipment by utilizing the security defense model.
The construction module is specifically used for determining defense levels for constructing a security defense model, and each defense level at least comprises a security defense function.
The construction module is further used for constructing a security defense function library, and the security defense function library at least comprises: DDos attack resistance, network access control, intrusion prevention detection, HTTP attack prevention and webpage tamper resistance.
And acquiring a corresponding number of target security defense functions from the defense function library according to the determined number of defense levels for constructing the security defense model, and enabling the target security defense functions according to the defense level sequence.
An embodiment of the present disclosure further provides a network security device, where the network security device includes: a processor, a memory and a program stored on the memory and executable on the processor, the program implementing any of the above method steps when executed by the processor.
An embodiment of the present disclosure further provides a computer-readable storage medium, on which a computer program is stored, and the computer program, when executed by a processor, implements any of the above method steps.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the present specification and together with the description, serve to explain the principles of the specification.
Fig. 1 is a schematic flow chart of a security defense method according to an embodiment of the present disclosure.
Detailed Description
Reference will now be made in detail to the exemplary embodiments, examples of which are illustrated in the accompanying drawings. When the following description refers to the accompanying drawings, like numbers in different drawings represent the same or similar elements unless otherwise indicated. The embodiments described in the following exemplary embodiments do not represent all embodiments consistent with the present specification. Rather, they are merely examples of apparatus and methods consistent with certain aspects of the specification, as detailed in the appended claims.
The terminology used in the description herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the description. As used in this specification and the appended claims, the singular forms "a", "an", and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise. It should also be understood that the term "and/or" as used herein refers to and encompasses any and all possible combinations of one or more of the associated listed items.
It should be understood that although the terms first, second, third, etc. may be used herein to describe various information, these information should not be limited to these terms. These terms are only used to distinguish one type of information from another. For example, the first information may also be referred to as second information, and similarly, the second information may also be referred to as first information, without departing from the scope of the present specification. The word "if" as used herein may be interpreted as "at … …" or "when … …" or "in response to a determination", depending on the context.
In a traditional Web server safety protection scheme, a Web server is deployed in a DMZ area, a firewall, vulnerability scanning and intrusion prevention products are deployed at a network boundary, network messages are filtered in a mode of configuring access control among areas on the firewall, virus defense and attack script defense are carried out on flow by matching intrusion prevention equipment, and vulnerabilities of websites are discovered and repaired in time by means of vulnerability scanning.
There are problems in the above technology that cannot block application layer attacks and lack global view of integrity, for example, HTTP layer exploits and attacks are the mainstream means for hackers for Web servers. Traditional firewalls and intrusion prevention can not go deep into data packets for targeted security inspection and filtering. Each safety measure works independently, no resultant force is formed, and the adopted safety solution cannot play a role to the maximum extent.
In order to solve the technical problem, the embodiment of the present disclosure provides a method for security defense, and a Web server security protection scheme based on multilayer defense is designed, through which a user can select and adapt a security policy in combination with a current security situation score, a security resource usage condition, and a security protection requirement, and a multilayer security defense line is established between the Web server and an internet user/malicious user through various professional security measures, so as to improve the defense capability of the Web server.
Based on the above, an embodiment of the present disclosure provides a method for security defense, as shown in fig. 1, the method includes:
s101, constructing a security defense model, wherein the security defense model comprises two or more security defense functions;
s102, carrying out security defense on the network equipment by using the security defense model.
In this embodiment, the security defense model may include a plurality of defense levels, for example, two to five levels of defense levels may be included.
In the implementation step S101, the administrator may first determine defense levels of the security defense model, wherein each defense level includes at least one security defense function.
The security defense function in this embodiment may be a security defense function related at present or in the future, for example, DDos attack resistance, network access control, intrusion prevention detection, HTTP attack prevention, and web page tamper resistance.
The anti-DDos attack, the security defense function is mainly used for defending DDoS attack (denial of service attack) initiated by a hacker to the Web server, DDoS flow can be effectively unloaded, common attack behaviors such as SYN flow, UDP DNS Query flow, (M) Stream flow, ICMP flow, HTTP Get flow and connection exhaustion can be effectively identified, and the attack flows are blocked in real time through an integrated mechanism, so that the Web server is effectively protected.
And the security defense function is mainly used for controlling the network boundary access between the Internet and an intranet. The Web server is essentially an intranet application, but needs to be exposed to the internet due to the requirement of business release. The firewall product is deployed at the layer to issue the Web server to the outside, and meanwhile, network access control measures are taken, so that the safety guarantee requirement that the internal network of an enterprise is not influenced while the Web server is exposed to the outside is guaranteed. The layer can prevent hackers from attacking the internal network by using unsafe services, carry out access control on malicious ports and malicious IP, realize the functions of monitoring, filtering, recording and reporting of data streams and better separate the connection between the internal network and the external network.
And (4) intrusion prevention detection, wherein the security prevention function is mainly used for filtering malicious codes at a filtering system level. The layer integrates functions of intrusion prevention and detection, virus protection, bandwidth management, URL (uniform resource locator) filtering and the like, and by penetrating into 7 layers of analysis and detection, attacks and malicious behaviors of viruses, worms, trojans, spyware, nets and the like hidden in network flow are blocked in real time, so that comprehensive protection of network application, network infrastructure and network performance is realized, and effective protection can be provided for abnormal message attacks.
The security defense function is mainly used for checking and filtering bidirectional data submitted to the Web server by a user and returned to the user by the Web server. For data submitted by a user to a Web server, the layer can discover malicious scripts and problem codes/commands in the data submitted by the user in real time. Necessary content filtering can be performed on data returned to a user by a Web server, such as malicious scripts and codes, HTTP Error responses (4xx, 5xx and the like), key sensitive words and the like, so that the safety of the user side is fully ensured, and meanwhile, the leakage of important information of the server side is avoided. The Web security problems of SQL injection, cross-site scripting, CSRF, abnormal access, CC attack and the like are solved.
The webpage is tamper-proof, and the security defense function is mainly used for preventing malicious tampering of webpage content. The layer directly deploys a core program on a Web server, sets access authority (generally forbids all processes to modify) aiming at a website file directory, realizes the protection of a website or a website directory file in advance, forbids any other process and port to access all the modification operations of the protected directory and file except for the appointed legal process and port service, cuts off the connection before the illegal process starts to invade the system, forbids the next action of the illegal process, and avoids economic and image loss caused by the falsification of a webpage.
In this embodiment, a security defense function library may be further constructed, where the security defense function library is configured to store the security defense functions, and the security defense function library may be constructed by a database and stored in a server.
In this embodiment, a corresponding number of security defense functions (target security defense functions) are invoked from the library of security defense functions according to the determined defense hierarchy.
In one embodiment, the user may select and adapt the security policy in combination with the current security situation score, the security resource usage, and the security protection requirements, and may enable the security defense functions in the order of defense levels.
It can be seen from the above embodiments that, by constructing a security defense model including multiple security defense functions, a user can select and adapt a security policy in combination with the current security situation score, the security resource usage and the security protection requirements, so that the security threats of L2-L7 can be fully covered, interception and filtering can be effectively performed when a security event occurs, the difficulty of hacking is increased, and the possibility of the Web server being attacked is reduced.
Based on the foregoing method embodiments, an embodiment of the present disclosure further provides a network security device, where the network security device includes:
the safety defense system comprises a construction module, a data processing module and a data processing module, wherein the construction module is used for constructing a safety defense model which comprises two or more safety defense functions;
and the processing module is used for carrying out security defense on the network equipment by utilizing the security defense model.
The construction module is specifically used for determining defense levels for constructing a security defense model, and each defense level at least comprises a security defense function.
The construction module is further used for constructing a security defense function library, and the security defense function library at least comprises: DDos attack resistance, network access control, intrusion prevention detection, HTTP attack prevention and webpage tamper resistance.
And acquiring a corresponding number of target security defense functions from the defense function library according to the determined number of defense levels for constructing the security defense model, and enabling the target security defense functions according to the defense level sequence.
An embodiment of the present disclosure further provides a network security device, where the network security device includes: a processor, a memory and a program stored on the memory and executable on the processor, which when executed by the processor implements the method steps of any of the embodiments described above.
The embodiments of the present disclosure also provide a computer-readable storage medium, on which a computer program is stored, and when the computer program is executed by a processor, the method steps in any of the above embodiments are implemented.
The foregoing description has been directed to specific embodiments of this disclosure. Other embodiments are within the scope of the following claims. In some cases, the actions or steps recited in the claims may be performed in a different order than in the embodiments and still achieve desirable results. In addition, the processes depicted in the accompanying figures do not necessarily require the particular order shown, or sequential order, to achieve desirable results. In some embodiments, multitasking and parallel processing may also be possible or may be advantageous.
Other embodiments of the present description will be apparent to those skilled in the art from consideration of the specification and practice of the invention disclosed herein. This specification is intended to cover any variations, uses, or adaptations of the specification following, in general, the principles of the specification and including such departures from the present disclosure as come within known or customary practice within the art to which the specification pertains. It is intended that the specification and examples be considered as exemplary only, with a true scope and spirit of the specification being indicated by the following claims.
It will be understood that the present description is not limited to the precise arrangements described above and shown in the drawings, and that various modifications and changes may be made without departing from the scope thereof. The scope of the present description is limited only by the appended claims.
The above description is only a preferred embodiment of the present disclosure, and should not be taken as limiting the present disclosure, and any modifications, equivalents, improvements and the like made within the spirit and principle of the present disclosure should be included in the protection scope of the present disclosure.
Claims (10)
1. A method of security defense, the method comprising:
constructing a security defense model, wherein the security defense model comprises two or more security defense functions;
and carrying out security defense on the network equipment by utilizing the security defense model.
2. The method of claim 1, wherein constructing the security defense model comprises:
and determining defense levels for constructing a security defense model, wherein each defense level at least comprises one security defense function.
3. The method of claim 2, further comprising:
constructing a safety defense function library, wherein the safety defense function library at least comprises: DDos attack resistance, network access control, intrusion prevention detection, HTTP attack prevention and webpage tamper resistance.
4. The method of claim 3, wherein determining defense levels for constructing a security defense model, each defense level comprising at least one security defense function, comprises:
and acquiring a corresponding number of target security defense functions from the defense function library according to the determined number of defense levels for constructing the security defense model, and enabling the target security defense functions according to the defense level sequence.
5. A network security device, the network security device comprising:
the safety defense system comprises a construction module, a data processing module and a data processing module, wherein the construction module is used for constructing a safety defense model which comprises two or more safety defense functions;
and the processing module is used for carrying out security defense on the network equipment by utilizing the security defense model.
6. The network security appliance of claim 5,
the construction module is specifically used for determining defense levels for constructing a security defense model, and each defense level at least comprises a security defense function.
7. The network security appliance of claim 5,
the construction module is further used for constructing a security defense function library, and the security defense function library at least comprises: DDos attack resistance, network access control, intrusion prevention detection, HTTP attack prevention and webpage tamper resistance.
8. The network security appliance of claim 7,
and acquiring a corresponding number of target security defense functions from the defense function library according to the determined number of defense levels for constructing the security defense model, and enabling the target security defense functions according to the defense level sequence.
9. A network security device, comprising: processor, memory and program stored on the memory and executable on the processor, which when executed by the processor implements the steps of the method according to any one of claims 1 to 4.
10. A computer-readable storage medium, characterized in that a computer program is stored on the computer-readable storage medium, which computer program, when being executed by a processor, carries out the steps of the method according to any one of claims 1 to 4.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210290173.6A CN114710331A (en) | 2022-03-23 | 2022-03-23 | Security defense method and network security equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210290173.6A CN114710331A (en) | 2022-03-23 | 2022-03-23 | Security defense method and network security equipment |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN114710331A true CN114710331A (en) | 2022-07-05 |
Family
ID=82169512
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210290173.6A Withdrawn CN114710331A (en) | 2022-03-23 | 2022-03-23 | Security defense method and network security equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114710331A (en) |
Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101582883A (en) * | 2009-06-26 | 2009-11-18 | 西安电子科技大学 | System and method for managing security of general network |
| CN101808078A (en) * | 2009-02-13 | 2010-08-18 | 北京启明星辰信息技术股份有限公司 | Intrusion defence system having active defence capability and method thereof |
| CN102934122A (en) * | 2010-05-07 | 2013-02-13 | 阿尔卡特朗讯公司 | Method for adapting security policies of an information system infrastructure |
| CN104092668A (en) * | 2014-06-23 | 2014-10-08 | 北京航空航天大学 | Method for constructing safety service of reconfigurable network |
| CN106789983A (en) * | 2016-12-08 | 2017-05-31 | 北京安普诺信息技术有限公司 | A kind of CC attack defense methods and its system of defense |
| CN113194059A (en) * | 2021-02-24 | 2021-07-30 | 天津大学 | Method for selecting defense strategy of moving target |
| CN113407949A (en) * | 2021-06-29 | 2021-09-17 | 恒安嘉新(北京)科技股份公司 | Information security monitoring system, method, equipment and storage medium |
| CN113542227A (en) * | 2021-06-18 | 2021-10-22 | 杭州安恒信息技术股份有限公司 | Account security protection method and device, electronic device and storage medium |
| CN114124585A (en) * | 2022-01-28 | 2022-03-01 | 奇安信科技集团股份有限公司 | Security defense method, device, electronic equipment and medium |
-
2022
- 2022-03-23 CN CN202210290173.6A patent/CN114710331A/en not_active Withdrawn
Patent Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101808078A (en) * | 2009-02-13 | 2010-08-18 | 北京启明星辰信息技术股份有限公司 | Intrusion defence system having active defence capability and method thereof |
| CN101582883A (en) * | 2009-06-26 | 2009-11-18 | 西安电子科技大学 | System and method for managing security of general network |
| CN102934122A (en) * | 2010-05-07 | 2013-02-13 | 阿尔卡特朗讯公司 | Method for adapting security policies of an information system infrastructure |
| CN104092668A (en) * | 2014-06-23 | 2014-10-08 | 北京航空航天大学 | Method for constructing safety service of reconfigurable network |
| CN106789983A (en) * | 2016-12-08 | 2017-05-31 | 北京安普诺信息技术有限公司 | A kind of CC attack defense methods and its system of defense |
| CN113194059A (en) * | 2021-02-24 | 2021-07-30 | 天津大学 | Method for selecting defense strategy of moving target |
| CN113542227A (en) * | 2021-06-18 | 2021-10-22 | 杭州安恒信息技术股份有限公司 | Account security protection method and device, electronic device and storage medium |
| CN113407949A (en) * | 2021-06-29 | 2021-09-17 | 恒安嘉新(北京)科技股份公司 | Information security monitoring system, method, equipment and storage medium |
| CN114124585A (en) * | 2022-01-28 | 2022-03-01 | 奇安信科技集团股份有限公司 | Security defense method, device, electronic equipment and medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US8949988B2 (en) | Methods for proactively securing a web application and apparatuses thereof | |
| US8429751B2 (en) | Method and apparatus for phishing and leeching vulnerability detection | |
| US20100199345A1 (en) | Method and System for Providing Remote Protection of Web Servers | |
| Tajalizadehkhoob et al. | Herding vulnerable cats: a statistical approach to disentangle joint responsibility for web security in shared hosting | |
| WO2008151321A2 (en) | Systems, methods, and media for enforcing a security policy in a network including a plurality of components | |
| WO2009039434A2 (en) | System and method for detecting security defects in applications | |
| US8713674B1 (en) | Systems and methods for excluding undesirable network transactions | |
| Fraunholz et al. | Defending web servers with feints, distraction and obfuscation | |
| Gupta et al. | Taxonomy of cloud security | |
| Ng et al. | Honeypot frameworks and their applications: a new framework | |
| Zhang et al. | I'm SPARTACUS, No, I'm SPARTACUS: Proactively Protecting Users from Phishing by Intentionally Triggering Cloaking Behavior | |
| Jayamsakthi Shanmugam | Cross Site Scripting-Latest developments and solutions: A survey | |
| Zhao et al. | Network security model based on active defense and passive defense hybrid strategy | |
| CN107294994B (en) | CSRF protection method and system based on cloud platform | |
| Sommestad et al. | A test of intrusion alert filtering based on network information | |
| Nguyen et al. | Preventing the attempts of abusing cheap-hosting Web-servers for monetization attacks | |
| CN114710331A (en) | Security defense method and network security equipment | |
| Joshi et al. | A Detailed Evaluation of SQL Injection Attacks, Detection and Prevention Techniques | |
| Nilsson et al. | Vulnerability scanners | |
| Muttoo et al. | Analysing security checkpoints for an integrated utility-based information system | |
| Madhusudhan | Cross channel scripting (XCS) attacks in web applications: detection and mitigation approaches | |
| Ng et al. | Specialized honeypot applications | |
| Amuthadevi et al. | A Study on Web Application Vulnerabilities to find an optimal Security Architecture | |
| Sadana et al. | Analysis of cross site scripting attack | |
| Dave et al. | Security policy implementation using connection and event log to achieve network access control |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| WW01 | Invention patent application withdrawn after publication | ||
| WW01 | Invention patent application withdrawn after publication |
Application publication date: 20220705 |