CN116028980B - Database bypassing prevention method, system, equipment and medium - Google Patents
Database bypassing prevention method, system, equipment and medium Download PDFInfo
- Publication number
- CN116028980B CN116028980B CN202310315510.7A CN202310315510A CN116028980B CN 116028980 B CN116028980 B CN 116028980B CN 202310315510 A CN202310315510 A CN 202310315510A CN 116028980 B CN116028980 B CN 116028980B
- Authority
- CN
- China
- Prior art keywords
- database
- sql
- preset
- processing
- data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D30/00—Reducing energy consumption in communication networks
- Y02D30/50—Reducing energy consumption in communication networks in wire-line communication networks, e.g. low power modes or reduced link rate
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The application provides a method, a system, equipment and a medium for preventing database from bypassing, and relates to the field of database safety protection. The method comprises the following steps: a preset proxy plug-in is arranged on the target protection system, and the preset proxy plug-in is used for forwarding all tcp connections accessing the database through a proxy program; the policy processing mechanism is configured, and data message processing is carried out by matching with a preset proxy plug-in based on the configured policy processing mechanism; and receiving the SQL flow message at the user side based on the preset proxy plug-in, analyzing the database protocol, and carrying out corresponding protection processing according to the analysis result. The method can be transparent to the application program without changing the network structure, and can access the access flow of the service side and the operation and maintenance side, thereby realizing full flow supervision and solving the problem of malicious attack or data leakage caused by bypassing the external access of the access database.
Description
Technical Field
The application relates to the field of database security protection, in particular to a method, a system, equipment and a medium for preventing database from bypassing.
Background
With the rapid development of internet technology, various software around us has been increased, various kinds of popular websites, apps and the like, which use database technology to store data, and accordingly, there is an increasing risk. In order to secure a database, security protection similar to that mainly performed by gateway type access control is mainly included in the prior art. For example, including database auditing, using bypass reverse proxy deployment as a product for post-risk localization and tracking, however, it requires the application system to modify the access database IP address, the complexity of the modified access structure is high; or a database firewall and dynamic desensitization products are adopted, the corresponding safe operation and maintenance products can detect sensitive access or risk operation in real time, and can intercept, desensitize and approve access to risk behaviors, but the security operation and the risk operation are limited to deployment positions and access bypass, so that data protection leakage can be possibly caused, and ineffective defense is formed. Therefore, there is an urgent need to ensure secure access without changing the network structure, so as to solve the problem of malicious attack or data leakage caused by bypassing external access to the database.
Disclosure of Invention
The application aims to provide a database bypassing prevention method, a system, equipment and a medium, which can be transparent to an application program under the condition of not changing a network structure, can access traffic of a service side and an operation and maintenance side, realize full traffic supervision and solve the problem of malicious attack or data leakage caused by bypassing of external access to a database.
Embodiments of the present application are implemented as follows:
in a first aspect, an embodiment of the present application provides a method for bypassing a database, including the following steps:
a preset proxy plug-in is arranged on the target protection system, and the preset proxy plug-in is used for forwarding all tcp connections accessing the database through a proxy program; the policy processing mechanism is configured, and data message processing is carried out by matching with a preset proxy plug-in based on the configured policy processing mechanism; and receiving the SQL flow message at the user side based on the preset proxy plug-in, analyzing the database protocol, and carrying out corresponding protection processing according to the analysis result.
In some embodiments of the present application, the steps of receiving a user-side SQL flow message based on a preset proxy plugin, performing database protocol analysis, and performing corresponding protection processing according to an analysis result specifically include: carrying out database protocol analysis based on the received database SQL request data message to obtain corresponding SQL information; based on SQL information, a policy processing mechanism is utilized to sequentially judge whether the SQL information has access authority and clear text information checking authority, a preset construction data packet mechanism is established according to a judging result, and the corresponding data packets are recombined and then sent to a database.
In some embodiments of the present application, the creating a preset configuration packet mechanism according to the determination result, and then sending the corresponding packet to the database after the reorganizing process includes: if the access right is not available, constructing an erroneous data packet and sending the erroneous data packet to a database, otherwise, entering the next step; if the right of checking the plaintext is not available, constructing a desensitization data packet, and sending the desensitization data packet to a database, and if the right of checking the plaintext is available, directly forwarding the desensitization data packet to the database.
In some embodiments of the present application, the receiving, based on the preset proxy plugin, the SQL traffic message on the user side includes: content verification is carried out on the SQL flow message at the user side, wherein the content verification comprises the following steps: detecting the content of the character string, and only admitting the required value; refusing contents including binary, escape sequences and comments; the size and data type of the input content are detected, and corresponding moderate limitation and transformation are forcedly executed according to the detection result.
In a second aspect, an embodiment of the present application provides a database bypass prevention system, including:
the plug-in setting module is used for setting a preset proxy plug-in on the target protection system, and the preset proxy plug-in is used for forwarding all tcp connections accessing the database through a proxy program; the policy configuration module is used for configuring a policy processing mechanism and processing data messages by matching with a preset proxy plug-in based on the configured policy processing mechanism; and the protection processing module is used for receiving the SQL flow message of the user side based on the preset proxy plug-in, analyzing the database protocol, and carrying out corresponding protection processing according to the analysis result.
In a third aspect, an embodiment of the present application provides an electronic device, including a memory for storing one or more programs; a processor. The method as described in any one of the first aspects is implemented when the one or more programs are executed by the processor.
In a fourth aspect, an embodiment of the present application provides a computer readable storage medium having stored thereon a computer program which, when executed by a processor, implements a method as described in any of the first aspects above.
Compared with the prior art, the embodiment of the application has at least the following advantages or beneficial effects:
the embodiment of the application provides a database bypassing prevention method, which comprises the steps of firstly setting a preset proxy plug-in and a configuration strategy processing mechanism on a target protection system, so that a user side SQL flow message can be received based on the preset proxy plug-in later, carrying out database protocol analysis, and carrying out corresponding protection processing according to an analysis result. That is, the access traffic of the service side and the operation and maintenance side can be accessed simultaneously by utilizing the preset proxy plug-in and the configured policy processing mechanism under the condition of not changing the network structure, so that full traffic supervision is realized, and the problem of malicious attack or data leakage caused by bypassing external access of the access database is solved. Therefore, valuable data can be continuously and effectively protected, and meanwhile, the shared use function of the valuable data can be guaranteed not to be affected, so that the value and the use of the valuable data are improved.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings that are needed in the embodiments will be briefly described below, it being understood that the following drawings only illustrate some embodiments of the present application and therefore should not be considered as limiting the scope, and other related drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
FIG. 1 is a flowchart of an embodiment of a database bypassing prevention method according to the present application;
FIG. 2 is a specific flowchart of steps for receiving a user-side SQL flow message based on a preset proxy plug-in, performing database protocol analysis, and performing corresponding protection processing according to an analysis result in the embodiment of the application;
FIG. 3 is a schematic diagram of a data packet detection flow according to an embodiment of the present application;
FIG. 4 is a block diagram illustrating an embodiment of a database bypass prevention system according to the present application;
fig. 5 is a block diagram of an electronic device according to an embodiment of the present application.
Icon: 1. a plug-in setting module; 2. a policy configuration module; 3. a protection processing module; 4. a processor; 5. a memory; 6. a data bus.
Detailed Description
For the purpose of making the objects, technical solutions and advantages of the embodiments of the present application more apparent, the technical solutions of the embodiments of the present application will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present application, and it is apparent that the described embodiments are some embodiments of the present application, but not all embodiments of the present application. The components of the embodiments of the present application generally described and illustrated in the figures herein may be arranged and designed in a wide variety of different configurations.
Some embodiments of the present application are described in detail below with reference to the accompanying drawings. The various embodiments and features of the embodiments described below may be combined with one another without conflict.
Examples
In the prior art, in order to prevent external access from being bypassed, physical equipment serial part is carried out by adopting a database firewall, an operation and maintenance gateway and a dynamic desensitization product, but the service side access is solved, but the corresponding solution cannot be carried out for the case of operation and maintenance direct access. Or by-pass reverse proxy deployment is adopted, but an application system is required to modify the IP address of the access database, so that not only is the network structure required to be changed, but also the complexity of the changed access structure is high.
Accordingly, referring to fig. 1-3, an embodiment of the present application provides a method for preventing bypassing a database, which is capable of transparently accessing access traffic on a service side and an operation and maintenance side without changing a network structure, so as to implement full traffic supervision, and solve the problem of malicious attack or data leakage caused by bypassing external access to the database. The method for preventing the database from bypassing comprises the following steps:
step S101: and setting a preset proxy plugin on the target protection system, wherein the preset proxy plugin is used for forwarding all tcp connections accessing the database through a proxy program.
In the above steps, the preset proxy plug-in can be used for monitoring the flow data accessed by all the collected databases, so that the possibility of bypassing is effectively avoided, the network structure is not required to be changed, and the application system is transparent.
Step S102: and configuring a policy processing mechanism, and processing the data message by matching the configured policy processing mechanism with a preset proxy plug-in.
In the above steps, by configuring the policy processing mechanism, the proxy subsystem can be triggered to send iptables rules on the database server operating system, and all data messages related to the flow accessing the database are forwarded to the subsystem for processing and then to the database, so that the following functions of releasing audit, intercepting and dynamically supporting names can be executed for carrying out corresponding processing and matching policies on the subsystem. That is, the processing of the data message by the configuration-based policy processing mechanism in cooperation with the preset proxy plugin can be used for solving the risk detection and defense in the subsequent data read-write operation.
Step S103: and receiving the SQL flow message at the user side based on the preset proxy plug-in, analyzing the database protocol, and carrying out corresponding protection processing according to the analysis result.
In the above steps, after the preset proxy plugin and the corresponding policy processing mechanism are configured, processing including receiving the SQL traffic of the user, establishing TCP connection with the client, establishing TCP connection with the database, analyzing the database communication protocol, reorganizing the data packet, forwarding the data packet and the like is started based on the preset proxy plugin, so that corresponding protection processing is realized.
In this case, the input data that is not checked or is not sufficiently checked may be accidentally changed to the SQL code and executed. For SQL injection, submitted data is compiled by a database system, which causes problems beyond the prediction of developers. That is, the SQL injection is the input information of the user, and spans the data itself in the process of connecting the SQL sentences, becomes a part of the SQL sentence logic, and then the pieced SQL sentences are run by the database, so that the irreparable loss is caused. Therefore, in order to effectively assist in handling the SQL injection attack, the receiving, based on the preset proxy plugin, the user-side SQL traffic message includes: content verification is carried out on the SQL flow message at the user side, wherein the content verification comprises the following steps: detecting the content of the character string, and only admitting the required value; rejecting content including binary, escape sequences, and annotations would be advantageous in preventing script injection; the size and data type of the input content are detected, and corresponding moderate limitation and transformation are forcedly executed according to the detection result, so that the buffer overflow phenomenon can be avoided. That is, by checking the user input information, the method can be used for assisting corresponding management personnel or systems to cope with SQL injection type attacks, so that the subsequent analysis of the database protocol can be effectively ensured, and the correctness and safety of corresponding protection processing can be carried out according to the analysis result.
For example, referring to fig. 2, the steps of receiving a user-side SQL flow message based on a preset proxy plug-in, performing database protocol analysis, and performing corresponding protection processing according to the analysis result specifically include:
step S201: carrying out database protocol analysis based on the received database SQL request data message to obtain corresponding SQL information;
step S202: based on SQL information, a policy processing mechanism is utilized to sequentially judge whether the SQL information has access authority and clear text information checking authority, a preset construction data packet mechanism is established according to a judging result, and the corresponding data packets are recombined and then sent to a database.
In the above steps, after the data packet is requested by the received database SQL, the TCP connection is established with the client and the TCP connection is established with the database, the database protocol analysis can be started, so that whether the data packet has access right and clear text information checking right can be judged sequentially according to the policy processing mechanism for the SQL information, and the data packet can be re-sent to the database after the corresponding re-combination processing (including no re-combination processing) according to the judging structure. That is, the method can be used for avoiding malicious attacks and data disclosure caused by bypassing processing by using means such as direct connection of an internal high-authority user to a database or direct reading of a database file in the prior art.
For example, referring to fig. 3, the step of creating a preset configuration packet mechanism according to the determination result, and then sending the corresponding packet to the database after the reorganization processing includes:
if the access right is not available, constructing an erroneous data packet and sending the erroneous data packet to a database, otherwise, entering the next step; if the right of checking the plaintext is not available, constructing a desensitization data packet, and sending the desensitization data packet to a database, and if the right of checking the plaintext is available, directly forwarding the desensitization data packet to the database.
In the above steps, by adopting the data packet reorganization mode of constructing the wrong data packet or constructing the desensitized data packet to correspond to the corresponding authority judgment result, the corresponding data packet is sent to the database after being correspondingly processed, and timely risk interception and sensitive data desensitization access processing can be realized, so that the anti-bypass function can be effectively realized under the condition of not affecting the functions of the database.
Examples
Referring to fig. 4, an embodiment of the present application provides a database bypass prevention system, which includes:
the plug-in setting module 1 is used for setting a preset proxy plug-in on the target protection system, and the preset proxy plug-in is used for forwarding all tcp connections accessing the database through a proxy program; the policy configuration module 2 is used for configuring a policy processing mechanism and processing data messages by matching with a preset proxy plugin based on the configured policy processing mechanism; and the protection processing module 3 is used for receiving the SQL flow message of the user side based on the preset proxy plug-in, analyzing the database protocol, and carrying out corresponding protection processing according to the analysis result.
The specific implementation process of the above system refers to a method for preventing bypassing the database provided in embodiment 1, and is not described herein.
Examples
Referring to fig. 5, an embodiment of the present application provides an electronic device comprising at least one processor 4, at least one memory 5 and a data bus 6; wherein: the processor 4 and the memory 5 complete the communication with each other through the data bus 6; the memory 5 stores program instructions executable by the processor 4, which the processor 4 invokes to perform a database bypass prevention method. For example, implementation:
a preset proxy plug-in is arranged on the target protection system, and the preset proxy plug-in is used for forwarding all tcp connections accessing the database through a proxy program; the policy processing mechanism is configured, and data message processing is carried out by matching with a preset proxy plug-in based on the configured policy processing mechanism; and receiving the SQL flow message at the user side based on the preset proxy plug-in, analyzing the database protocol, and carrying out corresponding protection processing according to the analysis result.
The Memory 5 may be, but is not limited to, a random access Memory (Random Access Memory, RAM), a Read Only Memory (ROM), a programmable Read Only Memory (Programmable Read-Only Memory, PROM), an erasable Read Only Memory (Erasable Programmable Read-Only Memory, EPROM), an electrically erasable Read Only Memory (Electric Erasable Programmable Read-Only Memory, EEPROM), etc.
The processor 4 may be an integrated circuit chip with signal processing capabilities. The processor 4 may be a general-purpose processor including a central processing unit (Central Processing Unit, CPU), a network processor (Network Processor, NP), etc.; but also digital signal processors (Digital Signal Processing, DSP), application specific integrated circuits (Application Specific Integrated Circuit, ASIC), field programmable gate arrays (Field-Programmable Gate Array, FPGA) or other programmable logic devices, discrete gate or transistor logic devices, discrete hardware components.
It will be appreciated that the configuration shown in fig. 5 is merely illustrative, and that the electronic device may also include more or fewer components than shown in fig. 5, or have a different configuration than shown in fig. 5. The components shown in fig. 5 may be implemented in hardware, software, or a combination thereof.
Examples
The present application provides a computer readable storage medium having stored thereon a computer program which, when executed by a processor 4, implements a database bypassing prevention method. For example, implementation:
a preset proxy plug-in is arranged on the target protection system, and the preset proxy plug-in is used for forwarding all tcp connections accessing the database through a proxy program; the policy processing mechanism is configured, and data message processing is carried out by matching with a preset proxy plug-in based on the configured policy processing mechanism; and receiving the SQL flow message at the user side based on the preset proxy plug-in, analyzing the database protocol, and carrying out corresponding protection processing according to the analysis result.
The above functions, if implemented in the form of software functional modules and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on this understanding, the technical solution of the present application may be embodied essentially or in a part contributing to the prior art or in a part of the technical solution, in the form of a software product stored in a storage medium, comprising several instructions for causing a computer device (which may be a personal computer, a server, a network device, etc.) to perform all or part of the steps of the method according to the embodiments of the present application. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a random access Memory (RAM, random Access Memory), a magnetic disk, or an optical disk, or other various media capable of storing program codes.
It will be evident to those skilled in the art that the application is not limited to the details of the foregoing illustrative embodiments, and that the present application may be embodied in other specific forms without departing from the spirit or essential characteristics thereof. The present embodiments are, therefore, to be considered in all respects as illustrative and not restrictive, the scope of the application being indicated by the appended claims rather than by the foregoing description, and all changes which come within the meaning and range of equivalency of the claims are therefore intended to be embraced therein. Any reference sign in a claim should not be construed as limiting the claim concerned.
Claims (6)
1. A method for preventing bypassing of a database, comprising the steps of:
a preset proxy plug-in is arranged on the target protection system, and the preset proxy plug-in is used for forwarding all tcp connections accessing the database through a proxy program; and
the method comprises the steps of configuring a policy processing mechanism, carrying out data message processing by matching with a preset proxy plug-in based on the configured policy processing mechanism, triggering a proxy subsystem to send iptables rules on a database server operating system, forwarding all data messages related to the flow accessing a database to the subsystem for processing, and then forwarding the data messages to the database, so that the corresponding processing matching policy is executed on the subsystem, and the functions of releasing audit and/or interception and/or dynamic desensitization are implemented;
based on a preset proxy plug-in, receiving a user side SQL flow message, analyzing a database protocol, and carrying out corresponding protection processing according to an analysis result, wherein the method specifically comprises the following steps: carrying out database protocol analysis based on the received database SQL request data message to obtain corresponding SQL information; based on SQL information, a policy processing mechanism is utilized to sequentially judge whether the SQL information has access authority and clear text information checking authority, a preset construction data packet mechanism is established according to a judging result, and the corresponding data packets are recombined and then sent to a database.
2. The method for preventing bypassing of a database according to claim 1, wherein the step of establishing a preset configuration packet mechanism according to the determination result, and then sending the corresponding packet to the database after the reorganization processing includes:
if the access right is not available, constructing an erroneous data packet and sending the erroneous data packet to a database, otherwise, entering the next step;
if the right of checking the plaintext is not available, constructing a desensitization data packet, and sending the desensitization data packet to a database, and if the right of checking the plaintext is available, directly forwarding the desensitization data packet to the database.
3. The method for preventing bypassing of a database according to claim 1, wherein the receiving the SQL traffic message on the user side based on the preset proxy plugin includes:
content verification is carried out on the SQL flow message at the user side, wherein the content verification comprises the following steps: detecting the content of the character string, and only admitting the required value; refusing contents including binary, escape sequences and comments; the size and data type of the input content are detected, and corresponding moderate limitation and transformation are forcedly executed according to the detection result.
4. A database bypassing prevention system, comprising:
the plug-in setting module is used for setting a preset proxy plug-in on the target protection system, and the preset proxy plug-in is used for forwarding all tcp connections accessing the database through a proxy program;
the policy configuration module is used for configuring a policy processing mechanism, and carrying out data message processing based on the configured policy processing mechanism and matching with a preset proxy plug-in, so as to trigger a proxy subsystem to send down iptables rules on a database server operating system, and forward all data messages related to the flow accessing the database to the subsystem for processing and then to the database, thereby being used for executing corresponding processing matching policies on the subsystem subsequently, and realizing the functions of executing release audit and/or interception and/or dynamic desensitization;
the protection processing module is used for receiving the SQL flow message of the user side based on the preset proxy plug-in, analyzing the database protocol, and carrying out corresponding protection processing according to the analysis result, and specifically comprises the following steps: carrying out database protocol analysis based on the received database SQL request data message to obtain corresponding SQL information; based on SQL information, a policy processing mechanism is utilized to sequentially judge whether the SQL information has access authority and clear text information checking authority, a preset construction data packet mechanism is established according to a judging result, and the corresponding data packets are recombined and then sent to a database.
5. An electronic device comprising at least one processor, at least one memory, and a data bus; wherein: the processor and the memory complete communication with each other through the data bus; the memory stores program instructions for execution by the processor, the processor invoking the program instructions to perform the method of any of claims 1-3.
6. A computer readable storage medium, on which a computer program is stored, which computer program, when being executed by a processor, implements the method according to any of claims 1-3.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310315510.7A CN116028980B (en) | 2023-03-29 | 2023-03-29 | Database bypassing prevention method, system, equipment and medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310315510.7A CN116028980B (en) | 2023-03-29 | 2023-03-29 | Database bypassing prevention method, system, equipment and medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN116028980A CN116028980A (en) | 2023-04-28 |
| CN116028980B true CN116028980B (en) | 2023-08-25 |
Family
ID=86077920
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202310315510.7A Active CN116028980B (en) | 2023-03-29 | 2023-03-29 | Database bypassing prevention method, system, equipment and medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN116028980B (en) |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110855656A (en) * | 2019-11-06 | 2020-02-28 | 云深互联(北京)科技有限公司 | Plug-in flow proxy method, device and system capable of realizing application server protection |
| CN111756752A (en) * | 2020-06-24 | 2020-10-09 | 北京金山云网络技术有限公司 | Method and device for controlling access authority of database and electronic equipment |
| CN112948877A (en) * | 2021-03-03 | 2021-06-11 | 北京中安星云软件技术有限公司 | Dynamic database desensitization method and system based on TCP (Transmission control protocol) proxy |
| CN113378233A (en) * | 2021-08-16 | 2021-09-10 | 北京安华金和科技有限公司 | System and method for preventing database access through direct connection |
| CN114189385A (en) * | 2021-12-14 | 2022-03-15 | 杭州安恒信息技术股份有限公司 | Flow distribution method, device, equipment and computer readable storage medium |
| WO2022151867A1 (en) * | 2021-01-18 | 2022-07-21 | 武汉绿色网络信息服务有限责任公司 | Method and apparatus for converting http into https bidirectional transparent proxy |
-
2023
- 2023-03-29 CN CN202310315510.7A patent/CN116028980B/en active Active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110855656A (en) * | 2019-11-06 | 2020-02-28 | 云深互联(北京)科技有限公司 | Plug-in flow proxy method, device and system capable of realizing application server protection |
| CN111756752A (en) * | 2020-06-24 | 2020-10-09 | 北京金山云网络技术有限公司 | Method and device for controlling access authority of database and electronic equipment |
| WO2022151867A1 (en) * | 2021-01-18 | 2022-07-21 | 武汉绿色网络信息服务有限责任公司 | Method and apparatus for converting http into https bidirectional transparent proxy |
| CN112948877A (en) * | 2021-03-03 | 2021-06-11 | 北京中安星云软件技术有限公司 | Dynamic database desensitization method and system based on TCP (Transmission control protocol) proxy |
| CN113378233A (en) * | 2021-08-16 | 2021-09-10 | 北京安华金和科技有限公司 | System and method for preventing database access through direct connection |
| CN114189385A (en) * | 2021-12-14 | 2022-03-15 | 杭州安恒信息技术股份有限公司 | Flow distribution method, device, equipment and computer readable storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN116028980A (en) | 2023-04-28 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| RU2680736C1 (en) | Malware files in network traffic detection server and method | |
| EP3823241A1 (en) | Network application firewall | |
| US8024804B2 (en) | Correlation engine for detecting network attacks and detection method | |
| US7752662B2 (en) | Method and apparatus for high-speed detection and blocking of zero day worm attacks | |
| Tien et al. | KubAnomaly: Anomaly detection for the Docker orchestration platform with neural network approaches | |
| CN113660224B (en) | Situation awareness defense method, device and system based on network vulnerability scanning | |
| KR100732689B1 (en) | Web Security Method and apparatus therefor | |
| US20220217169A1 (en) | Malware detection at endpoint devices | |
| US20170353434A1 (en) | Methods for detection of reflected cross site scripting attacks | |
| WO2018052979A1 (en) | Systems and methods for agent-based detection of hacking attempts | |
| CN108369541B (en) | System and method for threat risk scoring of security threats | |
| US20170155683A1 (en) | Remedial action for release of threat data | |
| CN111177727A (en) | Vulnerability detection method and device | |
| CN116340943A (en) | Application program protection method, device, equipment, storage medium and program product | |
| CN113987468A (en) | Security check method and security check device | |
| CN113660222A (en) | Situation awareness defense method and system based on mandatory access control | |
| CN116028980B (en) | Database bypassing prevention method, system, equipment and medium | |
| CN110177113B (en) | Internet protection system and access request processing method | |
| CN114117414A (en) | Security protection system, method, device and storage medium for mobile application | |
| Sasi et al. | A Comprehensive Survey on IoT Attacks: Taxonomy, Detection Mechanisms and Challenges | |
| CN114298684A (en) | E-mail security detection method and device, electronic equipment and storage medium | |
| CN114417349A (en) | Attack result determination method, device, electronic equipment and storage medium | |
| CN115001789A (en) | Method, device, equipment and medium for detecting defect-losing equipment | |
| CN113709130A (en) | Risk identification method and device based on honeypot system | |
| US9253174B1 (en) | Providing a second factor authorization |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |