TW201502845A - Website antivirus information security system - Google Patents

Website antivirus information security system Download PDF

Info

Publication number
TW201502845A
TW201502845A TW102125159A TW102125159A TW201502845A TW 201502845 A TW201502845 A TW 201502845A TW 102125159 A TW102125159 A TW 102125159A TW 102125159 A TW102125159 A TW 102125159A TW 201502845 A TW201502845 A TW 201502845A
Authority
TW
Taiwan
Prior art keywords
attack
website
black
information
module
Prior art date
Application number
TW102125159A
Other languages
Chinese (zh)
Inventor
Kuo-Liang Liu
Original Assignee
Isgoodidea
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Isgoodidea filed Critical Isgoodidea
Priority to TW102125159A priority Critical patent/TW201502845A/en
Publication of TW201502845A publication Critical patent/TW201502845A/en

Links

Abstract

This invention is an Antivirus Information Security Control System. The system includes: (a) A component that allows website administrators to embed in their own websites. This components can detect pages when transmitting information, send transmitted information to the Antivirus Information Security Control System, receive attack identify result, and redirect browser to URL compulsively. (b) Fast eliminate the malware approach. A Black/White Data Bank which identifies the resource is a threat attack or a safe browse. (c) An Attack Identify Module that can identify abnormal transmitting information, send identify result to the embed component, and update the Data Bank identify list basis on identifying result. (d) A recording and notifying module that can write transmitting information to the database. Receive identify result from the Attack Identify Module or Black/White Data Bank, and send antivirus information to the website administrators. (e) A DDOS identify module that used data mining technique to detect force behavior users. Add danger users' information to the Black/White Data Bank to avoid next threat attack.

Description

網站防毒資安系統 Website anti-drug security system

本發明係為一種防毒資訊安全系統,特別是針對網站的防毒、防駭,提供分析攻擊、記錄、阻擋、攔截、網址轉導、通知管理者等方式達到網站防毒資訊安全之效。 The invention relates to an anti-virus information security system, in particular to anti-virus and anti-mite of a website, and provides an analysis attack, recording, blocking, intercepting, website transposition, notification manager and the like to achieve the anti-virus information security effect of the website.

網站已成為企業品牌經營、商務獲利、媒體宣傳的重要管道,然而電腦病毒和攻擊也不再僅是針對您的個人電腦,而是開始將目標轉向您的網站。網站病毒植入(SQL Injection、XSS)和暴力流量攻擊(DDOS)的模式,是目前最常見且最具破壞性的攻擊手法,輕則造成您網站的資料被異動,重則造成您的網站會員個人資料外洩,更嚴重則導致整個網站癱瘓無法營運! Websites have become an important conduit for corporate branding, business profitability, and media campaigns. However, computer viruses and attacks are no longer just for your personal computer, but are turning to your website. Website virus injection (SQL Injection, XSS) and Violent Traffic Attack (DDOS) mode is the most common and most devastating attack method at present, which can cause the data of your website to be changed, and the personal information of your website members. The leakage of data, even more serious, will result in the entire website being inoperable!

駭客透過輸入介面,將惡意程式植入到您的網站內,即可藉此監聽及竊取您網站的敏感資料,甚至模擬管理者登入後台,使得購物詐騙事件層出不窮。駭客也會透過網軍力量,以機海戰術模擬正常的網頁瀏覽,塞爆網站的對外頻寬,導致網站癱瘓無法營運,再恐嚇威脅您支付一筆可觀的保護費! Through the input interface, hackers can insert malicious programs into your website to monitor and steal sensitive information on your website, and even simulate the administrator's login to the background, making shopping frauds endless. The hacker will also use the power of the network to simulate normal web browsing with the sea tactics, and the external bandwidth of the website will be smashed, resulting in the website being unable to operate, and threatening to threaten you to pay a considerable protection fee!

在目前市面上若要保護網站免受於病毒植入(SQL Injection、XSS)需在您的伺服器前,多加裝一台WAF(Web Application Firewall)網站應用程式防火牆設備,讓網站免受惡意病毒植入;要免受於 暴力流量攻擊(DDOS)威脅,則多加裝一台IPS(Intrusion Prevention System)入侵防禦系統設備,讓網站免受暴力流量攻擊。 In order to protect the website from virus injection (SQL Injection, XSS), you need to install a WAF (Web Application Firewall) website application firewall device in front of your server to protect the website from malicious. Virus implantation; to be protected from For violent traffic attack (DDOS) threats, an IPS (Intrusion Prevention System) intrusion prevention system device is added to protect websites from violent traffic attacks.

而現今並無一套,使用軟體的方式去解決網站毒害威脅! There is no set today, using software to solve the website poisoning threat!

因此,本發明之目的,即在提供一種用於網站,可偵測攻擊、辨識攻擊、攔截攻擊、阻擋攻擊、通知管理者的防毒軟體。 Therefore, the object of the present invention is to provide an anti-virus software for a website that can detect attacks, identify attacks, intercept attacks, block attacks, and notify administrators.

本發明之另一目的,是提供一種快速安裝建置網站防毒之方法,降低使用門檻。 Another object of the present invention is to provide a method for quickly installing and installing a website anti-virus, and reducing the threshold for use.

本發明之另一目的,提供一種可以封鎖、開放、自動更新網頁瀏覽者IP位置名單的系統方法。 Another object of the present invention is to provide a system method for blocking, opening, and automatically updating a list of web page viewer IP locations.

本發明之另一目的,提供一種將攻擊特徵分析與辨識,透過非原網站系統架構之硬體設備處理之系統方法。 Another object of the present invention is to provide a system method for analyzing and identifying attack characteristics through hardware devices of a non-original website system architecture.

於是,本發明具有掛載於任一網站的特性之防毒資安系統,適用於任一網站,該系統包含一偵測傳輸元件、一攔截阻擋元件、一黑白名單辨識模組、一黑白名單資料庫、一攻擊特徵辨識模組、一攻擊特徵資料庫、一記錄通知模組、一網頁傳輸紀錄資料庫、一暴力攻擊辨識模組。 Therefore, the present invention has an anti-virus security system mounted on any website, and is applicable to any website. The system includes a detection transmission component, an interception blocking component, a black and white list identification module, and a black and white list data. The library, an attack feature recognition module, an attack feature database, a record notification module, a webpage record record database, and a brute force attack recognition module.

偵測傳輸、攔截阻擋元件為系統的外部元件,用於嵌入在受保護網站內。分別具備偵測網頁傳輸資訊後,透過網際網路傳送至本發明之內部系統;攔截阻擋元件可透過網際網路接收系統回傳之受攻擊訊號,發動阻擋或是轉導攻擊者網頁。黑白名單資料庫中載有過去有攻擊記錄之來源IP之名單、管理者自行增加封鎖之來源IP之名單、管理者自行增加的排除攻擊辨識之白名單。攻擊特徵資料庫載有網站病毒植入(SQL Injection、 XSS、IDor)等攻擊特徵資訊。網頁傳輸記錄資料庫載有所有偵測傳輸元件回傳之資訊、攻擊特徵辨識模組辨識之資訊。 The detection transmission and interception blocking elements are external components of the system for embedding in a protected website. After detecting the information transmitted by the webpage, the information is transmitted to the internal system of the present invention through the Internet; the intercepting blocking component can transmit or block the attacker's webpage through the attack signal transmitted back by the Internet receiving system. The black and white list database contains a list of source IPs that have been attacked in the past, a list of source IPs that managers have added to blockades themselves, and a whitelist of exclusions identified by managers. The attack signature database contains website virus implants (SQL Injection, Attack feature information such as XSS, IDor). The webpage transmission record database contains information for detecting the backhaul of the transmission component and the identification of the attack signature module.

黑白名單辨識模組與偵測傳輸元件、攔截阻擋元件、黑白名單資料庫、攻擊特徵辨識模組、記錄通知模組等連結,黑白名單辨識模組將偵測傳輸元件回傳之網頁傳輸內容與黑白名單資料庫進行比對。符合黑白名單資料庫內容者傳送受攻擊訊號給攔截阻擋元件,並將辨識結果交由記錄通知模組處理;若不在黑白名單資料庫內容者,將傳輸資訊交由攻擊特徵辨識模組處裡。 The black and white list identification module is connected with the detection transmission component, the interception blocking component, the black and white list database, the attack feature recognition module, the record notification module, etc., and the black and white list recognition module detects the transmission content of the webpage transmitted back by the transmission component and The black and white list database is compared. The content of the black and white list database is transmitted to the interception blocking component, and the identification result is processed by the record notification module; if the content of the database is not in the black and white list, the transmission information is handed over to the attack feature recognition module.

攻擊特徵辨識模組與白名單辨識模組、黑白名單資料庫攻擊特徵資料庫、記錄通知模組相連。接收黑名單辨識模組傳送之資訊與攻擊特徵資料庫做比對,若為攻擊則傳送受攻擊之訊號給攔截阻擋元件,並將辨識結果交由記錄通知模組處理;若不在攻擊特徵資料庫內容者,將傳輸資訊交由記錄通知模組處理。 The attack feature identification module is connected to the whitelist identification module, the black and white list database attack feature database, and the record notification module. The information transmitted by the blacklist identification module is compared with the attack signature database. If the attack is sent, the attack signal is transmitted to the interception blocking component, and the identification result is processed by the record notification module; if not, the attack signature database is not included. The content person transfers the transmission information to the record notification module.

暴力攻擊辨識模組與網頁傳輸記錄資料庫、黑白名單資料庫紀錄通知模組相連,暴力攻擊辨識模組依據網頁傳輸記錄資料庫之載入內容,分析出暴力流量攻擊(DDOS)的網頁瀏覽者位置,將辨識結果交由記錄通知模組處理,並更新黑白名單資料庫內容。 The brute force attack identification module is connected to the webpage transmission record database and the black and white list database record notification module. The brute force attack identification module analyzes the content of the webpage transmission record database to analyze the web browser of the violent traffic attack (DDOS). The location, the identification result is processed by the record notification module, and the black and white list database content is updated.

記錄通知模組與黑白名單辨識模組、攻擊特徵辨識模組網頁傳輸紀錄資料庫相連,具備功能有將攻擊記錄並透過網路傳輸的方式通知手機應用程式、簡訊發送、電子郵件、網站顯示的方式告知網站管理者資安防毒資訊,將網路傳輸資訊更新到網頁傳輸紀錄資料庫內。 The record notification module is connected to the black and white list identification module and the attack feature recognition module webpage transmission record database, and has the function of notifying the mobile phone application, the short message sending, the email, the website display by means of the attack record and transmitting through the network. The method informs the website administrator of the security information and updates the network transmission information to the webpage transmission record database.

本發明網站防毒資安系統包含以下步驟可用圖2說明: The anti-virus security system of the website of the present invention comprises the following steps:

(B1)需具備一網站。 (B1) A website is required.

(B2)將該網站嵌入本發明之系統偵測傳輸、截阻擋嵌入元件,當網站有瀏覽者時,元件會將偵測到的網頁傳輸資訊傳送至本發明之系統。 (B2) Embedding the website into the system of the present invention for detecting transmission and intercepting the embedded component. When the website has a viewer, the component transmits the detected webpage transmission information to the system of the present invention.

(B3)系統進行傳輸資料的分析。 (B3) The system analyzes the transmitted data.

(B4)將傳輸資訊做攻擊特徵判斷。 (B4) The transmission information is judged as an attack feature.

(B5)若不具備攻擊特徵只做資料傳輸記錄。 (B5) If there is no attack feature, only the data transmission record is made.

(B6)若具備攻擊特徵會觸發攔截阻擋嵌入元件,進行阻擋、攔截、網頁轉導。 (B6) If there is an attack feature, it will trigger the interception blocking embedded component to block, intercept, and page transpose.

(B7)將攻擊資訊做記錄,並通報網站管理者。 (B7) Record the attack information and notify the website administrator.

(B8)防護成功。 (B8) Protection is successful.

A1‧‧‧網站 A1‧‧‧ website

A2‧‧‧偵測傳輸元件 A2‧‧‧Detection transmission component

A3‧‧‧攔截元件 A3‧‧‧ interception element

A4‧‧‧黑白明單辨識模組 A4‧‧‧Black and white list identification module

A5‧‧‧黑白名單資料庫 A5‧‧‧Black and White List Database

A6‧‧‧攻擊特徵辨識模組 A6‧‧‧ attack feature identification module

A7‧‧‧攻擊特徵資料庫 A7‧‧‧ Attack signature database

A8‧‧‧記錄通知模組 A8‧‧‧record notification module

A9‧‧‧網站防毒資安系統 A9‧‧‧ website anti-drug security system

A10‧‧‧網頁傳輸記錄資料庫 A10‧‧‧Web transmission record database

A11‧‧‧暴力攻擊辨識模組 A11‧‧‧Violence Attack Identification Module

B1~B8‧‧‧系統流程步驟 B1~B8‧‧‧ system process steps

圖1是一系統架構圖,說明本發明是具有網站防毒、管理、通知機制的系統;圖2是一說明本發明由偵測到防駭成功之系統流程步驟圖。 1 is a system architecture diagram illustrating the present invention as a system with website anti-virus, management, and notification mechanisms; and FIG. 2 is a flow chart showing the flow of the system for detecting the success of the invention.

有關本發明之前述及其他技術內容、特點與功效,配合參考圖1並加以詳細說明,將清楚呈現。 The foregoing and other technical contents, features and effects of the present invention will be apparent from the description with reference to FIG.

如圖一所示,本發明網站防毒資安系統A9的實施案例,可應用於購物網站、企業官方形象網站、政府、公務、學術、醫療等網站皆可嵌入本發明之偵測傳輸A2與攔截阻擋A3元件。 As shown in FIG. 1 , the implementation case of the website anti-virus security system A9 of the present invention can be applied to a shopping website, an official image website, a government, a public service, an academic, a medical website, etc., and can be embedded in the detection transmission A2 and interception of the present invention. Block A3 components.

當瀏覽者進入該網站時,偵測傳輸元件A2會將網頁的傳輸資訊送至黑白名單辨識模組A4由該模組依據黑白名單資料庫A5比對出拒絕往來之瀏覽者,將該瀏覽者透過攔截阻擋元件A3執行攔截操作、阻擋該瀏覽者的任何行為之動作,並將比對結果送至記錄通知模組A8。 When the viewer enters the website, the detecting transmission component A2 sends the transmission information of the webpage to the black and white list identification module A4, and the module compares the blacklisted database A5 to the viewer who refuses to and from the browser. The interception operation is performed by intercepting the blocking element A3, blocking any action of the viewer, and the comparison result is sent to the record notification module A8.

瀏覽者若皆不屬於據黑白名單資料庫A5內之資料,會再將偵測傳輸元件A2所擷取的網頁傳輸資訊送往攻擊特徵辨識模組A6,並依據攻擊特徵資料庫A7(SQL Injection、XSS、DDOS、IDOR等網路攻擊手法特徵)使用資料特徵做比對,再將比對結果送至記錄通知模組A8。 If the viewer does not belong to the data in the black and white list database A5, the webpage transmission information captured by the detection transmission component A2 is sent to the attack feature recognition module A6, and according to the attack feature database A7 (SQL Injection , XSS, DDOS, IDOR and other network attack techniques feature) use the data feature for comparison, and then send the comparison result to the record notification module A8.

暴力攻擊辨識模組A11對網頁傳輸記錄資料庫A10使用資料鑽探(data mining)的方式找出暴力攻擊的來源,將比對攻擊結果送至記錄通知模組A8,且更新黑白名單資料庫A4。 The brute force attack identification module A11 uses the data mining method to find the source of the brute force attack, and sends the comparison attack result to the record notification module A8, and updates the black and white list database A4.

記錄通知模組A8在處理辨識結果會分為攻擊行為與非攻擊 行為。攻擊行為:將網頁傳輸資訊記錄至網頁傳輸記錄資料庫A10,再透過網際網路傳出防毒資安訊息通知給網站管理者,其通知方式可使用手機應用程式接收、簡訊告知、e-mail告知或是由網頁顯示等方式通知。非攻擊行為:將網頁傳輸資訊記錄至網頁傳輸記錄資料庫A10。 Record notification module A8 is divided into attack behavior and non-attack when processing identification results. behavior. Attack behavior: Record the webpage transmission information to the webpage transmission record database A10, and then send the anti-virus security information to the website administrator through the Internet. The notification method can be received by the mobile application, the newsletter, and the e-mail. Or by web page display, etc. Non-aggressive behavior: Record the webpage transmission information to the webpage transmission record database A10.

歸納上述,本發明具有讓網站具備防毒偵測攻擊、辨識攻擊、攔截攻擊、阻擋攻擊、通知管理者的資訊安全機制。網站欲加入本發明所提供之保護,只需在網站中嵌入本發明所提供之偵測傳輸元件(A2)與攔截阻擋元件(A3),不需額外擴增硬體設備,降低網站防毒門檻;網站管理者可開放瀏覽者IP或是任意新增阻擋瀏覽者IP,提供自行控管網站瀏覽者的瀏覽權限;有別於電腦防毒軟體,本發明之辨識毒害由本系統處理,不會增加原網站之系統負擔。 In summary, the present invention has an information security mechanism that allows a website to have an anti-virus detection attack, identify an attack, intercept an attack, block an attack, and notify a manager. To add the protection provided by the present invention, the website only needs to embed the detection transmission component (A2) and the interception blocking component (A3) provided by the invention in the website, and does not need to additionally augment the hardware device, thereby reducing the anti-virus threshold of the website; The website administrator can open the browser IP or any new blocked browser IP, and provide the user's own browsing rights for the website viewer. Different from the computer anti-virus software, the identification of the invention is handled by the system, and the original website will not be added. The system burden.

惟以上所述之網站類型,為本發明之論述舉例而已,當不能以此限定本發明實施之範圍,即大凡依本發明申請專利範圍及發明說明內容所作之簡單的等效變化與修飾,皆仍屬本發明專利涵蓋之範圍內。 However, the above-mentioned types of websites are exemplified by the discussion of the present invention, and the scope of the invention is not limited thereto, that is, the simple equivalent changes and modifications made by the scope of the invention and the description of the invention are all It is still within the scope of the invention patent.

A1‧‧‧網站 A1‧‧‧ website

A2‧‧‧偵測傳輸元件 A2‧‧‧Detection transmission component

A3‧‧‧攔截元件 A3‧‧‧ interception element

A4‧‧‧黑白名單資料庫 A4‧‧‧Black and White List Database

A5‧‧‧黑白明單辨識模組 A5‧‧‧Black and white list identification module

A6‧‧‧攻擊特徵資料庫 A6‧‧‧ Attack signature database

A7‧‧‧攻擊特徵辨識模組 A7‧‧‧ attack feature identification module

A8‧‧‧記錄通知模組 A8‧‧‧record notification module

A9‧‧‧網站防毒資安系統 A9‧‧‧ website anti-drug security system

A10‧‧‧網頁傳輸紀錄資料庫 A10‧‧‧Web transmission record database

A11‧‧‧暴力攻擊辨識模組 A11‧‧‧Violence Attack Identification Module

Claims (7)

一種網站防毒資安系統方法,透過析網站傳輸資訊之系統,其系統具備分析攻擊、記錄、阻擋、攔截、網址轉導、通知管理者等方式達到網站防毒資訊安全之效,系統包含以下步驟:(a)可嵌入網站之系統偵測網頁傳輸資訊元件,偵測元件可將網頁傳輸資訊透過網路傳送至本發明之系統。(b)系統接收到測網頁傳輸資訊後會交由黑白名單辨識模組,比對黑白名單資料庫判斷是否在名單內:若為白名單則單獨紀錄傳輸資訊;若為黑名單則交由可嵌入網站之攔截阻擋元件進行阻擋、攔截、網址轉導;網路傳輸資訊非黑白名單資料庫存載內容則向下交由攻擊特徵辨識模組處理。(c)攻擊特徵辨識模組使用特徵碼比對攻擊特徵資料庫內之SQLInjection、XSS、IDOR等網路攻擊手法特徵,若判斷為攻擊後交由可嵌入網站之攔截阻擋元件進行阻擋、攔截、網址轉導,且將辨識結果交由紀錄通知模組處理。(d)暴力攻擊辨識模組對網頁傳輸紀錄資料庫使用資料鑽探(data mining),找出暴力攻擊名單後將名單更新至黑白名單資料庫,並將辨識結果交由紀錄通知模組處理。(e)計錄通知模組收到攻擊辨識結果,可將攻擊資訊透過網際網路通知管理者,其通知方式包含行動裝置應用程式、簡訊、電子郵件、網頁呈現等方式通知網路管理者。 A website anti-virus security system method, through a system for transmitting information on a website, the system has the functions of analyzing attacks, recording, blocking, intercepting, website transcoding, and notifying the administrator to achieve anti-virus information security of the website, and the system comprises the following steps: (a) The system that can be embedded in the website detects the webpage transmitting information elements, and the detecting component can transmit the webpage transmission information to the system of the present invention through the network. (b) After receiving the test page transmission information, the system will submit the black and white list identification module, and compare the black and white list database to determine whether it is in the list: if it is a white list, record the transmission information separately; if it is a black list, it can be handed over. Blocking blocking elements embedded in the website block, intercept, and URL transposition; the network transmission information is not black-and-white list data, and the inventory content is processed downward by the attack feature recognition module. (c) The attack feature recognition module uses the feature code to compare the network attack features of the SQLInjection, XSS, IDOR, etc. in the attack feature database, and if it is determined that the attack is intercepted by the interception blocking component of the embedding website, blocking, intercepting, The URL is transposed and the identification result is processed by the record notification module. (d) The brute force attack identification module uses data mining for the webpage transmission record database, finds the violent attack list, updates the list to the black and white list database, and passes the identification result to the record notification module for processing. (e) The notification notification module receives the attack identification result, and can notify the administrator of the attack information through the Internet, and the notification method includes the mobile device application, the short message, the email, the web page presentation, and the like to notify the network administrator. 依據申請專利範圍第1項所述之網站防毒資安系統方法,其中(a)、(b)、(c)所提及之可嵌入網站之元件有偵測網頁傳輸資訊、攔截阻擋瀏覽者傳輸、網頁轉導等功能,其元件可用Javascript、PHP、ASP、JSP、Java等語法種類撰寫。 According to the website anti-drug security system method described in claim 1, the components of the embeddable website mentioned in (a), (b), and (c) have the function of detecting webpage transmission information, intercepting and blocking viewer transmission. , web page transcoding and other functions, its components can be written in Javascript, PHP, ASP, JSP, Java and other grammar categories. 依據申請專利範圍第1項、第2項所述,本防毒資安系統方法不限於網站 之應用類別,因嵌入網站之元件可用Javascript、PHP、ASP、JSP、Java等語法種類撰寫。 According to the first and second items of the patent application scope, the anti-drug security system method is not limited to the website. The application category, because the components embedded in the website can be written in Javascript, PHP, ASP, JSP, Java and other grammatical categories. 依據申請專利範圍第1項所述之網站防毒資安系統方法,其中(b)系統接收到測網頁傳輸資訊後會交由黑白名單辨識模組,透過資料鑽探(data mining)比對黑白名單資料庫,該黑白名單資料庫之內容可由系統更新,也可透過管理者增減存載內容。 According to the website anti-drug security system method described in the first application of the patent scope, (b) the system receives the test page transmission information and then submits it to the black and white list identification module, and compares the black and white list data through data mining. The library, the content of the black and white list database can be updated by the system, and can also increase or decrease the stored content through the administrator. 依據申請專利範圍第1項所述之網站防毒資安系統方法,其中(c)擊特徵資料庫內之SQL Injection、XSS、IDOR等網路攻擊手法特徵等存載內容,可透過系統開發者修正與調整,若出現新攻擊手法,系統開發者若找出新攻擊手法可做更新資料庫載入內容。 According to the anti-virus security system method of the website mentioned in the first paragraph of the patent application, (c) the contents of the network attack techniques such as SQL Injection, XSS, IDOR, etc. in the feature database can be corrected by the system developer. And adjustment, if a new attack method occurs, the system developer can find the new attack method to update the database load content. 依據申請專利範圍第1項所述之網站防毒資安系統方法,其中(d)暴力攻擊辨識模組之資料鑽探(data mining)規則,可透過系統開發者修正與調整。 According to the website anti-drug security system method described in the first application of the patent scope, (d) the data mining rules of the brute force attack identification module can be corrected and adjusted by the system developer. 據申請專利範圍第1項所述之網站防毒資安系統方法,其中(d)之錄通知模組收到攻擊辨識結果,可將攻擊資訊透過網際網路通知管理者,其通知方法為透過網路傳輸告知,不限於裝置應用程式、簡訊、電子郵件、網頁。 According to the anti-drug security system method of the website mentioned in the first paragraph of the patent application, wherein the notification module of (d) receives the attack identification result, the attack information can be notified to the administrator through the Internet, and the notification method is through the network. Road transmission notification, not limited to device applications, newsletters, emails, web pages.
TW102125159A 2013-07-15 2013-07-15 Website antivirus information security system TW201502845A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
TW102125159A TW201502845A (en) 2013-07-15 2013-07-15 Website antivirus information security system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
TW102125159A TW201502845A (en) 2013-07-15 2013-07-15 Website antivirus information security system

Publications (1)

Publication Number Publication Date
TW201502845A true TW201502845A (en) 2015-01-16

Family

ID=52718410

Family Applications (1)

Application Number Title Priority Date Filing Date
TW102125159A TW201502845A (en) 2013-07-15 2013-07-15 Website antivirus information security system

Country Status (1)

Country Link
TW (1) TW201502845A (en)

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TWI553502B (en) * 2015-03-05 2016-10-11 緯創資通股份有限公司 Protection method and computer system thereof for firewall apparatus disposed to application layer
TWI659328B (en) * 2017-02-03 2019-05-11 日商日立解決方案股份有限公司 Computer system and file access control method
TWI665578B (en) * 2018-11-27 2019-07-11 廣達電腦股份有限公司 Systems and methods for management of software connections
TWI667587B (en) * 2018-05-15 2019-08-01 玉山商業銀行股份有限公司 Information security protection method
TWI672609B (en) * 2017-12-27 2019-09-21 中華電信股份有限公司 Computer system and ransomware detection method thereof

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TWI553502B (en) * 2015-03-05 2016-10-11 緯創資通股份有限公司 Protection method and computer system thereof for firewall apparatus disposed to application layer
TWI659328B (en) * 2017-02-03 2019-05-11 日商日立解決方案股份有限公司 Computer system and file access control method
TWI672609B (en) * 2017-12-27 2019-09-21 中華電信股份有限公司 Computer system and ransomware detection method thereof
TWI667587B (en) * 2018-05-15 2019-08-01 玉山商業銀行股份有限公司 Information security protection method
TWI665578B (en) * 2018-11-27 2019-07-11 廣達電腦股份有限公司 Systems and methods for management of software connections

Similar Documents

Publication Publication Date Title
US11706250B2 (en) Secure notification on networked devices
Souppaya et al. Guide to malware incident prevention and handling for desktops and laptops
Mell et al. Guide to malware incident prevention and handling
Kuraku et al. Emotet malware—a banking credentials stealer
US20210194915A1 (en) Identification of potential network vulnerability and security responses in light of real-time network risk assessment
Alharbi Dealing with Data Breaches Amidst Changes In Technology.
TW201502845A (en) Website antivirus information security system
US20240045954A1 (en) Analysis of historical network traffic to identify network vulnerabilities
Ahmed et al. Survey of Keylogger technologies
Newman Cybercrime, identity theft, and fraud: practicing safe internet-network security threats and vulnerabilities
Ahmad et al. Security challenges from abuse of cloud service threat
Ruhani et al. Keylogger: The Unsung Hacking Weapon
Hussain et al. A survey on cyber security threats and their solutions
Victoire et al. A Survey on Cyber Security Threats and its Impact on Society
Yost et al. MalFire: Malware firewall for malicious content detection and protection
Kumar et al. A review on 0-day vulnerability testing in web application
Robles et al. Survey of non-malicious user actions that introduce network and system vulnerabilities and exploits
Gomathi et al. Detecting malware attack on cloud using deep learning vector quantization
Hassan et al. Enterprise Defense Strategies Against Ransomware Attacks: Protection Against Ransomware Attacks on Corporate Environment
Watters Time to Compromise: How Cyber Criminals use Ads to Compromise Devices through Piracy Websites and Apps
Alsmadi et al. Information systems security management
Singh et al. Managing Cyber Security
Dimick How to prevent healthcare cyber extortion
Dias et al. Guidelines and impact of Covid-19 on cybersecurity: a model for protecting businesses in the digital universe
Singh et al. Cybercrime-As-A-Service (Malware)