CN111541674A - WEB site safety protection method and system with high detection efficiency - Google Patents
WEB site safety protection method and system with high detection efficiency Download PDFInfo
- Publication number
- CN111541674A CN111541674A CN202010304157.9A CN202010304157A CN111541674A CN 111541674 A CN111541674 A CN 111541674A CN 202010304157 A CN202010304157 A CN 202010304157A CN 111541674 A CN111541674 A CN 111541674A
- Authority
- CN
- China
- Prior art keywords
- http request
- http
- preset
- uri
- parameter
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Withdrawn
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
- H04L63/0236—Filtering by address, protocol, port number or service, e.g. IP-address or URL
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/30—Network architectures or network communication protocols for network security for supporting lawful interception, monitoring or retaining of communications or communication related information
- H04L63/306—Network architectures or network communication protocols for network security for supporting lawful interception, monitoring or retaining of communications or communication related information intercepting packet switched data communications, e.g. Web, Internet or IMS communications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/02—Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Technology Law (AREA)
- Computer And Data Communications (AREA)
- Information Transfer Between Computers (AREA)
Abstract
The invention relates to a WEB site safety protection method and system with high detection efficiency. Obtaining an IP address of a client sending an HTTP request; searching the IP address in a preset IP black list and a preset IP white list to obtain a first search result; when the IP address is not searched in the first search result, extracting a file extension name in the HTTP request to obtain a resource type requested by the HTTP request; when the resource type is a non-static file, extracting the URI in the HTTP request; searching the URI in a preset URI white list to obtain a second search result; when the second search result is that the URI is not searched, identifying whether the HTTP request comprises a preset feature code; if yes, matching the HTTP request with a preset safety rule, and if the matching is successful, sending a resource requested by the HTTP request to the client; otherwise, the HTTP request is intercepted. The efficiency of detecting the security of the HTTP request is improved.
Description
The application is a divisional application with a parent application named as a WEB site safety protection method and system with an application number of 201611202994.0 and an application date of 2016, 12 and 23.
Technical Field
The invention relates to the field of information security, in particular to a WEB site security protection method and system with high detection efficiency.
Background
The existing WEB site security protection products mainly use hardware firewalls or application firewalls based on Apache, IIS and the like to process website security filtering through independent equipment and agent technology. However, the cost of the application firewall of hardware is high, and the application firewall based on software such as Apache and IIS also adds extra investment to the server.
Disclosure of Invention
The technical problem to be solved by the invention is as follows: the WEB site safety protection method and system with high detection efficiency are provided, and the efficiency of detecting the safety of the HTTP request is improved.
In order to solve the technical problems, the invention adopts the technical scheme that:
the invention provides a WEB site safety protection method with high detection efficiency, which comprises the following steps:
acquiring an IP address of a client sending an HTTP request;
searching the IP address in a preset IP black list and a preset IP white list to obtain a first search result;
when the IP address is not searched in the first search result, extracting a file extension name in the HTTP request to obtain the resource type requested by the HTTP request;
when the resource type is a non-static file, extracting the URI in the HTTP request;
searching the URI in a preset URI white list to obtain a second search result;
when the second search result is that the URI is not searched, identifying whether the HTTP request comprises a preset feature code; if yes, matching the HTTP request with a preset safety rule to obtain a matching result;
if the matching result is that the matching is successful, the HTTP request is intercepted; otherwise, sending the resource requested by the HTTP request to the client.
The invention also provides a WEB site security protection system with high detection efficiency, which comprises:
the first acquisition module is used for acquiring the IP address of the client sending the HTTP request;
the first searching module is used for searching the IP address in a preset IP blacklist and a preset IP whitelist to obtain a first searching result;
the first extraction module is used for extracting the file extension name in the HTTP request to obtain the resource type requested by the HTTP request when the IP address is not searched in the first search result;
the second extraction module is used for extracting the URI in the HTTP request when the resource type is a non-static file;
the second search module is used for searching the URI in a preset URI white list to obtain a second search result;
the matching module is used for identifying whether the HTTP request comprises a preset feature code or not when the second search result is that the URI is not searched; if yes, then: matching the HTTP request with a preset safety rule to obtain a matching result; if the matching result is that the matching is successful, the HTTP request is intercepted; otherwise, sending the resource requested by the HTTP request to the client.
The invention has the beneficial effects that: the security of the IP address of the client sending the HTTP request is detected through the preset IP blacklist and the preset IP white list, if the IP address is not in the IP blacklist and the IP white list, whether the resource requested by the HTTP request is a static file such as a CSS (cascading Style sheets), a picture and the like is further judged, if yes, the static file resource is directly returned to the client, and otherwise, whether the URI requested by the HTTP request is a resource without security risk, such as a home page, a verification code page and the like, set in the preset URI white list is further judged. The IP blacklist mainly rejects the clients which illegally request for a long time or a large batch, and the IP white list provides service communication between servers which are mutually trusted by the two parties (general service communication has security inspection), and the skipping detection aims at improving the service processing efficiency. If the security of the HTTP request cannot be determined through the above steps, further identifying whether the HTTP request includes a preset feature code, and if the HTTP request includes the preset feature code, performing security detection according to a preset security rule. The feature code is a feature of a resource to be subjected to security detection, and if a script file is to be detected, the feature code may be set to "< script >. Each security rule corresponds to one feature code, and only when the HTTP request contains the feature code matched with the feature code, the detailed rule list in the security rules is used for carrying out security detection operation, so that the efficiency of detecting the security of the HTTP request is improved.
Drawings
FIG. 1 is a block flow diagram of an embodiment of a method for WEB site security protection with high detection efficiency according to the present invention;
FIG. 2 is a block diagram of a specific embodiment of a WEB site security protection system with high detection efficiency according to the present invention;
description of reference numerals:
1. a first acquisition module; 2. a first search module; 3. a first extraction module; 4. a second extraction module; 5. a second search module; 6. and a matching module.
Detailed Description
In order to explain technical contents, achieved objects, and effects of the present invention in detail, the following description is made with reference to the accompanying drawings in combination with the embodiments.
As shown in fig. 1, the present invention provides a WEB site security protection method with high detection efficiency, which includes:
acquiring an IP address of a client sending an HTTP request;
searching the IP address in a preset IP black list and a preset IP white list to obtain a first search result;
when the IP address is not searched in the first search result, extracting a file extension name in the HTTP request to obtain the resource type requested by the HTTP request;
when the resource type is a non-static file, extracting the URI in the HTTP request;
searching the URI in a preset URI white list to obtain a second search result;
when the second search result is that the URI is not searched, identifying whether the HTTP request comprises a preset feature code; if yes, matching the HTTP request with a preset safety rule to obtain a matching result;
if the matching result is that the matching is successful, the HTTP request is intercepted; otherwise, sending the resource requested by the HTTP request to the client.
Further, the matching of the HTTP request and a preset security rule specifically includes:
acquiring a request parameter name in the HTTP request to obtain a first parameter name;
and if the first parameter name is the same as one parameter name in a preset parameter name blacklist, intercepting the HTTP request.
From the above description, the request parameters in the HTTP request are filtered to confirm whether the client submits the illegal parameters in POST and GET request modes.
Further, the matching of the HTTP request and a preset security rule specifically includes:
acquiring the browser type used by the client from the HTTP request to obtain a first browser type;
and if the first browser type is not matched with a preset browser type, intercepting the HTTP request.
As can be seen from the above description, the browser type detection mainly includes the following two aspects: 1. limiting the types of browsers that are not supported by illegal or current applications; 2. SQL injection bugs are avoided when some applications put browser types in a log mode.
Further, still include:
and loading the IP blacklist, the IP whitelist, the URI whitelist and the safety rule to a memory.
From the above description, the efficiency of the security detection of the HTTP request can be improved.
Further, still include:
and storing the intercepted HTTP request to form a log file.
From the above description, it can be known that the health condition of the current website can be evaluated through the log file, statistics is performed on the illegal request clients, and the frequently-used client IP is blacklisted for a period of time to reduce the transaction amount of the server, thereby improving the system performance.
As shown in fig. 2, the present invention further provides a WEB site security protection system with high detection efficiency, which includes:
a first obtaining module 1, configured to obtain an IP address of a client that sends an HTTP request;
the first searching module 2 is used for searching the IP address in a preset IP blacklist and a preset IP whitelist to obtain a first searching result;
the first extraction module 3 is configured to, when the IP address is not searched in the first search result, extract a file extension in the HTTP request to obtain a resource type requested by the HTTP request;
the second extraction module 4 is configured to extract the URI in the HTTP request when the resource type is a non-static file;
the second searching module 5 is used for searching the URI in a preset URI white list to obtain a second searching result;
the matching module 6 is configured to identify whether the HTTP request includes a preset feature code when the second search result indicates that the URI is not searched; if yes, then: matching the HTTP request with a preset safety rule to obtain a matching result; if the matching result is that the matching is successful, the HTTP request is intercepted; otherwise, sending the resource requested by the HTTP request to the client.
Further, the matching module comprises:
the first acquisition unit is used for acquiring the request parameter name in the HTTP request to obtain a first parameter name;
the first interception unit is configured to intercept the HTTP request if the first parameter name is the same as a parameter name in a preset parameter name blacklist.
Further, the matching module further comprises:
the second acquisition unit is used for acquiring the browser type used by the client from the HTTP request to obtain the first browser type;
and the second intercepting unit is used for intercepting the HTTP request if the first browser type is not matched with a preset browser type.
Further, still include:
and the loading module is used for loading the IP blacklist, the IP whitelist, the URI whitelist and the safety rule to a memory.
Further, still include:
and the storage module is used for storing the intercepted HTTP request to form a log file.
From the above description, the WEB site security protection system provided by the present invention can improve the efficiency of detecting the security of the HTTP request.
The first embodiment of the invention is as follows:
loading a preset IP blacklist, an IP white list, a URI white list and a safety rule to a memory;
acquiring an IP address of a client sending an HTTP request; if the IP address is not searched in the preset IP blacklist and the preset IP white list, the method comprises the following steps:
extracting a file extension name in an HTTP request to obtain a resource type requested by the HTTP request; if the resource type is a non-static file, then:
extracting the URI in the HTTP request, if the URI is not searched in a preset URI white list, then:
identifying whether the HTTP request comprises a preset feature code or not; if yes, then:
matching the HTTP request with a preset safety rule; the method specifically comprises the following steps: acquiring a request parameter name in the HTTP request to obtain a first parameter name;
if the first parameter name is the same as one parameter name in a preset parameter name blacklist, intercepting the HTTP request; otherwise:
acquiring the browser type used by the client from the HTTP request to obtain a first browser type;
if the first browser type is not matched with a preset browser type, intercepting the HTTP request;
and storing the intercepted HTTP request to form a log file.
The second embodiment of the invention is as follows:
acquiring an IP address of a client sending an HTTP request, searching whether the IP address exists in a preset IP white list, and if so, sending a resource requested by the HTTP request to the client; if not, searching whether the IP address exists in a preset IP blacklist, if so, intercepting the HTTP request, and storing the HTTP request into a log file.
If the IP address does not exist in the IP blacklist and the IP white list, extracting a file extension name in the HTTP request, judging the type of the resource requested by the HTTP request according to the extracted file extension name, if the requested resource type is a static file such as a CSS (cascading Style sheets) file and a picture, not continuing to perform safety detection, directly returning the static file to the client, and otherwise, performing URI (Uniform resource identifier) detection.
And obtaining the URI of the requested resource according to the HTTP request, searching whether the URI exists in a preset URI white list, if so, indicating that the requested resource is a resource without safety problem, such as a first page of a page, a verification code page and the like, directly returning the resource of the HTTP request to the client, otherwise, performing safety rule matching.
The preset safety rule comprises a detection parameter http _ refer, and the reference path requested by the user is subjected to matching filtering; detecting a parameter HTTP _ user _ agent, and filtering user browser information of a Header requested by the HTTP; detecting a parameter HTTP _ Accept _ Language, and filtering Accept _ Language information of a browser sending an HTTP request; detecting a parameter URI, and filtering the URL of the HTTP request; detecting a parameter Cookie, and filtering Cookie information in the HTTP request; detecting a parameter Get, and filtering a request parameter of a GET request mode of the HTTP; detecting a parameter POST, and filtering request parameters of a POST request mode of the HTTP. The security rules can be randomly arranged and combined to form a security rule group, a feature code is configured for the security rule group, and when the HTTP request contains the feature code, the corresponding security rule group is used for detecting the HTTP request. If the HTTP request is matched with the safety rule, the resource requested by the HTTP request is sent to the client, otherwise, the HTTP request is intercepted, and the HTTP request is stored to the log file.
The third embodiment of the invention:
for websites with access to Struts2 technology, the client may construct: http:// host/struts 2-blank/example/X.action? action% 25{ (new + java. ang. processbuild [ ] { 'command', 'goes', 'here'). start () } chaining, command goes here can be replaced by destroying the path and parameters of the script, such as fdisk-f, etc., resulting in the purpose that the ring-breaking system cannot run.
The invention can identify the illegal requests 2 by matching some keywords of the Struts2 such as action, java, lang, command and the like, and intercept the illegal requests.
In summary, the security protection method and system for the WEB site with high detection efficiency provided by the present invention detect the security of the IP address of the client sending the HTTP request through the preset IP blacklist and IP whitelist, further determine whether the resource requested by the HTTP request is a static file such as CSS, picture, etc. if the IP address is not in the IP blacklist and IP whitelist, directly return the static file resource to the client, otherwise further determine whether the URI requested by the HTTP request is a resource without security risk set in the preset URI whitelist, such as a home page, a verification code page, etc. If the security of the HTTP request cannot be determined through the above steps, further identifying whether the HTTP request includes a preset feature code, and if the HTTP request includes the preset feature code, performing security detection according to a preset security rule. The feature code is a feature of a resource to be subjected to security detection, and if a script file is to be detected, the feature code may be set to "< script >. Each security rule corresponds to one feature code, and only when the HTTP request contains the feature code matched with the feature code, the detailed rule list in the security rules is used for carrying out security detection operation, so that the efficiency of detecting the security of the HTTP request is improved.
The above description is only an embodiment of the present invention, and not intended to limit the scope of the present invention, and all equivalent changes made by using the contents of the present specification and the drawings, or applied directly or indirectly to the related technical fields, are included in the scope of the present invention.
Claims (8)
1. A WEB site safety protection method with high detection efficiency is characterized by comprising the following steps:
acquiring an IP address of a client sending an HTTP request;
searching the IP address in a preset IP black list and a preset IP white list to obtain a first search result;
when the IP address is not searched in the first search result, extracting a file extension name in the HTTP request to obtain the resource type requested by the HTTP request;
when the resource type is a non-static file, extracting the URI in the HTTP request;
searching the URI in a preset URI white list to obtain a second search result;
when the second search result is that the URI is not searched, identifying whether the HTTP request comprises a preset feature code; if so, performing security detection operation by using a security rule group corresponding to the preset feature code;
each security rule set corresponds to a feature code.
2. The WEB site security protection method with high detection efficiency according to claim 1, wherein the performing security detection operation using the preset security rule set corresponding to the feature code includes:
if the HTTP request is matched with the security rule, sending the resource requested by the HTTP request to the client, otherwise, intercepting the HTTP request and storing the HTTP request to a log file.
3. The WEB site security protection method with high detection efficiency according to claim 1, wherein the preset security rules include:
detecting a parameter http _ referrer, and performing matching filtering on a reference path requested by a user;
detecting a parameter HTTP _ user _ agent, and filtering user browser information of a Header requested by the HTTP;
detecting a parameter HTTP _ Accept _ Language, and filtering Accept _ Language information of a browser sending an HTTP request;
detecting a parameter URI, and filtering the URL of the HTTP request; detecting a parameter Cookie, and filtering Cookie information in the HTTP request;
detecting a parameter Get, and filtering a request parameter of a GET request mode of the HTTP;
detecting a parameter POST, and filtering request parameters of a POST request mode of the HTTP;
and randomly arranging and combining the safety rules to form a safety rule set, and configuring corresponding feature codes for each safety rule set.
4. The WEB site security protection method with high detection efficiency according to claim 1, further comprising:
and loading the IP blacklist, the IP whitelist, the URI whitelist and the safety rule to a memory.
5. The utility model provides a WEB site safety protection system that detection efficiency is high which characterized in that includes:
the first acquisition module is used for acquiring the IP address of the client sending the HTTP request;
the first searching module is used for searching the IP address in a preset IP blacklist and a preset IP whitelist to obtain a first searching result;
the first extraction module is used for extracting the file extension name in the HTTP request to obtain the resource type requested by the HTTP request when the IP address is not searched in the first search result;
the second extraction module is used for extracting the URI in the HTTP request when the resource type is a non-static file;
the second search module is used for searching the URI in a preset URI white list to obtain a second search result;
the matching module is used for identifying whether the HTTP request comprises a preset feature code or not when the second search result is that the URI is not searched; and if so, carrying out safety detection operation by using safety rule groups corresponding to the preset feature codes, wherein each safety rule group corresponds to one feature code.
6. The WEB site security protection system with high detection efficiency according to claim 5, wherein the performing security detection operation using the preset security rule set corresponding to the feature code includes:
if the HTTP request is matched with the security rule, sending the resource requested by the HTTP request to the client, otherwise, intercepting the HTTP request and storing the HTTP request to a log file.
7. The WEB site security protection system with high detection efficiency according to claim 5, wherein the preset security rules include:
detecting a parameter http _ referrer, and performing matching filtering on a reference path requested by a user;
detecting a parameter HTTP _ user _ agent, and filtering user browser information of a Header requested by the HTTP;
detecting a parameter HTTP _ Accept _ Language, and filtering Accept _ Language information of a browser sending an HTTP request;
detecting a parameter URI, and filtering the URL of the HTTP request; detecting a parameter Cookie, and filtering Cookie information in the HTTP request;
detecting a parameter Get, and filtering a request parameter of a GET request mode of the HTTP;
detecting a parameter POST, and filtering request parameters of a POST request mode of the HTTP;
and randomly arranging and combining the safety rules to form a safety rule set, and configuring corresponding feature codes for each safety rule set.
8. The system of claim 5, further comprising:
and the loading module is used for loading the IP blacklist, the IP whitelist, the URI whitelist and the safety rule to a memory.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010304157.9A CN111541674A (en) | 2016-12-23 | 2016-12-23 | WEB site safety protection method and system with high detection efficiency |
Applications Claiming Priority (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010304157.9A CN111541674A (en) | 2016-12-23 | 2016-12-23 | WEB site safety protection method and system with high detection efficiency |
| CN201611202994.0A CN106713318B (en) | 2016-12-23 | 2016-12-23 | WEB site safety protection method and system |
Related Parent Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201611202994.0A Division CN106713318B (en) | 2016-12-23 | 2016-12-23 | WEB site safety protection method and system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN111541674A true CN111541674A (en) | 2020-08-14 |
Family
ID=58903063
Family Applications (4)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201611202994.0A Active CN106713318B (en) | 2016-12-23 | 2016-12-23 | WEB site safety protection method and system |
| CN202010304157.9A Withdrawn CN111541674A (en) | 2016-12-23 | 2016-12-23 | WEB site safety protection method and system with high detection efficiency |
| CN202010303787.4A Withdrawn CN111541672A (en) | 2016-12-23 | 2016-12-23 | Method and system for detecting security of HTTP (hyper text transport protocol) request |
| CN202010303797.8A Withdrawn CN111541673A (en) | 2016-12-23 | 2016-12-23 | Efficient method and system for detecting HTTP request security |
Family Applications Before (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201611202994.0A Active CN106713318B (en) | 2016-12-23 | 2016-12-23 | WEB site safety protection method and system |
Family Applications After (2)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010303787.4A Withdrawn CN111541672A (en) | 2016-12-23 | 2016-12-23 | Method and system for detecting security of HTTP (hyper text transport protocol) request |
| CN202010303797.8A Withdrawn CN111541673A (en) | 2016-12-23 | 2016-12-23 | Efficient method and system for detecting HTTP request security |
Country Status (1)
| Country | Link |
|---|---|
| CN (4) | CN106713318B (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113542287A (en) * | 2021-07-21 | 2021-10-22 | 山东浪潮通软信息科技有限公司 | Network request management method and device |
Families Citing this family (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108234453A (en) * | 2017-12-12 | 2018-06-29 | 杭州安恒信息技术有限公司 | A kind of web safety defense methods of rule-based Java |
| CN109558427A (en) * | 2018-11-30 | 2019-04-02 | 上海找钢网信息科技股份有限公司 | Intelligent inquiry system and method based on steel industry data platform |
| CN110012096B (en) * | 2019-04-03 | 2021-12-24 | 中国工商银行股份有限公司 | Mobile client service update management method, device and system |
| US11997110B2 (en) * | 2021-07-23 | 2024-05-28 | Palo Alto Networks, Inc. | Tree-based learning of application programming interface specification |
| CN113992423B8 (en) * | 2021-11-05 | 2025-07-01 | 枣庄科技职业学院 | A method for using a computer network firewall |
| CN116527647A (en) * | 2023-06-12 | 2023-08-01 | 中国联合网络通信集团有限公司 | HTTP request sending method and device, server and storage medium |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20120191855A1 (en) * | 2009-08-25 | 2012-07-26 | Vizibility, Inc. | Systems and method of identifying and managing abusive requests |
| CN103607385A (en) * | 2013-11-14 | 2014-02-26 | 北京奇虎科技有限公司 | Method and apparatus for security detection based on browser |
| US20150135253A1 (en) * | 2013-11-08 | 2015-05-14 | U.S. Bancorp, National Association | Source request monitoring |
| CN104954346A (en) * | 2014-03-31 | 2015-09-30 | 北京奇虎科技有限公司 | Attack recognition method based on object analysis and device thereof |
Family Cites Families (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7707245B2 (en) * | 2000-02-22 | 2010-04-27 | Harvey Lunenfeld | Metasearching a client's request for displaying different order books on the client |
| EP1877904B1 (en) * | 2005-05-05 | 2015-12-30 | Cisco IronPort Systems LLC | Detecting unwanted electronic mail messages based on probabilistic analysis of referenced resources |
| CN100440811C (en) * | 2006-12-25 | 2008-12-03 | 杭州华三通信技术有限公司 | Network attack detection method and device |
| CN101252443B (en) * | 2008-03-20 | 2011-02-16 | 成都市华为赛门铁克科技有限公司 | Apparatus and method for detecting message security |
| CN103095810B (en) * | 2012-12-28 | 2015-08-12 | 三维通信股份有限公司 | A kind of multi-functional recognition middleware system of sing on web technology |
| CN103825900A (en) * | 2014-02-28 | 2014-05-28 | 广州云宏信息科技有限公司 | Website access method and device and filter form downloading and updating method and system |
| CN103973684B (en) * | 2014-05-07 | 2017-05-24 | 北京神州绿盟信息安全科技股份有限公司 | Rule compiling and matching method and device |
| CN105635064B (en) * | 2014-10-31 | 2019-12-06 | 新华三技术有限公司 | CSRF attack detection method and device |
| CN104361283B (en) * | 2014-12-05 | 2018-05-18 | 网宿科技股份有限公司 | The method for protecting Web attacks |
| CN105938472A (en) * | 2015-08-26 | 2016-09-14 | 杭州迪普科技有限公司 | Web access control method and device |
| CN110417748A (en) * | 2019-07-08 | 2019-11-05 | 新华三信息安全技术有限公司 | A kind of attack detection method and device |
-
2016
- 2016-12-23 CN CN201611202994.0A patent/CN106713318B/en active Active
- 2016-12-23 CN CN202010304157.9A patent/CN111541674A/en not_active Withdrawn
- 2016-12-23 CN CN202010303787.4A patent/CN111541672A/en not_active Withdrawn
- 2016-12-23 CN CN202010303797.8A patent/CN111541673A/en not_active Withdrawn
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20120191855A1 (en) * | 2009-08-25 | 2012-07-26 | Vizibility, Inc. | Systems and method of identifying and managing abusive requests |
| US20150135253A1 (en) * | 2013-11-08 | 2015-05-14 | U.S. Bancorp, National Association | Source request monitoring |
| CN103607385A (en) * | 2013-11-14 | 2014-02-26 | 北京奇虎科技有限公司 | Method and apparatus for security detection based on browser |
| CN104954346A (en) * | 2014-03-31 | 2015-09-30 | 北京奇虎科技有限公司 | Attack recognition method based on object analysis and device thereof |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113542287A (en) * | 2021-07-21 | 2021-10-22 | 山东浪潮通软信息科技有限公司 | Network request management method and device |
Also Published As
| Publication number | Publication date |
|---|---|
| CN106713318B (en) | 2020-04-07 |
| CN111541672A (en) | 2020-08-14 |
| CN111541673A (en) | 2020-08-14 |
| CN106713318A (en) | 2017-05-24 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN106713318B (en) | WEB site safety protection method and system | |
| CN109274632B (en) | Method and device for identifying a website | |
| US9256736B2 (en) | Method and system for monitoring webpage malicious attributes | |
| CN102663000B (en) | The maliciously recognition methods of the method for building up of network address database, maliciously network address and device | |
| CN101674293B (en) | Method and system for processing abnormal request in distributed application | |
| CN107341395B (en) | Method for intercepting reptiles | |
| CN101895516B (en) | Method and device for positioning cross-site scripting attack source | |
| US11451583B2 (en) | System and method to detect and block bot traffic | |
| CN102957664B (en) | A kind of method and device identifying fishing website | |
| CN102882886B (en) | A kind of network terminal and method presenting the relevant information of access websites | |
| CN107634967B (en) | A CSRFToken defense system and method for CSRF attack | |
| CN101964025A (en) | XSS (Cross Site Scripting) detection method and device | |
| CN104580230B (en) | Verification method and device are attacked in website | |
| CN105491053A (en) | Web malicious code detection method and system | |
| CN103957201A (en) | Method, device and system for processing domain name information based on DNS | |
| CN102880830B (en) | A kind of acquisition method of original test data and device | |
| WO2013111027A1 (en) | Dynamically scanning a web application through use of web traffic information | |
| CN105631334A (en) | Application security detecting method and system | |
| CN107800686A (en) | A kind of fishing website recognition methods and device | |
| CN105046150A (en) | Method and system for preventing structured query language (SQL) implantation | |
| CN105635064B (en) | CSRF attack detection method and device | |
| CN107046544A (en) | A method and device for identifying an illegal access request to a website | |
| CN104202291A (en) | Anti-phishing method based on multi-factor comprehensive assessment method | |
| TW201411396A (en) | Method and device for protecting access to multiple applications by using single sign-on | |
| CN109660552A (en) | A kind of Web defence method combining address jump and WAF technology |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| WW01 | Invention patent application withdrawn after publication | ||
| WW01 | Invention patent application withdrawn after publication |
Application publication date: 20200814 |