CN106302515A - A kind of method and apparatus of web portal security protection - Google Patents
A kind of method and apparatus of web portal security protection Download PDFInfo
- Publication number
- CN106302515A CN106302515A CN201610811816.1A CN201610811816A CN106302515A CN 106302515 A CN106302515 A CN 106302515A CN 201610811816 A CN201610811816 A CN 201610811816A CN 106302515 A CN106302515 A CN 106302515A
- Authority
- CN
- China
- Prior art keywords
- protection
- subitem
- classification
- engine
- vulnerability
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Storage Device Security (AREA)
Abstract
The application provides the method and apparatus that a kind of web portal security protects, and is applied to safety protection equipment, and described method includes: periodically the protection subitem of website is carried out vulnerability scanning;Based on vulnerability scanning result, described protection subitem is divided into different classification;Based on the protection engine corresponding with the classification of described protection subitem, described protection subitem is protected;Wherein, the protection engine that the protection subitem of different classification is corresponding is different.The technical scheme using the application to provide, preferably can carry out security protection to website.
Description
Technical field
The application relates to network communication technology field, the method and apparatus protected particularly to a kind of web portal security.
Background technology
Along with social informatization degree is more and more higher, website is in the environment of the such a opposing open in the Internet, respectively
The complexity of class web application system and multiformity, cause the system vulnerability of website to emerge in an endless stream, virus wooden horse and malicious code
Wreaking havoc on the net, hacker attacks and the security incident distorting website happen occasionally.
Summary of the invention
In view of this, the application provides a kind of web portal security means of defence and device, is applied to safety protection equipment.
Specifically, the application is achieved by the following technical solution:
The method of a kind of web portal security protection, is applied to safety protection equipment, including:
Periodically the protection subitem of website is carried out vulnerability scanning;
Based on vulnerability scanning result, described protection subitem is divided into different classification;
Based on the protection engine corresponding with the classification of described protection subitem, described protection subitem is protected;Wherein, no
The protection engine corresponding with the protection subitem of classification is different.
The device of a kind of web portal security protection, is applied to safety protection equipment, including:
Scanning element, for periodically carrying out vulnerability scanning to the protection subitem of website;
Division unit, for based on vulnerability scanning result, is divided into different classification by described protection subitem;
Protective unit, for based on the protection engine corresponding with the classification of described protection subitem, entering described protection subitem
Row protection;Wherein, the protection engine that the protection subitem of different classification is corresponding is different.
The technical scheme provided from above the application, carries out leak by periodically protection subitem to website and sweeps
Retouch;Based on vulnerability scanning result, described protection subitem is divided into different classification;Based on right with the classification of described protection subitem
The protection engine answered, protects described protection subitem;Wherein, the protection engine that the protection subitem of different classification is corresponding is not
With.
Owing to website updates, the vulnerability scanning result of protection subitem generally also can change, thereby through the cycle
Property ground the protection subitem of website is carried out vulnerability scanning, according to scanning result, the division dynamically protection subitem classified,
And use corresponding protection engine that protection subitem is protected, more reasonably protection subitem can be carried out dynamic and prevent
Protect, preferably website is protected.
Accompanying drawing explanation
Fig. 1 is the method flow diagram of a kind of web portal security protection shown in the application one exemplary embodiment;
Fig. 2 is the hardware structure diagram of the device of a kind of web portal security protection shown in the application one exemplary embodiment;
Fig. 3 is the device of a kind of web portal security protection shown in the application one exemplary embodiment.
Detailed description of the invention
Here will illustrate exemplary embodiment in detail, its example represents in the accompanying drawings.Explained below relates to
During accompanying drawing, unless otherwise indicated, the same numbers in different accompanying drawings represents same or analogous key element.Following exemplary embodiment
Described in embodiment do not represent all embodiments consistent with the application.On the contrary, they are only with the most appended
The example of the apparatus and method that some aspects that described in detail in claims, the application are consistent.
It is only merely for describing the purpose of specific embodiment at term used in this application, and is not intended to be limiting the application.
" a kind of ", " described " and " being somebody's turn to do " of singulative used in the application and appended claims is also intended to include majority
Form, unless context clearly shows that other implications.It is also understood that term "and/or" used herein refers to and wraps
Any or all containing one or more projects of listing being associated may combination.
Although should be appreciated that in the application possible employing term first, second, third, etc. to describe various information, but this
A little information should not necessarily be limited by these terms.These terms are only used for same type of information is distinguished from each other out.Such as, without departing from
In the case of the application scope, the first information can also be referred to as the second information, and similarly, the second information can also be referred to as
One information.Depend on linguistic context, word as used in this " if " can be construed to " ... time " or " when ...
Time " or " in response to determining ".
In the related, when website is protected, it is common that the web page code by timing probe website is deposited
Leak, then generate corresponding protection rule according to the feature of leak detected, finally use the protection rule of generation
Described website is protected.
Wherein, when whether the web page code detecting website exists leak, generally can be by the multiple detection sides collected
Method 1 web page code described in a pair detects.
When web page code website being detected exists leak, can automatically generate according to the feature of leak and protect rule accordingly
Then, and build virtual patch protection engine based on the protection rule generated, then use this virtual patch protection engine to described
Website is protected.
But, although above scheme is capable of the leak existed by active detecting website, automatically generate corresponding
Protection rule, carries out security protection, but judges net owing to whether existing active scan web page code changes website
The mechanism whether content of standing changes, and do not take into account all situations that web site contents changes, web site contents is sent out sometimes
Changing can't cause web page code also to change.If therefore web site contents changes, cause introducing new leak,
Only use based on timing scan to leak automatically generate protection rule website is carried out security protection, website may be there is
After content changes, it is impossible to the problem in time website protected.
In order to solve problem present in correlation technique, the method that this application provides the protection of a kind of web portal security.Pass through
Periodically the protection subitem of website is carried out vulnerability scanning;Based on vulnerability scanning result, described protection subitem is divided into not
Same classification;Based on the protection engine corresponding with the classification of described protection subitem, described protection subitem is protected;Wherein,
The protection engine that the protection subitem of different classification is corresponding is different.
Owing to website updates (content or the web page code of such as website change), the leak of protection subitem is swept
Retouch result generally also can change, thereby through periodically the protection subitem of website being carried out vulnerability scanning, according to leak
Scanning result, dynamically classifies to protection subitem, and for different classification, is respectively adopted different protection engines to guarantor
Protect subitem to protect, can more reasonably to protection subitem carry out security protection, to avoid in the prior art, only use with
The protection rule that the leak scanned automatically generates carries out security protection to website, causes the content of website to change but webpage
When code does not changes, it is impossible to the problem in time website protected.
Refer to the method flow that Fig. 1, Fig. 1 are a kind of web portal security protection shown in the application one exemplary embodiment
Figure, is applied to safety protection equipment, specifically performs following steps:
Step 101: periodically the protection subitem of website is carried out vulnerability scanning;
Step 102: based on vulnerability scanning result, described protection subitem is divided into different classification;
Step 103: based on the protection engine corresponding with the classification of described protection subitem, described protection subitem is prevented
Protect;Wherein, the protection engine that the protection subitem of different classification is corresponding is different.
Wherein, above-mentioned safety protection equipment, may refer to the server corresponding to targeted website, carry out setting of security protection
Standby;Such as, in actual applications, this safety protection equipment specifically could be for Website server is carried out the another of security protection
One security server.
Above-mentioned protection subitem, protects including the various urgent needs that may be attacked website by hacker as medium in targeted website
The website item protected;Prevent for example, it may be the parameters of webpage, the content of webpage, and the needs in webpage carry out safety
The code segment protected, etc..
When realizing, above-mentioned safety protection equipment can be by obtaining the protection subitem of website and each protection subitem
Related data, generates portion and stores the tables of data of each protection subitem information of website;Wherein, each in this tables of data
The most corresponding protection subitem of mesh.
After obtaining the tables of data about each protection subitem, the analysis program in safety protection equipment can be to data
Each entry in table carries out Hole Detection successively;Wherein, described analysis program can comprise multiple detection method, in reality
In the application of border, each detection method in above-mentioned multiple detection method can be used, successively each protection subitem is leaked
Hole is detected, to determine whether each protection subitem exists leak.
In this example, after each protection subitem in tables of data having been carried out Hole Detection by analysis program, can obtain
To corresponding testing result, described testing result is the leak situation of each protection subitem.
Wherein, in order to avoid website updates, the situation causing the vulnerability scanning result protecting subitem to change occurs,
In actual application, a vulnerability scanning cycle can be preset, may then based on this vulnerability scanning cycle timing of setting
Ground carries out vulnerability scanning to the protection subitem of website.
It addition, in order to avoid in the prior art, the protection rule that the leak only using and scanning automatically generates is to net
Station carries out security protection, causes the problem cannot protected website in time, and in this example, safety protection equipment can also root
According to vulnerability scanning result, dynamically protection subitem is classified, and for different classification, be respectively adopted different protection and draw
Hold up and protection subitem is protected, such that it is able to more reasonably protection subitem to be carried out the protection of dynamic, it is achieved the most right
Website carries out security protection.
In a kind of embodiment illustrated, after safety protection equipment obtains the vulnerability scanning result of each protection subitem, can
With the leak situation existed according to each protection subitem, each protection subitem is divided into different classification.
If any one detection method in some protection analyzed program of subitem detects undesirable, show this
There is leak, in such a case, it is possible to this protection subitem that there is leak is divided into leaky classification in protection subitem.
If all detection methods in some protection analyzed program of subitem detect meet the requirements, show this protection
There is not leak situation in subitem, in such a case, it is possible to the protection subitem that this does not exist leak situation is divided into without leak
Classification.
If after some protection subitem has been detected by all detection methods in analysis program, it is impossible to confirm this guarantor
Protect whether subitem exists leak, in such a case, it is possible to this cannot be confirmed whether that the protection subitem that there is leak is divided into
Unknown classification.
In a kind of embodiment illustrated, owing to website updates, the leak situation of protection subitem also can be corresponding
Change.And hence it is also possible to for the leaky classification marked off with without the protection subitem of vulnerability classification, set respectively and preset
The effective duration of classification, classifying in effective duration, the classification situation of protection subitem is constant, is classifying outside effective duration, dynamically
Update the classification situation of protection subitem.
Wherein, the classification effective time that the protection subitem for leaky classification with without vulnerability classification sets respectively can phase
With, it is also possible to differ, but the protection subitem that the cycle of vulnerability scanning is all higher than into leaky classification with without vulnerability classification is distinguished
The classification effective time set.
When realizing, when protection subitem be divided into leaky classification or without vulnerability classification after, set classification have
In the effect time, the protection subitem being divided into leaky classification is identified as leaky always, is divided into without vulnerability classification
Protection subitem is identified as without leak always.
During this period, the content of protection subitem of leaky classification it is identified as it may happen that update (such as programmer
Manual modification), therefore, in the next scan period, after there is the detection protecting subitem program by analysis updated, can
Can be reclassified as without vulnerability classification;Similar, it is identified as the protection subitem without leak, it is also possible to because occurring before
Change, by analysis after the detection of program, is divided into leaky classification.In addition, same protection subitem is different
In application, leak situation also not exclusively as, the vulnerability classification therefore protecting subitem is not changeless.
In a kind of embodiment illustrated, if arbitrary leaky classification or without vulnerability classification protection subitem point
Class effective duration time-out, then can switch to unknown classification by the classification of this protection subitem.
Wherein, owing to the described scan period is more than the effective duration of described classification, if arbitrary leaky classification or without leakage
After classification effective duration time-out of the protection subitem classified in hole is switched to unknown classification, in such a case, it is possible to by certainly
Move and the classification of this protection subitem is switched to unknown classification.
In this example, when by the leak situation according to each protection subitem, each protection subitem is divided into different classification
Afterwards, for different classification, different protection engines can be used to carry out security protection, such that it is able to make up in prior art
The protection rule that the leak only used and scan automatically generates carries out security protection to website, when causing website to occur to update,
The defect in time website cannot protected.
In a kind of embodiment illustrated, for the protection subitem of leaky classification, can be protected by virtual patch
Engine carries out security protection;For the protection subitem without vulnerability classification, can directly skip the place of web portal security protection engine
Reason;For the protection subitem of the unknown classification, security protection can be carried out by general patch protection engine.
When realizing, after protection subitem is divided into leaky classification, then can be based on default virtual patch protection
Engine carries out security protection for the protection subitem of leaky classification.Wherein, if described virtual patch protection engine includes butt
In the virtual patch rule that the leak of the protection subitem scanned generates.
The generation of described virtual patch rule can be carried out by the means using analog hacker to attack.Concrete implementation
Method can be first to be collected by the page detection method of the various means institutes foundation of assault, and described page detection method is such as
Can be whether web page code verifies login account and the data type of password, field length etc..Assault each
After the page detection method of kind means institute foundation collects, can be with each protection subitem of a pair website of described detection method 1
Detecting, generating protection rule for there is the protection subitem of security breaches.It is normal that wherein said protection rule is used to definition
Or the website visiting behavior of exception or one group of data of feature.
When using virtual patch protection engine to carry out security protection for the protection subitem of leaky classification, by according to institute
State protection rule the request accessing website is resolved, and draw the analysis result relevant to protecting rule, then by this solution
Analysis result is compared with protection rule, if violating protection rule, just refuses described request, if not violating protection rule, the most just
Often respond described request.
When realizing, after protection subitem is divided into without vulnerability classification, then any security protection engine can not be used
Carry out security protection, can directly skip the process of web portal security protection engine.
When realizing, after protection subitem is divided into unknown classification, can be based on default general patch protection engine
Protection subitem for the unknown classification carries out security protection;Wherein, if described general patch protection engine includes that dry systems is prewired
The general patch rule put.
The pre-configured of described general patch rule can be system from local existing patch rule base, obtains for often
See the patch rule of leak, carry out generating the patch rule protection engine including some common leaks, it is also possible to be that user is prewired
The protection rule for particular vulnerability put.
Wherein it is desired to explanation, described general patch rule can be the void automatically generated based on the leak scanned
Rule beyond quasi-complement fourth rule.
Finally, when described website being protected according to described general patch protection engine, by according to described protection
The request accessing website is resolved by rule, and draws the analysis result relevant to protecting rule, then by this analysis result
Comparing with protection rule, if violating protection rule, just refusing described request, if not violating protection rule, with regard to normal response
Described request.
The technical scheme provided from above the application, carries out leak by periodically protection subitem to website and sweeps
Retouch;Based on vulnerability scanning result, described protection subitem is divided into different classification;Based on right with the classification of described protection subitem
The protection engine answered, protects described protection subitem;Wherein, the protection engine that the protection subitem of different classification is corresponding is not
With.
Owing to website updates, the vulnerability scanning result of protection subitem generally also can change, thereby through the cycle
Property ground the protection subitem of website is carried out vulnerability scanning, according to scanning result, dynamically protection subitem is carried out dividing class and draws
Point, and use corresponding protection engine that protection subitem is protected, more reasonably protection subitem can be carried out dynamic
Protection, it is achieved preferably website is carried out security protection.
Corresponding with the embodiment of the method for aforementioned a kind of web portal security protection, present invention also provides a kind of web portal security
The embodiment of the device of protection.
The embodiment of the device of a kind of web portal security of the application protection can be applied on safety protection equipment.Device is implemented
Example can be realized by software, it is also possible to realizes by the way of hardware or software and hardware combining.As a example by implemented in software, as
Device on one logical meaning, is that the processor by its place safety protection equipment is by corresponding in nonvolatile memory
Computer program instructions reads and runs formation in internal memory.For hardware view, as in figure 2 it is shown, be the application one net
Stand a kind of hardware structure diagram of device place safety protection equipment of security protection, except the processor shown in Fig. 2, internal memory, net
Outside network interface and nonvolatile memory, in embodiment, the safety protection equipment at device place is pacified generally according to this website
The actual functional capability of full protection, it is also possible to include other hardware, this is repeated no more.
Refer to the device that Fig. 3, Fig. 3 are a kind of web portal security protection shown in the application one exemplary embodiment, application
In safety protection equipment, described device includes: scanning element 310, division unit 320, protective unit 330, setup unit 340.
Wherein, scanning element 310, for periodically carrying out vulnerability scanning to the protection subitem of website;
Division unit 320, for based on vulnerability scanning result, is divided into different classification by described protection subitem;
Protective unit 330, for based on the protection engine corresponding with the classification of described protection subitem, to described protection subitem
Protect;Wherein, the protection engine that the protection subitem of different classification is corresponding is different.
Setup unit 340, for for the leaky classification marked off with without the protection subitem of vulnerability classification, setting respectively
The effective duration of classification preset.
In the present embodiment, described division unit 310, it is applied particularly to and the protection subitem that there is leak has been divided into leakage
Classify in hole;The protection subitem not depositing leak is divided into without vulnerability classification;Will be unable to be confirmed whether to exist the protection subitem of leak
It is divided into unknown classification.
Described protective unit 330, specifically for protecting the engine guarantor for leaky classification based on default virtual patch
Protect subitem and carry out security protection;Wherein, described virtual patch protection engine includes some leakages based on the protection subitem scanned
The virtual patch rule that hole generates;The protection subitem classified for the unknown based on default general patch protection engine carries out safety
Protection;Wherein, if described general patch protection engine includes the general patch rule that dry systems is pre-configured.
Described setup unit 340, is further used for when arbitrary leaky classification or without the protection subitem of vulnerability classification
Effective duration of classifying is overtime, then the classification of this protection subitem switches to unknown classification.
In said apparatus, the function of unit and the process that realizes of effect specifically refer to corresponding step in said method
Realize process, do not repeat them here.
For device embodiment, owing to it corresponds essentially to embodiment of the method, so relevant part sees method in fact
The part executing example illustrates.Device embodiment described above is only schematically, wherein said as separating component
The unit illustrated can be or may not be physically separate, and the parts shown as unit can be or can also
It not physical location, i.e. may be located at a place, or can also be distributed on multiple NE.Can be according to reality
Need to select some or all of module therein to realize the purpose of the application scheme.Those of ordinary skill in the art are not paying
In the case of going out creative work, i.e. it is appreciated that and implements.
The foregoing is only the preferred embodiment of the application, not in order to limit the application, all essences in the application
Within god and principle, any modification, equivalent substitution and improvement etc. done, should be included within the scope of the application protection.
Claims (10)
1. a method for web portal security protection, is applied to safety protection equipment, it is characterised in that including:
Periodically the protection subitem of website is carried out vulnerability scanning;
Based on vulnerability scanning result, described protection subitem is divided into different classification;
Based on the protection engine corresponding with the classification of described protection subitem, described protection subitem is protected;Wherein, different points
The protection engine that the protection subitem of class is corresponding is different.
Method the most according to claim 1, it is characterised in that described based on vulnerability scanning result, by described protection subitem
It is divided into different classification, including:
The protection subitem that there is leak is divided into leaky classification;
The protection subitem that there will be no leak is divided into without vulnerability classification;
The protection subitem that will be unable to be confirmed whether to exist leak is divided into unknown classification.
Method the most according to claim 2, it is characterised in that described method also includes:
For the leaky classification marked off with without the protection subitem of vulnerability classification, set the effective duration of default classification respectively.
Method the most according to claim 3, it is characterised in that when the cycle of described vulnerability scanning is effective more than described classification
Long;
Described method also includes:
If arbitrary leaky classification or classification effective duration time-out of the protection subitem without vulnerability classification, then by this protection
The classification of item switches to unknown classification.
Method the most according to claim 1, it is characterised in that described based on corresponding the preventing of classifying with described protection subitem
Protect engine, described protection subitem is protected, including:
Security protection is carried out for the protection subitem of leaky classification based on default virtual patch protection engine;Wherein, described
Virtual patch protection engine includes the virtual patch rule that some leaks based on the protection subitem scanned generate;
The protection subitem classified for the unknown based on default general patch protection engine carries out security protection;Wherein, described logical
If including, with patch protection engine, the general patch rule that dry systems is pre-configured.
6. a device for web portal security protection, is applied to safety protection equipment, it is characterised in that including:
Scanning element, for periodically carrying out vulnerability scanning to the protection subitem of website;
Division unit, for based on vulnerability scanning result, is divided into different classification by described protection subitem;
Protective unit, for based on the protection engine corresponding with the classification of described protection subitem, preventing described protection subitem
Protect;Wherein, the protection engine that the protection subitem of different classification is corresponding is different.
Device the most according to claim 6, it is characterised in that including:
Described division unit specifically for:
The protection subitem that there is leak is divided into leaky classification;
The protection subitem that there will be no leak is divided into without vulnerability classification;
The protection subitem that will be unable to be confirmed whether to exist leak is divided into unknown classification.
Device the most according to claim 7, it is characterised in that described device also includes:
Setup unit, for for the leaky classification marked off with without the protection subitem of vulnerability classification, sets respectively and presets
Classify effective duration.
Device the most according to claim 8, it is characterised in that including:
Described setup unit is further used for:
When arbitrary leaky classification or classification effective duration time-out of the protection subitem without vulnerability classification, then by this protection subitem
Classification switch to unknown classification.
Device the most according to claim 6, it is characterised in that including:
Described protective unit specifically for:
Security protection is carried out for the protection subitem of leaky classification based on default virtual patch protection engine;Wherein, described
Virtual patch protection engine includes the virtual patch rule that some leaks based on the protection subitem scanned generate;
The protection subitem classified for the unknown based on default general patch protection engine carries out security protection;Wherein, described logical
If including, with patch protection engine, the general patch rule that dry systems is pre-configured.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610811816.1A CN106302515B (en) | 2016-09-08 | 2016-09-08 | A kind of method and apparatus of web portal security protection |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610811816.1A CN106302515B (en) | 2016-09-08 | 2016-09-08 | A kind of method and apparatus of web portal security protection |
Publications (2)
Publication Number | Publication Date |
---|---|
CN106302515A true CN106302515A (en) | 2017-01-04 |
CN106302515B CN106302515B (en) | 2019-09-06 |
Family
ID=57711178
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201610811816.1A Active CN106302515B (en) | 2016-09-08 | 2016-09-08 | A kind of method and apparatus of web portal security protection |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106302515B (en) |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108063759A (en) * | 2017-12-05 | 2018-05-22 | 西安交大捷普网络科技有限公司 | Web vulnerability scanning methods |
CN108337259A (en) * | 2018-02-01 | 2018-07-27 | 南京邮电大学 | A kind of suspicious web page identification method based on HTTP request Host information |
CN108965254A (en) * | 2018-06-11 | 2018-12-07 | 武汉般若互动科技有限公司 | One kind being used for government website security protection scheme |
CN113872918A (en) * | 2020-06-30 | 2021-12-31 | 苏州三六零智能安全科技有限公司 | Network traffic classification method, equipment, storage medium and device |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101808093A (en) * | 2010-03-15 | 2010-08-18 | 北京安天电子设备有限公司 | System and method for automatically detecting WEB security |
CN102215222A (en) * | 2011-05-09 | 2011-10-12 | 北京艾普优计算机***有限公司 | Website protection method and device |
CN102789502A (en) * | 2012-07-17 | 2012-11-21 | 北京奇虎科技有限公司 | Method and device for scanning website |
CN104468563A (en) * | 2014-12-03 | 2015-03-25 | 北京奇虎科技有限公司 | Website bug protection method, device and system |
CN104618176A (en) * | 2014-12-29 | 2015-05-13 | 北京奇虎科技有限公司 | Website security detection method and device |
-
2016
- 2016-09-08 CN CN201610811816.1A patent/CN106302515B/en active Active
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101808093A (en) * | 2010-03-15 | 2010-08-18 | 北京安天电子设备有限公司 | System and method for automatically detecting WEB security |
CN102215222A (en) * | 2011-05-09 | 2011-10-12 | 北京艾普优计算机***有限公司 | Website protection method and device |
CN102789502A (en) * | 2012-07-17 | 2012-11-21 | 北京奇虎科技有限公司 | Method and device for scanning website |
CN104468563A (en) * | 2014-12-03 | 2015-03-25 | 北京奇虎科技有限公司 | Website bug protection method, device and system |
CN104618176A (en) * | 2014-12-29 | 2015-05-13 | 北京奇虎科技有限公司 | Website security detection method and device |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108063759A (en) * | 2017-12-05 | 2018-05-22 | 西安交大捷普网络科技有限公司 | Web vulnerability scanning methods |
CN108337259A (en) * | 2018-02-01 | 2018-07-27 | 南京邮电大学 | A kind of suspicious web page identification method based on HTTP request Host information |
CN108965254A (en) * | 2018-06-11 | 2018-12-07 | 武汉般若互动科技有限公司 | One kind being used for government website security protection scheme |
CN113872918A (en) * | 2020-06-30 | 2021-12-31 | 苏州三六零智能安全科技有限公司 | Network traffic classification method, equipment, storage medium and device |
Also Published As
Publication number | Publication date |
---|---|
CN106302515B (en) | 2019-09-06 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US10102372B2 (en) | Behavior profiling for malware detection | |
US20210029156A1 (en) | Security monitoring system for internet of things (iot) device environments | |
US11157300B2 (en) | Managing virtual machine security resources | |
US10073970B2 (en) | System and method for reverse command shell detection | |
Akiyama et al. | Design and implementation of high interaction client honeypot for drive-by-download attacks | |
RU2726032C2 (en) | Systems and methods for detecting malicious programs with a domain generation algorithm (dga) | |
US7774459B2 (en) | Honey monkey network exploration | |
US11288090B1 (en) | Methods, systems, and media for injecting code into embedded devices | |
Nadji et al. | Automated remote repair for mobile malware | |
WO2017160765A1 (en) | System and method for process hollowing detection | |
Tajalizadehkhoob et al. | Herding vulnerable cats: a statistical approach to disentangle joint responsibility for web security in shared hosting | |
US11374964B1 (en) | Preventing lateral propagation of ransomware using a security appliance that dynamically inserts a DHCP server/relay and a default gateway with point-to-point links between endpoints | |
US9853992B1 (en) | Cloud service usage risk analysis based on user location | |
CN105939311A (en) | Method and device for determining network attack behavior | |
CN106302515A (en) | A kind of method and apparatus of web portal security protection | |
US11785044B2 (en) | System and method for detection of malicious interactions in a computer network | |
US10771477B2 (en) | Mitigating communications and control attempts | |
CN106341386B (en) | It is determining and remedy for the threat assessment grade of multi-level safety framework based on cloud | |
CN103428212A (en) | Malicious code detection and defense method | |
CN106250761B (en) | Equipment, device and method for identifying web automation tool | |
Spring et al. | Global adversarial capability modeling | |
CN111314370B (en) | Method and device for detecting service vulnerability attack behavior | |
CN112583841A (en) | Virtual machine safety protection method and system, electronic equipment and storage medium | |
CN112217770B (en) | Security detection method, security detection device, computer equipment and storage medium | |
Hovmark et al. | Towards Extending Probabilistic Attack Graphs with Forensic Evidence: An investigation of property list files in macOS |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
CB02 | Change of applicant information | ||
CB02 | Change of applicant information |
Address after: Binjiang District and Hangzhou city in Zhejiang Province Road 310051 No. 68 in the 6 storey building Applicant after: Hangzhou Dipu Polytron Technologies Inc Address before: Binjiang District and Hangzhou city in Zhejiang Province Road 310051 No. 68 in the 6 storey building Applicant before: Hangzhou Dipu Technology Co., Ltd. |
|
GR01 | Patent grant | ||
GR01 | Patent grant |