CN106302515B - A kind of method and apparatus of web portal security protection - Google Patents

A kind of method and apparatus of web portal security protection Download PDF

Info

Publication number
CN106302515B
CN106302515B CN201610811816.1A CN201610811816A CN106302515B CN 106302515 B CN106302515 B CN 106302515B CN 201610811816 A CN201610811816 A CN 201610811816A CN 106302515 B CN106302515 B CN 106302515B
Authority
CN
China
Prior art keywords
protection
subitem
classification
engine
website
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201610811816.1A
Other languages
Chinese (zh)
Other versions
CN106302515A (en
Inventor
吴庆
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hangzhou DPTech Technologies Co Ltd
Original Assignee
Hangzhou DPTech Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hangzhou DPTech Technologies Co Ltd filed Critical Hangzhou DPTech Technologies Co Ltd
Priority to CN201610811816.1A priority Critical patent/CN106302515B/en
Publication of CN106302515A publication Critical patent/CN106302515A/en
Application granted granted Critical
Publication of CN106302515B publication Critical patent/CN106302515B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1433Vulnerability analysis
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Storage Device Security (AREA)

Abstract

The application provides a kind of method and apparatus of web portal security protection, is applied to safety protection equipment, which comprises periodically carries out vulnerability scanning to the protection subitem of website;Based on vulnerability scanning as a result, the protection subitem is divided into different classification;Based on protection engine corresponding with the protection classification of subitem, the protection subitem is protected;Wherein, the corresponding protection engine of the protection subitem of different classifications is different.Using technical solution provided by the present application, security protection preferably can be carried out to website.

Description

A kind of method and apparatus of web portal security protection
Technical field
This application involves network communication technology field, in particular to a kind of method and apparatus of web portal security protection.
Background technique
As social informatization degree is higher and higher, website is in the environment of such a opposing open in internet, respectively The complexity and diversity of class web application system, cause the system vulnerability of website to emerge one after another, viral wooden horse and malicious code It wreaks havoc on the net, hacker attacks and the security incident for distorting website happen occasionally.
Summary of the invention
In view of this, the application provides a kind of web portal security means of defence and device, it is applied to safety protection equipment.
Specifically, the application is achieved by the following technical solution:
A kind of method of web portal security protection, is applied to safety protection equipment, comprising:
Vulnerability scanning periodically is carried out to the protection subitem of website;
Based on vulnerability scanning as a result, the protection subitem is divided into different classification;
Based on protection engine corresponding with the protection classification of subitem, the protection subitem is protected;Wherein, no With the protection subitem of classification, corresponding protection engine is different.
A kind of device of web portal security protection, is applied to safety protection equipment, comprising:
Scanning element carries out vulnerability scanning for the protection subitem periodically to website;
Division unit, for based on vulnerability scanning as a result, the protection subitem is divided into different classification;
Protective unit, for based on protection engine corresponding with the protection classification of subitem, to the protection subitem into Row protection;Wherein, the corresponding protection engine of the protection subitem of different classifications is different.
It is swept by the above technical solution provided by the present application as it can be seen that carrying out loophole by the protection subitem periodically to website It retouches;Based on vulnerability scanning as a result, the protection subitem is divided into different classification;Based on the classification pair with the protection subitem The protection engine answered protects the protection subitem;Wherein, different classifications protect the corresponding protection engine of subitem not Together.
It since website updates, protects the vulnerability scanning result of subitem that can generally also change, thus passes through the period Property vulnerability scanning is carried out to the protection subitem of website, according to scanning result, the division dynamically classified to protection subitem, And protection subitem is protected using corresponding protection engine, dynamic more reasonably can be carried out to protection subitem and prevented Shield, preferably protects website.
Detailed description of the invention
Fig. 1 is a kind of method flow diagram of web portal security protection shown in one exemplary embodiment of the application;
Fig. 2 is a kind of hardware structure diagram of the device of web portal security protection shown in one exemplary embodiment of the application;
Fig. 3 is a kind of device of web portal security protection shown in one exemplary embodiment of the application.
Specific embodiment
Example embodiments are described in detail here, and the example is illustrated in the accompanying drawings.Following description is related to When attached drawing, unless otherwise indicated, the same numbers in different drawings indicate the same or similar elements.Following exemplary embodiment Described in embodiment do not represent all embodiments consistent with the application.On the contrary, they be only with it is such as appended The example of the consistent device and method of some aspects be described in detail in claims, the application.
It is only to be not intended to be limiting the application merely for for the purpose of describing particular embodiments in term used in this application. It is also intended in the application and the "an" of singular used in the attached claims, " described " and "the" including majority Form, unless the context clearly indicates other meaning.It is also understood that term "and/or" used herein refers to and wraps It may be combined containing one or more associated any or all of project listed.
It will be appreciated that though various information, but this may be described using term first, second, third, etc. in the application A little information should not necessarily be limited by these terms.These terms are only used to for same type of information being distinguished from each other out.For example, not departing from In the case where the application range, the first information can also be referred to as the second information, and similarly, the second information can also be referred to as One information.Depending on context, word as used in this " if " can be construed to " ... when " or " when ... When " or " in response to determination ".
In the related art, when protecting website, usually by being deposited in the web page code of timing probe website Loophole, corresponding protection rule is then generated according to the feature of loophole detected, it is finally regular using the protection generated The website is protected.
It wherein, usually can be by multiple detection sides for summarizing when the web page code for detecting website whether there is loophole A pair of web page code of method one is detected.
When detecting the web page code of website, there are corresponding protection rule when loophole, can be automatically generated according to the feature of loophole Then, the protection rule building virtual patch and based on generation protects engine, then using virtual patch protection engine to described Website is protected.
However, although above scheme can be realized through loophole existing for active detecting website, it is corresponding to automatically generate Protection rule carries out security protection to website, but judges net since whether existing active scan web page code changes The whether changed mechanism of content of standing does not consider the changed all situations of web site contents, and web site contents are sent out sometimes Changing not will lead to web page code and change yet.So if web site contents change, cause to introduce new loophole, Using only based on timing scan to the protection rule that automatically generates of loophole security protection is carried out to website, may have website After content changes, the problem of cannot protecting in time website.
In order to solve the problems, such as present in the relevant technologies, this application provides a kind of methods of web portal security protection.Pass through Vulnerability scanning periodically is carried out to the protection subitem of website;Based on vulnerability scanning as a result, protecting subitem to be divided into not for described Same classification;Based on protection engine corresponding with the protection classification of subitem, the protection subitem is protected;Wherein, The corresponding protection engine of the protection subitem of different classifications is different.
Since website occurs to update (for example the content or web page code of website change), the loophole of subitem is protected to sweep Retouching result can generally also change, thus carry out vulnerability scanning by the protection subitem periodically to website, according to loophole Scanning result dynamically classifies to protection subitem, and is directed to different classification, and different protection engines is respectively adopted to guarantor Shield subitem is protected, and more reasonably can carry out security protection to protection subitem, to avoid in the prior art, Jin Shiyong with The protection rule that the loophole scanned automatically generates carries out security protection to website, and the content of website is caused to change but webpage When code does not change, the problem of can not protecting in time website.
Referring to Figure 1, Fig. 1 is a kind of method flow of web portal security protection shown in one exemplary embodiment of the application Figure is applied to safety protection equipment, specifically executes following steps:
Step 101: vulnerability scanning periodically being carried out to the protection subitem of website;
Step 102: based on vulnerability scanning as a result, the protection subitem is divided into different classification;
Step 103: based on protection engine corresponding with the protection classification of subitem, the protection subitem being prevented Shield;Wherein, the corresponding protection engine of the protection subitem of different classifications is different.
Wherein, above-mentioned safety protection equipment can refer to the corresponding server in targeted website, carry out setting for security protection It is standby;For example, in practical applications, which specifically can be for carrying out the another of security protection to Website server One security server.
Above-mentioned protection subitem, the various urgent needs including that may be attacked website in targeted website as medium by hacker are protected The website item of shield;For example, it may be the parameters of webpage, the content of webpage and the needs in webpage carry out safety and prevent Code segment of shield, etc..
When realizing, above-mentioned safety protection equipment can be by obtaining the protection subitem and each protection subitem of website Related data generates the tables of data that portion stores each protection subitem information in website;Wherein, each of tables of data item Mesh respectively corresponds a protection subitem.
After obtaining the tables of data about each protection subitem, the analysis program in safety protection equipment can be to data Each of table entry successively carries out Hole Detection;Wherein, multiple detection methods be may include in the analysis program, in reality In the application of border, successively each protection subitem can be leaked using each of above-mentioned multiple detection methods detection method Hole detection whether there is loophole with each protection subitem of determination.
In this example, it after having carried out Hole Detection to each protection subitem in tables of data by analysis program, can obtain To corresponding testing result, the testing result is the loophole situation of each protection subitem.
Wherein, in order to avoid website updates, lead to protect vulnerability scanning result the case where changing of subitem, In practical application, a vulnerability scanning period can be preset, may then based on the vulnerability scanning period timing of setting Ground carries out vulnerability scanning to the protection subitem of website.
In addition, in order to avoid in the prior art, using only the protection rule automatically generated with the loophole scanned to net It stands and carries out security protection, cause the problem of can not protecting in time website, in this example, safety protection equipment can be with root According to vulnerability scanning as a result, dynamically classifying to protection subitem, and it is directed to different classification, different protection is respectively adopted and draws It holds up and protection subitem is protected, so as to more reasonably carry out the protection of dynamic to protection subitem, it is preferably right to realize Website carries out security protection.
It, can after safety protection equipment obtains the vulnerability scanning result of each protection subitem in a kind of embodiment shown With the loophole situation according to existing for each protection subitem, each protection subitem is divided into different classification.
If it is undesirable that some protects any one detection method in the analyzed program of subitem to detect, show this Protecting subitem, there are loopholes, in such a case, it is possible to which the protection subitem there are loophole is divided into leaky classification.
It meets the requirements if all detection methods that some protection subitem is analyzed in program detect, shows the protection Loophole situation is not present in subitem, in such a case, it is possible to which the protection subitem there is no loophole situation is divided into no loophole Classification.
If all detection methods in analysis program carry out after having detected some protection subitem, the guarantor can not be confirmed Protecting subitem whether there is loophole, in such a case, it is possible to which this can not be confirmed whether that the protection subitem there are loophole is divided into Unknown classification.
In a kind of embodiment shown, since website updates, protect the loophole situation of subitem also can be corresponding It changes.And hence it is also possible to be directed to the leaky classification marked off and the protection subitem without vulnerability classification, it is set separately default Classification effective time, classification effective time in, protect the classification situation of subitem constant, classification effective time outside, dynamic Update the classification situation of protection subitem.
Wherein, the classification effective time being set separately for leaky classification and the protection subitem without vulnerability classification can phase Together, can not also be identical, but the period of vulnerability scanning is all larger than as leaky classification and the protection subitem difference without vulnerability classification The classification effective time of setting.
When realizing, after protecting subitem to be divided into leaky classification or without vulnerability classification, have in the classification of setting It imitates in the time, the protection subitem for being divided into leaky classification is identified as always leaky, is divided into no vulnerability classification Protection subitem is identified as always no loophole.
During this period, the content for being identified as the protection subitem of leaky classification may occur to update (such as programmer Manual modification), it therefore, can after the protection subitem detection of program by analysis updated in next scan period It can be reclassified as no vulnerability classification;It is similar, it is identified as the protection subitem of no loophole before, it is also possible to because occurring Variation, by analysis after the detection of program, is divided into leaky classification.In addition to this, same protection subitem is different In, loophole situation is also not exclusively the same, therefore the vulnerability classification of subitem is protected not to be fixed and invariable.
In a kind of embodiment shown, if point of any leaky classification or the protection subitem without vulnerability classification Class effective time time-out, then can be switched to unknown classification for the classification of the protection subitem.
Wherein, due to the scan period be greater than the classification effective time, if it is any it is leaky classification or without leakage After the classification effective time time-out of the protection subitem of hole classification is switched to unknown classification, in such a case, it is possible to by certainly It is dynamic that the classification of the protection subitem is switched to unknown classification.
In this example, when by the way that according to each loophole situation for protecting subitem, each protection subitem is divided into different classification Later, for different classification, security protection can be carried out using different protection engines, so as to make up in the prior art Security protection is carried out to website using only the protection rule automatically generated with the loophole scanned, when website being caused to update, The defect that website can not be protected in time.
In a kind of embodiment shown, for the protection subitem of leaky classification, it can be protected by virtual patch Engine carries out security protection;For the protection subitem of no vulnerability classification, the place of web portal security protection engine can be directly skipped Reason;For the protection subitem of unknown classification, engine can be protected to carry out security protection by general patch.
When realizing, protection subitem is divided into after leaky classification, then can be protected based on preset virtual patch Engine carries out security protection for the protection subitem of leaky classification.Wherein, if virtual patch protection engine includes butt In the virtual patch rule that the loophole of the protection subitem scanned generates.
Generating for the virtual patch rule can be carried out by using the means that analog hacker is attacked.Concrete implementation Method, which can be, first summarizes page detection method based on the various means of hacker attack, and the page detection method is such as It can be in web page code and whether data type, the field length etc. of login account and password verified.Hacker attack it is each After page detection method based on kind means summarizes, each protection subitem of a pair of of website of the detection method one can be used It is detected, for there are the protection subitems of security breaches to generate protection rule.Wherein the protection rule is normal for defining Either one group of data of abnormal website visiting behavior or feature.
When carrying out security protection for the protection subitem of leaky classification using virtual patch protection engine, by according to institute It states protection rule to parse the request of access website, and obtains parsing result relevant to protection rule, then by the solution Analysis result is compared with protection rule, if violating protection rule, just refuses the request, if not violating protection rule, just just Often respond the request.
When realizing, protection subitem is divided into after no vulnerability classification, then can not use any security protection engine Security protection is carried out, the processing of web portal security protection engine can be directly skipped.
When realizing, protection subitem is divided into after unknown classification, can protect engine based on preset general patch Security protection is carried out for the protection subitem of unknown classification;Wherein, if the general patch protection engine includes that dry systems are prewired The general patch rule set.
The pre-configuration of the general patch rule can be system from local existing patch rule base, obtain for normal The patch rule for seeing loophole generate the patch rule protection engine including several common loopholes, can also be that user is prewired The protection rule for particular vulnerability set.
Wherein, it should be noted that the general patch rule can be the void automatically generated based on the loophole scanned Rule other than quasi-complement fourth rule.
Finally, when protecting according to the general patch protection engine the website, by according to the protection Rule parses the request of access website, and obtains parsing result relevant to protection rule, then by the parsing result It is compared with protection rule, if violating protection rule, just refuses the request, if protection rule is not violated, with regard to normal response The request.
It is swept by the above technical solution provided by the present application as it can be seen that carrying out loophole by the protection subitem periodically to website It retouches;Based on vulnerability scanning as a result, the protection subitem is divided into different classification;Based on the classification pair with the protection subitem The protection engine answered protects the protection subitem;Wherein, different classifications protect the corresponding protection engine of subitem not Together.
It since website updates, protects the vulnerability scanning result of subitem that can generally also change, thus passes through the period Property vulnerability scanning is carried out to the protection subitem of website, according to scanning result, dynamically protection subitem is carried out dividing class and be drawn Point, and protection subitem is protected using corresponding protection engine, dynamic more reasonably can be carried out to protection subitem Protection is realized and preferably carries out security protection to website.
Corresponding with a kind of aforementioned embodiment of method of web portal security protection, present invention also provides a kind of web portal securities The embodiment of the device of protection.
A kind of embodiment of the device of web portal security protection of the application can be applied on safety protection equipment.Device is implemented Example can also be realized by software realization by way of hardware or software and hardware combining.Taking software implementation as an example, as Device on one logical meaning, being will be corresponding in nonvolatile memory by the processor of safety protection equipment where it Computer program instructions are read into memory what operation was formed.For hardware view, as shown in Fig. 2, being a kind of net of the application Stand security protection device where safety protection equipment a kind of hardware structure diagram, in addition to processor shown in Fig. 2, memory, net Except network interface and nonvolatile memory, the safety protection equipment in embodiment where device is pacified generally according to the website The actual functional capability of full protection can also include other hardware, repeat no more to this.
Fig. 3 is referred to, Fig. 3 is a kind of device of web portal security protection shown in one exemplary embodiment of the application, application In safety protection equipment, described device includes: scanning element 310, division unit 320, protective unit 330, setup unit 340.
Wherein, scanning element 310 carry out vulnerability scanning for the protection subitem periodically to website;
Division unit 320, for based on vulnerability scanning as a result, the protection subitem is divided into different classification;
Protective unit 330, for based on protection engine corresponding with the protection classification of subitem, to the protection subitem It is protected;Wherein, the corresponding protection engine of the protection subitem of different classifications is different.
Setup unit 340 is set separately for being directed to the leaky classification marked off and the protection subitem without vulnerability classification Preset classification effective time.
In the present embodiment, the division unit 310, the protection subitem for being applied particularly to will be present loophole have been divided into leakage Hole classification;The protection subitem for not depositing loophole is divided into no vulnerability classification;It will be unable to be confirmed whether the protection subitem there are loophole It is divided into unknown classification.
The protective unit 330, specifically for being directed to the guarantor of leaky classification based on preset virtual patch protection engine It protects subitem and carries out security protection;Wherein, the virtual patch protection engine includes several leakages based on the protection subitem scanned The virtual patch rule that hole generates;Safety is carried out for the protection subitem of unknown classification based on preset general patch protection engine Protection;Wherein, if the general patch protection engine includes the general patch rule that dry systems are pre-configured.
The setup unit 340, is further used for when any leaky classification or the protection subitem without vulnerability classification Effective time of classifying time-out, then be switched to unknown classification for the classification of the protection subitem.
The function of each unit and the realization process of effect are specifically detailed in the above method and correspond to step in above-mentioned apparatus Realization process, details are not described herein.
For device embodiment, since it corresponds essentially to embodiment of the method, so related place is referring to method reality Apply the part explanation of example.The apparatus embodiments described above are merely exemplary, wherein described be used as separation unit The unit of explanation may or may not be physically separated, and component shown as a unit can be or can also be with It is not physical unit, it can it is in one place, or may be distributed over multiple network units.It can be according to actual The purpose for needing to select some or all of the modules therein to realize application scheme.Those of ordinary skill in the art are not paying Out in the case where creative work, it can understand and implement.
The foregoing is merely the preferred embodiments of the application, not to limit the application, all essences in the application Within mind and principle, any modification, equivalent substitution, improvement and etc. done be should be included within the scope of the application protection.

Claims (10)

1. a kind of method of web portal security protection, is applied to safety protection equipment characterized by comprising
Vulnerability scanning periodically is carried out to the protection subitem of website, comprising: obtain website protection subitem and each protection The related data of subitem generates tables of data according to the related data of the protection subitem of website and each protection subitem;Wherein, institute It states each of tables of data entry and respectively corresponds a protection subitem;Pass through the analysis routines periodically in safety protection equipment Ground successively carries out Hole Detection to each of tables of data entry;It wherein, include multiple detection methods in the analysis program, Using each of the multiple detection method detection method, Hole Detection successively is carried out to each protection subitem, with determination Each protection subitem whether there is loophole;
Based on vulnerability scanning as a result, the protection subitem is divided into different classification;
Based on protection engine corresponding with the protection classification of subitem, the protection subitem is protected;Wherein, different points The corresponding protection engine of the protection subitem of class is different.
2. the method according to claim 1, wherein the vulnerability scanning that is based on is as a result, by the protection subitem It is divided into different classification, comprising:
The protection subitem that loophole will be present is divided into leaky classification;
There will be no the protection subitems of loophole to be divided into no vulnerability classification;
It will be unable to be confirmed whether that the protection subitem there are loophole is divided into unknown classification.
3. according to the method described in claim 2, it is characterized in that, the method also includes:
For the leaky classification marked off and the protection subitem without vulnerability classification, preset classification effective time is set separately.
4. according to the method described in claim 3, it is characterized in that, when the period of the vulnerability scanning is effective greater than the classification It is long;
The method also includes:
If the classification effective time time-out of any leaky classification or the protection subitem without vulnerability classification, by protection The classification of item is switched to unknown classification.
5. the method according to claim 1, wherein described based on corresponding with the protection classification of subitem anti- Engine is protected, the protection subitem is protected, comprising:
Protection subitem based on preset virtual patch protection engine for leaky classification carries out security protection;Wherein, described Virtual patch protection engine includes the virtual patch rule that several loopholes based on the protection subitem scanned generate;
Security protection is carried out for the protection subitem of unknown classification based on preset general patch protection engine;Wherein, described logical If including the general patch rule that dry systems are pre-configured with patch protection engine.
6. a kind of device of web portal security protection, is applied to safety protection equipment characterized by comprising
Scanning element carries out vulnerability scanning for the protection subitem periodically to website, comprising: obtain the protection subitem of website And the related data of each protection subitem, number is generated according to the related data of the protection subitem of website and each protection subitem According to table;Wherein, each of described tables of data entry respectively corresponds a protection subitem;Pass through point in safety protection equipment Hole Detection is successively carried out to analysis routines periodically to each of tables of data entry;Wherein, include in the analysis program Multiple detection methods successively leak each protection subitem using each of the multiple detection method detection method Hole detection whether there is loophole with each protection subitem of determination;
Division unit, for based on vulnerability scanning as a result, the protection subitem is divided into different classification;
Protective unit, for preventing the protection subitem based on protection engine corresponding with the protection classification of subitem Shield;Wherein, the corresponding protection engine of the protection subitem of different classifications is different.
7. device according to claim 6 characterized by comprising
The division unit is specifically used for:
The protection subitem that loophole will be present is divided into leaky classification;
There will be no the protection subitems of loophole to be divided into no vulnerability classification;
It will be unable to be confirmed whether that the protection subitem there are loophole is divided into unknown classification.
8. device according to claim 7, which is characterized in that described device further include:
Setup unit is set separately preset for being directed to the leaky classification marked off and the protection subitem without vulnerability classification Classification effective time.
9. device according to claim 8 characterized by comprising
The setup unit is further used for:
When any leaky classification or the classification effective time time-out of the protection subitem without vulnerability classification, then by the protection subitem Classification be switched to unknown classification.
10. device according to claim 6 characterized by comprising
The protective unit is specifically used for:
Protection subitem based on preset virtual patch protection engine for leaky classification carries out security protection;Wherein, described Virtual patch protection engine includes the virtual patch rule that several loopholes based on the protection subitem scanned generate;
Security protection is carried out for the protection subitem of unknown classification based on preset general patch protection engine;Wherein, described logical If including the general patch rule that dry systems are pre-configured with patch protection engine.
CN201610811816.1A 2016-09-08 2016-09-08 A kind of method and apparatus of web portal security protection Active CN106302515B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201610811816.1A CN106302515B (en) 2016-09-08 2016-09-08 A kind of method and apparatus of web portal security protection

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610811816.1A CN106302515B (en) 2016-09-08 2016-09-08 A kind of method and apparatus of web portal security protection

Publications (2)

Publication Number Publication Date
CN106302515A CN106302515A (en) 2017-01-04
CN106302515B true CN106302515B (en) 2019-09-06

Family

ID=57711178

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610811816.1A Active CN106302515B (en) 2016-09-08 2016-09-08 A kind of method and apparatus of web portal security protection

Country Status (1)

Country Link
CN (1) CN106302515B (en)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108063759B (en) * 2017-12-05 2022-08-16 西安交大捷普网络科技有限公司 Web vulnerability scanning method
CN108337259A (en) * 2018-02-01 2018-07-27 南京邮电大学 A kind of suspicious web page identification method based on HTTP request Host information
CN108965254A (en) * 2018-06-11 2018-12-07 武汉般若互动科技有限公司 One kind being used for government website security protection scheme
CN113872918A (en) * 2020-06-30 2021-12-31 苏州三六零智能安全科技有限公司 Network traffic classification method, equipment, storage medium and device

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101808093A (en) * 2010-03-15 2010-08-18 北京安天电子设备有限公司 System and method for automatically detecting WEB security
CN102215222A (en) * 2011-05-09 2011-10-12 北京艾普优计算机***有限公司 Website protection method and device
CN102789502A (en) * 2012-07-17 2012-11-21 北京奇虎科技有限公司 Method and device for scanning website
CN104468563A (en) * 2014-12-03 2015-03-25 北京奇虎科技有限公司 Website bug protection method, device and system
CN104618176A (en) * 2014-12-29 2015-05-13 北京奇虎科技有限公司 Website security detection method and device

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101808093A (en) * 2010-03-15 2010-08-18 北京安天电子设备有限公司 System and method for automatically detecting WEB security
CN102215222A (en) * 2011-05-09 2011-10-12 北京艾普优计算机***有限公司 Website protection method and device
CN102789502A (en) * 2012-07-17 2012-11-21 北京奇虎科技有限公司 Method and device for scanning website
CN104468563A (en) * 2014-12-03 2015-03-25 北京奇虎科技有限公司 Website bug protection method, device and system
CN104618176A (en) * 2014-12-29 2015-05-13 北京奇虎科技有限公司 Website security detection method and device

Also Published As

Publication number Publication date
CN106302515A (en) 2017-01-04

Similar Documents

Publication Publication Date Title
US10657251B1 (en) Multistage system and method for analyzing obfuscated content for malware
ES2806379T3 (en) Hardware-based virtualized security isolation
JP6715887B2 (en) System and method for combating attacks on user computing devices
US10728274B2 (en) Method and system for injecting javascript into a web page
US9374386B2 (en) Application malware filtering for advertising networks
Jicha et al. SCADA honeypots: An in-depth analysis of Conpot
US9065826B2 (en) Identifying application reputation based on resource accesses
US9973531B1 (en) Shellcode detection
US10432662B2 (en) Method and system for blocking malicious third party site tagging
US10805340B1 (en) Infection vector and malware tracking with an interactive user display
US10135862B1 (en) Testing security incident response through automated injection of known indicators of compromise
Nadji et al. Automated remote repair for mobile malware
Zheng et al. DroidRay: a security evaluation system for customized android firmwares
US11861006B2 (en) High-confidence malware severity classification of reference file set
CN106302515B (en) A kind of method and apparatus of web portal security protection
US20160149931A1 (en) Methods and Systems For Providing Comprehensive Cyber-Security Protection Using An Open Application Programming Interface Based Platform Solution
US11785044B2 (en) System and method for detection of malicious interactions in a computer network
US11374946B2 (en) Inline malware detection
US20190222587A1 (en) System and method for detection of attacks in a computer network using deception elements
US10320810B1 (en) Mitigating communication and control attempts
Sethia et al. Malware capturing and analysis using dionaea honeypot
US11636208B2 (en) Generating models for performing inline malware detection
KR101639869B1 (en) Program for detecting malignant code distributing network
JP2024023875A (en) Inline malware detection
Arul et al. Supervised deep learning vector quantization to detect MemCached DDOS malware attack on cloud

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
CB02 Change of applicant information

Address after: Binjiang District and Hangzhou city in Zhejiang Province Road 310051 No. 68 in the 6 storey building

Applicant after: Hangzhou Dipu Polytron Technologies Inc

Address before: Binjiang District and Hangzhou city in Zhejiang Province Road 310051 No. 68 in the 6 storey building

Applicant before: Hangzhou Dipu Technology Co., Ltd.

CB02 Change of applicant information
GR01 Patent grant
GR01 Patent grant