CN106302515B - A kind of method and apparatus of web portal security protection - Google Patents
A kind of method and apparatus of web portal security protection Download PDFInfo
- Publication number
- CN106302515B CN106302515B CN201610811816.1A CN201610811816A CN106302515B CN 106302515 B CN106302515 B CN 106302515B CN 201610811816 A CN201610811816 A CN 201610811816A CN 106302515 B CN106302515 B CN 106302515B
- Authority
- CN
- China
- Prior art keywords
- protection
- subitem
- classification
- engine
- website
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Storage Device Security (AREA)
Abstract
The application provides a kind of method and apparatus of web portal security protection, is applied to safety protection equipment, which comprises periodically carries out vulnerability scanning to the protection subitem of website;Based on vulnerability scanning as a result, the protection subitem is divided into different classification;Based on protection engine corresponding with the protection classification of subitem, the protection subitem is protected;Wherein, the corresponding protection engine of the protection subitem of different classifications is different.Using technical solution provided by the present application, security protection preferably can be carried out to website.
Description
Technical field
This application involves network communication technology field, in particular to a kind of method and apparatus of web portal security protection.
Background technique
As social informatization degree is higher and higher, website is in the environment of such a opposing open in internet, respectively
The complexity and diversity of class web application system, cause the system vulnerability of website to emerge one after another, viral wooden horse and malicious code
It wreaks havoc on the net, hacker attacks and the security incident for distorting website happen occasionally.
Summary of the invention
In view of this, the application provides a kind of web portal security means of defence and device, it is applied to safety protection equipment.
Specifically, the application is achieved by the following technical solution:
A kind of method of web portal security protection, is applied to safety protection equipment, comprising:
Vulnerability scanning periodically is carried out to the protection subitem of website;
Based on vulnerability scanning as a result, the protection subitem is divided into different classification;
Based on protection engine corresponding with the protection classification of subitem, the protection subitem is protected;Wherein, no
With the protection subitem of classification, corresponding protection engine is different.
A kind of device of web portal security protection, is applied to safety protection equipment, comprising:
Scanning element carries out vulnerability scanning for the protection subitem periodically to website;
Division unit, for based on vulnerability scanning as a result, the protection subitem is divided into different classification;
Protective unit, for based on protection engine corresponding with the protection classification of subitem, to the protection subitem into
Row protection;Wherein, the corresponding protection engine of the protection subitem of different classifications is different.
It is swept by the above technical solution provided by the present application as it can be seen that carrying out loophole by the protection subitem periodically to website
It retouches;Based on vulnerability scanning as a result, the protection subitem is divided into different classification;Based on the classification pair with the protection subitem
The protection engine answered protects the protection subitem;Wherein, different classifications protect the corresponding protection engine of subitem not
Together.
It since website updates, protects the vulnerability scanning result of subitem that can generally also change, thus passes through the period
Property vulnerability scanning is carried out to the protection subitem of website, according to scanning result, the division dynamically classified to protection subitem,
And protection subitem is protected using corresponding protection engine, dynamic more reasonably can be carried out to protection subitem and prevented
Shield, preferably protects website.
Detailed description of the invention
Fig. 1 is a kind of method flow diagram of web portal security protection shown in one exemplary embodiment of the application;
Fig. 2 is a kind of hardware structure diagram of the device of web portal security protection shown in one exemplary embodiment of the application;
Fig. 3 is a kind of device of web portal security protection shown in one exemplary embodiment of the application.
Specific embodiment
Example embodiments are described in detail here, and the example is illustrated in the accompanying drawings.Following description is related to
When attached drawing, unless otherwise indicated, the same numbers in different drawings indicate the same or similar elements.Following exemplary embodiment
Described in embodiment do not represent all embodiments consistent with the application.On the contrary, they be only with it is such as appended
The example of the consistent device and method of some aspects be described in detail in claims, the application.
It is only to be not intended to be limiting the application merely for for the purpose of describing particular embodiments in term used in this application.
It is also intended in the application and the "an" of singular used in the attached claims, " described " and "the" including majority
Form, unless the context clearly indicates other meaning.It is also understood that term "and/or" used herein refers to and wraps
It may be combined containing one or more associated any or all of project listed.
It will be appreciated that though various information, but this may be described using term first, second, third, etc. in the application
A little information should not necessarily be limited by these terms.These terms are only used to for same type of information being distinguished from each other out.For example, not departing from
In the case where the application range, the first information can also be referred to as the second information, and similarly, the second information can also be referred to as
One information.Depending on context, word as used in this " if " can be construed to " ... when " or " when ...
When " or " in response to determination ".
In the related art, when protecting website, usually by being deposited in the web page code of timing probe website
Loophole, corresponding protection rule is then generated according to the feature of loophole detected, it is finally regular using the protection generated
The website is protected.
It wherein, usually can be by multiple detection sides for summarizing when the web page code for detecting website whether there is loophole
A pair of web page code of method one is detected.
When detecting the web page code of website, there are corresponding protection rule when loophole, can be automatically generated according to the feature of loophole
Then, the protection rule building virtual patch and based on generation protects engine, then using virtual patch protection engine to described
Website is protected.
However, although above scheme can be realized through loophole existing for active detecting website, it is corresponding to automatically generate
Protection rule carries out security protection to website, but judges net since whether existing active scan web page code changes
The whether changed mechanism of content of standing does not consider the changed all situations of web site contents, and web site contents are sent out sometimes
Changing not will lead to web page code and change yet.So if web site contents change, cause to introduce new loophole,
Using only based on timing scan to the protection rule that automatically generates of loophole security protection is carried out to website, may have website
After content changes, the problem of cannot protecting in time website.
In order to solve the problems, such as present in the relevant technologies, this application provides a kind of methods of web portal security protection.Pass through
Vulnerability scanning periodically is carried out to the protection subitem of website;Based on vulnerability scanning as a result, protecting subitem to be divided into not for described
Same classification;Based on protection engine corresponding with the protection classification of subitem, the protection subitem is protected;Wherein,
The corresponding protection engine of the protection subitem of different classifications is different.
Since website occurs to update (for example the content or web page code of website change), the loophole of subitem is protected to sweep
Retouching result can generally also change, thus carry out vulnerability scanning by the protection subitem periodically to website, according to loophole
Scanning result dynamically classifies to protection subitem, and is directed to different classification, and different protection engines is respectively adopted to guarantor
Shield subitem is protected, and more reasonably can carry out security protection to protection subitem, to avoid in the prior art, Jin Shiyong with
The protection rule that the loophole scanned automatically generates carries out security protection to website, and the content of website is caused to change but webpage
When code does not change, the problem of can not protecting in time website.
Referring to Figure 1, Fig. 1 is a kind of method flow of web portal security protection shown in one exemplary embodiment of the application
Figure is applied to safety protection equipment, specifically executes following steps:
Step 101: vulnerability scanning periodically being carried out to the protection subitem of website;
Step 102: based on vulnerability scanning as a result, the protection subitem is divided into different classification;
Step 103: based on protection engine corresponding with the protection classification of subitem, the protection subitem being prevented
Shield;Wherein, the corresponding protection engine of the protection subitem of different classifications is different.
Wherein, above-mentioned safety protection equipment can refer to the corresponding server in targeted website, carry out setting for security protection
It is standby;For example, in practical applications, which specifically can be for carrying out the another of security protection to Website server
One security server.
Above-mentioned protection subitem, the various urgent needs including that may be attacked website in targeted website as medium by hacker are protected
The website item of shield;For example, it may be the parameters of webpage, the content of webpage and the needs in webpage carry out safety and prevent
Code segment of shield, etc..
When realizing, above-mentioned safety protection equipment can be by obtaining the protection subitem and each protection subitem of website
Related data generates the tables of data that portion stores each protection subitem information in website;Wherein, each of tables of data item
Mesh respectively corresponds a protection subitem.
After obtaining the tables of data about each protection subitem, the analysis program in safety protection equipment can be to data
Each of table entry successively carries out Hole Detection;Wherein, multiple detection methods be may include in the analysis program, in reality
In the application of border, successively each protection subitem can be leaked using each of above-mentioned multiple detection methods detection method
Hole detection whether there is loophole with each protection subitem of determination.
In this example, it after having carried out Hole Detection to each protection subitem in tables of data by analysis program, can obtain
To corresponding testing result, the testing result is the loophole situation of each protection subitem.
Wherein, in order to avoid website updates, lead to protect vulnerability scanning result the case where changing of subitem,
In practical application, a vulnerability scanning period can be preset, may then based on the vulnerability scanning period timing of setting
Ground carries out vulnerability scanning to the protection subitem of website.
In addition, in order to avoid in the prior art, using only the protection rule automatically generated with the loophole scanned to net
It stands and carries out security protection, cause the problem of can not protecting in time website, in this example, safety protection equipment can be with root
According to vulnerability scanning as a result, dynamically classifying to protection subitem, and it is directed to different classification, different protection is respectively adopted and draws
It holds up and protection subitem is protected, so as to more reasonably carry out the protection of dynamic to protection subitem, it is preferably right to realize
Website carries out security protection.
It, can after safety protection equipment obtains the vulnerability scanning result of each protection subitem in a kind of embodiment shown
With the loophole situation according to existing for each protection subitem, each protection subitem is divided into different classification.
If it is undesirable that some protects any one detection method in the analyzed program of subitem to detect, show this
Protecting subitem, there are loopholes, in such a case, it is possible to which the protection subitem there are loophole is divided into leaky classification.
It meets the requirements if all detection methods that some protection subitem is analyzed in program detect, shows the protection
Loophole situation is not present in subitem, in such a case, it is possible to which the protection subitem there is no loophole situation is divided into no loophole
Classification.
If all detection methods in analysis program carry out after having detected some protection subitem, the guarantor can not be confirmed
Protecting subitem whether there is loophole, in such a case, it is possible to which this can not be confirmed whether that the protection subitem there are loophole is divided into
Unknown classification.
In a kind of embodiment shown, since website updates, protect the loophole situation of subitem also can be corresponding
It changes.And hence it is also possible to be directed to the leaky classification marked off and the protection subitem without vulnerability classification, it is set separately default
Classification effective time, classification effective time in, protect the classification situation of subitem constant, classification effective time outside, dynamic
Update the classification situation of protection subitem.
Wherein, the classification effective time being set separately for leaky classification and the protection subitem without vulnerability classification can phase
Together, can not also be identical, but the period of vulnerability scanning is all larger than as leaky classification and the protection subitem difference without vulnerability classification
The classification effective time of setting.
When realizing, after protecting subitem to be divided into leaky classification or without vulnerability classification, have in the classification of setting
It imitates in the time, the protection subitem for being divided into leaky classification is identified as always leaky, is divided into no vulnerability classification
Protection subitem is identified as always no loophole.
During this period, the content for being identified as the protection subitem of leaky classification may occur to update (such as programmer
Manual modification), it therefore, can after the protection subitem detection of program by analysis updated in next scan period
It can be reclassified as no vulnerability classification;It is similar, it is identified as the protection subitem of no loophole before, it is also possible to because occurring
Variation, by analysis after the detection of program, is divided into leaky classification.In addition to this, same protection subitem is different
In, loophole situation is also not exclusively the same, therefore the vulnerability classification of subitem is protected not to be fixed and invariable.
In a kind of embodiment shown, if point of any leaky classification or the protection subitem without vulnerability classification
Class effective time time-out, then can be switched to unknown classification for the classification of the protection subitem.
Wherein, due to the scan period be greater than the classification effective time, if it is any it is leaky classification or without leakage
After the classification effective time time-out of the protection subitem of hole classification is switched to unknown classification, in such a case, it is possible to by certainly
It is dynamic that the classification of the protection subitem is switched to unknown classification.
In this example, when by the way that according to each loophole situation for protecting subitem, each protection subitem is divided into different classification
Later, for different classification, security protection can be carried out using different protection engines, so as to make up in the prior art
Security protection is carried out to website using only the protection rule automatically generated with the loophole scanned, when website being caused to update,
The defect that website can not be protected in time.
In a kind of embodiment shown, for the protection subitem of leaky classification, it can be protected by virtual patch
Engine carries out security protection;For the protection subitem of no vulnerability classification, the place of web portal security protection engine can be directly skipped
Reason;For the protection subitem of unknown classification, engine can be protected to carry out security protection by general patch.
When realizing, protection subitem is divided into after leaky classification, then can be protected based on preset virtual patch
Engine carries out security protection for the protection subitem of leaky classification.Wherein, if virtual patch protection engine includes butt
In the virtual patch rule that the loophole of the protection subitem scanned generates.
Generating for the virtual patch rule can be carried out by using the means that analog hacker is attacked.Concrete implementation
Method, which can be, first summarizes page detection method based on the various means of hacker attack, and the page detection method is such as
It can be in web page code and whether data type, the field length etc. of login account and password verified.Hacker attack it is each
After page detection method based on kind means summarizes, each protection subitem of a pair of of website of the detection method one can be used
It is detected, for there are the protection subitems of security breaches to generate protection rule.Wherein the protection rule is normal for defining
Either one group of data of abnormal website visiting behavior or feature.
When carrying out security protection for the protection subitem of leaky classification using virtual patch protection engine, by according to institute
It states protection rule to parse the request of access website, and obtains parsing result relevant to protection rule, then by the solution
Analysis result is compared with protection rule, if violating protection rule, just refuses the request, if not violating protection rule, just just
Often respond the request.
When realizing, protection subitem is divided into after no vulnerability classification, then can not use any security protection engine
Security protection is carried out, the processing of web portal security protection engine can be directly skipped.
When realizing, protection subitem is divided into after unknown classification, can protect engine based on preset general patch
Security protection is carried out for the protection subitem of unknown classification;Wherein, if the general patch protection engine includes that dry systems are prewired
The general patch rule set.
The pre-configuration of the general patch rule can be system from local existing patch rule base, obtain for normal
The patch rule for seeing loophole generate the patch rule protection engine including several common loopholes, can also be that user is prewired
The protection rule for particular vulnerability set.
Wherein, it should be noted that the general patch rule can be the void automatically generated based on the loophole scanned
Rule other than quasi-complement fourth rule.
Finally, when protecting according to the general patch protection engine the website, by according to the protection
Rule parses the request of access website, and obtains parsing result relevant to protection rule, then by the parsing result
It is compared with protection rule, if violating protection rule, just refuses the request, if protection rule is not violated, with regard to normal response
The request.
It is swept by the above technical solution provided by the present application as it can be seen that carrying out loophole by the protection subitem periodically to website
It retouches;Based on vulnerability scanning as a result, the protection subitem is divided into different classification;Based on the classification pair with the protection subitem
The protection engine answered protects the protection subitem;Wherein, different classifications protect the corresponding protection engine of subitem not
Together.
It since website updates, protects the vulnerability scanning result of subitem that can generally also change, thus passes through the period
Property vulnerability scanning is carried out to the protection subitem of website, according to scanning result, dynamically protection subitem is carried out dividing class and be drawn
Point, and protection subitem is protected using corresponding protection engine, dynamic more reasonably can be carried out to protection subitem
Protection is realized and preferably carries out security protection to website.
Corresponding with a kind of aforementioned embodiment of method of web portal security protection, present invention also provides a kind of web portal securities
The embodiment of the device of protection.
A kind of embodiment of the device of web portal security protection of the application can be applied on safety protection equipment.Device is implemented
Example can also be realized by software realization by way of hardware or software and hardware combining.Taking software implementation as an example, as
Device on one logical meaning, being will be corresponding in nonvolatile memory by the processor of safety protection equipment where it
Computer program instructions are read into memory what operation was formed.For hardware view, as shown in Fig. 2, being a kind of net of the application
Stand security protection device where safety protection equipment a kind of hardware structure diagram, in addition to processor shown in Fig. 2, memory, net
Except network interface and nonvolatile memory, the safety protection equipment in embodiment where device is pacified generally according to the website
The actual functional capability of full protection can also include other hardware, repeat no more to this.
Fig. 3 is referred to, Fig. 3 is a kind of device of web portal security protection shown in one exemplary embodiment of the application, application
In safety protection equipment, described device includes: scanning element 310, division unit 320, protective unit 330, setup unit 340.
Wherein, scanning element 310 carry out vulnerability scanning for the protection subitem periodically to website;
Division unit 320, for based on vulnerability scanning as a result, the protection subitem is divided into different classification;
Protective unit 330, for based on protection engine corresponding with the protection classification of subitem, to the protection subitem
It is protected;Wherein, the corresponding protection engine of the protection subitem of different classifications is different.
Setup unit 340 is set separately for being directed to the leaky classification marked off and the protection subitem without vulnerability classification
Preset classification effective time.
In the present embodiment, the division unit 310, the protection subitem for being applied particularly to will be present loophole have been divided into leakage
Hole classification;The protection subitem for not depositing loophole is divided into no vulnerability classification;It will be unable to be confirmed whether the protection subitem there are loophole
It is divided into unknown classification.
The protective unit 330, specifically for being directed to the guarantor of leaky classification based on preset virtual patch protection engine
It protects subitem and carries out security protection;Wherein, the virtual patch protection engine includes several leakages based on the protection subitem scanned
The virtual patch rule that hole generates;Safety is carried out for the protection subitem of unknown classification based on preset general patch protection engine
Protection;Wherein, if the general patch protection engine includes the general patch rule that dry systems are pre-configured.
The setup unit 340, is further used for when any leaky classification or the protection subitem without vulnerability classification
Effective time of classifying time-out, then be switched to unknown classification for the classification of the protection subitem.
The function of each unit and the realization process of effect are specifically detailed in the above method and correspond to step in above-mentioned apparatus
Realization process, details are not described herein.
For device embodiment, since it corresponds essentially to embodiment of the method, so related place is referring to method reality
Apply the part explanation of example.The apparatus embodiments described above are merely exemplary, wherein described be used as separation unit
The unit of explanation may or may not be physically separated, and component shown as a unit can be or can also be with
It is not physical unit, it can it is in one place, or may be distributed over multiple network units.It can be according to actual
The purpose for needing to select some or all of the modules therein to realize application scheme.Those of ordinary skill in the art are not paying
Out in the case where creative work, it can understand and implement.
The foregoing is merely the preferred embodiments of the application, not to limit the application, all essences in the application
Within mind and principle, any modification, equivalent substitution, improvement and etc. done be should be included within the scope of the application protection.
Claims (10)
1. a kind of method of web portal security protection, is applied to safety protection equipment characterized by comprising
Vulnerability scanning periodically is carried out to the protection subitem of website, comprising: obtain website protection subitem and each protection
The related data of subitem generates tables of data according to the related data of the protection subitem of website and each protection subitem;Wherein, institute
It states each of tables of data entry and respectively corresponds a protection subitem;Pass through the analysis routines periodically in safety protection equipment
Ground successively carries out Hole Detection to each of tables of data entry;It wherein, include multiple detection methods in the analysis program,
Using each of the multiple detection method detection method, Hole Detection successively is carried out to each protection subitem, with determination
Each protection subitem whether there is loophole;
Based on vulnerability scanning as a result, the protection subitem is divided into different classification;
Based on protection engine corresponding with the protection classification of subitem, the protection subitem is protected;Wherein, different points
The corresponding protection engine of the protection subitem of class is different.
2. the method according to claim 1, wherein the vulnerability scanning that is based on is as a result, by the protection subitem
It is divided into different classification, comprising:
The protection subitem that loophole will be present is divided into leaky classification;
There will be no the protection subitems of loophole to be divided into no vulnerability classification;
It will be unable to be confirmed whether that the protection subitem there are loophole is divided into unknown classification.
3. according to the method described in claim 2, it is characterized in that, the method also includes:
For the leaky classification marked off and the protection subitem without vulnerability classification, preset classification effective time is set separately.
4. according to the method described in claim 3, it is characterized in that, when the period of the vulnerability scanning is effective greater than the classification
It is long;
The method also includes:
If the classification effective time time-out of any leaky classification or the protection subitem without vulnerability classification, by protection
The classification of item is switched to unknown classification.
5. the method according to claim 1, wherein described based on corresponding with the protection classification of subitem anti-
Engine is protected, the protection subitem is protected, comprising:
Protection subitem based on preset virtual patch protection engine for leaky classification carries out security protection;Wherein, described
Virtual patch protection engine includes the virtual patch rule that several loopholes based on the protection subitem scanned generate;
Security protection is carried out for the protection subitem of unknown classification based on preset general patch protection engine;Wherein, described logical
If including the general patch rule that dry systems are pre-configured with patch protection engine.
6. a kind of device of web portal security protection, is applied to safety protection equipment characterized by comprising
Scanning element carries out vulnerability scanning for the protection subitem periodically to website, comprising: obtain the protection subitem of website
And the related data of each protection subitem, number is generated according to the related data of the protection subitem of website and each protection subitem
According to table;Wherein, each of described tables of data entry respectively corresponds a protection subitem;Pass through point in safety protection equipment
Hole Detection is successively carried out to analysis routines periodically to each of tables of data entry;Wherein, include in the analysis program
Multiple detection methods successively leak each protection subitem using each of the multiple detection method detection method
Hole detection whether there is loophole with each protection subitem of determination;
Division unit, for based on vulnerability scanning as a result, the protection subitem is divided into different classification;
Protective unit, for preventing the protection subitem based on protection engine corresponding with the protection classification of subitem
Shield;Wherein, the corresponding protection engine of the protection subitem of different classifications is different.
7. device according to claim 6 characterized by comprising
The division unit is specifically used for:
The protection subitem that loophole will be present is divided into leaky classification;
There will be no the protection subitems of loophole to be divided into no vulnerability classification;
It will be unable to be confirmed whether that the protection subitem there are loophole is divided into unknown classification.
8. device according to claim 7, which is characterized in that described device further include:
Setup unit is set separately preset for being directed to the leaky classification marked off and the protection subitem without vulnerability classification
Classification effective time.
9. device according to claim 8 characterized by comprising
The setup unit is further used for:
When any leaky classification or the classification effective time time-out of the protection subitem without vulnerability classification, then by the protection subitem
Classification be switched to unknown classification.
10. device according to claim 6 characterized by comprising
The protective unit is specifically used for:
Protection subitem based on preset virtual patch protection engine for leaky classification carries out security protection;Wherein, described
Virtual patch protection engine includes the virtual patch rule that several loopholes based on the protection subitem scanned generate;
Security protection is carried out for the protection subitem of unknown classification based on preset general patch protection engine;Wherein, described logical
If including the general patch rule that dry systems are pre-configured with patch protection engine.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610811816.1A CN106302515B (en) | 2016-09-08 | 2016-09-08 | A kind of method and apparatus of web portal security protection |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610811816.1A CN106302515B (en) | 2016-09-08 | 2016-09-08 | A kind of method and apparatus of web portal security protection |
Publications (2)
Publication Number | Publication Date |
---|---|
CN106302515A CN106302515A (en) | 2017-01-04 |
CN106302515B true CN106302515B (en) | 2019-09-06 |
Family
ID=57711178
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201610811816.1A Active CN106302515B (en) | 2016-09-08 | 2016-09-08 | A kind of method and apparatus of web portal security protection |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106302515B (en) |
Families Citing this family (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108063759B (en) * | 2017-12-05 | 2022-08-16 | 西安交大捷普网络科技有限公司 | Web vulnerability scanning method |
CN108337259A (en) * | 2018-02-01 | 2018-07-27 | 南京邮电大学 | A kind of suspicious web page identification method based on HTTP request Host information |
CN108965254A (en) * | 2018-06-11 | 2018-12-07 | 武汉般若互动科技有限公司 | One kind being used for government website security protection scheme |
CN113872918A (en) * | 2020-06-30 | 2021-12-31 | 苏州三六零智能安全科技有限公司 | Network traffic classification method, equipment, storage medium and device |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101808093A (en) * | 2010-03-15 | 2010-08-18 | 北京安天电子设备有限公司 | System and method for automatically detecting WEB security |
CN102215222A (en) * | 2011-05-09 | 2011-10-12 | 北京艾普优计算机***有限公司 | Website protection method and device |
CN102789502A (en) * | 2012-07-17 | 2012-11-21 | 北京奇虎科技有限公司 | Method and device for scanning website |
CN104468563A (en) * | 2014-12-03 | 2015-03-25 | 北京奇虎科技有限公司 | Website bug protection method, device and system |
CN104618176A (en) * | 2014-12-29 | 2015-05-13 | 北京奇虎科技有限公司 | Website security detection method and device |
-
2016
- 2016-09-08 CN CN201610811816.1A patent/CN106302515B/en active Active
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101808093A (en) * | 2010-03-15 | 2010-08-18 | 北京安天电子设备有限公司 | System and method for automatically detecting WEB security |
CN102215222A (en) * | 2011-05-09 | 2011-10-12 | 北京艾普优计算机***有限公司 | Website protection method and device |
CN102789502A (en) * | 2012-07-17 | 2012-11-21 | 北京奇虎科技有限公司 | Method and device for scanning website |
CN104468563A (en) * | 2014-12-03 | 2015-03-25 | 北京奇虎科技有限公司 | Website bug protection method, device and system |
CN104618176A (en) * | 2014-12-29 | 2015-05-13 | 北京奇虎科技有限公司 | Website security detection method and device |
Also Published As
Publication number | Publication date |
---|---|
CN106302515A (en) | 2017-01-04 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US10657251B1 (en) | Multistage system and method for analyzing obfuscated content for malware | |
ES2806379T3 (en) | Hardware-based virtualized security isolation | |
JP6715887B2 (en) | System and method for combating attacks on user computing devices | |
US10728274B2 (en) | Method and system for injecting javascript into a web page | |
US9374386B2 (en) | Application malware filtering for advertising networks | |
Jicha et al. | SCADA honeypots: An in-depth analysis of Conpot | |
US9065826B2 (en) | Identifying application reputation based on resource accesses | |
US9973531B1 (en) | Shellcode detection | |
US10432662B2 (en) | Method and system for blocking malicious third party site tagging | |
US10805340B1 (en) | Infection vector and malware tracking with an interactive user display | |
US10135862B1 (en) | Testing security incident response through automated injection of known indicators of compromise | |
Nadji et al. | Automated remote repair for mobile malware | |
Zheng et al. | DroidRay: a security evaluation system for customized android firmwares | |
US11861006B2 (en) | High-confidence malware severity classification of reference file set | |
CN106302515B (en) | A kind of method and apparatus of web portal security protection | |
US20160149931A1 (en) | Methods and Systems For Providing Comprehensive Cyber-Security Protection Using An Open Application Programming Interface Based Platform Solution | |
US11785044B2 (en) | System and method for detection of malicious interactions in a computer network | |
US11374946B2 (en) | Inline malware detection | |
US20190222587A1 (en) | System and method for detection of attacks in a computer network using deception elements | |
US10320810B1 (en) | Mitigating communication and control attempts | |
Sethia et al. | Malware capturing and analysis using dionaea honeypot | |
US11636208B2 (en) | Generating models for performing inline malware detection | |
KR101639869B1 (en) | Program for detecting malignant code distributing network | |
JP2024023875A (en) | Inline malware detection | |
Arul et al. | Supervised deep learning vector quantization to detect MemCached DDOS malware attack on cloud |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
CB02 | Change of applicant information |
Address after: Binjiang District and Hangzhou city in Zhejiang Province Road 310051 No. 68 in the 6 storey building Applicant after: Hangzhou Dipu Polytron Technologies Inc Address before: Binjiang District and Hangzhou city in Zhejiang Province Road 310051 No. 68 in the 6 storey building Applicant before: Hangzhou Dipu Technology Co., Ltd. |
|
CB02 | Change of applicant information | ||
GR01 | Patent grant | ||
GR01 | Patent grant |