CN111585956B - Website anti-brushing verification method and device - Google Patents

Website anti-brushing verification method and device Download PDF

Info

Publication number
CN111585956B
CN111585956B CN202010244076.4A CN202010244076A CN111585956B CN 111585956 B CN111585956 B CN 111585956B CN 202010244076 A CN202010244076 A CN 202010244076A CN 111585956 B CN111585956 B CN 111585956B
Authority
CN
China
Prior art keywords
verification
website
request
information
characteristic information
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202010244076.4A
Other languages
Chinese (zh)
Other versions
CN111585956A (en
Inventor
覃建策
田本真
陈邦忠
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Perfect World Beijing Software Technology Development Co Ltd
Original Assignee
Perfect World Beijing Software Technology Development Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Perfect World Beijing Software Technology Development Co Ltd filed Critical Perfect World Beijing Software Technology Development Co Ltd
Priority to CN202010244076.4A priority Critical patent/CN111585956B/en
Publication of CN111585956A publication Critical patent/CN111585956A/en
Application granted granted Critical
Publication of CN111585956B publication Critical patent/CN111585956B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

The invention aims to provide a method and a device for website anti-brush verification, computer equipment, a computer readable storage medium and a computer program product. The computer equipment acquires request information in the website access request; generating corresponding characteristic information from the request information according to a preset verification rule; and if the characteristic information is not marked as forbidden, passing the anti-brushing verification of the requested website. Compared with the prior art, the method can well prevent the website from being brushed, and the anti-brushing rules can be flexibly combined and dynamically configured. The invention enables the website to be simply and conveniently accessed into the anti-brushing system, reduces the burden and the development cost of technical personnel, can dynamically configure and manage the anti-brushing rules, and accelerates the reaction speed of coping with attacks.

Description

Website anti-brushing verification method and device
Technical Field
The invention relates to the field of internet, in particular to a website anti-brush verification technology.
Background
The website anti-brushing means preventing malicious, rapid and large amount of access requests to the website, including crawler, data acquisition, brushing ranking, batch registration, batch posting, website data acquisition by using vulnerabilities and the like.
At present, the anti-brushing is mainly performed by adding an anti-brushing logic in a website program, that is, an access frequency limiting logic is added in a program of a website URL to be brushed, and a blocking process or a verification code is popped up for a request exceeding an upper limit of a frequency.
Because the anti-brushing logic is different, the anti-brushing logic is added to each brushed URL address, a large amount of repeated codes are generated, and the working efficiency is low. Moreover, after the URL is found to be attacked, the website program needs to be modified to add the anti-brushing logic, so that the reaction and processing speed for coping with the attack are slow.
Because of numerous projects and numerous URLs in the projects, the patch-type anti-brushing scheme cannot be uniformly monitored and dynamically modified, and cannot be used for dynamically combining and preventing brushing of a plurality of URLs.
Therefore, the technical scheme increases the burden and the development cost of technical personnel, can not dynamically configure and manage the anti-brushing rules, and slows down the reaction speed of coping with the attacks.
Disclosure of Invention
The invention aims to provide a method and a device for verifying website anti-brushing, computer equipment, a computer readable storage medium and a computer program product.
According to one aspect of the invention, a method for performing website anti-brush verification by a computer device is provided, wherein the method comprises the following steps:
acquiring request information in a website access request;
generating corresponding characteristic information from the request information according to a preset verification rule;
and if the characteristic information is not marked as forbidden, passing the anti-brushing verification of the requested website.
According to an aspect of the present invention, there is also provided a website anti-swipe verification method, where, at a network device, the method includes the following steps:
acquiring request information in a website access request;
generating corresponding characteristic information from the request information according to a preset verification rule;
and if the characteristic information is not marked as forbidden, passing the anti-brushing verification of the requested website.
According to an aspect of the present invention, there is also provided an apparatus for performing website anti-refresh verification by a computer device, wherein the apparatus includes:
the acquisition device is used for acquiring request information in the website access request;
generating means for generating corresponding characteristic information from the request information according to a predetermined verification rule;
and the verification device is used for passing the anti-brushing verification of the requested website if the characteristic information is not marked as forbidden.
According to an aspect of the present invention, there is also provided a computer device, including a memory, a processor, and a computer program stored on the memory and executable on the processor, wherein the processor implements a website anti-swipe verification method according to an aspect of the present invention when executing the computer program.
According to an aspect of the present invention, there is also provided a computer-readable storage medium on which a computer program is stored, wherein the computer program, when executed by a processor, implements a website anti-swipe verification method according to an aspect of the present invention.
According to an aspect of the present invention, there is also provided a computer program product, which when executed by a computing device implements a website anti-swipe verification method according to an aspect of the present invention.
Compared with the prior art, the method can well prevent the website from being brushed, and the anti-brushing rules can be flexibly combined and dynamically configured. The invention enables the website to be simply and conveniently accessed into the anti-brushing system, reduces the burden and the development cost of technical personnel, can dynamically configure and manage the anti-brushing rules, and accelerates the reaction speed of coping with attacks.
In addition, when the anti-brushing client is introduced, the anti-brushing client can be deployed in a distributed mode and expanded in a parallel mode, and the access requirement of a distributed website is met.
The anti-brush system is decoupled from the service, and can be maintained, modified and upgraded independently.
The user can unseal through man-machine authentication if the user is accidentally sealed, but the attack of swiping a website is automatically performed by using a malicious program, and the automatic unsealing is difficult.
Drawings
Other features, objects and advantages of the invention will become more apparent upon reading of the detailed description of non-limiting embodiments made with reference to the following drawings:
FIG. 1 illustrates a flow diagram of a method for anti-refresh verification of a web site implemented at a network device, according to an embodiment of the present invention;
FIG. 2 illustrates an exemplary validation rule-related data table in the present invention;
FIG. 3 illustrates a schematic diagram of a system for anti-swipe validation of web sites according to one embodiment of the invention;
fig. 4 is a schematic diagram illustrating an apparatus for performing anti-refresh verification on a website implemented in a network device according to an embodiment of the present invention.
The same or similar reference numbers in the drawings identify the same or similar elements.
Detailed Description
Before discussing exemplary embodiments in more detail, it should be noted that some exemplary embodiments of the present invention are described as an apparatus represented by a block diagram and a process or method represented by a flow diagram. Although a flowchart depicts a sequence of process steps in the present invention, many of the operations can be performed in parallel, concurrently, or simultaneously. In addition, the order of the operations may be re-arranged. The process of the present invention may be terminated when its operations are performed, but may include additional steps not shown in the flowchart. The processes of the present invention may correspond to methods, functions, procedures, subroutines, and the like.
The methods illustrated by the flow diagrams and apparatus illustrated by the block diagrams discussed below may be implemented by hardware, software, firmware, middleware, microcode, hardware description languages, or any combination thereof. When implemented in software, firmware, middleware or microcode, the program code or code segments to perform the necessary tasks may be stored in a machine or computer readable medium such as storage medium. The processor(s) may perform the necessary tasks.
Similarly, it will be further appreciated that any flow charts, flow diagrams, state transition diagrams, and the like represent various processes which may be substantially described as program code stored in computer readable media and so executed by a computing device or processor, whether or not such computing device or processor is explicitly shown.
As used herein, the term "storage medium" may refer to one or more devices for storing data, including Read Only Memory (ROM), Random Access Memory (RAM), magnetic RAM, kernel memory, magnetic disk storage media, optical storage media, flash memory devices, and/or other machine-readable media for storing information. The term "computer-readable medium" can include, but is not limited to portable or fixed storage devices, optical storage devices, and various other mediums capable of storing and/or containing instructions and/or data.
A code segment may represent a procedure, a function, a subprogram, a program, a routine, a subroutine, a module, a software package, a class, or any combination of instructions, data structures, or program descriptions. A code segment may be coupled to another code segment or a hardware circuit by passing and/or receiving information, data, arguments, parameters, or memory contents. Information, arguments, parameters, data, etc. may be passed, forwarded, or transmitted via any suitable means including memory sharing, information passing, token passing, network transmission, etc.
The term "computer device" in this context refers to an electronic device that can perform predetermined processes such as numerical calculation and/or logic calculation by executing predetermined programs or instructions, and may at least include a processor and a memory, wherein the predetermined processes are performed by the processor executing program instructions prestored in the memory, or performed by hardware such as ASIC, FPGA, DSP, or implemented by a combination of the two.
The "computer device" is typically embodied in the form of a general-purpose computer device, and its components may include, but are not limited to: one or more processors or processing units, system memory. The system memory may include computer readable media in the form of volatile memory, such as Random Access Memory (RAM) and/or cache memory. The "computer device" may further include other removable/non-removable, volatile/nonvolatile computer-readable storage media. The memory may include at least one computer program product having a set (e.g., at least one) of program modules that are configured to carry out the functions and/or methodologies of embodiments of the present invention. The processor executes various functional applications and data processing by executing programs stored in the memory.
For example, a computer program for executing the functions and processes of the present invention is stored in the memory, and when the processor executes the corresponding computer program, the website anti-swipe verification of the present invention is implemented.
Typically, the computer devices include, for example, user equipment and network devices. Wherein the user equipment includes but is not limited to a Personal Computer (PC), a notebook computer, a mobile terminal, etc., and the mobile terminal includes but is not limited to a smart phone, a tablet computer, etc.; the network device includes, but is not limited to, a single network server, a server group consisting of a plurality of network servers, or a Cloud Computing (Cloud Computing) based Cloud consisting of a large number of computers or network servers, wherein the Cloud Computing is one of distributed Computing, a super virtual computer consisting of a collection of loosely coupled computers. Wherein the computer device can be operated alone to implement the invention, or can be accessed to a network and implement the invention through interoperation with other computer devices in the network. The network in which the computer device is located includes, but is not limited to, the internet, a wide area network, a metropolitan area network, a local area network, a VPN network, and the like.
It should be noted that the user devices, network devices, networks, etc. are merely examples, and other existing or future computing devices or networks may be suitable for the present invention, and are included within the scope of the present invention and are also included herein by reference.
Specific structural and functional details disclosed herein are merely representative and are provided for purposes of describing example embodiments of the present invention. The present invention may, however, be embodied in many alternate forms and should not be construed as limited to only the embodiments set forth herein.
It will be understood that, although the terms first, second, etc. may be used herein to describe various elements, these elements should not be limited by these terms. These terms are only used to distinguish one element from another. For example, a first element may be termed a second element, and, similarly, a second element may be termed a first element, without departing from the scope of example embodiments. As used herein, the term "and/or" includes any and all combinations of one or more of the associated listed items.
The terminology used herein is for the purpose of describing particular embodiments only and is not intended to be limiting of example embodiments. As used herein, the singular forms "a", "an" and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise. It will be further understood that the terms "comprises" and/or "comprising," when used herein, specify the presence of stated features, integers, steps, operations, elements, and/or components, but do not preclude the presence or addition of one or more other features, integers, steps, operations, elements, components, and/or groups thereof.
It should also be noted that, in some alternative implementations, the functions/acts noted may occur out of the order noted in the figures. For example, two figures shown in succession may in fact be executed substantially concurrently or may sometimes be executed in the reverse order, depending upon the functionality/acts involved.
The invention provides a scheme for performing website anti-brush verification by computer equipment. The computer equipment acquires request information in the website access request, generates corresponding characteristic information according to a preset verification rule by the request information, and passes the anti-swiping verification of the requested website if the characteristic information is not marked as forbidden.
The computer equipment acquires the request information from the website access request of the user by intercepting the website access request.
Further, when the characteristic information is marked as forbidden, the computer equipment returns a human-computer interaction verification page to the user; when the user passes the verification of the man-machine interaction verification page, the computer equipment passes the anti-brushing verification of the requested website.
Upon passing the anti-swipe verification of the requested web address, the computer device may redirect the web address access request to the requested web address.
Before the anti-brushing verification, the computer equipment can perform blacklist verification on the requested website first so as to perform anti-brushing verification on the website which passes the blacklist verification only.
According to one embodiment of the invention, the computer device may be a network device, such as typically an anti-brush server. The anti-brushing server obtains request information in the website access request, generates corresponding characteristic information according to a preset verification rule by the request information, and passes the anti-brushing verification of the requested website if the characteristic information is not marked as forbidden.
The anti-brushing server acquires the request information from the website access request of the user by intercepting the website access request.
Further, when the characteristic information is marked as forbidden, the anti-brush server returns a human-computer interaction verification page to the user; when the user passes the verification of the man-machine interaction verification page, the anti-brushing server passes the anti-brushing verification of the requested website.
When the requested website is verified to be anti-brushing, the anti-brushing server can redirect the website access request to the requested website.
Before the anti-brushing verification, the anti-brushing server may perform blacklist verification on the requested website first, so as to perform anti-brushing verification only on websites that pass the blacklist verification.
Because the computing power and the processing power of the anti-brush server are high, and the computing power and the processing power of the anti-brush server can be further expanded through a distributed computer network or a cluster computer group, when the anti-brush server is used for carrying out anti-brush verification, the response speed and the efficiency are high.
According to another embodiment of the invention, the computer device may be a user device, such as typically a swipe proof client. The user equipment acquires request information in the website access request, generates corresponding characteristic information according to a preset verification rule by the request information, and passes the anti-swiping verification of the requested website if the characteristic information is not marked as forbidden.
The user equipment acquires the request information from the website access request of the user by intercepting the website access request.
Further, when the characteristic information is marked as forbidden, the user equipment returns a human-computer interaction verification page to the user; when the user passes the verification of the man-machine interaction verification page, the user equipment passes the anti-brushing verification of the requested website.
When the requested website is verified to be anti-brushing, the user equipment can redirect the website access request to the requested website.
Before the anti-brushing verification, the user equipment may perform blacklist verification on the requested website first, so as to perform anti-brushing verification only on websites that pass the blacklist verification.
Since the website access request of the user is sent by the user equipment, when the user equipment performs anti-brush verification, a large number of malicious requests for the website can be effectively blocked from the source of the request.
According to yet another embodiment of the invention, the user device and the network device may cooperate to implement the anti-swipe authentication of the invention.
Specifically, when the request information in the website access request is obtained, the network device may generate corresponding feature information from the request information according to a predetermined verification rule, and if the feature information is not marked as forbidden, the network device passes the anti-swipe verification on the requested website.
The user equipment can obtain the request information from the website access request of the user by intercepting the website access request, and send the request information to the network equipment.
Further, when the characteristic information is marked as forbidden, the network equipment returns a human-computer interaction verification page to the user equipment, so that the user equipment presents the human-computer interaction verification page to the user; when the user passes the verification of the man-machine interaction verification page, the network equipment passes the anti-brushing verification of the requested website.
When the network device passes the anti-brushing verification of the requested website, the user device may redirect the website access request to the requested website.
The present invention is described in further detail below with reference to the attached drawing figures.
Fig. 1 shows a flowchart of a method according to an embodiment of the present invention, in which a website anti-refresh verification process implemented in a network device is specifically shown.
As shown in fig. 1, in step 110, the network device obtains request information in the website access request; in step 120, the network device generates corresponding feature information from the request information according to a predetermined verification rule; in step 130, if the feature information is not marked as blocked, the network device passes the anti-swipe verification of the requested website.
Specifically, in step 110, the network device obtains request information in the website address access request.
According to one example of the present invention, a network device parses a user's website access request to obtain requested information therein, for example.
The analyzed request information comprises a requested website, a request header, a request parameter and a request IP. For example, for an HTTP request, the requested website is a URL, the request header includes parameters such as refer, User-Agent, Cookie, Accept, Host, Origin, barear, token, etc., the request parameters include parameters such as type, userID, etc., and the request IP is an IP address of the device that issued the HTTP request.
Here, the network device may obtain the website access request in various ways. For example, the network device may act as a third-party server to relay or intercept the user's website access request and provide anti-swipe authentication for the user.
According to an example of the present invention, the network device may perform blacklist verification on the requested website, so as to perform anti-brush verification on the website which passes the blacklist verification.
For example, the network device queries the website in a blacklist, and if the website is not hit, the website is verified through the blacklist, that is, the website is not stored in the blacklist. The network device may then proceed with anti-swipe validation of the website.
In step 120, the network device generates corresponding feature information from the request message according to a predetermined validation rule.
According to an example of the present invention, the validation rule may be a general rule according to which all request information generates the characteristic information, for example. In this specification, the verification rule is sometimes referred to as an anti-brush rule, and both are used equivalently.
For example, a general verification rule, rule ID 1000, has the following rule parameters:
Figure GDA0002685895950000091
wherein, the 'whiteList' is a white list, and some parameter values are configured without verification, such as ip white list; "period" is the verification period; the unit is a unit of a verification period, and can be selected from 0 (second), 1 (minute), 2 (hour) and 3 (day); "maxCount" is the maximum number of requests within a validation period; "forbidTime" is the block time after the number of requests has exceeded the limit; the forbidUnit is a unit of the forbidden time, and takes the same value as the unit.
The request information for authentication is shown in the following table one:
Figure GDA0002685895950000092
Figure GDA0002685895950000101
watch 1
The network device generates feature information for the table one listed request information. For example, the network device matches the parameter values specified in the validation rules "params", "headers" and "rules" from the request parameters,
params:type=1;
headers:referer=http://www.wanmei.com/
rules:ip=10.66.66.66
the parameter values are pieced together into a characteristic character string,
id=1000#params:type=1#rules:ip=10.66.66.66#headers:referer=http://www.wanmei.com/
and then, the md5 value of the characteristic character string is calculated to obtain a characteristic key, namely characteristic information f6db0afcd12b1c8f2d216b57fa79aed8 finally generated by the request information.
According to another example of the present invention, the validation rules may be determined from the requested web address, for example.
Each web site may have one or more validation rules associated with it. These validation rules may be stored locally on the network device or may be obtained from an anti-swipe database.
For example, the network device obtains the validation rule corresponding to the requested URL by querying the web address ID and URL-ID. The validation rules are maintained by 3 types of data tables such as "website information table", "website URL table", and "anti-swipe rule table" shown in fig. 2.
The website information table assigns a unique website ID and a unique website name to each website subjected to the anti-swipe verification. The "whether to turn on the anti-brush" field may control the switching of the anti-brush rules for all URLs under the entire website.
The "website URL table" is used to configure URL information that needs to be protected against flushing. "URL _ ID" is the unique identification of the URL configuration, "Website ID" is the website to which it belongs, "URL match expression" uses the Ant-style path pattern1, that is, the Ant Path expression, in addition to exactly matching URLs, supports wildcards as shown in Table two below:
matching any single character
* Matching 0 or any number of characters
** Matching 0 or any number of directories
Watch two
Specific application matching examples can be shown in table three below:
Figure GDA0002685895950000111
watch III
In addition, the "URL match parameters" may configure more precise matching rules, which may be null, json format, specifically for example,
Figure GDA0002685895950000112
Figure GDA0002685895950000121
wherein "method" matches the specified http request method; "parameters" match specified request parameters; "headers" match the specified request header; "mappingType" is a match type, and may be selected from "equal", "not _ equal", "null", "not _ null"; "value" is a value designated when "mappingType" is "equal" or "not _ equal". The "whether to turn on the anti-brush" field may control the switching of all anti-brush rules for a single URL.
The "anti-brush rule table" is used to configure the anti-brush rules for the URL. A "rule ID" is a unique identification of a single rule. "URL _ ID" is the URL to which it belongs. An "anti-brush rule parameter" is a rule detail, json format, for example,
Figure GDA0002685895950000122
Figure GDA0002685895950000131
wherein "params" validates the specified request parameters and supports configuration of any one or more request parameters that are customized according to different URLs, including but not limited to the configurations in the above examples; "headers" verifies specified request header parameters, supports any one or more request header parameters of the Http protocol internal standard and the Http protocol external self-defining, including but not limited to refer, User-Agent, Cookie, Accept, Host, Origin, barear, token, etc.; "rules" validates parameters other than request parameters and request headers, such as IP, RequestMethod, etc.; the 3 types of parameters at least configure 1 type; "whiteList" is a white list, and certain parameter values are configured without verification, such as ip white list; "period" is the verification period; the unit is a unit of a verification period, and can be selected from 0 (second), 1 (minute), 2 (hour) and 3 (day); "maxCount" is the maximum number of requests within a validation period; "forbidTime" is the block time after the number of requests has exceeded the limit; the forbidUnit is a unit of the forbidden time, and takes the same value as the unit. The "whether to turn on the anti-brush" field may control the switching of the single anti-brush rule. This flexible custom rule configuration can cover all request modes.
Returning to continue with fig. 1, in step 130, if the characteristic information is not marked as blocked, the network device passes the anti-swipe verification of the requested web address.
According to one embodiment of the invention, for example, the network device queries the feature information of the requested website from the cache, and if the feature information is not marked as blocked, the anti-swipe verification of the website is passed.
Further, when the feature information is not marked as forbidden, the network device adds 1 to the count of the feature information; and when the count of the feature information reaches a predetermined threshold, marking the feature information as disabled.
Specifically, for example, the network device extracts the number of occurrences cnt of the feature information from the buffer, and executes cnt +1, and when the cnt reaches a predetermined threshold, for example, 15, the feature information is marked as disabled.
The verification rule ID of 1000 is still used as an example:
Figure GDA0002685895950000141
the feature information f6db0afcd12b1c8f2d216b57fa79aed8 generated in accordance with the above-described authentication rule based on the request information shown in the above table one.
And the network equipment inquires whether the characteristic information is marked as forbidden from the cache, and if the characteristic information is not marked as forbidden, the network equipment reads the occurrence times cnt and executes the cnt-cnt + 1.
If cnt is 1, it indicates that the URL request with the feature information is first appeared, the cache time of the feature information is set to the count period specified by "period 1" and "unit 3": for 1 day.
In addition, the network device further determines whether the cnt is greater than "maxCount ═ 15", if the cnt is less than 15, the verification is returned, if the cnt is greater than 15, the feature information is marked as disabled in the cache, and the cache time is set to the disabled duration specified by "forbidTime ═ 7" and "forbidTime ═ 3": and 7 days.
When the feature information of the website is marked as forbidden, in order to remove the forbidden information and avoid misjudgment, the network device can return a human-computer interaction verification page to the user, and when the user passes the verification of the human-computer interaction verification page, the network device passes the anti-brushing verification of the website.
According to an example of the present invention, if the feature information is disabled, the network device generates uuid (universal Unique Identifier) as the decapsulation information corresponding to the feature information, and the validity period of the decapsulation information cache may be set to 1 minute to prevent centralized coding, such as 123e4567-e89b-12d3-a 456-426655440000. Then, the network device generates the URL address of the human-computer interaction verification page by using the feature information and the decapsulation information, such as https:// HOST/robotname? validateKey ═ f6db0afcd12b1c8f2d216b57fa79aed8& validateTicket ═ 123e4567-e89b-12d3-a456-426655440000
Wherein, HOST is a domain name deployed by the network device.
And when the user passes the verification of the man-machine interaction verification page, the network equipment deletes the seal mark of the characteristic information.
According to an example of the present invention, when a request website corresponds to a plurality of validation rules, if at least one of the feature information corresponding to the validation rules is marked as blocked, the anti-swipe validation corresponding to the website cannot pass.
For example, 3 verification rules correspond to one URL address, the network device generates corresponding feature information according to the request information and the 3 rules, respectively, and as long as 1 feature information in the generated 3 feature information is marked as forbidden, the network device cannot pass the anti-brush verification on the URL address.
Further, according to one of the feature information marked as forbidden, the network device returns a corresponding human-computer interaction verification page to the user, and the network device does not pass the anti-brushing verification of the website until the user passes all the human-computer interaction verification pages corresponding to the feature information marked as forbidden.
For example, all 3 pieces of feature information generated by 3 verification rules corresponding to the URL address are marked as disabled, and the network device performs verification by returning a human-computer interaction verification page corresponding to any one of the feature information to the user. For another example, the network device returns, to the user, the URL of the man-machine interaction verification page corresponding to the first queried forbidden feature information and the decapsulation information generated for the feature information according to the query sequence of the feature information, so that the user can verify the URL. And returning the corresponding human-computer interaction verification pages to the user one by one according to the query sequence of the characteristic information until the user passes all the verification pages and the network equipment passes the anti-brushing verification of the URL address.
When a user accesses the man-machine interaction verification page, for example, a page with a verification code can be opened, and the verification code can adopt the existing mature implementation modes in various industries, such as a character verification code, a picture clicking verification code, a slider verification code or an intelligent behavior verification code. After the user completes the verification of the verification code, the network device passes the anti-brush verification of the request access URL. And the network equipment also deletes the seal mark of the characteristic information corresponding to the current verification rule in the cache, and unseals the characteristic information. Thereafter, when the feature information appears again, the network device will count and mark it for a new round.
According to one example of the present invention, the network device may redirect the website access request to the requested website after passing the anti-swipe validation of the requested website. For example, the network device acts as a transit server, and after intercepting the website access request of the user and passing the anti-brushing verification of the requested website, the network device may send the website access request to its target website.
According to one example of the present invention, after the network device passes the anti-swipe verification of the requested web address, the user device may redirect the web address access request to the requested web address. For example, the user equipment intercepts a website access request of a user and sends request information in the website access request to the network equipment to perform anti-brushing verification on the requested website, and after the network equipment passes the anti-brushing verification on the requested website, the user equipment can send the website access request to a target website of the user equipment.
FIG. 3 is a schematic diagram of a system for performing anti-swipe verification on a web address according to an embodiment of the present invention.
As shown in fig. 3, the anti-swipe verification system 300 includes anti-swipe clients 311 and 312, an anti-swipe server 321, an anti-swipe system database 330, an anti-swipe management background 340, and website servers 351 and 352.
The anti-swipe system database 330 stores and maintains the 3-type data table shown in fig. 2, including the "website information table", the "website URL table", and the "anti-swipe rule table". The website information table of the website can be found according to the website ID, website URL tables of all URLs under the website are obtained at the same time, one or more anti-brush rule tables corresponding to the URL address can be obtained according to the URL address, and each anti-brush rule also has a rule ID.
The anti-brush management background 340 provides operations of adding, deleting, modifying and querying the data table in the database of the anti-brush system. When the operation data is added, deleted, and modified, the anti-brush management background 340 may issue the latest data to the anti-brush client and the anti-brush server in full through a data synchronization tool such as zookeeper, so that the configuration such as the anti-brush rule takes effect immediately. The anti-brushing rules can be dynamically configured through the anti-brushing management background 340, and after the configuration is successful, the anti-brushing rules are stored in the anti-brushing system database 330 and are issued to the anti-brushing client and/or the anti-brushing server.
Specifically, for example, in a one-time anti-swipe authentication process, when an external user wishes to access the web server 251, the anti-swipe client 311 intercepts an HTTP request of the user, and the anti-swipe client 311 parses the HTTP request to obtain request information therein, such as a URL address, a request header, a request parameter, and a request IP. Further, the anti-brush client 311 may also match the URL address according to a URL list (i.e., a blacklist) in the anti-brush rule issued by the anti-brush management background 334, if the URL address is not matched, the HTTP request is released to the website server 351, otherwise, the verification interface of the anti-brush server 321 is called, and the request information is sent to the anti-brush server 321 for anti-brush verification.
The authentication interface receives parameters from the anti-swipe client 311 such as website ID, request URL, request header, request parameters, request IP. Referring to fig. 2, the anti-refresh server 321 first reads the website information table, the website URL table, and the anti-refresh rule table of the database according to the website ID and the requested URL, and then determines whether there is an anti-refresh rule in the process of opening according to the requested URL, if not, directly returns to the request for verification, and if so, verifies the anti-refresh rules one by one. If all the anti-brush rules are verified to be passed, the anti-brush server 321 returns verification passing to the anti-brush client 311, and if any one or more rules are not verified to be passed, each rule which is not passed is requested to be blocked and a corresponding URL address of the man-machine interaction verification page used for deblocking is generated. Finally, the anti-brush server 321 returns the URL address of the human-computer interaction verification page corresponding to the first failed verification rule to the anti-brush client 311.
When the anti-swipe verification fails, the anti-swipe server 321 blocks all HTTP requests having the same characteristic information as the HTTP request, and at this time, if a similar HTTP request enters, the anti-swipe server 321 does not need to verify the anti-swipe rule again, but directly returns that the verification fails according to the blocking condition. If the HTTP request is initiated by a normal user and the user wants to unseal, the user needs to go through the next human-computer interaction verification. After the human-computer interaction verification, the anti-brush server 321 decapsulates the HTTP request, and performs complete anti-brush rule verification again when the HTTP request enters next time.
If the anti-swipe server 321 returns that the anti-swipe verification passes, the anti-swipe client 311 passes the HTTP request to re-initiate the request to the website server 351. If the anti-brush verification fails, the anti-brush server 321 returns http302 for jumping, and the user is redirected to the URL address of the man-machine interaction verification page returned by the anti-brush server 321 verification.
FIG. 4 shows a schematic diagram of an apparatus for performing website anti-swipe validation, according to an embodiment of the present invention.
As shown in fig. 4, the anti-swipe verification apparatus 40 is arranged in the computer device 40, and the anti-swipe verification apparatus 40 includes an acquisition means 41, a generation means 42, and a verification means 43.
Wherein, the obtaining device 41 obtains the request information in the website access request; the generating device 42 generates corresponding characteristic information from the request information according to a predetermined verification rule; if the characteristic information is not marked as blocked, the verification means 43 passes the anti-swipe verification of the requested web address.
Specifically, the acquiring means 41 acquires request information in the website address access request.
According to an example of the present invention, for example, the acquisition means 41 parses the website address access request of the user to obtain the request information therein.
The analyzed request information comprises a requested website, a request header, a request parameter and a request IP. For example, for an HTTP request, the requested website is a URL, the request header includes parameters such as refer, User-Agent, Cookie, Accept, Host, Origin, barear, token, etc., the request parameters include parameters such as type, userID, etc., and the request IP is an IP address of the device that issued the HTTP request.
Here, the acquiring device 41 may acquire the website access request in various ways. For example, the network device may act as a third-party server, and relay or intercept the website access request of the user through the obtaining device 41, so as to provide the user with anti-swipe authentication later.
Further, the anti-swipe verification device 40 may further include an access device (not shown). When the website access request of the user passes the anti-brushing verification, the access device redirects the website access request to the requested website.
Alternatively, the anti-brush verification device 40 may also include an intercepting device (not shown). The intercepting device intercepts the website access request of the user to obtain the request information from the website access request.
According to an example of the present invention, the anti-brush verification device 40 may further include a filtering device (not shown). The filtering device can perform blacklist verification on the requested website so as to perform anti-brushing verification on the website which passes the blacklist verification.
For example, the filtering apparatus queries the website in a blacklist, and if the website is hit, the anti-refresh verification may be continued on the website. If the website is not hit, that is, the website is not stored in the blacklist, the website can be verified through the blacklist, and the website access request can be sent to the target website.
Alternatively, according to an example of the present invention, the intercepting means, the filtering means and the accessing means may all be disposed in the user equipment, so that the user equipment performs intercepting, blacklist filtering and releasing of the website access request of the user.
Next, the generating means 42 generates corresponding characteristic information from the request information according to a predetermined verification rule.
According to an example of the present invention, the validation rule may be a general rule according to which all request information generates the characteristic information, for example. In this specification, the verification rule is sometimes referred to as an anti-brush rule, and both are used equivalently.
According to another example of the present invention, the validation rules may be determined from the requested web address, for example.
Each web site may correspond to one or more validation rules. These validation rules may be stored locally on the network device or may be obtained from an anti-swipe database.
If the characteristic information is not marked as blocked, the verification means 43 passes the anti-swipe verification of the requested web address.
According to one embodiment of the present invention, for example, the verification means 43 queries the feature information of the requested website from the cache, and if the feature information is not marked as blocked, the website is verified by anti-swipe verification.
Further, when the feature information is not marked as disabled, the verifying means 43 adds 1 to the count of the feature information; and when the count of the characteristic information reaches a predetermined threshold, the authentication means 43 marks the characteristic information as disabled.
Specifically, for example, the verification means 43 takes out the occurrence count cnt of the feature information from the buffer, and performs cnt ═ cnt +1, and when the cnt reaches a predetermined threshold value, e.g., 15, marks the feature information as being disabled.
When the feature information of the website is marked as forbidden, in order to remove the forbidden information and avoid misjudgment, the verification device 43 may return a human-computer interaction verification page to the user, and when the user passes the verification of the human-computer interaction verification page, the verification device 43 passes the anti-swipe verification of the website.
According to an example of the present invention, if the feature information is disabled, the authentication device 43 generates uuid as the decapsulation information corresponding to the feature information, and the validity period of the decapsulation information cache may be set to 1 minute to prevent centralized coding. Then, the authentication device 43 generates the URL address of the man-machine interaction authentication page using the feature information and the decapsulation information.
When the user passes the verification of the man-machine interaction verification page, the verification means 43 deletes the seal mark of the feature information.
According to an example of the present invention, when a request website corresponds to a plurality of validation rules, if at least one of the feature information corresponding to the validation rules is marked as blocked, the anti-swipe validation corresponding to the website cannot pass.
For example, there are 3 validation rules corresponding to one URL address, the validation device 43 generates corresponding feature information according to the request information and the 3 rules, respectively, and as long as there are 1 feature information in the generated 3 feature information marked as disabled, the validation device 43 cannot pass the anti-swipe validation on the URL address.
Further, according to one of the feature information marked as forbidden, the verification device 43 returns a corresponding human-computer interaction verification page to the user, and the verification device 43 does not pass the anti-swipe verification on the website until the user passes all the human-computer interaction verification pages corresponding to the feature information marked as forbidden.
For example, all the 3 pieces of feature information generated by the 3 verification rules corresponding to the URL address are marked as disabled, and the verification device 43 performs verification by returning a human-computer interaction verification page corresponding to any one piece of feature information to the user. For another example, the verification device 43 returns, to the user, the URL of the human-computer interaction verification page corresponding to the feature information that is first queried as the forbidden feature information and the decapsulation information generated for the feature information according to the query sequence of the feature information, so that the user can perform verification. According to the query sequence of each feature information, the verification device 43 returns the corresponding human-computer interaction verification pages to the user one by one until the user passes all the verification pages and the network equipment passes the anti-brushing verification of the URL address.
When a user accesses the man-machine interaction verification page, for example, a page with a verification code can be opened, and the verification code can adopt the existing mature implementation modes in various industries, such as a character verification code, a picture clicking verification code, a slider verification code or an intelligent behavior verification code. When the user completes the verification of the verification code, the verification means 43 passes the anti-swipe verification for the request access URL. The authentication device 43 also deletes the block flag of the feature information corresponding to the current authentication rule in the cache, and decapsulates the feature information. Thereafter, when the characteristic information appears again, the verification means 43 will count and mark it for a new round.
According to one example of the present invention, the web access device may redirect the web site access request to the requested web site after passing the anti-swipe verification of the requested web site. For example, the network device acts as a transit server, and after intercepting the website access request of the user and passing the anti-swipe verification of the requested website, the access device can send the website access request to its target website.
It should be noted that the present invention may be implemented in software and/or in a combination of software and hardware, for example, as an Application Specific Integrated Circuit (ASIC), a general purpose computer or any other similar hardware device. In one embodiment, the software program of the present invention may be executed by a processor to implement the steps or functions described above. Also, the software programs (including associated data structures) of the present invention can be stored in a computer readable recording medium, such as RAM memory, magnetic or optical drive or diskette and the like. Additionally, some of the steps or functions of the present invention may be implemented in hardware, for example, as circuitry that cooperates with the processor to perform various steps or functions
In addition, at least a portion of the present invention may be implemented as a computer program product, such as computer program instructions, which, when executed by a computing device, may invoke or provide methods and/or aspects in accordance with the present invention through operation of the computing device. Program instructions which invoke/provide the methods of the present invention may be stored on fixed or removable recording media and/or transmitted via a data stream over a broadcast or other signal-bearing medium, and/or stored in a working memory of a computing device operating in accordance with the program instructions.
It will be evident to those skilled in the art that the invention is not limited to the details of the foregoing illustrative embodiments, and that the present invention may be embodied in other specific forms without departing from the spirit or essential attributes thereof. The present embodiments are therefore to be considered in all respects as illustrative and not restrictive, the scope of the invention being indicated by the appended claims rather than by the foregoing description, and all changes which come within the meaning and range of equivalency of the claims are therefore intended to be embraced therein. Any reference sign in a claim should not be construed as limiting the claim concerned. Furthermore, it is obvious that the word "comprising" does not exclude other elements or steps, and the singular does not exclude the plural. A plurality of units or means recited in the system claims may also be implemented by one unit or means in software or hardware. The terms first, second, etc. are used to denote names, but not any particular order.
While exemplary embodiments have been particularly shown and described, it will be understood by those skilled in the art that various changes in form and details may be made therein without departing from the spirit and scope of the claims. The protection sought herein is as set forth in the claims below.

Claims (25)

1. A method for verifying website anti-brushing comprises the following steps:
acquiring request information in a website access request;
generating corresponding characteristic information from the request information according to a preset verification rule, wherein the characteristic information is used for representing the identity characteristics of the request information obtained through the verification rule, and different verification rules generate different characteristic information aiming at request headers, request parameters and request ips in different request information;
and if the characteristic information is not marked as forbidden, performing anti-brushing verification on the requested website, wherein the characteristic information is counted and accumulated, so that after the calculated accumulated value reaches a preset threshold value, the corresponding request information is determined to be the request information to be forbidden.
2. The method of claim 1, wherein the validation rule is determined from the requested web address.
3. The method of claim 1, wherein the method further comprises the steps of:
when the characteristic information is marked as forbidden, returning a human-computer interaction verification page to a user;
and when the user passes the verification of the man-machine interaction verification page, the user passes the anti-brush verification.
4. The method of claim 3, wherein the URL of the human-computer interaction verification page is generated according to the feature information and decapsulation information, and the decapsulation information is generated by a UUID.
5. The method of claim 3, wherein the method further comprises the steps of:
when the feature information is not marked as forbidden, adding 1 to the count of the feature information;
when the count reaches a predetermined threshold, the characteristic information is marked as disabled.
6. The method of claim 3, wherein the method further comprises the steps of:
and deleting the seal mark of the characteristic information when the user passes the verification of the man-machine interaction verification page.
7. The method of claim 1 or 3, wherein the validation rule comprises a plurality;
when the characteristic information corresponding to at least one verification rule is marked as forbidden, the anti-brush verification cannot pass.
8. The method of claim 1 or 3, wherein the validation rule comprises a plurality;
and when the characteristic information corresponding to at least one verification rule is marked as forbidden, returning a corresponding human-computer interaction verification page to the user until the user passes through all the human-computer interaction verification pages corresponding to the characteristic information marked as forbidden, and at the moment, passing the anti-brush verification.
9. The method of claim 1, wherein the method further comprises the steps of:
intercepting the website access request to obtain the request information.
10. The method of claim 1, wherein the method further comprises the steps of:
and carrying out blacklist verification on the requested website so as to carry out anti-brushing verification on the website which passes the blacklist verification.
11. The method of claim 1, wherein the method further comprises the steps of:
and when the anti-brushing verification is passed, redirecting the website access request to the requested website.
12. A website anti-brushing verification method comprises the following steps at a network device:
acquiring request information in a website access request;
generating corresponding characteristic information from the request information according to a preset verification rule, wherein the characteristic information is used for representing the identity characteristics of the request information obtained through the verification rule, and different verification rules generate different characteristic information aiming at request headers, request parameters and request ips in different request information;
and if the characteristic information is not marked as forbidden, counting and accumulating the characteristic information through the anti-brushing verification of the requested website, so as to determine that the corresponding request information is the request information to be forbidden after the calculated accumulated value reaches a preset threshold value.
13. The method of claim 12, wherein the validation rule is determined from the requested web address.
14. The method of claim 12, wherein at the network device, the method further comprises:
when the characteristic information is marked as forbidden, returning a human-computer interaction verification page to the user;
and when the user passes the verification of the man-machine interaction verification page, the user passes the anti-brush verification.
15. The method of claim 14, wherein the URL of the human-machine interaction verification page is generated according to the feature information and decapsulation information, the decapsulation information being generated by a UUID.
16. The method of claim 14, wherein at the network device, the method further comprises:
when the feature information is not marked as forbidden, adding 1 to the count of the feature information;
when the count reaches a predetermined threshold, the characteristic information is marked as disabled.
17. The method of claim 14, wherein at the network device, the method further comprises:
and deleting the seal mark of the characteristic information when the user passes the verification of the man-machine interaction verification page.
18. The method of claim 12 or 14, wherein the validation rule comprises a plurality;
when the characteristic information corresponding to at least one verification rule is marked as forbidden, the anti-brush verification cannot pass.
19. The method of claim 12 or 14, wherein the validation rule comprises a plurality;
and when the characteristic information corresponding to at least one verification rule is marked as forbidden, returning a corresponding human-computer interaction verification page to the user until the user passes through all the human-computer interaction verification pages corresponding to the characteristic information marked as forbidden, and at the moment, passing the anti-brush verification.
20. The method of claim 12, wherein at the user equipment, the method further comprises the steps of:
intercepting the website access request to obtain the request information;
and sending the request information to the network equipment.
21. The method of claim 20, wherein at the user equipment, the method further comprises:
and carrying out blacklist verification on the requested website so as to carry out anti-brushing verification on the website which passes the blacklist verification by the network equipment.
22. The method of claim 20, wherein at the user equipment, the method further comprises:
and when the network equipment passes the anti-brushing verification, redirecting the website access request to the requested website.
23. A website anti-swipe verification apparatus, wherein the apparatus comprises:
the acquisition device is used for acquiring request information in the website access request;
the generating device is used for generating corresponding characteristic information from the request information according to a preset verification rule, wherein the characteristic information is used for representing the identity characteristics of the request information obtained through the verification rule, and different verification rules generate different characteristic information aiming at request headers, request parameters and request ips in different request information;
and the verification device is used for passing the anti-brushing verification of the requested website if the characteristic information is not marked as forbidden, wherein the characteristic information is counted and accumulated, so that after the calculated accumulated value reaches a preset threshold value, the corresponding request information is determined as the request information to be forbidden.
24. A computer device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, wherein the processor implements the method of any one of claims 1 to 11 when executing the computer program.
25. A computer-readable storage medium, on which a computer program is stored which, when being executed by a processor, carries out the method according to any one of claims 1 to 11.
CN202010244076.4A 2020-03-31 2020-03-31 Website anti-brushing verification method and device Active CN111585956B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010244076.4A CN111585956B (en) 2020-03-31 2020-03-31 Website anti-brushing verification method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010244076.4A CN111585956B (en) 2020-03-31 2020-03-31 Website anti-brushing verification method and device

Publications (2)

Publication Number Publication Date
CN111585956A CN111585956A (en) 2020-08-25
CN111585956B true CN111585956B (en) 2022-09-09

Family

ID=72122628

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010244076.4A Active CN111585956B (en) 2020-03-31 2020-03-31 Website anti-brushing verification method and device

Country Status (1)

Country Link
CN (1) CN111585956B (en)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112437036B (en) * 2020-01-21 2023-01-24 上海哔哩哔哩科技有限公司 Data analysis method and equipment
CN112836213A (en) * 2021-02-18 2021-05-25 联动优势科技有限公司 Anti-brushing method and device based on API (application program interface)
CN113783923A (en) * 2021-03-31 2021-12-10 北京沃东天骏信息技术有限公司 Web page anti-brush processing method, device, equipment and storage medium
CN115276968A (en) * 2022-07-08 2022-11-01 中国第一汽车股份有限公司 Third-party platform HTTP callback distribution method, system, electronic equipment and storage medium

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105162793A (en) * 2015-09-23 2015-12-16 上海云盾信息技术有限公司 Method and apparatus for defending against network attacks
CN108462687A (en) * 2018-01-08 2018-08-28 平安科技(深圳)有限公司 Method, apparatus, terminal device and the storage medium that anti-brush logs in
CN108959539A (en) * 2018-06-30 2018-12-07 成都信息工程大学 A kind of rule-based configurable web data analytic method
CN109951500A (en) * 2019-04-29 2019-06-28 宜人恒业科技发展(北京)有限公司 Network attack detecting method and device
CN110213375A (en) * 2019-06-04 2019-09-06 杭州安恒信息技术股份有限公司 A kind of method, apparatus and electronic equipment of the IP access control based on cloud WAF
CN110334259A (en) * 2019-04-22 2019-10-15 新分享科技服务(深圳)有限公司 Webpage data acquiring method, device and computer readable storage medium
CN110489626A (en) * 2019-08-05 2019-11-22 苏州闻道网络科技股份有限公司 A kind of information collecting method and device

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10574691B2 (en) * 2016-06-21 2020-02-25 Imperva, Inc. Infrastructure distributed denial of service (DDoS) protection

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105162793A (en) * 2015-09-23 2015-12-16 上海云盾信息技术有限公司 Method and apparatus for defending against network attacks
CN108462687A (en) * 2018-01-08 2018-08-28 平安科技(深圳)有限公司 Method, apparatus, terminal device and the storage medium that anti-brush logs in
CN108959539A (en) * 2018-06-30 2018-12-07 成都信息工程大学 A kind of rule-based configurable web data analytic method
CN110334259A (en) * 2019-04-22 2019-10-15 新分享科技服务(深圳)有限公司 Webpage data acquiring method, device and computer readable storage medium
CN109951500A (en) * 2019-04-29 2019-06-28 宜人恒业科技发展(北京)有限公司 Network attack detecting method and device
CN110213375A (en) * 2019-06-04 2019-09-06 杭州安恒信息技术股份有限公司 A kind of method, apparatus and electronic equipment of the IP access control based on cloud WAF
CN110489626A (en) * 2019-08-05 2019-11-22 苏州闻道网络科技股份有限公司 A kind of information collecting method and device

Also Published As

Publication number Publication date
CN111585956A (en) 2020-08-25

Similar Documents

Publication Publication Date Title
CN111585956B (en) Website anti-brushing verification method and device
US10798202B2 (en) Security systems for mitigating attacks from a headless browser executing on a client computer
US10225255B1 (en) Count-based challenge-response credential pairs for client/server request validation
US11552936B2 (en) Management of dynamic credentials
US10523609B1 (en) Multi-vector malware detection and analysis
US9860270B2 (en) System and method for determining web pages modified with malicious code
US9438625B1 (en) Mitigating scripted attacks using dynamic polymorphism
US9602543B2 (en) Client/server polymorphism using polymorphic hooks
US10447726B2 (en) Mitigating attacks on server computers by enforcing platform policies on client computers
US20170054749A1 (en) Detecting web exploit kits by tree-based structural similarity search
US20160050231A1 (en) Selectively protecting valid links to pages of a web site
CN109246064A (en) Safe access control, the generation method of networkaccess rules, device and equipment
CN113645234B (en) Honeypot-based network defense method, system, medium and device
WO2016118153A1 (en) Marking nodes for analysis based on domain name system resolution
CN114553529A (en) Data processing method, device, network equipment and storage medium
JP2022541250A (en) Inline malware detection
KR101445817B1 (en) Method and apparatus for controlling use of service
Ivašauskas et al. In-Kernel Authentication Request Analysis for Human and Bot Distinction
Hsu et al. A Cloud-based Protection approach against JavaScript-based attacks to browsers
US10567363B1 (en) Deterministic reproduction of system state using seeded pseudo-random number generators
CN114567472A (en) Data processing method and device, electronic equipment and storage medium
CN115314231A (en) Network attack information processing method and device, electronic equipment and storage medium
CN114301661A (en) Authentication method and device for application login, computing equipment and storage medium
Frühwirt Automated discovery of secure website domains
Chunyu The initiative forecast defense technique of Web application based on HttpModule

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant