Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Web server attack filtering and comprehensive protecting method based on NDIS (Network Driver Interface Standard) drive

A server and service module technology, applied in the direction of electrical components, transmission systems, etc., can solve the problems of high deployment cost, poor flexibility, high maintenance cost, etc., and achieve the effect of high flexibility and low cost

Active Publication Date: 2011-07-13
BEIJING HITEVISION INTELLIGENT SOLUTIONS CO LTD
View PDF3 Cites 14 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0006] The first type of technology is implemented by hardware, so its procurement, maintenance, and deployment costs are high, and its flexibility is poor, but it has advantages in processing speed; the second type of technology is implemented by software, but its technical implementation can only be achieved for a certain Specific web servers are effective, but there are limitations for users, such as the ISAPI module for Microsoft's IIS server and the ModSecurity module for Apache servers; if it is made into a product, there will be a need to maintain multiple versions for different web servers at the same time, and maintenance costs high

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Web server attack filtering and comprehensive protecting method based on NDIS (Network Driver Interface Standard) drive
  • Web server attack filtering and comprehensive protecting method based on NDIS (Network Driver Interface Standard) drive
  • Web server attack filtering and comprehensive protecting method based on NDIS (Network Driver Interface Standard) drive

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0029] combine image 3 , describing this example

[0030] S1. The user sends a data packet to the network card through the network.

[0031] S2. The network card uploads the data packet to the NDIS driver.

[0032] Specifically, the network card sends the data packet to the network card driver, and the network card driver passes the data to the NDIS driver through the connection card.

[0033] S3, the NDIS driver screens out the HTTP data packets meeting the port requirements through the HTTP protocol according to the default, and delivers the above HTTP data packets to the security detection service module running in the user state.

[0034] The security detection service module is in the user layer.

[0035] combine Figure 4 , to further explain "the NDIS driver screens out HTTP packets that meet the port requirements": HTTP packets are both IP packets and TCP packets, and are packets with preset ports.

[0036] S31. Obtain the network data packet sent from the lower ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a Web server attack filtering and comprehensive protecting method based on an NDIS (Network Driver Interface Standard) drive, comprising: the NDIS drive carries out the sieving of a Hyper Text Transport Protocol (HTTP) according to presetting, sieves an HTTP data packet meeting port demands from received data packets, and sends the data packet to a security detection service module operating at a user state; a security detection service module analyzes and detects the HTTP data packet, and sends a command of discarding unsafe HTTP data packets to the NDIS drive; and the NDIS drive discards the unsafe HTTP data packets. The method provided by the invention belongs to a software technology and has the advantages of low cost and high flexibility; and the technology realized by the invention is suitable for all Web server programs and has no limitation.

Description

technical field [0001] The invention relates to the field of network security protection, in particular to an NDIS-driven Web server attack filtering and comprehensive protection method. Background technique [0002] When a web server processes web page requests and data packets sent by Internet users, the injection attack by hackers has become a major method for hackers to intrude into web servers due to the loopholes in the web server, and it is increasing year by year. After the successful injection attack on the web server, the webpage will be tampered with, a Trojan horse will be added, and the server will be controlled as a bot to carry out illegal attacks, etc. Normal operation has great social significance. [0003] Currently, solutions to this problem fall into two categories: [0004] The first category, such as figure 1 As shown, network data filtering is realized through hardware, and the web page requests and data sent by Internet users to the Web server are ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L29/08
Inventor 曾湘宁
Owner BEIJING HITEVISION INTELLIGENT SOLUTIONS CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com