Method and device for controlling hyper text transport protocol (HTTP) traffic

A control method and flow technology, applied in the field of network security, can solve the problems of unsatisfactory application effect, inability to distinguish normal web service access HTTP traffic and abnormal HTTP traffic, etc., and achieve better defense effect

Inactive Publication Date: 2012-07-11
BEIJING VENUS INFORMATION TECH +1
View PDF4 Cites 31 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

When defending against abnormal HTTP traffic, most of the current methods cannot distinguish between normal web service access HTTP traffic and abnormal HTTP traffic, so they can only

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and device for controlling hyper text transport protocol (HTTP) traffic
  • Method and device for controlling hyper text transport protocol (HTTP) traffic
  • Method and device for controlling hyper text transport protocol (HTTP) traffic

Examples

Experimental program
Comparison scheme
Effect test

Example Embodiment

[0049] Embodiment 1, a method for controlling HTTP traffic, which can be used on a web security gateway but is not limited to, including:

[0050] According to the HTTP traffic sent by the web client to the web server, determine that the web client is an automatic tool or manual browsing;

[0051] Only HTTP traffic generated by web clients determined to be manual browsing is allowed to enter the web server.

[0052] That is to say, for the HTTP traffic generated by the web client determined as an automatic tool, prevent it from entering the web server, such as directly discarding the HTTP request, or not processing it until it is overwritten by a new HTTP request; if the determination result is If uncertain, the leaky bucket algorithm known in the field of network service quality can be used to send the HTTP request to the Web server at a pre-agreed forwarding rate, and it can also be prevented from entering the Web server in practical application.

[0053] In this embodiment...

Example Embodiment

[0090] Embodiment 2, a control device for HTTP traffic, which can be used on a security gateway, such as image 3 shown, including:

[0091] Web client determination module: used to determine that the Web client is an automatic tool or manual browsing according to the HTTP traffic sent by the Web client to the Web server;

[0092] The HTTP current limiting module is configured to allow only the HTTP traffic generated by the Web client determined as manual browsing to enter the Web server.

[0093] In this embodiment, the determination results of the Web client determination module can be divided into three types: A) the Web client is an automatic tool; B) the Web client is manual browsing; C) the current behavior is unknown; the HTTP current limiting module is based on The judgment result of the Web client judgment module determines the next step for the HTTP request: if the judgment result of the Web client that sends the HTTP request is an automatic tool, it can but is not ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a method and a device for controlling hyper text transport protocol (HTTP) traffic. The method includes the following steps: according to HTTP traffic sent to a Web server by a Web client, deciding that the Web client is an automatic tool or artificial browsing; only allowing the HTTP traffic generated by the Web client which is decided to be artificial browsing to enter the Web server. The method and the device are capable of limiting abnormal HTTP traffic, simultaneously allow HTTP traffic of normal Web business access to normally pass and accordingly ensure Web access service quality of normal users to the maximum degree.

Description

technical field [0001] The invention relates to the field of network security, in particular to an HTTP flow control method and device. Background technique [0002] HTTP (HyperTextTransferProtocol, hypertext transfer protocol) is currently one of the most widely used protocols on the Internet. As one of the main businesses of the Internet, the Web business is currently developing rapidly. While it brings great convenience to people to obtain information, it has also become the most concerned attack target of hackers. At present, there are various attack methods on Web sites. The traditional attacks include attacks based on the transport layer (including SYNFlood attacks and empty connection attacks), while the most common attacks are based on the application layer, including HTTPFlood attacks, CC attacks. Most of the HTTP traffic generated by these application-layer-based Web attacks conforms to the HTTP protocol specification. Traditional network security devices based on...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L12/56H04L29/08H04L12/801
Inventor 叶润国周涛
Owner BEIJING VENUS INFORMATION TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap