Web anti-injection method, device and equipment

An anti-injection and web application technology, applied in the field of Internet technology applications, can solve the problems of inability to carry out automatic defense and high overhead

Active Publication Date: 2013-04-24
SANGFOR TECH INC
View PDF3 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0009] The main purpose of the present invention is to provide a method and device for Web anti-injection, aiming to solve the technical problems in the prior art that are expensive and cannot be automatically defended

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Web anti-injection method, device and equipment
  • Web anti-injection method, device and equipment
  • Web anti-injection method, device and equipment

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0061] The embodiment of the present invention provides a web anti-injection device, refer to figure 1 , in a preferred embodiment, the device includes:

[0062] The binding module 10 is used to bind the pages and variables of the Web application to form an association between the pages, variables and operations; because in the entire Web application, the effects of different variables on different pages are different, some are Query the entrance of the database, and some are just common operations such as display and printing. In order to distinguish the different functions of different parameters, the embodiment of the present invention binds variables and pages through the binding module 10 to establish an association of information such as variables, pages, and operation types. After binding, the variable is not just an isolated parameter, but is associated with the page. After binding, the variable has the property of the page, which can better distinguish the function ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a Web anti-injection method. The web anti-injection method comprises the step A of binding Web application pages and variables, and forming incidence relations among the pages, the variables and operation; a step B of receiving legal data used for training the variables and input by users, and performing calculation and statistic treatment on an information distance of the legal data; a step C of building a recognition model according to statistical information of the information distance of the legal data so as to judge whether input data are legal. The invention further provides a Web anti-injection device corresponding to the method and Web anti-injection equipment with the Web anti-injection device. According to the Web anti-injection method, device and equipment, unknown attack can be defended dynamically, zero-day attack can be resisted, and attackers cannot perform spoofing attack.

Description

technical field [0001] The present invention relates to the field of Internet technology applications, and more specifically, to a method, device and equipment for preventing web injection. Background technique [0002] Web security is the core content of today's network security and information security. According to statistics, the most serious web security threats at present are cross-site attacks, SQL (Structured Query Language, Structured Query Language) injection, DDoS (Distributed Denial of service, distributed denial of service) attacks, and zero-day attacks. Database attacks are as high as 44%, and SQL injection is one of the most important attack methods in database attacks. [0003] At present, most of the industry's defense methods against database attacks focus on SQL auditing. In terms of SQL auditing, it can be defended through machine learning, syntax analysis, or business analysis. There are few relatively well-formed solutions in terms of Web anti-inject...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F17/30G06F21/55
Inventor 赵振阳李龙
Owner SANGFOR TECH INC
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap