Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Method, device and equipment for web anti-injection

An anti-injection and web application technology, applied in the field of Internet technology applications, can solve problems such as high overhead and inability to perform automatic defense

Active Publication Date: 2016-05-11
SANGFOR TECH INC
View PDF3 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0009] The main purpose of the present invention is to provide a method and device for Web anti-injection, aiming to solve the technical problems in the prior art that are expensive and cannot be automatically defended

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method, device and equipment for web anti-injection
  • Method, device and equipment for web anti-injection
  • Method, device and equipment for web anti-injection

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0060] It should be understood that the specific embodiments described here are only used to explain the present invention, not to limit the present invention.

[0061] The embodiment of the present invention provides a web anti-injection device, refer to figure 1 , in a preferred embodiment, the device includes:

[0062] The binding module 10 is used to bind the pages and variables of the Web application to form an association between the pages, variables and operations; because in the entire Web application, the effects of different variables on different pages are not the same, some are Query the entrance of the database, and some are just common operations such as display and printing. In order to distinguish the different functions of different parameters, the embodiment of the present invention binds variables and pages through the binding module 10, and establishes an association of information such as variables, pages, and operation types. After binding, the variable...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a Web anti-injection method. The web anti-injection method comprises the step A of binding Web application pages and variables, and forming incidence relations among the pages, the variables and operation; a step B of receiving legal data used for training the variables and input by users, and performing calculation and statistic treatment on an information distance of the legal data; a step C of building a recognition model according to statistical information of the information distance of the legal data so as to judge whether input data are legal. The invention further provides a Web anti-injection device corresponding to the method and Web anti-injection equipment with the Web anti-injection device. According to the Web anti-injection method, device and equipment, unknown attack can be defended dynamically, zero-day attack can be resisted, and attackers cannot perform spoofing attack.

Description

technical field [0001] The present invention relates to the field of Internet technology applications, and more specifically, to a method, device and equipment for preventing web injection. Background technique [0002] Web security is the core content of today's network security and information security. According to statistics, the most serious web security threats are cross-site attacks, SQL (Structured Query Language, Structured Query Language) injection, DDoS (Distributed Denial of Service, distributed denial of service) attacks, and zero-day attacks. 44%, and SQL injection is one of the most important attack methods in database attacks. [0003] At present, most of the industry's defense methods against database attacks focus on SQL auditing. In terms of SQL auditing, it can be defended through machine learning, syntax analysis, or business analysis. There are few relatively well-formed solutions in terms of Web anti-injection technology. The industry's solutions t...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): G06F17/30G06F21/55
Inventor 赵振阳李龙
Owner SANGFOR TECH INC
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products