Method and device for defending cross-site request forgery attacks

A cross-site request forgery and request message technology, applied in the field of network security, can solve problems such as difficulty in preventing danger, and achieve the effect of defending against cross-site request forgery attacks

Inactive Publication Date: 2015-05-06
MICRO DREAM TECHTRONIC NETWORK TECH CHINACO
View PDF4 Cites 9 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Among the existing attack methods that threaten network security, cross-site request forgery (CSRF, Cross Site Request Forgery) attack is a difficult and dangerous attack method

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and device for defending cross-site request forgery attacks
  • Method and device for defending cross-site request forgery attacks
  • Method and device for defending cross-site request forgery attacks

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0022] In order to make the purpose, technical solution and advantages of the present application clearer, the technical solution of the present application will be clearly and completely described below in conjunction with specific embodiments of the present application and corresponding drawings. Apparently, the described embodiments are only some of the embodiments of the present application, rather than all the embodiments. Based on the embodiments in this application, all other embodiments obtained by persons of ordinary skill in the art without making creative efforts belong to the scope of protection of this application.

[0023] figure 1 A schematic flowchart of a method for defending against cross-site request forgery attacks provided by this application;

[0024] figure 2 It is a detailed flowchart of a method for defending against cross-site request forgery attacks provided by this application.

[0025] The method for defending against cross-site request forgery...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a method for defending cross-site request forgery attacks. The method comprises the steps of: receiving a request packet Hypertext Transfer Protocol Http requests; message requesting source to obtain the domain from where the request; if the source of the request is located field is empty, it is determined that the hypertext transfer protocol Http request is unsafe; domain if the request source is located is not empty, then the field is determined according to the request source where the hypertext transfer protocol Http request is security. Therefore, the defense cross-site request forgery attack the present application provides a method of defense can effectively cross-site request forgery attacks.

Description

technical field [0001] The present application relates to the field of network security, in particular to a method and device for defending against cross-site request forgery attacks. Background technique [0002] With the application of the Internet more and more widely, Internet security has become a problem that people pay more and more attention to. Among the various existing attack methods that threaten network security, Cross Site Request Forgery (CSRF, Cross Site Request Forgery) attack is a difficult and dangerous attack method that is difficult to prevent. The cross-site request forgery attack is mainly that the attacker uses the user's login information on a website to send a request from any website to the website. Such as sending emails, modifying information, purchasing goods, etc. in the name of the user. The following will detail the cases of bank accounts being maliciously transferred: [0003] If a user logs in to online banking to check his deposit balan...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/145H04L63/1466
Inventor 姜楠
Owner MICRO DREAM TECHTRONIC NETWORK TECH CHINACO
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap