Cross-site request forgery CSRF attack recognition method and device

A forged request, cross-site technology, applied in the field of communication, can solve the problems of attack failure, unrecognizable attack based on forged srcCSRF, permission theft, etc.

Active Publication Date: 2015-08-19
NEW H3C TECH CO LTD
View PDF2 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] The most common CSRF attack is to attack by forging the form, but if the target server is deployed with an intrusion prevention device, this attack method may be recognized by the intrusion prevention system, resulting in the attack failure; some attackers may continue to use some escape methods Intrusion prevention device detection method to attack; for example, use forged src (Source, source of information) instead of forged form to carry out CSRF attack, replace the forged form used in the attack with the src form of img, so that when the normal website administrator is in After logging in to a normal website as an administrator, and then clicking on a malicious website containing an img tag, the administrator constructed by the attacker (such as X1) will be added, and the user's permissions will be stolen, so that the stolen user permissions can be used to target The normal website conducts CSRF attack
[0004] In the prior art, the measures taken can only identify CSRF attacks based on forged forms, but cannot identify CSRF attacks based on forged src

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Cross-site request forgery CSRF attack recognition method and device
  • Cross-site request forgery CSRF attack recognition method and device
  • Cross-site request forgery CSRF attack recognition method and device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0049] Aiming at the above-mentioned problems existing in the prior art, the embodiment of the present invention provides a CSRF attack detection method for a cross-site forgery request, such as figure 1 shown, including the following steps:

[0050] Step 101, detecting whether the src in the acquired HTTP request payload is in an abnormal state.

[0051] by figure 2Let’s take the environment as an example to illustrate. After user C visits the normal website A through the browser and passes the verification, website A returns the cookie information to the browser. Within the validity period of the cookie information, user C visits website B again. , at this time, website B will return the HTTP (HyperText Transfer Protocol, hypertext transfer protocol) request to user C, and step 101 in the present invention is to continuously detect all obtained HTTP requests, and further analyze and obtain in the HTTP request load Whether the src is in an abnormal state.

[0052] In an e...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The present invention discloses a cross-site request forgery CSRF attack recognition method and device. When a source src in a load of an obtained HTTP request is detected to be at an abnormal state, whether an abnormal GET request whose source IP is the same as a source IP of the HTTP request is received within a preset time is determined, and if is, a CSRF attack is confirmed. By this means, srcs at abnormal states and the abnormal GET requests are continuously detected to commonly confirm whether CSRF attacks based on forged srcs are received, thereby realizing recognition of the CSRF attacks based on the forged srcs.

Description

technical field [0001] The embodiments of the present invention relate to the technical field of communications, and in particular, to a method and device for identifying a cross-site forgery request (CSRF) attack. Background technique [0002] The core of the CSRF (Cross-Site Request Forgery, cross-site forgery request) attack is to forge the form, add any administrator to the affected application system through the forgery form, for example, the added administrator is named X1, and some key parameters are set Good value, for example, when adding an administrator, you need to set good values ​​for key parameters such as the new user name, user password, and user mailbox. In this way, when a user visits a malicious website, the malicious website will steal the authority of a normal user to send a forged form to the system server, and then attack after the system server executes the forged form. [0003] The most common CSRF attack is to attack by forging the form, but if th...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/1416H04L63/1441
Inventor 张惊申
Owner NEW H3C TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap