Unlock instant, AI-driven research and patent intelligence for your innovation.

A url mimic method for protecting web application security

A web application and security technology, applied in electrical components, transmission systems, etc., can solve problems such as web security threats, difficult attack methods, tampering of web page content, etc., and achieve the effect of protecting security

Active Publication Date: 2018-04-27
ZHEJIANG UNIV
View PDF6 Cites 4 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0002] With the birth of a series of new Internet products such as Web2.0, social network, and Weibo, Internet applications based on the Web environment are becoming more and more extensive. In the process of enterprise informatization, various applications are set up on the Web platform. The rapid development of business has also attracted the strong attention of hackers, followed by the emergence of web security threats. Hackers use the loopholes in the website operating system and the SQL injection loopholes in the web service program to gain control of the web server, and at least tamper with the webpage. The serious one is to steal important internal data, and the more serious one is to implant malicious code in the webpage, so that the website visitors are violated
At present, the common means of protecting web application security include firewall, IDS, pattern recognition, URL filtering and other technologies, but these technologies are very passive. Only when an intrusion event occurs, corresponding protection measures are taken against this intrusion. It is often difficult to defend against new attack methods

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A url mimic method for protecting web application security
  • A url mimic method for protecting web application security

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0016] specific implementation plan

[0017] The purpose and effects of the present invention will become more apparent by describing the present invention in detail below in conjunction with the accompanying drawings.

[0018] The present invention is a url mimic method for protecting the safety of Web applications, such as figure 1 As shown, this method is implemented in the gateway, where the gateway with URL mimicry function uses nginx as a reverse proxy. The URL mimicry function can be implemented with the http module of nginx. Specifically include the following steps:

[0019] Step 1: If figure 2 As shown in (a), when the client sends a Web request to the background Web server, the gateway dynamically transforms the url in the Web page returned by the background Web server to the client, specifically including the following sub-steps:

[0020] (1.1) Find all the links in the returned web page, and find out the url links with parameters passed to the background serve...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a url (uniform resource locator) pseudo method for protecting Web application security. According to the method, a url marking a background Web server source is dynamically changed, the changed url is represented externally, the real url is concealed, and valid visit times can be configured for each changed url. With the adoption of the method, an attacker cannot master a real entrance of resources on the Web server and cannot attempt to attack randomly, and accordingly, the Web application security is protected.

Description

technical field [0001] The invention relates to the technical field of computer network security, in particular to the field of web application security. Background technique [0002] With the birth of a series of new Internet products such as Web2.0, social network, and Weibo, Internet applications based on the Web environment are becoming more and more extensive. In the process of enterprise informatization, various applications are set up on the Web platform. The rapid development of business has also attracted the strong attention of hackers, followed by the emergence of web security threats. Hackers use the loopholes in the website operating system and the SQL injection loopholes in the web service program to gain control of the web server, and at least tamper with the webpage. The serious one is to steal important internal data, and the more serious one is to implant malicious code in the webpage, so that the website visitors are violated. At present, the common means...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06H04L29/08
CPCH04L63/1441H04L63/168H04L67/02
Inventor 吴春明申旺强高文
Owner ZHEJIANG UNIV
Features
  • R&D
  • Intellectual Property
  • Life Sciences
  • Materials
  • Tech Scout
Why Patsnap Eureka
  • Unparalleled Data Quality
  • Higher Quality Content
  • 60% Fewer Hallucinations
Social media
Patsnap Eureka Blog
Learn More