Eureka AIR delivers breakthrough ideas for toughest innovation challenges, trusted by R&D personnel around the world.

WEB site link dynamic hiding method and device capable of effectively preventing network attacks

A website link and network attack technology, applied in electrical components, transmission systems, etc., can solve problems such as increasing the difficulty of user interaction with the website, unable to eliminate ticket grabbing, number swiping, and complexity, and achieve protection against hazards and service performance. , the effect of protecting against malicious code or malware, and preventing credential stuffing attacks

Active Publication Date: 2016-04-20
广州安锐信息技术有限公司
View PDF4 Cites 21 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0008] However, the method of adopting the verification code cannot effectively solve various attacks on the WEB website, mainly because the verification code technology has the following deficiencies:
As a result, the use of verification codes cannot prevent crawler attacks on the website, and cannot prevent ticket grabbing and account swiping.
[0010] Second, if the set verification code picture is too complicated, it will lead to a decrease in user experience, increase the difficulty of interaction between users and the website, and cause users to need to enter the content in the verification code multiple times before logging in to the WEB website
[0011] As for malicious software attacks, according to the inventor's statistics over the years, the killing rate of various antivirus software to malicious software is less than 30%, and malicious software is becoming more and more intelligent and refined. When the WEB website is activated, it will be triggered only when certain conditions are met, resulting in the leakage of sensitive information of users

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • WEB site link dynamic hiding method and device capable of effectively preventing network attacks
  • WEB site link dynamic hiding method and device capable of effectively preventing network attacks
  • WEB site link dynamic hiding method and device capable of effectively preventing network attacks

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0046] see figure 1 As shown in the schematic flow diagram, the WEB website link dynamic hiding method for effectively preventing network attacks of the present invention comprises the following steps:

[0047]Step S11, the browser sends a connection request to the server, which is the first step for the browser to interact with the server. This step can be the first time the browser tries to establish a connection with the server, or it can be that the browser has already connected with the website server A connection has been established, that is, staying on the webpage, but the connection between the browser and the server has been disconnected. When clicking a button on the website page again, such as the login button, the browser sends a connection request to the server.

[0048] Step S12, the server verifies whether the URI of the response needs to be encrypted, and if not, sends the URI of the response directly to the browser; otherwise, encrypts the URI requested by th...

Embodiment 2

[0084] Next, the structure of the present invention will be further explained by taking the present invention applied to the 12306 website to solve ticket grabbing behavior as an example.

[0085] First, analyze the ticket grabbing behavior on the 12306 website. Various ticket grabbing software find several key URLs by analyzing the structure of the 12306 ticket buying website, and then use scripts to continuously check these key URLs. Submit parameters to achieve the purpose of automatic and programmatic ticket grabbing, and its efficiency is hundreds of times faster than that of general manual clicking on the website.

[0086] On the 2014 version of the 12306 website, the URLs of several key pages such as user login, ticket query, and order submission are as follows:

[0087] Request login page: https: / / kyfw.12306.cn / otn / login / init

[0088] Get the verification code and verify it: https: / / kyfw.12306.cn / otn / passcodeNew / getPassCodeNew? module=login&rand=sjrand&

[0089] Log...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a WEB link dynamic hiding method capable of effectively preventing network attacks. The method comprises the following steps that firstly, a browser side sends a connecting request to a server side; secondly, the server side verifies whether it is needed to encrypt a responsive URI or not, the URI needing to be encrypted is encrypted for the first time, and the encrypted URI and a script file used for encrypting the browser side are sent to the browser side together; thirdly, after connection is established, the URI requested for revisiting is encrypted for the second time through the scrip file in the browser side, and the URI encrypted for the second time is sent, or the URI is sent directly; fourthly, the server side verifies the URI requested by the browser side again and carries out first-time decryption and second-time decryption after the URI passes the verification, and an error webpage is returned if the URI does not pass the verification or decryption fails. By means of the method, the safety of a WEB site can be improved, and various attacks such as library collision attacks and network crawlers can be defended. The invention further discloses a device applied to the method.

Description

technical field [0001] The invention relates to a method and device for dynamically deforming and encrypting a WEB website. Specifically, the WEB website address is dynamically processed on the basis of encryption technology and script technology. Background technique [0002] At present, fields such as finance and the Internet usually rely on WEB websites to provide services to Internet users or mobile smart terminal users. Therefore, the security of WEB websites is very important. Once the WEB website is attacked, many users will suffer huge losses. However, the existing WEB websites are vulnerable to attacks from various aspects due to the following technical defects: [0003] A. Crawler attack: Through automated tools and scripts, the directory and content of the entire WEB website can be obtained, and various data can be automatically submitted. At present, all kinds of ticket grabbing and number swiping software use crawlers to attack websites to achieve various comme...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/04H04L63/145
Inventor 邱铭钗
Owner 广州安锐信息技术有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com