Webshell page detection method and device based on intra-domain page association

A technology of association relationship and page, applied in the field of communication, can solve problems such as webshell false positives

Active Publication Date: 2016-07-13
CHINA MOBILE COMM GRP CO LTD
View PDF4 Cites 19 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Based on this feature, the isolated page in the website is found by sorting out the page association relationship. The isolated page is the webshell, but the main function of the background login page of the website, or some functional pages in the background, is realized by passing parameters through post. It may be an isolated ...

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Webshell page detection method and device based on intra-domain page association
  • Webshell page detection method and device based on intra-domain page association
  • Webshell page detection method and device based on intra-domain page association

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0049] In order to make the technical problems, technical solutions and advantages to be solved by the present invention clearer, the following will describe in detail with reference to the drawings and specific embodiments.

[0050] The present invention aims at the problem that the existing methods for detecting webshell pages in websites are prone to false alarms or cannot be detected, and provides a method and device for detecting webshell pages based on the association relationship of pages in a domain, which can accurately and quickly detect websites Whether there is a webshell page in .

[0051] Such as figure 1 As shown, the embodiment of the present invention provides a method for detecting webshell pages based on the page association relationship in the domain, the method comprising:

[0052] Step 11, according to the file directory of the website to be tested, obtain the script file and / or label language file of the dynamic page of the website to be tested, namely ob...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a webshell page detection method and device based on intra-domain page association. The method comprises steps as follows: acquiring a script file and/or a tag language file of a dynamic page of a to-be-detected website according to a file directory of the to-be-detected website; extracting URL links in the script file and/or the tag language file of the dynamic page, and generating a URL link tag tree of the intra-domain page association, wherein the URL link tag tree comprises pages corresponding to URLs and inclusion relations among the pages; traversing the URL link tag tree and extracting first-class nodes and second-class nodes, wherein the first-class nodes are isolated nodes which contain no superior and subordinate nodes, the second-class nodes are nodes which contain subordinate nodes but do not contain superior nodes, and pages corresponding to the subordinate nodes are extra-domain pages; acquiring suspected webshell pages according to the pages corresponding to the extracted first-class and second-class nodes. Whether the webshell pages exist in a website or not can be detected accurately and quickly.

Description

technical field [0001] The present invention relates to the field of communication technologies, in particular to a method and device for detecting webshell pages based on intra-domain page association relationships. Background technique [0002] With the continuous progress and development of WEB application technology, WEB applications carry more and more services, and the security problems that WEB applications face are more and more complicated. According to statistics from authoritative organizations such as Public Vulnerabilities and Exposure CVE, security attacks on web applications have surpassed the sum of security attacks on other layers, and hacker attacks have gradually shifted from the traditional network layer to the application layer. After hackers invade a website, they often achieve the purpose of long-term control of the website by implanting a webshell backdoor in the website. [0003] Webshell is a script backdoor program in the form of a webpage. Like o...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F17/30
Inventor 付俊张峰王坤徐引进卢楠
Owner CHINA MOBILE COMM GRP CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap