Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Website back door detection method and device

A detection method and website technology, applied in the field of information security, can solve the problems of loss of backdoor, easy false negatives and false positives, encryption and obfuscation before it is provided to the backdoor, etc.

Inactive Publication Date: 2017-01-04
ALIBABA GRP HLDG LTD
View PDF5 Cites 4 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The disadvantage of static detection is that most scripting languages ​​now support dynamic code generation at runtime and use assert to execute. Specific parameters may be encrypted and obfuscated before being provided to the backdoor, so that the backdoor has completely lost the backdoor in terms of static code. Features, only after specific parameters are encrypted and obfuscated and provided to the back door, the back door will show the characteristics of the back door
This detection method is prone to false negatives and false positives

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Website back door detection method and device
  • Website back door detection method and device
  • Website back door detection method and device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0021] The present invention will be described in further detail below in conjunction with the accompanying drawings.

[0022] Before discussing the exemplary embodiments in more detail, it should be mentioned that some exemplary embodiments are described as processes or methods depicted as flowcharts. Although the flowcharts describe operations as sequential processing, many of the operations may be performed in parallel, concurrently, or simultaneously. In addition, the order of operations can be rearranged. The process may be terminated when its operations are complete, but may also have additional steps not included in the figure. The processing may correspond to a method, function, procedure, subroutine, subroutine, or the like.

[0023] The term "computer equipment" in this context, also referred to as "computer", refers to an intelligent electronic device that can perform predetermined processing procedures such as numerical calculations and / or logic calculations by r...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a website back door detection method and device. The website backdoor detection method comprises steps of putting a file of a website to be detected into an independent space isolated from a practical execution environment of the file of the website to be detected for operation; constructing an external parameter carrying a danger label and supplying the external parameter to the file of the website to be detected by responding to an external parameter obtaining request transmitted by the file of the website to be detected during operation in the independent space, wherein the external parameter carrying the danger label goes through a booking string processing function and the danger label is maintained; determining whether the file of the website to be detected executes the danger function during a process of operating in the independent space and whether the parameter of the danger function has the danger label; if afacts that the file of the website to be detected executes the danger function in the process of operating in the independent space and the danger function calls the parameter with the danger labels is determined, detecting that the file of the website to be detected is a backdoor file. The embodiment of the website back door detection method and device can effectively detect the backdoor of the website.

Description

technical field [0001] The invention relates to information security, in particular to a website backdoor detection method and device. Background technique [0002] Website backdoors usually refer to those website files that bypass website security control to gain control of the website server, and are usually written in codes such as asp, php, jsp or cgi. Most web scripting languages ​​support the execution of dynamic codes, such as executing received parameters as codes, or executing variables after operations as codes. This is often used by hackers to write website backdoors and bypass security detection. That is to say, the Trojan horse executor puts the backdoor file which is not a Trojan horse into the website server, which usually has strong concealment, and will not be directly used by the Trojan horse attacker to attack the website server, but as a means for the Trojan horse attacker to attack the website server. aisle. That is, the Trojan horse attacker usually s...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L12/26H04L29/06G06F17/30
Inventor 叶敏
Owner ALIBABA GRP HLDG LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products