Anti-scan detection method and system based on various URL changes

A detection method and detection system technology, applied in the field of information security, can solve problems such as statistical failure and prolong attack cycle, and achieve the effect of avoiding vulnerability detection and high reliability

Inactive Publication Date: 2017-03-08
WEBRAY TECH BEIJING CO LTD
View PDF4 Cites 6 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, this method has certain limitations
On the one hand, the attack on the target system can only be discovered after a period of time. During this period, the target system may have been compromised; on the other hand, the attacker intentionally constructs a return data packet, prolongs the attack period, and avoids the statistical window, thus making the statistics invalid.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Anti-scan detection method and system based on various URL changes
  • Anti-scan detection method and system based on various URL changes
  • Anti-scan detection method and system based on various URL changes

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0035] Embodiments of the present invention are described in detail below, examples of which are shown in the drawings, wherein the same or similar reference numerals designate the same or similar elements or elements having the same or similar functions throughout. The embodiments described below by referring to the figures are exemplary and are intended to explain the present invention and should not be construed as limiting the present invention.

[0036] The invention proposes a hair scanning detection method and system based on various changes of URLs, which can solve the security problems caused by the detection of security loopholes.

[0037] Such as Figure 5 As shown, the anti-scanning detection method based on URL diverse changes in the embodiment of the present invention comprises the following steps:

[0038] Step S1, obtaining the original code that the user requests to access through the web application. Among them, the original code includes: real URL address ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The present invention proposes an anti-scan detection method and system based on various URL changes. The method comprises: acquiring an original code accessed by a user through a Web application request; when it is detected that the user accesses the original code for the first time, modifying a real URL address and an access topic in the original code according to a fault URL obfuscation algorithm; and when it is detected that the user accesses the original code for the second time or for many times, continuing to modify the real URL address and the access topic in the original code according to the fault URL obfuscation algorithm, so that a vulnerability scanner cannot obtain the real URL address, and then cannot obtain the web page, wherein results of modifying the real URL address and the access topic for each time are different. According to the method and system proposed by the present invention, a crawler module, the core module of the scanner is disturbed, the detection mechanism of the vulnerability scanning is avoided, and the scanning problem is completely eliminated, so that the current scanner is invalid, and the security of the target system is ensured as much as possible.

Description

technical field [0001] The invention relates to the technical field of information security, in particular to an anti-scanning detection method and system based on various changes of URLs. Background technique [0002] Vulnerability scanner is a product that discovers and attacks vulnerabilities by simulating hacker attacks. Vulnerability scanning is also the first step in hacking. From the perspective of attack prevention, doing a good job in anti-scanning is the primary task of information security protection. [0003] Existing web vulnerability scanning is one of the main methods to detect hidden dangers in web applications, and its core technology is inseparable from the research on crawler technology. The ability of web crawlers directly determines the vulnerability detection ability of web application scanning. A web crawler is an important basic functional module in a network-based web vulnerability scanner. Its efficiency in obtaining the directory structure and a...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/55H04L29/06
CPCG06F21/556H04L63/1433
Inventor 权晓文杨泽辉陈四强刘晓辉
Owner WEBRAY TECH BEIJING CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap