Method and device for obtaining network security data

A network security and acquisition method technology, which is applied in the field of network security data acquisition methods and devices, can solve the problems of inability to analyze vulnerabilities, increase the rate of missed loopholes, and low network security, so as to reduce the rate of missed loopholes and improve network security. safety effect

Active Publication Date: 2020-05-05
BEIJING AISEC TECH
View PDF6 Cites 1 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] However, when Ajax asynchronous loading technology uses JavaScript to dynamically generate pages, there is no page refresh process, so there is no new page content in the source code. When search engines use crawlers to analyze the source code, they cannot obtain new page content. Network security-related data cannot be obtained, resulting in the inability to conduct vulnerability analysis based on network security-related data, which increases the rate of vulnerability false positives and lower network security

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and device for obtaining network security data
  • Method and device for obtaining network security data
  • Method and device for obtaining network security data

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0048] figure 1 It is a flow chart of Embodiment 1 of the network security data acquisition method of the embodiment of the present invention, as shown in figure 1 As shown, the method for obtaining network security data in the embodiment of the present invention may specifically include the following steps:

[0049] 100. Obtain the calling function corresponding to each event in the current webpage from the preset calling function library.

[0050] In a specific implementation process, in a webpage created by using Ajax, such as Web2.0, there will be corresponding events, so as to generate corresponding page content according to each event.

[0051] Because the webpage created by Ajax method can only get the content of the updated part without refreshing the entire page, after some events are executed, there is no new page content in the source code of the webpage, so that the crawler cannot get It is known that these events have been triggered, so that the relevant page co...

Embodiment 2

[0065] figure 2 It is a flow chart of Embodiment 2 of the network security data acquisition method of the embodiment of the present invention, as shown in figure 2 As shown, the network security data acquisition method of the embodiment of the present invention is in figure 1 On the basis of the illustrated embodiments, the technical solution of the present invention is further described in more detail.

[0066] Such as figure 2 As shown, the method for obtaining network security data in the embodiment of the present invention may specifically include the following steps:

[0067] 200. Obtain the source code of the current webpage.

[0068] The embodiment of the present invention can apply the sandbox technology to webpage protection. From the perspective of technical implementation, it is to change from preventing suspicious programs from accessing the system to redirecting suspicious programs' access to disks, registry tables, etc. Under the designated folder, thereby...

Embodiment 3

[0083] image 3 It is a schematic structural diagram of Embodiment 1 of the device for obtaining network security data according to the embodiment of the present invention, as shown in image 3 As shown, the apparatus for obtaining network security data in the embodiment of the present invention may include a first obtaining module 10 , a first determining module 11 and a second obtaining module 12 .

[0084] The first acquiring module 10 is configured to acquire the calling function corresponding to each event in the current web page from the preset calling function library.

[0085] The first determination module 11 is configured to determine the triggered event in the current webpage according to the return data of the calling function acquired by the first acquisition module 10 .

[0086] The second acquiring module 12 is configured to acquire the page content corresponding to the triggered event, and acquire network security-related data in the current web page according...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The embodiment of the invention provides an obtaining method and device for network security data. The method comprises the steps of obtaining a call function corresponding to each event in a current webpage from a preset call function library; determining the triggered event in the current webpage according to return data of the call function; obtaining webpage content corresponding to the triggered event; and obtaining network security related data in the current webpage according to the webpage content corresponding to the triggered event. According to the technical scheme provided by the embodiment of the invention, the network security related data of the webpage established in an Ajax mode can be obtained, vulnerability possibly existing in the current webpage is analyzed, a vulnerability missing report rate is reduced, and the network security is improved.

Description

technical field [0001] The embodiments of the present invention relate to the field of network technologies, and in particular, to a method and device for acquiring network security data. Background technique [0002] Now that Internet applications have entered the Web 2.0 era, the performance of the application side is becoming more and more abundant, and the performance requirements for the front-end pages are also getting higher and higher. In order to provide users with a more natural browsing experience, many large-scale websites use asynchronous JavaScript and XML (Asychronous Javascript and XML, Ajax) loading technology to load the page. [0003] With the help of Ajax asynchronous loading technology, when the user performs operations on the web page, JavaScript (the scripting language developed by the client-side Web) and DHTML (Dynamic html, dynamic html) can be used to update the page immediately, and send an asynchronous request to the server to perform the update ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06
CPCH04L63/1433H04L63/308
Inventor 林榆坚
Owner BEIJING AISEC TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap