A webpage backdoor detection method, device, equipment and storage medium

A web page backdoor and detection method technology, applied in the field of network security, can solve problems such as poor flexibility and difficulty in dealing with web page backdoor variants.

Active Publication Date: 2022-03-08
BEIJING QIHOO TECH CO LTD
View PDF0 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

This detection method relies on manual experience, and its flexibility is poor
In order to avoid being identified, web backdoors have various variants, and it is difficult to deal with web backdoor variants using the above-mentioned traditional detection methods.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A webpage backdoor detection method, device, equipment and storage medium
  • A webpage backdoor detection method, device, equipment and storage medium
  • A webpage backdoor detection method, device, equipment and storage medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0061] In order to better understand the above technical solution, the technical solution of the present specification will be described in detail below by the drawings and the specific embodiments, and it is understood that the specific features of the present specification and the embodiment of the present specification are DETAILED DESCRIPTION, this specification embodiment and the technical features of the present specification may be combined with each other in the case of unlipped conditions.

[0062] The technical solution provided in this specification embodiment is applied to the flow layer of the network, and can be implemented at the gateway or on the device including gateway functionality, and can be implemented on any device capable of monitoring network traffic. Take the method provided in the gateway as an example, such as figure 1 As shown, the gateway 101 monitors the network traffic between the target host 102 and the browser 103, which acquires the HTML file fro...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The embodiment of this specification provides a webpage backdoor detection method, device, equipment and storage medium. The method comprises: obtaining a hypertext markup language html file by monitoring the network flow between the target host and the browser; performing segmentation processing on the html file to obtain a plurality of html fragments; Each html fragment is matched; according to the matching result, it is judged whether the html file is a webpage backdoor file. Variations of webpage backdoors are usually implemented by changing rendering effects, etc. These changes usually do not involve changes in the number of matching html fragments. Therefore, the detection method provided by the embodiment of this specification can effectively counteract the variation of webpage backdoors.

Description

Technical field [0001] Embodiments of the present specification relate to network security technology, and more particularly to a web latheolic detection method, device, device, and storage medium. Background technique [0002] The webpage back door is a common tool for hackers attack target hosts. Take WebShell as an example, which is ASP (Active Server Pages, Dynamic Target Host Page), PHP (Hypertext Preprocessor, Hypertext Pretreatment), JSP (Java Server Pages, Java Target Host Page) or CGI (General Gateway Interface), etc. The command execution environment exists in the form of web file files, or it is also known as a web. [0003] Traditional web back door detection methods are mainly to make accurate descriptions of the features of known web lattime files, and then form regular expressions, using regular expressions to perform web back door detection. This detection method depends on artificial experience, its flexibility is poor. The web is rear door to avoid being identif...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): G06F21/55G06F21/57
CPCG06F21/55G06F21/556G06F21/577
Inventor 张鑫
Owner BEIJING QIHOO TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap