Dynamic cookie verification method and device for network protection

A verification method and verification device technology, applied in the field of network security, can solve problems such as inability to adapt to different operating environments, and achieve the effect of preventing access attacks

Active Publication Date: 2019-07-23
广州安锐信息技术有限公司
View PDF12 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0007] The purpose of the present invention is to provide a dynamic cookie verification method and device for network protection against the defects of the existing methods, which avoids the technical means of encrypting the URL through the script language in...

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Dynamic cookie verification method and device for network protection
  • Dynamic cookie verification method and device for network protection
  • Dynamic cookie verification method and device for network protection

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0074] Such as figure 1 As shown, this embodiment discloses a dynamic cookie verification method for network protection, comprising the following steps:

[0075] S1. The client sends an http request to the server; the http request includes a request cookie and a request URL;

[0076] S2. Use the preset cookie library to decrypt and verify the cookie information of the requested cookie; the cookie information includes cookie name and cookie value;

[0077] If the verification is successful, the http request is directed to the page to be accessed corresponding to the requested URL, and the page to be accessed is used as the return information;

[0078] If the verification fails, the http request is directed to a default page, and the default page is used as the return information;

[0079] S3. Use an encryption algorithm to encrypt the feature field in the http request to generate a verification cookie value, and randomly generate a verification cookie name, and store the veri...

Embodiment 2

[0109] At the same time, if image 3 As shown, this embodiment also corresponds to the verification method of Embodiment 1, and discloses a dynamic cookie verification device for network protection. Its effect is similar to that of Embodiment 1, and will not be repeated here. This device includes:

[0110] cookie authentication module 1 for:

[0111] Receive the http request sent by the client to the server, the http request includes request cookie and request URL;

[0112] Use the preset cookie library to decrypt and verify the cookie information of the requested cookie; the cookie information includes the cookie name and cookie value;

[0113] When the verification is successful, the http request is directed to the page to be accessed corresponding to the requested URL, and the page to be accessed is used as the return information;

[0114] When the verification fails, the http request is directed to a default page, and the default page is used as the return information; ...

Embodiment 3

[0137] Such as Figure 5 As shown, this embodiment discloses a specific implementation of a cookie verification method, the steps of which include:

[0138] 1. The client sends an http request to the server, and the server of the present invention receives the request sent by the client.

[0139] 2. The URL matching module of the present invention will match the URL of the http request, and the URL request belonging to the protected object enters the dynamic cookie verification module of the present invention and enters the dynamic cookie verification link-1.

[0140] 3. URL requests that do not meet the matching rules are directly forwarded to the background server for normal processing.

[0141] 4. The request matching the URL rule will enter the cookie verification link-1 of the present invention to check to see if there is a cookie named cookie B, and if it exists, it will enter the cookie verification link-2.

[0142] 5. If the URL rule is matched, but there is no cooki...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a dynamic cookie verification method and device for network protection, the cookie in the http request transmitted by the client can be verified; after verification, the http request is sent to the server for processing; a network attacker is prevented from using a large number of unverified requests to carry out DDOS attack on the server and comsuming processing resourcesof servers, and the network infrastructure will not be paralyzed and even damaged; meanwhile, for the http request which does not pass the verification, the behavior of the client side is judged through the inserted cookie processing module, and after it is judged that the behavior of the client side is a safe and normal machine rather than an automatic malicious program, the client side can be screened to prevent malicious attacks.

Description

technical field [0001] The invention belongs to the field of network security, and mainly relates to a dynamic cookie verification method and device for network protection. Background technique [0002] Automation and artificial intelligence are the hottest buzzwords right now. The two are double-edged swords. Combining with 3C Internet equipment will bring various conveniences to people's work and life; combining with attacks will become a disaster. Now the attacks have formed a domino effect and are about to explode. Hackers only need to enter the URL they want to attack on a robot attack program, set parameters, test methods, test rules, verify the problem, and click submit. The robot attack program can be scanned. After scanning out the vulnerabilities, there will be a vulnerability library to automatically match and then launch an attack. What the hacker does is to wait for the rabbit and activate the trigger button. [0003] Going it alone is not how hackers behave. ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F21/55G06F21/60G06F21/62
CPCG06F21/6263G06F21/55G06F21/602
Inventor 刘勇
Owner 广州安锐信息技术有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap