Picture uploading safety detection method and device

A security detection and image uploading technology, applied in the field of network security, can solve problems such as malicious attacks, achieve the effect of improving security, realizing security detection and processing, and reducing the probability of malicious attacks

Inactive Publication Date: 2019-10-08
SICHUAN CHANGHONG ELECTRIC CO LTD
View PDF6 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] The present invention aims to solve the problem that attackers can easily exploit malicious attacks when uploading pictures, and proposes a security detection method and device for uploading pictures

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Picture uploading safety detection method and device
  • Picture uploading safety detection method and device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0024] Embodiments of the present invention will be described in detail below with reference to the accompanying drawings.

[0025] The security detection method of picture upload of the present invention, such as figure 1 As shown, it comprises the following steps: Step 1. Receive the uploaded picture file, detect the parameters of the picture file, if the parameters of the picture file are abnormal, then determine that there is a security risk in the picture file; Step 2. If the picture file The parameters of the file are normal, and the character stream of the picture file is obtained, and the similarity matching is performed between the character stream and the malicious code in the malicious code library. If the similarity is greater than a preset value, it is determined that the picture file has a security risk.

[0026] Specifically, the image file received and uploaded is generally the image file uploaded by the server receiving the client, and the image file includes ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to the technical field of network safety, aims to solve the problem that a picture is easily utilized by an attacker to cause malicious attacks when being uploaded, and providesa picture uploading safety detection method and device. The method comprises the steps of receiving an uploaded picture file, detecting the parameters of the picture file, and judging that the picturefile has a potential safety hazard if the parameters of the picture file are abnormal; and if the parameters of the picture file are normal, obtaining a character flow of the picture file, carrying out similarity matching on the character flow and the malicious codes in a malicious code library, and if the similarity is greater than a preset value, judging that the picture file has the potentialsafety hazards. According to the invention, the comprehensive safety detection of the uploaded picture file is realized, the probability that the background system is maliciously attacked is reduced,and the safety is improved.

Description

technical field [0001] The invention relates to the technical field of network security, in particular to a security detection method and device for uploading pictures. Background technique [0002] At present, the background system basically has a place to upload pictures, such as uploading user avatars, uploading screenshots, and so on. If a malicious attacker wants to use the image upload function to upload a shell, the following three conditions are required: upload point, absolute path, and execution permission. For example: upload xx.jpg / xx.php for malicious behavior by using parsing vulnerability; upload jpg file with malicious code by using .htaccess; In the packet capture software, change the hexadecimal of the second . to 00), so that in some background systems, when saving the file, the file name will be xx.php instead of xx.php.jpg; use the suffix Name parsing vulnerability, upload xx.php.abc, because some servers cannot recognize the abc suffix, so they look f...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/56
CPCG06F21/563
Inventor 常清雪宋垚
Owner SICHUAN CHANGHONG ELECTRIC CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap