Eureka AIR delivers breakthrough ideas for toughest innovation challenges, trusted by R&D personnel around the world.

Application program attack defense method and system based on code injection and behavior analysis

An application and code injection technology, applied in the direction of instrumentation, error detection/correction, computing, etc., can solve the problem of not paying attention to web applications, and achieve the effect of efficient identification mechanism, comprehensive protection, and fast vulnerability response

Active Publication Date: 2021-06-22
NAT UNIV OF DEFENSE TECH
View PDF7 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, the WAF function has natural defects. He is only interested in requests and responses, but does not pay attention to the web application itself

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Application program attack defense method and system based on code injection and behavior analysis
  • Application program attack defense method and system based on code injection and behavior analysis
  • Application program attack defense method and system based on code injection and behavior analysis

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0027] In order to make the purpose, technical solution and advantages of the present invention clearer, the technical solution of the present invention will be clearly and completely described below in conjunction with specific embodiments of the present invention and corresponding drawings. Apparently, the described embodiments are only some of the embodiments of the present invention, but not all of them. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without making creative efforts belong to the protection scope of the present invention.

[0028] In order to make the technical means, creative features, goals and effects achieved by the present invention easy to understand, the technical solutions in the embodiments of the present invention will be clearly and completely described below. Obviously, the described embodiments are only a part of the present invention. example, not all examples. Based o...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The present invention proposes an application program attack defense method and system based on code injection and behavior analysis. By injecting protection codes into applications that need protection, identifying attack behaviors in applications includes: injecting protection codes into applications that need protection Program, mount the hook point at the predetermined key call position, and the protection code monitors the marked parameters and the operation behavior of calling key functions in the application; run a unified protection plug-in, and conduct security risk analysis in combination with the operation behavior, marked parameters and context information , identify whether there is a suspicious webshell in the monitored code in the application program; send a corresponding alarm message according to the security risk analysis result, or directly block the operation of the application program. The above method can detect attacks and protect itself at runtime through reasonable deployment of protection codes, achieving fewer false negatives and false negatives, more comprehensive and accurate protection, and faster vulnerability response.

Description

technical field [0001] The invention relates to the technical field of application security protection, in particular to a code injection-based self-protection technology for runtime applications, which is mainly used in the security protection of Web application programs. Background technique [0002] Currently, there are two main categories of web application security protection technologies: [0003] 1. WAF (Web Application Firewall): It specifically provides protection for Web applications by implementing a series of security policies for HTTP / HTTPS. In the early days, WAF was a protection device based on rule protection. WAF manufacturers maintained the rule base and updated it in real time. Users can protect applications in all aspects according to these rules. However, as the offensive and defensive sides continue to fight each other, various bypass techniques have appeared in this traditional defense system, breaking this line of defense. s attack. In the past few...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): G06F21/54G06F11/30
CPCG06F11/3051G06F21/54
Inventor 杨星马涛陈勇周先东施凡沈毅常超朱静轩孟彦朱东涛
Owner NAT UNIV OF DEFENSE TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Eureka Blog
Learn More
PatSnap group products