Website application vulnerability attack detection method and device and storage medium

A detection method and vulnerability technology, applied in the field of information security, can solve problems such as the inability to achieve precise protection and the inability of protection methods to be associated with specific businesses, and achieve the effect of precise protection
CN112395597APending Publication Date: 2021-02-23QI AN XIN SECURITY TECH ZHUHAI CO LTD +1
9 Cites 2 Cited by

Patent Information

Authority / Receiving Office
CN Β· China
Patent Type
Applications(China)
Current Assignee / Owner
QI AN XIN SECURITY TECH ZHUHAI CO LTD
Publication Date
2021-02-23

Smart Images

  • Figure 1
    Figure 1
  • Figure 2
    Figure 2
  • Figure 3
    Figure 3
Patent Text Reader

Abstract

The invention discloses a website application vulnerability attack detection method and device, a storage medium and computer equipment, and the method comprises the steps of monitoring an interpretercorresponding to a target website application, and capturing a to-be-executed code of a key function from the interpreter through a hook function; analyzing the to-be-executed code to obtain a to-be-executed process corresponding to the to-be-executed code; and judging whether the to-be-executed code is the execution code of the vulnerability attack behavior or not according to the standard execution process corresponding to the key function and the to-be-executed process. According to the invention, the key function of the execution layer is executed through the hook script, and whether theexecution process of the script meets the specification or not is judged by checking whether the execution process of the script meets the specification or not, so that accurate protection of websiteapplication layer vulnerabilities is realized.
Need to check novelty before this filing date? Find Prior Art

Description

technical field

[0001] The present application relates to the technical field of information security, in particular to a detection method and device, a storage medium, and a computer device for a website application vulnerability attack. Background technique

[0002] In recent years, intranet security incidents have occurred frequently, and the loss of important or sensitive data within enterprises or organizations has caused serious losses and impacts on governments and enterprises.

[0003] In order to prevent vulnerability attacks from causing adverse effects on user terminals or website servers, the current protection against various application layer vulnerabilities (such as deserialization, code execution vulnerabilities, etc.) of website applications is mainly through feature matching. Whether the request packet to the website application contains specific attack characteristics. This protection method cannot be associated with specific services. If the rules are too...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More