Method for preventing replay attack of API (Application Program Interface)

Abstract

The invention discloses a method for preventing a replay attack of an API (Application Program Interface), which is characterized in that: at an API sending end, API sending based on user ID (Identity) marking is ordered, a unique time sequence code is introduced based on a timestamp to mark a request, and then an interface repetition state is compressed and recorded through a binary bit state of a state code, so that only two groups of data need to be cached, namely a state code and a latest time sequence code, differential processing is performed on a normal request and a suspected abnormal request, namely a state code and a latest time sequence code, verification-free optimization acceleration is performed on a normal request interface, and performing left shift operation on a binary state bit of the state code to maintain the state. According to the method, the request lagged due to network delay, routing and the like and the request of the replay attack can be screened out from the suspected abnormal request, so that the replay attack request is denied to be processed, the lagged normal request is effectively processed, the unnecessary overhead of the service is reduced, the replay attack can be accurately identified, and the state code does not need to be maintained and cleaned in real time.

Description

technical field [0001] The invention belongs to the technical field of computers, and in particular relates to a method for preventing replay attacks through an API interface. Background technique [0002] In today's rapid development of the Internet, information system security has become the top priority. In an HTTP request, many routers and switches are passed between the requester and the server receiver. Malicious network attackers can intercept the request packets in the middle by capturing packets. Data, thereby sending a packet that the destination host has received to achieve the purpose of deceiving the system, may cause serious consequences such as information theft or even system paralysis. [0003] At present, the main methods of anti-replay attack are: 1. Encrypted signature scheme based on timestamp timestamp, the server uses the agreed key to re-sign the requested parameters, and compares it with the received signature to prevent parameters from being tampere...

AI Technical Summary

Problems solved by technology

[0006] (1) Since the replay attack is a small probability event in the interface request, its large-scale processing interface request is a normal interface. The disadvantage of the above combination scheme is that Each normal interface request requires an indiscriminate check, that is, query from the collection whether the unique identification code is repeated, then cache the identification code, and clean up the expired identification code in the collection, resulting in a large number of heavy judgment-cache-cleaning process work All are consumed in normal interface processing, which invisibly increases the burden on the server;

[0007] (2) The nonce code storage of the unique identification code needs to be maintained in real time, the nonce code that expires when the time stamp expires is cleaned up, and a new nonce code is added, and the complexity of the algorithm depends on the The nonce code variable buffer length changes, requiring a certain maintenance cost

Images