Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Method for preventing replay attack of API (Application Program Interface)

An API interface and replay attack technology, which is applied in the computer field, can solve the problems of increased server burden and consumption, and achieve the effects of accurately identifying replay attacks, reducing overhead, and reducing costs

Pending Publication Date: 2021-09-10
JINLING INST OF TECH
View PDF5 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0006] (1) Since the replay attack is a small probability event in the interface request, its large-scale processing interface request is a normal interface. The disadvantage of the above combination scheme is that Each normal interface request requires an indiscriminate check, that is, query from the collection whether the unique identification code is repeated, then cache the identification code, and clean up the expired identification code in the collection, resulting in a large number of heavy judgment-cache-cleaning process work All are consumed in normal interface processing, which invisibly increases the burden on the server;
[0007] (2) The nonce code storage of the unique identification code needs to be maintained in real time, the nonce code that expires when the time stamp expires is cleaned up, and a new nonce code is added, and the complexity of the algorithm depends on the The nonce code variable buffer length changes, requiring a certain maintenance cost

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for preventing replay attack of API (Application Program Interface)

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0030] The specific embodiments of the present invention will be further described below in conjunction with the accompanying drawings:

[0031] A method for preventing replay attacks by an API interface, characterized in that: it is characterized in that it comprises the following steps:

[0032] Step 1: When making an interface request, calibrate the time stamp of the requesting end and the server time, and calculate the difference for the requesting end to calibrate to ensure that the time of the requesting end and the server time are basically synchronized;

[0033] Step 2: Set the timeout time of the interface according to the http request framework of the requester, usually take 30 seconds as an example, the interface request time is t1, the current server time is t2, if t1>t2, it is a request with illegal parameters, if t2-t1 >=30 seconds, the interface times out, and requests from illegal interfaces and time-out interfaces are rejected. When t2-t1<30 seconds, it is con...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a method for preventing a replay attack of an API (Application Program Interface), which is characterized in that: at an API sending end, API sending based on user ID (Identity) marking is ordered, a unique time sequence code is introduced based on a timestamp to mark a request, and then an interface repetition state is compressed and recorded through a binary bit state of a state code, so that only two groups of data need to be cached, namely a state code and a latest time sequence code, differential processing is performed on a normal request and a suspected abnormal request, namely a state code and a latest time sequence code, verification-free optimization acceleration is performed on a normal request interface, and performing left shift operation on a binary state bit of the state code to maintain the state. According to the method, the request lagged due to network delay, routing and the like and the request of the replay attack can be screened out from the suspected abnormal request, so that the replay attack request is denied to be processed, the lagged normal request is effectively processed, the unnecessary overhead of the service is reduced, the replay attack can be accurately identified, and the state code does not need to be maintained and cleaned in real time.

Description

technical field [0001] The invention belongs to the technical field of computers, and in particular relates to a method for preventing replay attacks through an API interface. Background technique [0002] In today's rapid development of the Internet, information system security has become the top priority. In an HTTP request, many routers and switches are passed between the requester and the server receiver. Malicious network attackers can intercept the request packets in the middle by capturing packets. Data, thereby sending a packet that the destination host has received to achieve the purpose of deceiving the system, may cause serious consequences such as information theft or even system paralysis. [0003] At present, the main methods of anti-replay attack are: 1. Encrypted signature scheme based on timestamp timestamp, the server uses the agreed key to re-sign the requested parameters, and compares it with the received signature to prevent parameters from being tampere...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06H04J3/06H04L9/32
CPCH04L63/10H04L63/1425H04L63/1441H04L9/3297H04L9/3226H04J3/0661
Inventor 张秀良程炳华张芯苑
Owner JINLING INST OF TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com