Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Security gateway and method for forwarding webpage by using security gateway

A security gateway and webpage technology, applied in the field of network security, can solve problems such as high dependence, high computing resource requirements, and inability to detect webpage Trojan horses, etc., and achieve the effects of improving detection accuracy, reducing computing overhead, and reducing computing pressure

Inactive Publication Date: 2012-05-23
BEIJING VENUS INFORMATION TECH +1
View PDF9 Cites 33 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The main deficiencies in the honeypot-based webpage Trojan detection method are: 1) the honeypot inspection method is more dependent on the honeypot environment, and it cannot detect those webpage Trojans that do not meet the attack conditions. For example, InternetExplorer is used as a browser The honeypot of the browser cannot detect those webpage Trojan horses aimed at Mozilla browser vulnerabilities; 2) the honeypot detection method is a kind of active webpage Trojan detection method, which cannot realize the real-time detection of webpage Trojans; 3) Honeypot The detection method requires high computing resources and cannot be implemented on the web security gateway
[0015] The advantage of the web page hanging horse detection method based on the Web security gateway is that it is easy to implement, and the disadvantage is: due to the limitation of the computing power of the Web security gateway, the current Web security gateway does not provide the ability to explain and execute client scripts (such as Javascript or VBScript), so , the web security gateway cannot extract the malicious URLs generated by client-side scripts, so it cannot detect those web-mounted horse-mounted behaviors that use client-side scripts to mount webpages

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Security gateway and method for forwarding webpage by using security gateway
  • Security gateway and method for forwarding webpage by using security gateway
  • Security gateway and method for forwarding webpage by using security gateway

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0050] The first embodiment is a method for a security gateway to forward webpages, including:

[0051] After getting the Web page requested by the client from the server, attach the pre-generated mobile code to the Web page to be forwarded; the mobile code is set to traverse the document object model corresponding to the attached Web page when executed, and extract Specify the URL in the HTML tag, and match the extracted URL with a preset malicious URL set;

[0052] Adding a command statement to the web page to which the mobile code is attached; the command statement is set to trigger the execution of the mobile code when the web page is loaded;

[0053] The Web page attached with the mobile code and added sentences is forwarded to the client.

[0054] In this embodiment, the mobile code can be interpreted and executed by a Web browser or other programs in the Web client; when a standard Web browser on the Web client loads a Web page that is attached to the mobile code, it will T...

Embodiment 2

[0228] Embodiment two, a security gateway, including:

[0229] The add module is used to attach the pre-generated mobile code to the web page to be forwarded after the web page requested by the client is obtained from the server; the mobile code is set to traverse the document corresponding to the attached web page when executed Object model, extract the URL in the specified HTML tag, and match the extracted URL with the preset malicious URL collection;

[0230] A web page modification module, configured to add a command statement to the web page attached to the mobile code, the command statement set to trigger the execution of the mobile code when the web page is loaded;

[0231] The web page forwarding module is used to forward the web page attached with the mobile code and added sentences to the client.

[0232] In this embodiment, the security gateway may further include:

[0233] A generating module for generating the mobile code;

[0234] And a storage module for storing the...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a security gateway and a method for forwarding a webpage by using the security gateway. The method comprises the following steps of: attaching a pre-generated mobile code to a Web page to be forwarded after the Web page requested by a client is acquired from a server; setting the mobile code to ensure that a corresponding document object model corresponding to the web page to which the mobile code is attached is traversed, extracting a uniform resource locator (URL) from a specified hypertext markup language (HTML) label and matching the extracted URL with a preset malicious URL set during execution; adding a command statement into the Web page to which the mobile code is attached; setting the command statement to ensure that the execution of the mobile code is triggered when the Web page is loaded; and forwarding the Web page to which the mobile code is attached and into which the statement is added to the client. By the method, malicious URL hidden in the Web page can be accurately detected under the condition that computation overhead of the security gateway is not increased.

Description

Technical field [0001] The invention relates to the field of network security, in particular to a security gateway and a method for forwarding web pages. Background technique [0002] After nearly two decades of development, the scale of the current Internet has become very large, and in particular, the Web business, one of the main Internet businesses, has developed rapidly, which has brought great convenience to people in obtaining information. At the same time, the security status of those Web sites that provide people with Web services is worrying. The most common security problem is that the web pages of the Web sites are linked by hackers. At present, more than 90% of Trojan horses and viruses are spread using horse-hanging web pages. Early web page hanging horses were implemented by directly embedding IFRAME or Object objects in the web page. For example, hackers directly embedded the following code on the home page of the victim website www.abc.com: [0003] <iframe sr...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/08H04L29/06G06F17/30
Inventor 叶润国肖小剑
Owner BEIJING VENUS INFORMATION TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com