Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Method and device for controlling hyper text transport protocol (HTTP) traffic

A control method and flow technology, applied in the field of network security, can solve the problems of unsatisfactory application effect, inability to distinguish normal web service access HTTP traffic and abnormal HTTP traffic, etc., and achieve better defense effect

Inactive Publication Date: 2012-07-11
BEIJING VENUS INFORMATION TECH +1
View PDF4 Cites 31 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

When defending against abnormal HTTP traffic, most of the current methods cannot distinguish between normal web service access HTTP traffic and abnormal HTTP traffic, so they can only process HTTP requests in a unified way, such as limiting traffic, etc.
The application effect of this abnormal HTTP traffic defense method is not ideal in actual application scenarios

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and device for controlling hyper text transport protocol (HTTP) traffic
  • Method and device for controlling hyper text transport protocol (HTTP) traffic
  • Method and device for controlling hyper text transport protocol (HTTP) traffic

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0049] Embodiment 1, a method for controlling HTTP traffic, which can be but not limited to be used on a web security gateway, including:

[0050] According to the HTTP traffic sent to the Web server by the Web client, it is determined that the Web client is an automatic tool or manual browsing;

[0051] Only the HTTP traffic generated by the Web client determined to be manually browsed is allowed to enter the Web server.

[0052] That is to say, for the HTTP flow that is determined as the Web client that the automatic tool produces, prevent it from entering the described Web server, such as directly discarding the HTTP request, or not processing it until it is covered by a new HTTP request; if the result of the determination is If not sure, the leaky bucket algorithm known in the field of network service quality can be used to send the HTTP request to the Web server at a pre-agreed forwarding rate, and it can also be prevented from entering the Web server in practical applica...

Embodiment 2

[0090] Embodiment 2, a device for controlling HTTP traffic, which can be used on a security gateway, such as image 3 shown, including:

[0091] Web client judging module: used to determine that the Web client is an automatic tool or manual browsing according to the HTTP traffic sent to the Web server by the Web client;

[0092] The HTTP current limiting module is used to only allow the HTTP flow generated by the Web client judged as manual browsing to enter the Web server.

[0093] In the present embodiment, the judgment result of described Web client judgment module can have three kinds: A) Web client is an automatic tool; B) Web client is manual browsing; C) current behavior is unknown; Described HTTP current limiting module according to The judgment result of described Web client judgment module determines the next action for HTTP request: if the judgment result of the Web client that sends this HTTP request is an automatic tool, then can but not limited to directly disca...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a method and a device for controlling hyper text transport protocol (HTTP) traffic. The method includes the following steps: according to HTTP traffic sent to a Web server by a Web client, deciding that the Web client is an automatic tool or artificial browsing; only allowing the HTTP traffic generated by the Web client which is decided to be artificial browsing to enter the Web server. The method and the device are capable of limiting abnormal HTTP traffic, simultaneously allow HTTP traffic of normal Web business access to normally pass and accordingly ensure Web access service quality of normal users to the maximum degree.

Description

technical field [0001] The invention relates to the field of network security, in particular to an HTTP flow control method and device. Background technique [0002] HTTP (HyperTextTransferProtocol, hypertext transfer protocol) is currently one of the most widely used protocols on the Internet. As one of the main businesses of the Internet, the Web business is currently developing rapidly. While it brings great convenience to people to obtain information, it has also become the most concerned attack target of hackers. At present, there are various attack methods on Web sites. The traditional attacks include attacks based on the transport layer (including SYNFlood attacks and empty connection attacks), while the most common attacks are based on the application layer, including HTTPFlood attacks, CC attacks. Most of the HTTP traffic generated by these application-layer-based Web attacks conforms to the HTTP protocol specification. Traditional network security devices based on...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L12/56H04L29/08H04L12/801
Inventor 叶润国周涛
Owner BEIJING VENUS INFORMATION TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com