Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Method and system for detecting hostile attack on Internet information system

A malicious attack, information system technology, applied in the usage of multiple keys/algorithms, platform integrity maintenance, etc., can solve the problems of data inconsistency, large detection workload, large differences, etc., to reduce labor costs, reduce workload, the effect of reducing workload

Active Publication Date: 2013-09-04
GUANGDONG POWER GRID CO LTD INFORMATION CENT
View PDF5 Cites 52 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0007] (1) Heavy detection workload: Vulnerability scanning is cumbersome and requires manual on-duty and configuration, and the interpretation of scanning results also takes a lot of time;
[0008] (2) High dependence on experts: Whether it is vulnerability scanning, manual inspection or penetration testing, they all rely on experienced experts. The verification of scanning results and penetration testing rely heavily on personal quality and technical ability, and the results given by different people may vary greatly. Big;
[0009] (3) The detection is not comprehensive enough: for a new evaluation object, in addition to detecting vulnerabilities, it is also necessary to evaluate the content and security of the application itself. It is necessary to quickly collect information such as its host, application server, and database server. and conduct a comprehensive analysis;
[0010] (4) Lack of analysis means: Due to the use of multiple testing tools during the detection process, the data is not centralized, and there is a lack of a comprehensive platform for comprehensive display and analysis, making it impossible to perform advanced analysis on the maturity of security capabilities and security risk trends;
[0011] (5) Insufficient attention to content security: What the website finally displays to customers is intuitive web content
[0012] (6) The frequency of security detection is not high: the current malicious attack detection is basically static detection; however, external websites change frequently, and it is impossible to detect security vulnerabilities and malicious behavior results in time

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and system for detecting hostile attack on Internet information system
  • Method and system for detecting hostile attack on Internet information system
  • Method and system for detecting hostile attack on Internet information system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0064] In order to make the object, technical solution and advantages of the present invention more clear and definite, the present invention will be further described in detail below with reference to the accompanying drawings and examples. It should be understood that the specific embodiments described here are only used to explain the present invention, not to limit the present invention.

[0065] Such as figure 1 What is shown is a flowchart of a preferred embodiment of a method for detecting malicious attacks on Internet information systems in the present invention. Specifically include the following steps:

[0066] S100. Periodically capture and store page content of Internet websites.

[0067] In a specific embodiment, the Internet website page content is regularly captured mainly through the NMAP protocol and / or the SYSLOG protocol. Among them, NMap, also known as Network Mapper, is a network scanning and sniffing toolkit under Linux. The SYSLOG protocol is used fo...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a method and a system for detecting a hostile attack on an Internet information system. The method comprises the following steps: A, regularly crawling and saving the content of an Internet web page; B, conducting a Trojan detection analysis, a sensitive word detection analysis, a sensitive image detection analysis, a directory change detection analysis, a host information audit detection analysis, a broken link / wrong link detection analysis, a page change detection analysis and / or log collection detection analysis to the crawled content of the Internet web page according to a predefined rule; and C, according to the results of the detection analyses, generating corresponding detection reports, and outputting and displaying the detection reports. The method for detecting the hostile attack on the Internet information system has the advantages that the detection is comprehensive, the defection safety is increased, the workload is reduced, the human cost is reduced, and the method provides convenience for users.

Description

technical field [0001] The invention relates to the technical field of network detection, in particular to a method and system for detecting malicious attacks on websites. Background technique [0002] The detection of website malicious attacks scans websites, analyzes the scanned data and extracts suspicious malicious information. [0003] The detection methods for malicious attacks on websites at home and abroad include vulnerability scanning, manual inspection and penetration testing. Vulnerability scanning uses security vulnerability scanning software or equipment to discover vulnerabilities through network scanning and automatically completes the inspection work; manual inspection is to log in to the system as a system administrator, find tools to scan for security vulnerabilities that cannot be found, understand website configuration information and view Website under attack; Penetration testing is a method to detect website security by simulating the attack method of...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L9/14G06F21/56
Inventor 王甜陈军邹洪崔磊朱奕艾解清吴一阳卜夏锋
Owner GUANGDONG POWER GRID CO LTD INFORMATION CENT
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com