Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Network attack defense method and equipment

A network attack and equipment technology, applied in the computer field, can solve problems such as affecting user experience, false interception, slow page access speed, etc., to achieve the effect of improving user experience, improving efficiency, and defending against new attacks

Active Publication Date: 2016-01-13
SHANGHAI YUNDUN INFORMATION TECH
View PDF5 Cites 3 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Moreover, the current various network attack behaviors are very confusing. They simulate normal access characteristics to initiate access requests to the website, and adopt some bypass strategies, such as adding some comments to the injection statement through Unicode transcoding, BASE64 encoding, etc. characters etc. to bypass
The detection mechanism of the existing technology is difficult to identify such network attacks. Most of the current WAF (WebApplication Firewall, website application-level intrusion prevention system) related products adopt the following interception detection mechanism: rely on the mastered attack type to summarize the corresponding pattern string to form Rule base, to detect and filter the access content; or, rely on the mastered attack types to summarize the corresponding signature code to form a rule base, to detect and filter the access content
[0003] However, the following problems generally exist in the prior art: (1) the pattern strings in the pattern string rule base are limited and fixed, and are easy to be detected by hackers and bypass the detection of the pattern strings; (2) the signature rule base The feature codes in the network also have limitations and fixedness. Hackers can bypass the detection of feature codes through some evasion strategies such as coding, and this method has a great possibility of false interception, which affects user experience; (3) means of network attacks , and methods are constantly being updated. Using pattern strings and feature codes for detection requires corresponding updates according to new attack methods, and real-time update of the rule base, resulting in an increasingly large rule base. Updating the rule base cannot achieve active defense and intelligent defense; (4) use the method of traversing one by one to detect and match the rule base, then as the rule base becomes larger and larger, the efficiency of detection and matching will also become more and more Low, resulting in slower page access

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Network attack defense method and equipment
  • Network attack defense method and equipment
  • Network attack defense method and equipment

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0036] The application will be further described in detail below in conjunction with the drawings.

[0037] In a typical configuration of this application, the terminal, the equipment of the service network, and the trusted party all include one or more processors (CPU), input / output interfaces, network interfaces, and memory.

[0038] The memory may include non-permanent memory in computer readable media, random access memory (RAM) and / or non-volatile memory, such as read only memory (ROM) or flash memory (flashRAM). Memory is an example of computer readable media.

[0039] Computer-readable media includes permanent and non-permanent, removable and non-removable media, and information storage can be realized by any method or technology. The information can be computer-readable instructions, data structures, program modules, or other data. Examples of computer storage media include, but are not limited to, phase change memory (PRAM), static random access memory (SRAM), dynamic rand...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a network attack defense method and equipment. The method comprises steps of scanning a page access request, so as to acquire addressing information of the page access request in a rule factor base; building a corresponding rule tree according to the addressing information and the rule factor base; determining attack decision information corresponding to the rule tree according to factor related information of rule factors corresponding to nodes in the rule tree and structure information of the rule tree; and finally, processing the page access request according to the attack decision information. Rule factors in the rule factor base include words, punctuations and so on that make up an attack statement, and superposition of a few rule factors replaces a lot of pattern strings and feature codes, so that compared with the prior art, the method prevents frequent updating of the rule factor base and can defense novel attacks proactively.

Description

Technical field [0001] This application relates to the computer field, and in particular to a technology for defending against network attacks. Background technique [0002] With the prosperous development of the Internet, hacker attacks have become more frequent. SQL (StructuredQueryLanguage) injection, XSS attacks (CrossSiteScripting), cookie spoofing, malicious scanning, and horse hacking have become more frequent. universal. Moreover, the current various network attack behaviors are very confusing. They simulate normal access characteristics to initiate access requests to the website and adopt some bypass strategies, such as adding some comments to the injection sentence through Unicode transcoding, BASE64 encoding, etc. Symbols, etc. are bypassed. The detection mechanism of the existing technology is difficult to identify such network attacks. Most of the current WAF (WebApplicationFirewall, website application-level intrusion prevention system) related products adopt the ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06H04L29/08
CPCH04L63/1466H04L67/02
Inventor 高力
Owner SHANGHAI YUNDUN INFORMATION TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products