Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Interface call injection preventing method and system

An interface calling and anti-injection technology, which is applied in the direction of transmission system, digital transmission system, encryption device with shift register/memory, etc., can solve the problem of no parameter anti-injection security protection, etc.

Inactive Publication Date: 2018-04-10
ZHENGZHOU YUNHAI INFORMATION TECH CO LTD
View PDF6 Cites 7 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] In reality, there are many URL requests without parameter anti-injection security protection, and URL requests are generally easier to obtain

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Interface call injection preventing method and system
  • Interface call injection preventing method and system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0035] In order to make the purpose, technical solution and advantages of the present invention more clear, the embodiments of the present invention will be described in detail below in conjunction with the accompanying drawings. It should be noted that, in the case of no conflict, the embodiments in the present application and the features in the embodiments can be combined arbitrarily with each other.

[0036] The steps shown in the flowcharts of the figures may be performed in a computer system, such as a set of computer-executable instructions. Also, although a logical order is shown in the flowcharts, in some cases the steps shown or described may be performed in an order different from that shown or described herein.

[0037] In reality, there are many URL requests without parameter anti-injection security protection, and URL requests are generally easier to obtain. Malicious attackers will modify the URL parameter value or add the number of parameters to send a similar...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses an interface call injection preventing method and system. The method and the system relate to the computer internet technology, and solve the problem that a URL request is maliciously tampered. The method comprises: a sender sorts request parameters in a uniform resource locator (URL) request according to a preset sorting rule consistent with a receiver; the sender generates a first signature according to the sorting result; and the sender adds the first signature to the URL request and send the URL request with the first signature, so that the receiver verifies the parameter status of the URL request. The technical solution is applicable to the URL request and implements a mechanism for verifying the parameter status of the URL request.

Description

technical field [0001] The invention relates to computer internet technology, in particular to an interface call injection prevention method and system. Background technique [0002] Parameter pollution attack can be described as: For the existing legal parameter P and malicious parameter P, the application program does not check and filter the validity of the input parameters, then the parameter P will be received by the program and execute the attacker's intention. This is the parameter pollution attack . [0003] Parameter pollution attack vulnerabilities can be used to modify HTTP hard-coded parameters, change web application behavior, access or exploit uncontrollable variables, and bypass input validation checks and web application firewall rules. [0004] In reality, there are many URL requests without parameter anti-injection security protection, and URL requests are generally easier to obtain. Malicious attackers will modify the URL parameter value or add the numbe...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L9/06H04L29/06
CPCH04L9/0643H04L63/0807H04L63/1466
Inventor 陈春风
Owner ZHENGZHOU YUNHAI INFORMATION TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products