Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Application program anti-attack method and system based on code injection and behavior analysis

An application and code injection technology, applied in the direction of instrument, platform integrity maintenance, electrical digital data processing, etc., can solve the problem of not paying attention to Web applications, and achieve the effect of efficient identification mechanism, comprehensive protection, and accurate protection

Active Publication Date: 2020-11-13
NAT UNIV OF DEFENSE TECH
View PDF7 Cites 8 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, the WAF function has natural defects. He is only interested in requests and responses, but does not pay attention to the web application itself

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Application program anti-attack method and system based on code injection and behavior analysis
  • Application program anti-attack method and system based on code injection and behavior analysis
  • Application program anti-attack method and system based on code injection and behavior analysis

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0027] In order to make the objectives, technical solutions and advantages of the present invention clearer, the technical solutions of the present invention will be described clearly and completely below in conjunction with specific embodiments of the present invention and the corresponding drawings. Obviously, the described embodiments are only a part of the embodiments of the present invention, rather than all the embodiments. Based on the embodiments of the present invention, all other embodiments obtained by those of ordinary skill in the art without creative work shall fall within the protection scope of the present invention.

[0028] In order to make the technical means, creative features, objectives and effects of the present invention easy to understand, the technical solutions in the embodiments of the present invention will be clearly and completely described below. Obviously, the described embodiments are only part of the implementation of the present invention. Exam...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides an application program anti-attack method and system based on code injection and behavior analysis. The method is characterized in that a protection code is injected into an application program needing to be protected, and attack behaviors in the application program are recognized. The method comprises the steps of injecting the protection code into the application program needing to be protected, and mounting a hook point at a preset key calling position, wherein the protection code monitors marked parameters and operation behaviors of calling a key function in the application program; running a unified protection plug-in, performing security risk analysis based on the operation behavior, the marked parameters and the context information, and identifying whether a suspicious webshell exists in a monitored code in the application or not; and sending out corresponding alarm prompt information according to the security risk analysis result, or directly blocking theoperation of the application program. According to the method, through reasonable deployment of the protection codes, attacks can be detected and self-protection can be carried out during operation,so that less missing report and false report, more comprehensive and accurate protection and faster vulnerability response are realized.

Description

Technical field [0001] The invention relates to the technical field of application safety protection, in particular to a run-time application self-protection technology based on code injection, which is mainly applied to the safety protection of Web applications. Background technique [0002] Currently, there are two main categories of web application security protection technologies: [0003] 1. WAF (Web Application Firewall): Provide protection for web applications by implementing a series of security policies for HTTP / HTTPS. The initial stage of WAF is a protection device based on rule protection. WAF manufacturers maintain this rule base and update it in real time. Users can protect the application in all aspects according to these rules. However, as the offensive and defensive sides continue to attack, this traditional defense system has appeared with various bypass techniques, breaking the line of defense. At the same time, this set of defense ideas has a natural flaw, that ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/54G06F11/30
CPCG06F11/3051G06F21/54
Inventor 杨星马涛陈勇周先东施凡沈毅常超朱静轩孟彦朱东涛
Owner NAT UNIV OF DEFENSE TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products