CN104767747A - Click jacking safety detection method and device - Google Patents
Click jacking safety detection method and device Download PDFInfo
- Publication number
- CN104767747A CN104767747A CN201510143931.1A CN201510143931A CN104767747A CN 104767747 A CN104767747 A CN 104767747A CN 201510143931 A CN201510143931 A CN 201510143931A CN 104767747 A CN104767747 A CN 104767747A
- Authority
- CN
- China
- Prior art keywords
- webpage
- detected
- click
- network address
- white list
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Information Transfer Between Computers (AREA)
Abstract
The embodiment of the invention provides a click jacking safety detection method and device. The method comprises the steps that a button element and webpage URL information in a webpage to be detected are separated; the button element and a sensitive element in a sensitive element database are compared; if the sensitive element in the sensitive element database exists in the button element, the webpage URL information of the webpage to be detected is compared with a website white list in a website white list database; if the webpage URL information of the webpage to be detected is in the website white list, the click jacking safety detection is not executed; if the webpage URL information of the webpage to be detected is not in the website white list, the click jacking safety detection is executed. The click jacking safety detection method can achieve automatic safety detection for click jacking of SNS websites.
Description
Technical field
The present invention relates to computer network security technology field, be specifically related to the click be applied in social network website SNS and kidnap safety detection method and device.
Background technology
Clickjacking (click and kidnap) is the Web attack pattern of a kind of vision deception, click by deceive users some part comprising the webpage of hiding button and perform rogue program, hiding button is that (iframe is html tag by the iframe of stealth, iframe element can create the inline frame (at once inner frame) comprising another one document) realize, other guide then can be loaded into targeted website by iframe by hacker.If the well-designed Clickjacking of hacker attacks the page, so no matter user carries out normal mice punctuate and hits or mouse click action unintentionally, all may click and cause downloading the malicious acts such as trojan horse program.
Realizing in process of the present invention, inventor find above-mentioned existing click kidnap defense technique at least there are the following problems:
The page of current large-scale website is numerous, and some pages, must be nested by other websites according to business demand.But some sensitive page be do not allow by other pages nested, like this give almost cannot carry out Aulomatizeted Detect click kidnap leak, rate of false alarm is very high, can use hardly.
Especially for SNS (SNS: specially refer to the internet, applications service helping people to set up social network.Also the existing ripe universal information carrier of society is referred to, as note SMS service.The another kind of SNS is conventional to be explained: full name SocialNetwork Site, i.e. " social network sites " or " social network ") website, the feature of interactivity can amplify the effect clicking hijack attack, extensive worm may be caused to break out, cause great loss to user.
Due to click kidnap leak utilize difficulty low, detection difficult, so once there is a lot of large-scale attack case, caused very large security risk.
Protection at present based on the website of SNS class all finds and autonomous configuration based on artificial, but safety detection is kidnapped in the click that can not realize carrying out automation.
Summary of the invention
The object of this invention is to provide a kind of click and kidnap safety detection method and device, to realize the automation safety detection of the click hijack attack of SNS class website.
On the one hand, embodiments provide a kind of click and kidnap safety detection method, described method comprises:
Button element in webpage to be detected is separated with webpage uniform resource position mark URL information;
Sensitive elements in described button element and sensitive elements database is compared, if there is the sensitive elements in sensitive elements database in described button element, then the network address white list in the webpage URL information of webpage to be detected and network address white list database is compared;
If the webpage URL information of described webpage to be detected is in described network address white list, then do not perform the safety detection clicked and kidnap; If the webpage URL information of webpage to be detected is not in network address white list, then perform the safety detection clicked and kidnap.
On the other hand, embodiments provide a kind of click and kidnap safety detection device, it comprises:
Button element separation module, for being separated the button element in webpage to be detected with webpage uniform resource position mark URL information;
Sensitive elements memory module, for storing sensitive elements;
Network address white list memory module, for storing network address white list;
First comparing module, for comparing the sensitive elements in described button element and sensitive elements memory module;
Second comparing module, if for there is the sensitive elements in sensitive elements memory module in described button element, then compared the webpage URL information of webpage to be detected and network address white list;
Click and kidnap safety detection module, if for the webpage URL information of described webpage to be detected in described network address white list, then do not perform the safety detection clicked and kidnap; If the webpage URL information of webpage to be detected is not in network address white list, then perform the safety detection clicked and kidnap.
Technique scheme has following beneficial effect: owing to have employed the technology such as button element separation, network address white list, make to click the Aulomatizeted Detect kidnapping leak and become controlled and sustainable iteration, thus the detection speed and accuracy in detection that substantially increase and click and kidnap leak is had, testing cost is low, and Detection results is good.
Accompanying drawing explanation
In order to be illustrated more clearly in the embodiment of the present invention or technical scheme of the prior art, be briefly described to the accompanying drawing used required in embodiment or description of the prior art below, apparently, accompanying drawing in the following describes is only some embodiments of the present invention, for those of ordinary skill in the art, under the prerequisite not paying creative work, other accompanying drawing can also be obtained according to these accompanying drawings.
Fig. 1 is the flow chart of the click abduction safety detection method of embodiments of the invention;
Fig. 2 is the logic diagram of the click abduction safety detection device of embodiments of the invention.
Embodiment
Below in conjunction with the accompanying drawing in the embodiment of the present invention, be clearly and completely described the technical scheme in the embodiment of the present invention, obviously, described embodiment is only the present invention's part embodiment, instead of whole embodiments.Based on the embodiment in the present invention, those of ordinary skill in the art, not making the every other embodiment obtained under creative work prerequisite, belong to the scope of protection of the invention.
The present invention is by detecting SNS website (Social Networking Site, social network website, Main Function sets up Xian Shang community for a group has same interest with movable people, more well-known has FaceBook, Twitter, microblogging etc.) sensitive elements in webpage, determine whether to need to carry out clicking the safety detection of kidnapping, then whether respond containing corresponding secure HTTP the click abduction Aulomatizeted Detect carrying out automation by detecting webpage, propose corresponding method and apparatus, solve the automation safety detection problem of the click hijack attack of SNS class website.
Embodiments provide the method and apparatus that safety detection is kidnapped in a kind of click be applied in SNS, thus complete the automation safety detection that abduction is clicked in SNS class website.
Fig. 1 is the flow chart of the click abduction safety detection method of embodiments of the invention.As shown in Figure 1, this click abduction safety detection method comprises:
Step 102: the button element in webpage to be detected is separated with webpage URL information;
Step 104: compared by the sensitive elements in button element and sensitive elements database, if there is not sensitive elements in this button element, does not then perform the safety detection clicked and kidnap, and namely judges that this webpage does not exist to click and kidnaps leak; If there is the sensitive elements in sensitive elements database in described button element, then the network address white list in the webpage URL information of webpage to be detected and network address white list database is compared;
Preferably, this sensitive elements comprises the button element code that can cause and click hijack attack.
Preferably, the network address URL information allowing to be embedded by other webpages can be comprised in business demand in this network address white list.
Step 106: if the webpage URL information of this webpage to be detected is in above-mentioned network address white list, then do not perform the safety detection clicked and kidnap; If the webpage URL information of webpage to be detected is not in network address white list, then perform the safety detection clicked and kidnap.
Alternatively, can step 101 be comprised before step 102: obtain webpage to be detected, dynamic analysis is carried out to webpage to be detected.The object of dynamic analysis is to parse javascript language, what obtain is the dom tree being run rear generation containing html and javascript language, under regular situation, the dom tree that javascript generates cannot be found by source code, so will carry out dynamic analysis.In follow-up corresponding steps, button elements all in the webpage after dynamic analysis can be separated (extraction) out with webpage URL information to be detected.
Preferably, perform the concrete processing procedure clicking the safety detection of kidnapping in above-mentioned steps 106 can comprise: the server to URL information place sends the HTTP request of webpage to be detected, whether detect in the http header returned containing X-FRAME-OPTIONS head, if not containing X-FRAME-OPTIONS head, then judge that this webpage to be detected exists to click and kidnap leak, otherwise judge that this webpage to be detected has carried out clicking kidnapping defence, this webpage does not exist to click kidnaps leak.
X-FRAME-OPTIONS is the http head that Microsoft proposes, and is used for the click hijack attack defending to utilize iframe nested specially.
And all can well support at the version of IE8, Firefox3.6, more than Chrome4.
This head has three values:
DENY // refuse any territory to load
Load under SAMEORIGIN // permission homeodomain
ALLOW-FROM // the page address allowing frame to load can be defined
Program is by increasing this head response to http response bag, and browser by judging head response to determine the page how loading iframe, can reach the effect that hijack attack is clicked in defence like this when load page.
This click be applied in SNS kidnaps safety detection method owing to have employed the technology such as button element separation, network address white list, make to click the Aulomatizeted Detect kidnapping leak and become controlled and sustainable iteration, thus the detection speed and accuracy in detection that substantially increase and click and kidnap leak is had, testing cost is low, the beneficial effect that Detection results is good.
Owing to needing the webpage detected to have a lot, the button element on webpage also has a lot, but the request that much button element is corresponding is all the same, and the request falling rear end is all consistent.Request corresponding to button element contrasts as the button element in above-mentioned first comparing module by embodiments of the invention, how many buttons no matter are had like this when detecting, as long as the request corresponding to rear end meets sensitive elements, be namely considered as needing to carry out clicking the safety detection of kidnapping.The amount of calculation of such reality is little a lot, thus greatly can improve detection speed.
Click one of Aulomatizeted Detect difficult point of kidnapping and be that a lot of button is according to functional requirement, can be embedded into other webpages.Functional requirement is Protean, and such situation clicks that to kidnap the Aulomatizeted Detect rate of false alarm of leak very high due to uncontrollable result in, and even can not use.Embodiments of the invention are owing to have employed network address white list, and the uncontrollable factor that functional requirement causes controls in white list, especially SNS class website, and this type of demand is single and controllability is high, so greatly improve accuracy in detection.
According to the said method that embodiments of the invention provide, embodiments of the invention additionally provide to click kidnaps safety detection device.Fig. 2 is the functional block diagram being applied to the click abduction safety detection device in social network website SNS of embodiments of the invention.As shown in Figure 2, this device comprises:
Button element separation module 220, for being separated the button element in webpage to be detected with webpage URL information;
Sensitive elements memory module 230, for storing sensitive elements; The sensitive elements stored in this sensitive elements memory module 230 comprises the button element code that maybe may can cause and click hijack attack; Typically, sensitive elements information can be " concern ", " praising ", " issue " etc.
Network address white list memory module 240, for storing network address white list; The network address URL information allowing to be embedded by other webpages can be comprised in business demand in the network address white list stored in this network address white list memory module 240;
First comparing module 250, for being compared by the sensitive elements in above-mentioned button element and sensitive elements memory module 230, if there is not sensitive elements in this button element, does not then perform the safety detection clicked and kidnap;
Second comparing module 260, if for there is the sensitive elements in sensitive elements memory module 230 in above-mentioned button element, then compared the webpage URL information of webpage to be detected and network address white list;
Click and kidnap safety detection module 270, if for the webpage URL information of this webpage to be detected in network address white list, then do not perform the safety detection clicked and kidnap; If the webpage URL information of webpage to be detected is not in network address white list, then perform the safety detection clicked and kidnap.
Further, this device also comprises: webpage dynamic analysis module 210, for obtaining webpage to be detected, treats to detect after webpage carries out dynamic analysis sending to button element separation module 220.
Preferably, safety detection module 270 is kidnapped in this click, specifically can be used for the HTTP request sending webpage to be detected; Whether containing X-FRAME-OPTIONS head in the http header that detection returns/responds, if not containing X-FRAME-OPTIONS head, then judge that this webpage to be detected exists click abduction leak, otherwise this webpage to be detected does not exist to click kidnaps leak.
The course of work of this device can consult preceding method embodiment, does not repeat them here.
The advantage of said apparatus is:
This device is owing to have employed the technology such as button element separation, network address white list, make to click the Aulomatizeted Detect kidnapping leak and become controlled and sustainable iteration, thus the detection speed and accuracy in detection that substantially increase and click and kidnap leak is had, testing cost is low, the beneficial effect that Detection results is good.
Those skilled in the art can also recognize the various illustrative components, blocks (illustrativelogical block) that the embodiment of the present invention is listed, unit, and step can pass through electronic hardware, computer software, or both combinations realize.For the replaceability (interchangeability) of clear displaying hardware and software, above-mentioned various illustrative components (illustrativecomponents), unit and step have universally described their function.Such function is the designing requirement realizing depending on specific application and whole system by hardware or software.Those skilled in the art for often kind of specifically application, can use the function described in the realization of various method, but this realization can should not be understood to the scope exceeding embodiment of the present invention protection.
Above-described embodiment; object of the present invention, technical scheme and beneficial effect are further described; be understood that; the foregoing is only the specific embodiment of the present invention; the protection range be not intended to limit the present invention; within the spirit and principles in the present invention all, any amendment made, equivalent replacement, improvement etc., all should be included within protection scope of the present invention.
Claims (10)
1. click and kidnap a safety detection method, it is characterized in that, described method comprises:
Button element in webpage to be detected is separated with webpage uniform resource position mark URL information;
Sensitive elements in described button element and sensitive elements database is compared, if there is the sensitive elements in sensitive elements database in described button element, then the network address white list in the webpage URL information of webpage to be detected and network address white list database is compared;
If the webpage URL information of described webpage to be detected is in described network address white list, then do not perform the safety detection clicked and kidnap; If the webpage URL information of webpage to be detected is not in network address white list, then perform the safety detection clicked and kidnap.
2. method according to claim 1, is characterized in that, described button element in webpage to be detected is separated with webpage URL information before, also comprise the steps:
Obtain webpage to be detected, dynamic analysis is carried out to described webpage to be detected.
3. method according to claim 1 and 2, is characterized in that, the described safety detection clicking abduction that performs comprises the steps:
Send the HTTP request of webpage to be detected;
Detect whether containing X-FRAME-OPTIONS head in the http header returned, if not containing X-FRAME-OPTIONS head, then judge that this webpage to be detected exists to click and kidnap leak, otherwise this webpage to be detected does not exist to click kidnaps leak.
4. method according to claim 1 and 2, is characterized in that, described sensitive elements comprises the button element code that can cause and click hijack attack.
5. method according to claim 1 and 2, is characterized in that, comprises in business demand the network address URL information allowing to be embedded by other webpages in described network address white list.
6. click and kidnap a safety detection device, it is characterized in that, comprising:
Button element separation module, for being separated the button element in webpage to be detected with webpage uniform resource position mark URL information;
Sensitive elements memory module, for storing sensitive elements;
Network address white list memory module, for storing network address white list;
First comparing module, for comparing the sensitive elements in described button element and sensitive elements memory module;
Second comparing module, if for there is the sensitive elements in sensitive elements memory module in described button element, then compared the webpage URL information of webpage to be detected and network address white list;
Click and kidnap safety detection module, if for the webpage URL information of described webpage to be detected in described network address white list, then do not perform the safety detection clicked and kidnap; If the webpage URL information of webpage to be detected is not in network address white list, then perform the safety detection clicked and kidnap.
7. device according to claim 6, is characterized in that, also comprises:
Webpage dynamic analysis module, for obtaining webpage to be detected, treats to detect after webpage carries out dynamic analysis sending to described button element separation module.
8. the device according to claim 6 or 7, is characterized in that, safety detection module is kidnapped in described click, specifically for sending the HTTP request of webpage to be detected; Detect whether containing X-FRAME-OPTIONS head in the http header returned, if not containing X-FRAME-OPTIONS head, then judge that this webpage to be detected exists to click and kidnap leak, otherwise this webpage to be detected does not exist to click kidnaps leak.
9. the device according to claim 6 or 7, is characterized in that, the sensitive elements stored in described sensitive elements memory module comprises the button element code that can cause and click hijack attack.
10. the device according to claim 6 or 7, is characterized in that, comprises in business demand the network address URL information allowing to be embedded by other webpages in described network address white list memory module in the network address white list stored.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510143931.1A CN104767747A (en) | 2015-03-30 | 2015-03-30 | Click jacking safety detection method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510143931.1A CN104767747A (en) | 2015-03-30 | 2015-03-30 | Click jacking safety detection method and device |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN104767747A true CN104767747A (en) | 2015-07-08 |
Family
ID=53649354
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510143931.1A Pending CN104767747A (en) | 2015-03-30 | 2015-03-30 | Click jacking safety detection method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104767747A (en) |
Cited By (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106330968A (en) * | 2016-10-31 | 2017-01-11 | 杭州迪普科技有限公司 | Access device identity authentication method and device |
| CN106548075A (en) * | 2015-09-22 | 2017-03-29 | 阿里巴巴集团控股有限公司 | leak detection method and device |
| CN107749835A (en) * | 2017-09-11 | 2018-03-02 | 哈尔滨工程大学 | A kind of penetration testing method of the click hijack attack based on prediction |
| CN107800720A (en) * | 2017-11-29 | 2018-03-13 | 广州酷狗计算机科技有限公司 | Kidnap report method, device, storage medium and equipment |
| WO2018072733A1 (en) * | 2016-10-19 | 2018-04-26 | 中兴通讯股份有限公司 | Webpage security check method and device |
| CN108156121A (en) * | 2016-12-02 | 2018-06-12 | 阿里巴巴集团控股有限公司 | The alarm method and device that the monitoring method and device of flow abduction, flow are kidnapped |
| CN109711166A (en) * | 2018-12-17 | 2019-05-03 | 北京知道创宇信息技术有限公司 | Leak detection method and device |
| CN110278207A (en) * | 2019-06-21 | 2019-09-24 | 深圳前海微众银行股份有限公司 | Leak detection method, device and computer equipment are kidnapped in a kind of click |
| CN110290129A (en) * | 2019-06-20 | 2019-09-27 | 深圳前海微众银行股份有限公司 | A kind of method and device of Web Hole Detection |
| CN113158187A (en) * | 2021-03-26 | 2021-07-23 | 杭州数梦工场科技有限公司 | Method and device for detecting click hijacking and electronic equipment |
| CN113348655A (en) * | 2019-04-11 | 2021-09-03 | 深圳市欢太科技有限公司 | Anti-hijacking method and device for browser, electronic equipment and storage medium |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102710646A (en) * | 2012-06-06 | 2012-10-03 | 珠海市君天电子科技有限公司 | Method and system for collecting phishing websites |
| US8813237B2 (en) * | 2010-06-28 | 2014-08-19 | International Business Machines Corporation | Thwarting cross-site request forgery (CSRF) and clickjacking attacks |
-
2015
- 2015-03-30 CN CN201510143931.1A patent/CN104767747A/en active Pending
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8813237B2 (en) * | 2010-06-28 | 2014-08-19 | International Business Machines Corporation | Thwarting cross-site request forgery (CSRF) and clickjacking attacks |
| CN102710646A (en) * | 2012-06-06 | 2012-10-03 | 珠海市君天电子科技有限公司 | Method and system for collecting phishing websites |
Non-Patent Citations (1)
| Title |
|---|
| 王剑: "《点击劫持漏洞攻防技术研究》", 《信息网络安全》 * |
Cited By (17)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106548075B (en) * | 2015-09-22 | 2020-03-27 | 阿里巴巴集团控股有限公司 | Vulnerability detection method and device |
| CN106548075A (en) * | 2015-09-22 | 2017-03-29 | 阿里巴巴集团控股有限公司 | leak detection method and device |
| WO2018072733A1 (en) * | 2016-10-19 | 2018-04-26 | 中兴通讯股份有限公司 | Webpage security check method and device |
| CN107968769A (en) * | 2016-10-19 | 2018-04-27 | 中兴通讯股份有限公司 | Webpage security detection method and device |
| CN106330968A (en) * | 2016-10-31 | 2017-01-11 | 杭州迪普科技有限公司 | Access device identity authentication method and device |
| CN108156121A (en) * | 2016-12-02 | 2018-06-12 | 阿里巴巴集团控股有限公司 | The alarm method and device that the monitoring method and device of flow abduction, flow are kidnapped |
| CN107749835A (en) * | 2017-09-11 | 2018-03-02 | 哈尔滨工程大学 | A kind of penetration testing method of the click hijack attack based on prediction |
| CN107749835B (en) * | 2017-09-11 | 2020-11-20 | 哈尔滨工程大学 | Penetration test method for click hijack attack based on prediction |
| CN107800720A (en) * | 2017-11-29 | 2018-03-13 | 广州酷狗计算机科技有限公司 | Kidnap report method, device, storage medium and equipment |
| CN109711166B (en) * | 2018-12-17 | 2020-12-11 | 北京知道创宇信息技术股份有限公司 | Vulnerability detection method and device |
| CN109711166A (en) * | 2018-12-17 | 2019-05-03 | 北京知道创宇信息技术有限公司 | Leak detection method and device |
| CN113348655A (en) * | 2019-04-11 | 2021-09-03 | 深圳市欢太科技有限公司 | Anti-hijacking method and device for browser, electronic equipment and storage medium |
| CN113348655B (en) * | 2019-04-11 | 2023-01-06 | 深圳市欢太科技有限公司 | Anti-hijacking method and device for browser, electronic equipment and storage medium |
| CN110290129A (en) * | 2019-06-20 | 2019-09-27 | 深圳前海微众银行股份有限公司 | A kind of method and device of Web Hole Detection |
| CN110278207A (en) * | 2019-06-21 | 2019-09-24 | 深圳前海微众银行股份有限公司 | Leak detection method, device and computer equipment are kidnapped in a kind of click |
| WO2020253351A1 (en) * | 2019-06-21 | 2020-12-24 | 深圳前海微众银行股份有限公司 | Click hijacking vulnerability detection method, device and computer apparatus |
| CN113158187A (en) * | 2021-03-26 | 2021-07-23 | 杭州数梦工场科技有限公司 | Method and device for detecting click hijacking and electronic equipment |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN104767747A (en) | Click jacking safety detection method and device | |
| CN102724187B (en) | A kind of safety detection method for network address and device | |
| US10148681B2 (en) | Automated identification of phishing, phony and malicious web sites | |
| CN101895516B (en) | Method and device for positioning cross-site scripting attack source | |
| CN102663319B (en) | Prompting method and device for download link security | |
| CN101964025A (en) | XSS (Cross Site Scripting) detection method and device | |
| CN105760379B (en) | Method and device for detecting webshell page based on intra-domain page association relation | |
| US20120222117A1 (en) | Method and system for preventing transmission of malicious contents | |
| JP2014203464A (en) | Client based local malware detection method | |
| CN105049440B (en) | Detect the method and system of cross-site scripting attack injection | |
| CN102833258A (en) | Website access method and system | |
| Yoo et al. | Two-phase malicious web page detection scheme using misuse and anomaly detection | |
| CN102664925B (en) | A kind of method of displaying searching result and device | |
| CN103368957A (en) | Method, system, client and server for processing webpage access behavior | |
| CN104601540A (en) | Cross-site scripting (XSS) attack defense method and Web server | |
| CN103856442A (en) | Black chain detection method, apparatus and system | |
| WO2014059934A1 (en) | Method and apparatus for detecting hidden content of web page | |
| CN103647678A (en) | Method and device for online verification of website vulnerabilities | |
| CN103986731A (en) | Method and device for detecting phishing web pages through picture matching | |
| CN105488400A (en) | Comprehensive detection method and system of malicious webpage | |
| CN103491101A (en) | Phishing website detecting method and device and client-side | |
| CN106250761B (en) | Equipment, device and method for identifying web automation tool | |
| CN103701779A (en) | Method and device for accessing website for second time and firewall equipment | |
| CN104301314A (en) | Intrusion detection method and device based on browser tag attributes | |
| CN103023869B (en) | Malicious attack prevention method and browser |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| EXSB | Decision made by sipo to initiate substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20150708 |