-
公开(公告)号:US20090292925A1
公开(公告)日:2009-11-26
申请号:US12296062
申请日:2007-04-11
申请人: Alexander Meisel
发明人: Alexander Meisel
CPC分类号: H04L63/0876 , H04L63/1466 , H04L63/1475 , H04L63/1483 , H04L63/168
摘要: A method for an HTTP server to decide whether a remote client is victim of a phishing ttack, comprising: —receiving a first HTTP request from the remote client on said HTTP Server; —responding to said first HTTP request, wherein a token is added to the response submitted to said remote client; —receiving a second HTTP request on said HTTP server; —judging whether the second HTTP request includes said token; —judging whether the token originates from said remote client; —processing the HTTP request when said remote client has really issued the second HTTP request.
摘要翻译: 一种用于确定远程客户端是否为钓鱼攻击者的受害者的HTTP服务器的方法,包括:从所述HTTP服务器上的所述远程客户端接收到第一HTTP请求; 对应于所述第一HTTP请求,其中令牌被添加到提交给所述远程客户端的响应; 在所述HTTP服务器上接收第二个HTTP请求; - 判断所述第二HTTP请求是否包括所述令牌; - 判断令牌是源自所述远程客户端; 当所述远程客户端真正发出第二个HTTP请求时,处理HTTP请求。
-
公开(公告)号:US08566919B2
公开(公告)日:2013-10-22
申请号:US12280760
申请日:2007-03-02
申请人: Alexander Meisel
发明人: Alexander Meisel
IPC分类号: G06F9/00 , G06F15/16 , G06F17/00 , G06F15/173
CPC分类号: H04L63/0218 , H04L63/0227 , H04L63/0254 , H04L63/0263
摘要: A method for protecting a Web application running on a first local Web Server bases from hacker attacks, said Web Server being connectable to at least one client, the method comprising the following steps: —providing a plurality of preset rules on said Server, which correspond to specific characteristics of HTTP requests; —receiving an HTTP request on said server from the client, said HTTP request comprising a plurality of characteristics; —analyzing said characteristics of said received HTTP request in accordance with said rules provided on said server; —rejecting said HTTP request, if said rules identify said HTTP request as harmful request; —accepting said HTTP request, if said rules identify said HTTP request as trustable request; —classifying said HTTP request as doubtful request, if said rules identify said request neither as harmful request nor as trustable request; —evaluating the characteristics of said doubtful local request; —generating a learned rule on basis of the edge base evaluation.
摘要翻译: 一种用于保护在第一本地Web服务器上运行的Web应用程序基于黑客攻击的方法,所述Web服务器可连接到至少一个客户端,该方法包括以下步骤: - 在所述服务器上提供多个预设规则,所述预设规则对应于 到HTTP请求的具体特性; 从所述客户端接收所述服务器上的HTTP请求,所述HTTP请求包括多个特征; - 根据提供在所述服务器上的所述规则来分析所述接收的HTTP请求的所述特征; - 如果所述规则将所述HTTP请求标识为有害请求,则拒绝所述HTTP请求; - 接受所述HTTP请求,如果所述规则将所述HTTP请求标识为可信任请求; 将所述HTTP请求分类为可疑请求,如果所述规则既不将所述请求标识为有害请求也不作为可信任请求; - 评估本地可疑请求的特点; 在边缘基础评估的基础上产生学习规则。
-
公开(公告)号:US20090328187A1
公开(公告)日:2009-12-31
申请号:US12280760
申请日:2007-03-02
申请人: Alexander Meisel
发明人: Alexander Meisel
CPC分类号: H04L63/0218 , H04L63/0227 , H04L63/0254 , H04L63/0263
摘要: A method for protecting a Web application running on a first local Web Server bases from hacker attacks, said Web Server being connectable to at least one client, the method comprising the following steps: —providing a plurality of preset rules on said Server, which correspond to specific characteristics of HTTP requests; —receiving an HTTP request on said server from the client, said HTTP request comprising a plurality of characteristics; —analyzing said characteristics of said received HTTP request in accordance with said rules provided on said server; —rejecting said HTTP request, if said rules identify said HTTP request as harmful request; —accepting said HTTP request, if said rules identify said HTTP request as trustable request; —classifying said HTTP request as doubtful request, if said rules identify said request neither as harmful request nor as trustable request; —evaluating the characteristics of said doubtful local request; —generating a learned rule on basis of the edge base evaluation.
摘要翻译: 一种用于保护在第一本地Web服务器上运行的Web应用程序基于黑客攻击的方法,所述Web服务器可连接到至少一个客户端,该方法包括以下步骤: - 在所述服务器上提供多个预设规则,所述预设规则对应于 到HTTP请求的具体特性; 从所述客户端接收所述服务器上的HTTP请求,所述HTTP请求包括多个特征; - 根据提供在所述服务器上的所述规则来分析所述接收的HTTP请求的所述特征; - 如果所述规则将所述HTTP请求标识为有害请求,则拒绝所述HTTP请求; - 接受所述HTTP请求,如果所述规则将所述HTTP请求标识为可信任请求; 将所述HTTP请求分类为可疑请求,如果所述规则既不将所述请求标识为有害请求也不作为可信任请求; - 评估本地可疑请求的特点; 在边缘基础评估的基础上产生学习规则。
-
-
搜索结果
3 条记录 (耗时 0.014 秒)
