CN102467628A - Method for protecting data based on browser kernel intercept technology - Google Patents
Method for protecting data based on browser kernel intercept technology Download PDFInfo
- Publication number
- CN102467628A CN102467628A CN2010105443722A CN201010544372A CN102467628A CN 102467628 A CN102467628 A CN 102467628A CN 2010105443722 A CN2010105443722 A CN 2010105443722A CN 201010544372 A CN201010544372 A CN 201010544372A CN 102467628 A CN102467628 A CN 102467628A
- Authority
- CN
- China
- Prior art keywords
- browser
- content
- bdp
- data
- during operation
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Information Transfer Between Computers (AREA)
- Storage Device Security (AREA)
Abstract
The invention relates to a method for protecting data based on a browser kernel intercept technology. The method comprises the steps of: based on the browser kernel intercept technology, intercepting a menu, a command, a display content and other events in the browser process, dynamically opening or closing the function items of the browser according to the different strategy configurations, carrying out regular expression matching on the webpage content, controlling the content in an invisible mode (for example, displaying * and other signs) if the content is illegal, and prohibiting the illegal behavior and reporting an illegality log.
Description
Technical field
The objective of the invention is to through means such as browser menu expansion, browser kernel interception technology and Javascript dynamic languages; The critical data of the browser end of protection or hiding Web application system; Limit it and sensitive data is broken away from the behavior of browser, prevent the sensitive information leakage on the browser to a certain extent through illegal mode.The present invention is applicable to all browsers.
Background technology
Now; Collecting the personal information material is just becoming a kind of profitable thing, and personal sensitive informations such as name, age, educational background, occupation, income, ID card No. might become valuable business information; Who grasp many more message, who just has more potential consumer.
The browser end of the infosystem of government organs of enterprises and institutions such as government, army and military project unit, financial institution, telecom operators contains a large amount of user profile; Because supervision is not tight or measure lags behind; Be prone to cause a large number of users information to distribute improperly or reveal, obtained by the third party in the internet.After obtaining user's information such as name, identification card number, phone number, home address, its product is sold through phone, note, mode such as pay a visit by businessman, or abominable approach such as human-powered search, and privacy of user has constituted a serious infringement.
At present, generally be used to protect the approach of webpage internal information to mainly contain following several kinds:
First kind, on webpage, add javascript control script, but this is the form of utilizing script technology control browser purely, the user only need handle in this locality that process just can crack this control mode.
Second kind, utilize FLASH player technology video data, reach anti-effect of duplicating, but can use buffer memory, printing, screenshotss to obtain the result.
The third utilizes some function of the form forbidding browser of plug-in unit, and browser end can use the unloading of unloading plug-in software malice.
Can only partly solve information leakage on the webpage, reuse or problem such as diffusion with upper type, and itself security, attack protection and damage capability are limited.
Summary of the invention
Can not protect the browser data information leakage fully and effectively for solving above means; The present invention is through forcing to install the kernel extensions plug-in unit of browser to quilt protection server; Filter the displaying contents of interception and modification browser; And illegal command operations such as toolbar, menu bar, preventing that the browser sensitive data from revealing, protective capacities of self and anti-aggressiveness are strengthened widely.
The technical scheme that the present invention adopted is, when using browser end login application system, comes login page or homepage are carried out safe reinforcement through compulsory expansion plugin field engineering, installs or do not install the protection plug-in unit and then forbid landing original system.During the plug-in unit normal operating conditions, after the document of browser was ready, the timely notification logic processing module of defence program according to the protection strategy of background server configuration, reached in real time and dynamically the content of browser display is protected.
Whether when at first the user of WEB application system logins, it is ready to detect plug-in unit, and not ready then prompting needs to install the protection assembly; The ready then form validation that lands that carries out former WEB system earlier; And the user name of extracting login connects BDP (Browser Data Protect; Browser data protection) server obtains corresponding strategy information, and the normal list that forwards former WEB system then to is submitted flow process to, the login application system.
System monitors the data behavior and the action of browser kernel in real time; As in the page during meaningful demonstration; Use the pattern of regular expression that content is analyzed according to strategy; When analysis meets strategy and requires, will carry out asterisk protection, comprise sensitive informations such as home address, identification card number, telephone number displaying contents; Through Hook Technique (HOOK) menu of browser, behavior such as pull are tackled again; After intercepting operation; In time mate through strategy; Come through the mode of forbidding or deletion menu item, interception browser command that standard operation limits to browser according to strategy, comprise functions such as duplicating, shear, pull, check source code, printing, screenshotss and video recording; Expansion plugin to browser carries out analyzing and processing, find that the plug-in unit that provides foregoing description that conflict is arranged is arranged after, through strategy pin function is limited in time, can not walked around protection and lose to guarantee protected content by browser plug-in.
Description of drawings
Fig. 1: the flow process when system normally moves
Fig. 2: practical implementation diagram
Embodiment
In the leakage-preventing method of browser data according to the invention, be applied to common Web system, it is as shown in Figure 2 with BDP background management system and the triangular mutual relationship of BDP program.
1BDP background management system: the BDP background management system is installed, is imported all users of protected website and in the BDP background management system, the browser strategy is set to different users and user's group.
2BDP program: the BDP program is installed in protected system, and protected system login page or leaf is done suitably change
3 inner workings: the user logins protected website according to normal mode, and the BDP program is downloaded in prompting, and the user logins protected system once more, and download policy is to local, and application strategy is to browser simultaneously.
Claims (2)
1. data guard method based on browser kernel interception technology is characterized in that:
During deployment, through script technology the submission decision logic (onsubmit) of the logon form of original Web system is replaced to the logic decision of BDP (Browser Data Protect, browser data protection) at login page; During login, in the browser of the decision logic inside of BDP this Web system of test access, whether the BDP expansion plugin has been installed, the installation kit that then prompting downloads and installs expansion plugin has been installed; Then call original list decision logic and handle if installed; During login,, then obtain the ID of this BS system, connect the BDP server and obtain this user's corresponding strategy if original list decision logic returns success; During login, ID and subscriber policy all are kept in the system cache, obtain and judge for follow-up protection module.
2. a kind of data guard method based on browser kernel interception technology as claimed in claim 1 is characterized in that:
During operation, find popup menu to be tackled, and menu item is forbidden and deleted action, with the chance that guarantees that illegal command can not get carrying out according to policy configurations if any the browser menu At time of eject through expansion plugin; During operation, find to have the browser kernel to carry standard commands when being performed through expansion plugin, tackle this order and according to policy configurations to this order processing of failing; During operation, when finding system's shear plate content change, according to policy configurations the shear plate content is judged, if image data then empties the shear plate content through expansion plugin; During operation; Obtain the displaying contents of webpage through Web standard script expansion technique (like objects such as window, document); And content of pages is mated through the built-in regular expression rule of strategy; Represent then that successfully this content need protect if mate, specifically guard rows is by policy development, and it is hiding to carry out asterisk like partial data; During operation, document loading, the refresh events of browser are monitored, and in time displaying contents handled.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN2010105443722A CN102467628A (en) | 2010-11-12 | 2010-11-12 | Method for protecting data based on browser kernel intercept technology |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN2010105443722A CN102467628A (en) | 2010-11-12 | 2010-11-12 | Method for protecting data based on browser kernel intercept technology |
Publications (1)
Publication Number | Publication Date |
---|---|
CN102467628A true CN102467628A (en) | 2012-05-23 |
Family
ID=46071257
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN2010105443722A Pending CN102467628A (en) | 2010-11-12 | 2010-11-12 | Method for protecting data based on browser kernel intercept technology |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN102467628A (en) |
Cited By (13)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102830971A (en) * | 2012-08-06 | 2012-12-19 | 优视科技有限公司 | Method and device for rewriting browser pop-up box by external application program |
CN102981903A (en) * | 2012-12-10 | 2013-03-20 | 北京奇虎科技有限公司 | Method for process multiplexing in multi-core browser and multi-core browser of process multiplexing |
CN103034532A (en) * | 2012-12-10 | 2013-04-10 | 北京奇虎科技有限公司 | Method for implementing process multiplexing in IE (Internet Explorer) browser and browser |
CN103227815A (en) * | 2013-03-25 | 2013-07-31 | 深信服网络科技(深圳)有限公司 | Method and device for controlling cache of browser |
CN104410532A (en) * | 2014-12-12 | 2015-03-11 | 携程计算机技术(上海)有限公司 | Server and log filtering method thereof |
CN105160263A (en) * | 2015-09-18 | 2015-12-16 | 四川效率源信息安全技术股份有限公司 | Method for preventing outgoing document from being copied |
CN105224893A (en) * | 2015-09-18 | 2016-01-06 | 四川效率源信息安全技术股份有限公司 | A kind of outgoing document that prevents is by the method printed |
WO2016034068A1 (en) * | 2014-09-03 | 2016-03-10 | 阿里巴巴集团控股有限公司 | Sensitive information processing method, device, server and security determination system |
CN105631355A (en) * | 2015-12-18 | 2016-06-01 | 北京奇虎科技有限公司 | Data processing method and device |
CN105631359A (en) * | 2015-12-23 | 2016-06-01 | 北京奇虎科技有限公司 | Control method and device of webpage operation |
CN103777935B (en) * | 2012-10-24 | 2017-02-15 | 阿里巴巴集团控股有限公司 | Webpage processing method and device |
CN109145636A (en) * | 2018-07-18 | 2019-01-04 | 阿里巴巴集团控股有限公司 | Method, apparatus, equipment and the readable medium of information are presented on the computing device |
US11792234B1 (en) | 2022-11-11 | 2023-10-17 | Netskope, Inc. | Browser extension identification and isolation |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1300971A (en) * | 2000-11-20 | 2001-06-27 | 王辉 | Page contents protection method for Internet |
US20040179639A1 (en) * | 2003-03-14 | 2004-09-16 | Castlebary Robert Allen | Technique for oversampling to reduce jitter |
CN1787513A (en) * | 2004-12-07 | 2006-06-14 | 上海鼎安信息技术有限公司 | System and method for safety remote access |
CN101620529A (en) * | 2008-07-03 | 2010-01-06 | 联想(北京)有限公司 | Method and system for intercepting pop-up window |
-
2010
- 2010-11-12 CN CN2010105443722A patent/CN102467628A/en active Pending
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1300971A (en) * | 2000-11-20 | 2001-06-27 | 王辉 | Page contents protection method for Internet |
US20040179639A1 (en) * | 2003-03-14 | 2004-09-16 | Castlebary Robert Allen | Technique for oversampling to reduce jitter |
CN1787513A (en) * | 2004-12-07 | 2006-06-14 | 上海鼎安信息技术有限公司 | System and method for safety remote access |
CN101620529A (en) * | 2008-07-03 | 2010-01-06 | 联想(北京)有限公司 | Method and system for intercepting pop-up window |
Cited By (21)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102830971A (en) * | 2012-08-06 | 2012-12-19 | 优视科技有限公司 | Method and device for rewriting browser pop-up box by external application program |
CN103777935B (en) * | 2012-10-24 | 2017-02-15 | 阿里巴巴集团控股有限公司 | Webpage processing method and device |
CN102981903B (en) * | 2012-12-10 | 2016-03-30 | 北京奇虎科技有限公司 | A kind of method that in multi-core browser, process is multiplexing and multi-core browser thereof |
CN102981903A (en) * | 2012-12-10 | 2013-03-20 | 北京奇虎科技有限公司 | Method for process multiplexing in multi-core browser and multi-core browser of process multiplexing |
CN103034532A (en) * | 2012-12-10 | 2013-04-10 | 北京奇虎科技有限公司 | Method for implementing process multiplexing in IE (Internet Explorer) browser and browser |
CN103034532B (en) * | 2012-12-10 | 2016-09-28 | 北京奇虎科技有限公司 | A kind of IE browser realizes method and the browser of process multiplexing |
CN103227815A (en) * | 2013-03-25 | 2013-07-31 | 深信服网络科技(深圳)有限公司 | Method and device for controlling cache of browser |
CN103227815B (en) * | 2013-03-25 | 2016-12-28 | 深信服网络科技(深圳)有限公司 | Control the method and device of browser rs cache |
CN105471823A (en) * | 2014-09-03 | 2016-04-06 | 阿里巴巴集团控股有限公司 | Sensitive information processing method, device, server and security determination system |
CN105471823B (en) * | 2014-09-03 | 2018-10-26 | 阿里巴巴集团控股有限公司 | A kind of sensitive information processing method, device, server and safe decision-making system |
WO2016034068A1 (en) * | 2014-09-03 | 2016-03-10 | 阿里巴巴集团控股有限公司 | Sensitive information processing method, device, server and security determination system |
US10505934B2 (en) | 2014-09-03 | 2019-12-10 | Alibaba Group Holding Limited | Sensitive information processing method, device and server, and security determination system |
CN104410532A (en) * | 2014-12-12 | 2015-03-11 | 携程计算机技术(上海)有限公司 | Server and log filtering method thereof |
CN105224893A (en) * | 2015-09-18 | 2016-01-06 | 四川效率源信息安全技术股份有限公司 | A kind of outgoing document that prevents is by the method printed |
CN105160263A (en) * | 2015-09-18 | 2015-12-16 | 四川效率源信息安全技术股份有限公司 | Method for preventing outgoing document from being copied |
CN105631355A (en) * | 2015-12-18 | 2016-06-01 | 北京奇虎科技有限公司 | Data processing method and device |
CN105631355B (en) * | 2015-12-18 | 2019-09-06 | 北京奇虎科技有限公司 | A kind of data processing method and device |
CN105631359B (en) * | 2015-12-23 | 2018-10-23 | 北京奇虎科技有限公司 | A kind of control method and device of web page operation |
CN105631359A (en) * | 2015-12-23 | 2016-06-01 | 北京奇虎科技有限公司 | Control method and device of webpage operation |
CN109145636A (en) * | 2018-07-18 | 2019-01-04 | 阿里巴巴集团控股有限公司 | Method, apparatus, equipment and the readable medium of information are presented on the computing device |
US11792234B1 (en) | 2022-11-11 | 2023-10-17 | Netskope, Inc. | Browser extension identification and isolation |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN102467628A (en) | Method for protecting data based on browser kernel intercept technology | |
US10185924B1 (en) | Security risk response impact analysis | |
CN102741824B (en) | For the system and method for behavior sandboxed | |
CN101356535B (en) | A method and apparatus for detecting and preventing unsafe behavior of javascript programs | |
CN107852412B (en) | System and method, computer readable medium for phishing and brand protection | |
Ntantogian et al. | Evaluating the privacy of Android mobile applications under forensic analysis | |
CN104091125A (en) | Floating window processing method and device | |
CN101483658B (en) | System and method for input content protection of browser | |
Marforio et al. | Evaluation of personalized security indicators as an anti-phishing mechanism for smartphone applications | |
CN110119619A (en) | The system and method for creating anti-virus record | |
Cooper et al. | A survey of android malware characterisitics and mitigation techniques | |
Botacin et al. | One size does not fit all: A longitudinal analysis of brazilian financial malware | |
CN110119614A (en) | The system and method for detecting the hidden behaviour of browser extension | |
Yang et al. | {Iframes/Popups} Are Dangerous in Mobile {WebView}: Studying and Mitigating Differential Context Vulnerabilities | |
CN110336812A (en) | Resource intercepting processing method, device, computer equipment and storage medium | |
US20210382993A1 (en) | System and Method for Detecting a Malicious File | |
Struse et al. | PermissionWatcher: Creating user awareness of application permissions in mobile systems | |
Xu et al. | BofAEG: Automated stack buffer overflow vulnerability detection and exploit generation based on symbolic execution and dynamic analysis | |
Creutzburg | The strange world of keyloggers-an overview, Part I | |
Vella et al. | Volatile memory-centric investigation of SMS-hijacked phones: a Pushbullet case study | |
Heiderich et al. | Scriptless attacks: Stealing more pie without touching the sill | |
Sharma et al. | Android malwares with their characteristics and threats | |
CN104021351A (en) | Method and device for data resource access | |
Blasco et al. | Detection of app collusion potential using logic programming | |
Agrawal et al. | Cyber Risks and Security—A Case Study on Analysis of Malware |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C02 | Deemed withdrawal of patent application after publication (patent law 2001) | ||
WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20120523 |