Apparatus and method for blocking attack against Web application

US 20070136809A1
Filed: 12/06/2006
Published: 06/14/2007
Est. Priority Date: 12/08/2005
Status: Abandoned Application

First Claim

Patent Images

1. An apparatus for blocking an attack against a Web application, the apparatus comprising:

an input value authentication unit authenticating an input value included in Web service request data and determining the attack;

an input value filtering unit editing Web service request data determined as the attack by removing an attack element from the Web service request data; and

a data transfer unit transferring Web service request data which is not determined as the attack and the edited Web service request data to a Web server.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An apparatus and method for blocking an attack against a Web application are provided. The apparatus includes: an input value authentication unit authenticating an input value included in Web service request data and determining the attack; an input value filtering unit editing Web service request data determined as the attack by removing an attack element from the Web service request data; and a data transfer unit transferring Web service request data which is not determined as the attack and the edited Web service request data to a Web server.

73 Citations

View as Search Results

11 Claims

1. An apparatus for blocking an attack against a Web application, the apparatus comprising:
- an input value authentication unit authenticating an input value included in Web service request data and determining the attack;
  
  an input value filtering unit editing Web service request data determined as the attack by removing an attack element from the Web service request data; and
  
  a data transfer unit transferring Web service request data which is not determined as the attack and the edited Web service request data to a Web server.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The apparatus of claim 1, wherein the input value authentication unit performs at least one of a URL input parameter check, a form/script variable value check, an IDS bypass encoding check, and a SQL query check with respect to the Web service request data and authenticates the input value.
  - 3. The apparatus of claim 1, wherein the input value authentication unit comprises:
    - a URL input parameter authentication unit detecting an erroneous URL input parameter value;
      
      a form/script variable field authentication unit detecting a form/script variable value used to attack a cross-site script;
      
      an IDS bypass encoding authentication unit detecting a modified coding value for IDS bypass; and
      
      an SQL query authentication unit detecting an unallowable character relating to SQL.
  - 4. The apparatus of claim 1, wherein the input value filtering unit removes the attack element by performing at least one of an unallowable special character removal, a variable value removal, a query conversion, and a normal equation conversion.
  - 5. The apparatus of claim 1, wherein the input value filtering unit comprises:
    - an unallowable special character removal unit removing an input parameter value that uses an unallowable special character included in the Web service request data determined as the attack;
      
      a variable value removal unit removing a JAVA script text used to attack the cross-site script included in the Web service request data determined as the attack;
      
      a normal equation conversion unit converting a coding value used to encode IDS bypass included in the Web service request data determined as the attack; and
      
      a query conversion unit removing an unallowable special character relating to SQL included in the Web service request data determined as the attack.

6. A method of blocking an attack against a Web application, the method comprising:
- (a) authenticating an input value included in Web service request data and determining the attack;
  
  (b) editing Web service request data determined as the attack by removing an attack element from the Web service request data; and
  
  (c) transferring Web service request data which is not determined as the attack and the edited Web service request data to a Web server.
- View Dependent Claims (7, 8, 9, 10, 11)
- - 7. The method of claim 6, wherein in operation (a), at least one of a URL input parameter check, a form/script variable value check, an IDS bypass encoding check, and a SQL query check is performed with respect to the Web service request data and the input value is authenticated.
  - 8. The method of claim 6, wherein the input value authentication unit comprises:
    - detecting an erroneous URL input parameter value;
      
      detecting a form/script variable value used to attack a cross-site script;
      
      detecting a modified coding value for IDS bypass; and
      
      detecting an unallowable character relating to SQL.
  - 9. The method of claim 6, wherein in operation (b), the attack element is removed by performing at least one of an unallowable special character removal, a variable value removal, a query conversion, and a normal equation conversion.
  - 10. The method of claim 6, wherein operation (b) comprises:
    - removing an input parameter value that uses an unallowable special character included in the Web service request data determined as the attack;
      
      removing a JAVA script text used to attack the cross-site script included in the Web service request data determined as the attack;
      
      converting a coding value used to encode IDS bypass included in the Web service request data determined as the attack; and
      
      removing an unallowable special character relating to SQL included in the Web service request data determined as the attack.
  - 11. A computer readable recording medium having embodied thereon a computer program for executing a method of claim 6.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Electronics and Telecommunications Research Institute
Original Assignee
Electronics and Telecommunications Research Institute
Inventors
Kim, Hwan, Seo, Dong, Kim, Myung

Application Number

US11/634,736
Publication Number

US 20070136809A1
Time in Patent Office

Days
Field of Search
US Class Current

726/22
CPC Class Codes

G06F 21/552 involving long-term monitor...

H04L 63/1441 Countermeasures against mal...

Apparatus and method for blocking attack against Web application

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

73 Citations

11 Claims

Specification

Solutions

Use Cases

Quick Links

Apparatus and method for blocking attack against Web application

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

73 Citations

11 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links