| 主权项 |
1. A method for identifying and preventing malicious application programming interface (API) attacks in a client-server architecture, performed on a computer having a processor, a memory, and one or more code sets stored in the memory and executed by the processor, the method comprising:
during a learning stage:
monitoring, by the processor, all requests sent to a server API and all responses sent from the server API;identifying, by the processor, one or more first characteristic data points of each request and response sent during the learning stage; anddetermining, by the processor, based at least in part on the identified one or more first characteristic data points, one or more characteristic data models, wherein a characteristic data model represents at least one of an expected input to the API and an expected output of the API; and during a protection stage:
monitoring, by the processor, all requests sent to the server API and all responses sent from the server API;identifying, by the processor, one or more second characteristic data points of each request and response sent during the protection stage; andone of validating and invalidating, by the processor, the identified one or more second characteristic data points against the one or more characteristic data models. |
