Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Security protection method and DPMA protection model

A security protection and model technology, applied in the Web field, can solve problems such as false alarms of Web application firewalls, inability to trace the source after the event, and isolation of alarm events, etc., to achieve the effect of improving security

Active Publication Date: 2016-08-17
CHINA MOBILE COMM GRP CO LTD
View PDF4 Cites 7 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Existing security detection and protection equipment such as firewalls, vulnerability scanners, etc. can be used to detect and protect against some attacks, which play a very important role, but there are still certain limitations, mainly in: From the perspective of detection technical means: Since vulnerability scanning is a detection method based on black boxes, it is inevitable to have false positives and false negatives; intrusion detection is mainly based on the rule base / signature base detection method. Behavior) is difficult to find, and for web attack events that escaped detection, it is difficult to reproduce the attack scene, and it is impossible to trace the source afterwards
In terms of protection technology, the firewall mainly works at the network layer, and is powerless against security attacks at the application layer; for web application firewalls, although they work at the application layer, there is no unified standard due to the irregularity of the writing of web application codes. , causing a large number of false positives in the web application firewall and making it impossible to use effectively; when a web application security incident occurs, there is a lack of corresponding auditing and tool traceability means
In addition, these safety detection and protection devices work independently without interaction with each other, and cannot perform correlation analysis and linkage processing on a certain safety behavior and event, and the alarm events are relatively isolated

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Security protection method and DPMA protection model
  • Security protection method and DPMA protection model
  • Security protection method and DPMA protection model

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0024] In order to make up for the deficiencies of the existing technical means, the embodiment of the present invention will provide a DPMA protection model for Web applications, such as figure 1 As shown, the DPMA (Detect, Protect, Monitor, Audit) protection model integrates the four functions of Web detection (Detect), Web protection (Protect), Web monitoring (Monitor) and Web audit (Audit). The functions correspond to a security module, for the web detection function, it corresponds to the web detection module, for the web protection function, it corresponds to the web protection module, for the web monitoring function, it corresponds to the web monitoring module, and for the web audit function, it corresponds to the web monitoring module. Corresponding to the web audit module, the security protection of the DPMA protection model runs through the entire security event life cycle, and each security module is linked with each other while exerting their respective advantages t...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a security protection method. The method comprises: a DPMA protection model obtains protection information about a web attack event, wherein the DPMA protection model comprises a web detection module, a web protection module, a web monitoring module, and a web auditing module; and the DPMA protection model conducts linked actions according to the protection information about the web attack event to achieve security protection of a web application, wherein the linked actions include interactions between the web detection module, the web protection module, the web monitoring module, and the web auditing module by means of the protection information about the web attack event. The invention also discloses a DPMA protection model.

Description

technical field [0001] The invention relates to Web technology, in particular to a safety protection method and a DPMA (Detect, Protect, Monitor, Audit, detection, protection, detection and audit) protection model. Background technique [0002] With the continuous progress and development of network (Web) application technology, the Web application program bears more and more services, and the security problems that the Web application faces are more and more complicated. According to statistics from authoritative organizations, security attacks on web applications have surpassed the sum of security attacks on other layers, and hacker attacks have gradually shifted from the traditional network layer to the application layer. [0003] Web applications are businesses that directly provide services to the outside world. While providing convenient services for users, they also provide opportunities for malicious attackers. Once compromised, attackers can use this as a springboar...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06
Inventor 陈磊付俊何申俞诗源傅珩轩
Owner CHINA MOBILE COMM GRP CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com