Method and device for determining Web application protecting effect

A web application and module determination technology, which is applied in computer security devices, platform integrity maintenance, instruments, etc., can solve problems such as the inability to directly and accurately measure the protection effect of WAF products and the degree of site attack

Active Publication Date: 2018-06-29
NSFOCUS INFORMATION TECHNOLOGY CO LTD +1
View PDF4 Cites 9 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] The present invention provides a method and device for determining the protection effect of a Web application to solve the technical...

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and device for determining Web application protecting effect
  • Method and device for determining Web application protecting effect
  • Method and device for determining Web application protecting effect

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0054]In order to make the purpose, technical solutions and advantages of the present invention clearer, the present invention will be further described in detail below in conjunction with the accompanying drawings. Obviously, the described embodiments are only some of the embodiments of the present invention, not all of them. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without making creative efforts belong to the protection scope of the present invention.

[0055] The method for determining the Web application protection effect provided in the embodiment of the present invention is applied to a Web application protection system, referred to as WAF. At present, in order to defend against external attacks on web applications, many IT companies have deployed WAF. Although different WAF products have different defense capabilities, in general, WAF products will record and classify the attack events tha...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The embodiment of the invention discloses a method and device for determining the Web application protecting effect. The method comprises the steps of obtaining an attacking log within a set durationof a to-be-evaluated system, and determining all kinds of attacking accidents according to the types and attacking times of the attacking accidents; determining the risk value of each type of attacking accident according to the attacking time, the number of the attacking accidents and the risk level of the attacking accident; then determining the protecting effect value of the to-be-evaluated system according to the risk values of all kinds of attacking accidents. As can be seen, since the risk values of all kinds of attacking accidents can be independently measured according to two factors ofthe attacking times and the number of the attacking accidents, and the risk value of each kind of attacking accident can show the attacked severity degree of the to-be-evaluated system when the accident takes place and show the protecting effect of sites under the to-be-evaluated system, and therefore, the overall protecting effect and the attacked severity degree of the to-be-evaluated system can be accurately and visually determined according to all the risk values.

Description

technical field [0001] The invention relates to the technical fields of the Internet and computers, in particular to a method and device for determining the protection effect of a Web application. Background technique [0002] While Web (World Wide Web, World Wide Web) applications are becoming more and more abundant, Web servers have gradually become the main target of attacks due to their powerful computing power, processing performance and high value. Therefore, SQL injection on Web servers, Security incidents such as webpage tampering and webpage hanging horses occur frequently. WAF (Web Application Firewall, Web Application Protection System) works at the application layer. Based on a deep understanding of Web application business and logic, it detects and verifies the content of various requests from Web application clients to ensure their security and legality , to block illegal requests in real time, so as to effectively protect various websites. [0003] Generally...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F21/57G06F21/55
CPCG06F21/552G06F21/577G06F2221/033
Inventor 张龙宋玚何丹丹张习飞
Owner NSFOCUS INFORMATION TECHNOLOGY CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap