Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Security access control and network access rule generation method, device and equipment

A security access control and network access technology, which is applied in the generation of network access rules and the field of security access control, can solve the problems that security problems cannot be completely solved, network attacks are missed, and network attacks cannot be detected.

Active Publication Date: 2019-01-18
ALIBABA GRP HLDG LTD
View PDF8 Cites 15 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] However, the existing rule generation methods mainly rely on the experience of security operators, and once a new network attack form appears, it is necessary to manually extract its features and add them to the above rules. However, if a loophole occurs, there is no If the above rules are updated in time, the WAF will not be able to detect the corresponding forms of network attacks, resulting in missed reports of network attacks. Moreover, the existing rules are built for attack characteristics, and loopholes will continue to appear, and unknown threats will emerge in endlessly. The rules are constantly being updated, but security issues have never been completely resolved

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Security access control and network access rule generation method, device and equipment
  • Security access control and network access rule generation method, device and equipment
  • Security access control and network access rule generation method, device and equipment

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0098] Embodiments of the present application provide a method, device, and equipment for generating security access control and network access rules.

[0099] In order to enable those skilled in the art to better understand the technical solutions in the present application, the technical solutions in the embodiments of the present application will be clearly and completely described below in conjunction with the drawings in the embodiments of the present application. Obviously, the described The embodiments are only some of the embodiments of the present application, but not all of them. Based on the embodiments in this application, all other embodiments obtained by persons of ordinary skill in the art without creative efforts shall fall within the scope of protection of this application.

[0100] like figure 1 As shown, the embodiment of the present application provides a method for generating a network access rule, and the method may be executed by a server or a terminal ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The embodiment of the invention discloses a security access control and a network access rule generation method, device and equipment. The method comprises the steps: obtaining a target access requestlog corresponding to an access request that is currently allowed to access a network when an update condition of the network access rule is met; generating a network access rule based on the target access request log, and updating the current network access rule according to the generated network access rule; performing security access control of the received network access request based on the updated network access rule. Through the embodiment of the invention, the method can be used for detecting and determining whether to respond to the access request through the generated network accessrule (i.e., white list) for determining that the network access can be performed, so that only the access request that satisfies the network access rule can be responded to avoid new vulnerabilities or missed reports caused by new network attack patterns and improve the security of network access.

Description

technical field [0001] The present application relates to the field of computer technology, and in particular to a method, device and equipment for generating security access control and network access rules. Background technique [0002] With the increasing popularity of Web applications, there are more and more network attacks on Web applications, such as XSS (Cross SiteScripting, cross-site scripting attacks), SQL (Structured Query Language, Structured Query Language) injection, etc. There are endless loopholes in the system and the basic applications it depends on. [0003] WAF (Web Application Firewall) is an important tool to defend against network attacks on Web applications. WAF is between the user and the background server of the application, and performs real-time security detection on network access requests to block various network attack requests. At present, WAF mainly defends based on rules, that is, security operators abstract characteristic data from known...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L29/08
CPCH04L63/10H04L63/1441H04L67/02
Inventor 任宏伟
Owner ALIBABA GRP HLDG LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products