Content lock firewall method and system based on white list

A technology of white list and firewall, which is applied in the field of firewall and network security, can solve the problems of high cost and achieve the effect of defending against new network attack modes

Active Publication Date: 2020-10-13
INST OF COMPUTING TECH CHINESE ACAD OF SCI
View PDF6 Cites 3 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Such websites are generally unwilling or unable to bear the high cost of professional maintenance, and only use simple firewall protection, thus exposing the website to the risk of being attacked

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Content lock firewall method and system based on white list
  • Content lock firewall method and system based on white list

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0039] As introduced in the background art, the traditional firewall technology has problems such as slow response or high maintenance cost, so a more convenient and quicker method is needed. For this reason, the inventor of this patent proposes a data packet filtering method based on a whitelist-based content lock, which uses a text pattern library as a whitelist, and only allows trusted text content to pass through the firewall. This method utilizes the regular and followable characteristics of the normal traffic content of the website, conducts text analysis and training on the normal traffic content, learns to generate a text pattern library, and only allows the data packets completely matched by the text pattern library to pass through the firewall during the content detection process , and perform background review on unmatched data packets, and update the text pattern library as needed to prevent false interception. figure 1 A flowchart of an embodiment of the method is...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a content lock firewall method based on a white list, and the method comprises the steps: step 200, carrying out the semantic analysis of a data package load received by a website, and obtaining an analysis text of a received data package; step 300, matching the parsed text of the data packet received by the website with a text pattern library to determine whether to forwardor intercept the received data packet, the text pattern library comprising value domains and structural features of a plurality of keywords. Based on the method disclosed in the embodiment of the invention, for websites with relatively fixed functions, known and novel network attacks can be effectively defended by deploying the firewall, the websites can run with vulnerabilities under the condition of guaranteeing normal functions, and high-cost upgrading is not needed.

Description

technical field [0001] The invention relates to the field of network security, in particular to the field of firewalls. Background technique [0002] Firewall is the main means of website security protection. Functionally, firewalls can be divided into packet-filtering firewalls and content-filtering firewalls. Packet filtering firewalls are widely used in uncomplicated networks because they only check packet header information at the IP layer and TCP layer, and the speed is relatively fast. The main problem with packet-filtering firewalls is the inability to inspect the contents of packets. The content filtering firewall can filter the content of data packets, and the detection content can be URL addresses, feature codes, etc. URL is the unique identifier of every web page and its resources on the Internet. Use URL filtering to release or intercept HTTP request packets by extracting the URL field in the user's HTTP connection GET / POST request and judging the validity of...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/0263H04L69/22H04L63/0227H04L63/1441
Inventor 张文力万文凯陈明宇
Owner INST OF COMPUTING TECH CHINESE ACAD OF SCI
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap