Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Method and system for content-locking firewall based on whitelist

A technology of white list and firewall, which is applied in the field of firewall and network security, and can solve problems such as high cost

Active Publication Date: 2021-04-23
INST OF COMPUTING TECH CHINESE ACAD OF SCI
View PDF6 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Such websites are generally unwilling or unable to bear the high cost of professional maintenance, and only use simple firewall protection, thus exposing the website to the risk of being attacked

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and system for content-locking firewall based on whitelist
  • Method and system for content-locking firewall based on whitelist

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0039] As introduced in the background art, the traditional firewall technology has problems such as slow response or high maintenance cost, so a more convenient and quicker method is needed. For this reason, the inventor of this patent proposes a data packet filtering method based on a whitelist-based content lock, which uses a text pattern library as a whitelist, and only allows trusted text content to pass through the firewall. This method utilizes the regular and followable characteristics of the normal traffic content of the website, conducts text analysis and training on the normal traffic content, learns to generate a text pattern library, and only allows the data packets completely matched by the text pattern library to pass through the firewall during the content detection process , and perform background review on unmatched data packets, and update the text pattern library as needed to prevent false interception. figure 1 A flowchart of an embodiment of the method is...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The present invention provides a whitelist-based content locking firewall method, comprising: step 200: performing semantic analysis on the data packet load received by the website, and obtaining the parsed text of the received data packet; step 300: receiving the website The parsed text of the data packet is matched with a text pattern library to decide whether to forward or intercept the received data packet, and the text pattern library contains value domains and structural features of multiple keywords. Based on the embodiment of the present invention, for websites with relatively fixed functions, the firewall can effectively defend against known and new network attacks by deploying the firewall, and can run with loopholes while ensuring normal functions, without expensive upgrades.

Description

technical field [0001] The invention relates to the field of network security, in particular to the field of firewalls. Background technique [0002] Firewall is the main means of website security protection. Functionally, firewalls can be divided into packet-filtering firewalls and content-filtering firewalls. Packet filtering firewalls are widely used in uncomplicated networks because they only check packet header information at the IP layer and TCP layer, and the speed is relatively fast. The main problem with packet-filtering firewalls is the inability to inspect the contents of packets. The content filtering firewall can filter the content of data packets, and the detection content can be URL addresses, feature codes, etc. URL is the unique identifier of every web page and its resources on the Internet. Use URL filtering to release or intercept HTTP request packets by extracting the URL field in the user's HTTP connection GET / POST request and judging the validity of...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06
CPCH04L63/0263H04L69/22H04L63/0227H04L63/1441
Inventor 张文力万文凯陈明宇
Owner INST OF COMPUTING TECH CHINESE ACAD OF SCI
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com