Mimicry WAF construction method

A construction method and heterogeneous technology, applied in the field of network security, can solve security threats and other issues, and achieve the effects of ensuring correctness, reducing false alarm rate, increasing cognition and attack difficulty

Active Publication Date: 2021-02-12
ZHEJIANG UNIV
View PDF15 Cites 8 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, there are still problems such as malicious bypass of the protection rule base, exploiting the vulnerabilities of the WAF platform, the operating system, or the cloud platform to attack, so it faces serious security threats.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Mimicry WAF construction method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0025] Such as figure 1 As shown, a mimetic WAF construction method of the present invention performs heterogeneous processing on cloud servers, virtualized containers, operating systems in containers, WAF platforms, interception rules, etc., and designs a dynamic selection module, a mimetic adjudication module, and heterogeneous To realize the mimetic WAF structure by using body building blocks, etc., it can actively defend against malicious attacks against the WAF itself. When the traffic passes through the dynamic selection module, the module will select k from all WAF isomers for traffic processing. After the processing result is judged by the mimicry judgment module, the abnormal rate of each isomer is modified with the judgment result. When a When the abnormal rate of the isomer is higher than a certain value, the offline self-cleaning operation is taken for the isomer. Finally, when the ruling result is passed, the traffic is released; when the ruling result is not pass...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a mimicry WAF construction method which is based on a mimicry defense thought and can actively defend against malicious attacks on a WAF. A dynamic selection module, a mimicryjudgment module, an isomer construction module and the like are designed to realize mimicry WAF construction, and isomerization processing is performed on a cloud server, a virtualized container, an operating system in the container, a WAF platform, an interception rule and the like, so that the WAF has an active defense capability. When the traffic passes through the dynamic selection module, themodule selects k WAF isomers for traffic processing, after the processing result is judged by the mimicry judgment module, a judgment result is used for modifying the abnormal rate of each isomer, when the abnormal rate of a certain isomer is higher than a certain value, offline self-cleaning operation is carried out on the isomer, and finally, when the judgment result is that the judgment is passed, the traffic is released, and when the judgment result is not passed, the traffic is forwarded to a subsequent processing module.

Description

technical field [0001] The invention belongs to the technical field of network security, and in particular relates to a method for constructing a mimic WAF. Background technique [0002] In recent years, the United States has planned to deploy "game-changing" network security defense technologies, proposed moving target defense, and is committed to building dynamics, heterogeneity and uncertainty to increase the difficulty of attackers' attacks. Mobile target defense can be implemented at multiple levels such as network, platform operating environment, software, and data, including variable IP addresses, variable ports, randomness in code execution, and randomness in address space. [0003] Academician Wu Jiangxing and others have proposed innovative active defense technologies such as "mimetic defense", "self-reconfiguration and trustworthiness", and "mission assurance", and have made important progress in theoretical deduction, technical research and principle verification...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06H04L29/08H04L29/12G06F9/455
CPCH04L63/02H04L63/0227H04L63/1458H04L63/20H04L67/02G06F9/45558G06F2009/45587G06F2009/45595H04L61/4511
Inventor 吴春明陈双喜张江瑜
Owner ZHEJIANG UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap