Judgment method of executive in mimicry WAF

A judgment method and executive technology, applied in the field of network security, can solve security threats and other issues, achieve the effects of ensuring correctness, saving system resources, and reducing false alarm rates

Inactive Publication Date: 2021-03-12
ZHEJIANG UNIV
View PDF9 Cites 9 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, there are still problems such as malicious bypass of the protection rule base, exploiting the vulnerabilities of the WAF platform, the operating system, or the cloud platform to attack, so it faces serious security threats.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Judgment method of executive in mimicry WAF

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0023] Mimic WAF can actively defend against malicious attacks and discover unknown attacks. The judgment module in Mimic WAF plays a very important role. This invention mainly designs traffic synchronization module, multi-mode judgment module, judgment result and data recording module to realize mimic The adjudication function in WAF enables the mimic WAF to identify unknown attacks through the adjudication function, and blocks unknown attacks through operations such as WAF executive offline self-cleaning, so that the mimic WAF has active defense capabilities.

[0024] The judgment method of the execution body in the mimic WAF of the present invention, first, the traffic synchronization module synchronizes the processing results of k heterogeneous WAFs, and then the multi-mode judgment module judges the processing results, records the judgment results and data in the log, and updates the database corresponding Finally, when the result of the ruling is passed, the traffic is se...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a judgment method for an executor in a mimicry WAF, and the method can carry out the judgment of a plurality of processing results with the same flow, thereby discovering and blocking an unknown attack. The flow synchronization module, the multi-mode judgment module, the judgment result and data recording module and the like are mainly designed to realize a judgment function in the mimicry WAF, the mimicry WAF can identify unknown attacks through the judgment function, and the unknown attacks are blocked through operations such as offline self-cleaning of a WAF executor, so that the mimicry WAF has an active defense capability. The method comprises the steps that firstly, a flow synchronization module synchronizes k heterogeneous WAF processing results, then a multi-mode judgment module judges judgment of the processing results, records the judgment results and data into logs and updates corresponding values of a database, and finally, when the judgment resultsare passed, flow is sent to a back-end server, and when the judgment results are not passed, the flow is sent to a honeypot or a sandbox.

Description

technical field [0001] The invention belongs to the technical field of network security, and in particular relates to a judgment method of an executive in a mimic WAF. Background technique [0002] With the rapid development of Internet technology, the key business of many users is increasingly based on WEB applications. While displaying and interacting through the browser, the threat to the user's business system also follows. With the complexity of business systems and changes in the Internet environment, threats are also growing rapidly. Attack methods such as tampering with web pages, implanting backdoors, and denial of service attacks emerge in an endless stream. Attackers use these methods to paralyze the business of the target server, steal user sensitive information, or control related equipment and resources for their own use. [0003] WAF is called web application firewall. It is a product that protects web applications by implementing a series of security policie...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/1416H04L63/1425H04L63/1441H04L63/145
Inventor 吴春明陈双喜曲振青
Owner ZHEJIANG UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap