Unlock instant, AI-driven research and patent intelligence for your innovation.

Mimicry WAF executor implementation method based on multiple modes

A technology of implementation method and executive body, applied in the field of network security, can solve problems such as ineffective protection, and achieve the effect of improving heterogeneity and improving defense performance

Inactive Publication Date: 2022-03-01
ZHEJIANG UNIV
View PDF9 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, IDS and IPS cannot effectively protect against unknown attacks, attacks that will appear in the future, and application-layer attacks through flexible coding and packet segmentation.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Mimicry WAF executor implementation method based on multiple modes

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0020] Such as figure 1 As shown, the present invention is based on a multi-modal mimetic WAF execution body implementation method, which mainly designs a code recognition and analysis module, a traffic analysis module, a rule matching module, an AI model judgment module, etc. to realize the functions of the execution body, and the HTTP traffic first Decoding is carried out by the code identification and analysis module, and then the traffic analysis module analyzes the traffic to obtain the data of important parts of the traffic. After the two modal modules of rule matching and AI model judgment make comprehensive judgments, the accurate malicious score of the traffic is finally obtained. Specifically include the following steps:

[0021] (1) After the mimetic WAF executive body receives the traffic, it needs to be identified and decoded by the code identification and analysis module. The encoding identification and analysis module has built-in identification modes of curren...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a multimodal-based mimicry WAF executor implementation method, which enables a WAF executor to identify codes with different flows, judges the maliciousness of the flows from two modals of rules and AI, and greatly improves the accuracy of the executor. According to the invention, a code identification and analysis module, a traffic analysis module, a rule matching module and the like are mainly designed to realize the function of an executor, the traffic is decoded through the code identification and analysis module firstly, and then the traffic analysis module analyzes the traffic to obtain data of an important part of the traffic; and performing comprehensive judgment through a rule matching mode module and an AI judgment mode module, and finally obtaining a malicious score with accurate flow.

Description

technical field [0001] The invention belongs to the technical field of network security, and in particular relates to a method for realizing a mimetic WAF executive body based on multimodality. Background technique [0002] With the in-depth construction of digitalization, there will be more and more business systems in various companies, and attacks against the application layer of web application systems will pose an increasing threat to business systems. According to Gartner's survey, 75% of information security attacks occur at the web application layer. The attack methods based on the web application layer show an explosive growth trend and are constantly being refurbished, which brings serious hidden dangers to the security of the business system. A wide range of construction forms faces great challenges. [0003] Many people believe that continuous deployment of firewalls, intrusion detection systems (IDS), intrusion prevention systems (IPS) and other equipment in th...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L9/40H04L41/16G06N3/04
CPCH04L63/1483H04L63/20H04L41/16G06N3/049G06N3/044G06N3/045
Inventor 吴春明张江瑜陈双喜曲振青吴至禹
Owner ZHEJIANG UNIV