Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Regular rule generation method based on unsupervised thought in mimicry WAF

An unsupervised and rule-based technology, applied in the field of network security, can solve problems such as difficulty in evaluation, system complexity, and impossibility to repair vulnerabilities, and achieve the effect of strengthening security.

Pending Publication Date: 2022-05-10
ZHEJIANG UNIV
View PDF0 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Ideally, the best way to improve system security is to discover all vulnerabilities and fix them, but due to the complexity and difficulty of evaluating the system, it is almost impossible to fix all vulnerabilities, so supplement WAF rules as comprehensively as possible is an important and daunting task

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Regular rule generation method based on unsupervised thought in mimicry WAF
  • Regular rule generation method based on unsupervised thought in mimicry WAF

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0031] The invention discloses a method for generating regular rules based on an unsupervised idea in the mimic WAF, which is used for generating regular rules in the mimic WAF, and supplements the regular rule library in real time according to new traffic. The present invention designs a mimic ruling module, a traffic collection module, a parameter extraction module, a parameter feature extraction module, a clustering module, a rule generation module, and a manual review module, and counts the traffic passing through the regularity detection module. When the traffic reaches 10,000 , start the unsupervised generation rule engine, extract the parameters in the traffic, and input the parameter value into the feature extraction module to obtain the feature vector, perform clustering, input the clustered parameter value into the rule base to be selected, and manually select the parameter level rule to add to The rule base is a supplement to the regular rule base in Mimic WAF.

[0...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a regular rule generation method based on an unsupervised thought in a mimicry WAF, and the method is used for generating regular rules in the mimicry WAF, and supplementing a regular rule base in real time according to new traffic. A mimicry judgment module, a traffic collection module, a parameter extraction module, a parameter feature extraction module, a clustering module, a rule generation module and a manual reexamination module are designed, traffic passing through a regularization detection module is counted, when the traffic reaches ten thousands, an unsupervised rule generation engine is started, parameters in the traffic are extracted, and the rule generation efficiency is improved. Parameter values are input into a feature extraction module to obtain feature vectors, clustering is carried out, the clustered parameter values are input into a rule base to be selected, parameter level rules are manually selected and added into the rule base, and a regular rule base in the mimicry WAF is supplemented.

Description

technical field [0001] The invention belongs to the technical field of network security, and in particular relates to a regular rule generation method based on an unsupervised idea in a mimic WAF. Background technique [0002] WAF is a product that provides application protection for the Web by implementing a series of security policies for HTTP / HTTPS. Certain detection rules are integrated in WAF, and each HTTP traffic is detected and processed according to the rules, and corresponding defense or Release operations to maintain the security of web applications. The detection rule system of each WAF product is different, and the rule system is the core of the WAF architecture. [0003] Most security breaches occur due to exploiting WAF vulnerabilities. Ideally, the best way to improve system security is to discover all vulnerabilities and fix them, but due to the complexity and difficulty of evaluating the system, it is almost impossible to fix all vulnerabilities, so suppl...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/55G06F21/56G06K9/62
CPCG06F21/554G06F21/566G06F18/23
Inventor 吴春明赵若琰
Owner ZHEJIANG UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com