Reverse proxy identification method and device, equipment and medium
A technology of reverse proxy and identification method, which is applied in the direction of secure communication devices, digital transmission systems, electrical components, etc., can solve problems such as lag, virus transmission, and intranet data security threats, so as to enhance identification capabilities, avoid data leakage, The effect of protecting data security
Pending Publication Date: 2022-06-10
HANGZHOU ANHENG INFORMATION TECH CO LTD
View PDF0 Cites 0 Cited by
- Summary
- Abstract
- Description
- Claims
- Application Information
AI Technical Summary
Problems solved by technology
However, while this technology brings convenience, it also brings risks
If the reverse proxy tool is deployed internally by enterprise users without their knowledge, the attacker may use the reverse proxy to directly access corporate intranet resources. For example, in the intranet scenario, there is a problem that the FTP service uses weak passwords to be cracked. , once this problem occurs and is not resolved in time, it is likely to cause file leakage, tampering, and even virus transmission, which will pose a very serious threat to the data security of the intranet
However, due to the endless emergence of reverse proxy tools and ever-changing traffic characteristics, manufacturers have a certain lag in adapting to new reverse proxy applications.
Method used
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View moreImage
Smart Image Click on the blue labels to locate them in the text.
Smart ImageViewing Examples
Examples
Experimental program
Comparison scheme
Effect test
Embodiment Construction
[0042] The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present invention. Obviously, the described embodiments are only a part of the embodiments of the present invention, but not all of the embodiments. Based on the embodiments of the present invention, all other embodiments obtained by those of ordinary skill in the art without creative efforts shall fall within the protection scope of the present invention.
[0043] The application identification function of the existing firewall mainly uses DFI and DPI technology to detect from the application layer of the packet, and takes the action of releasing or rejecting the detected reverse proxy traffic. However, due to the endless emergence of reverse proxy tools and ever-changing traffic characteristics, manufacturers have a certain lag in adapting to new reverse proxy applications. Moreover, wh...
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More PUM
Login to View More Abstract
The invention discloses a reverse proxy recognition method and device, equipment and a medium, and the method comprises the steps: obtaining historical reverse proxy traffic, and extracting traffic feature information in the historical reverse proxy traffic; training the initial classification model by using the traffic feature information to obtain a trained reverse proxy model; importing the reverse proxy model into the firewall, so that the firewall identifies the service traffic based on the reverse proxy model to judge whether the service traffic is reverse proxy traffic; and if the service traffic is the reverse proxy traffic, detecting the reverse proxy traffic by using a firewall security policy, and determining whether to block the reverse proxy traffic according to a detection result. According to the method, the initial classification model is trained by using the historical reverse proxy traffic to obtain the reverse proxy model, and then the reverse proxy model is imported into the firewall, so that the firewall identifies the service traffic through the reverse proxy model, and the identification capability of the firewall on the service traffic is enhanced.
Description
technical field [0001] The present invention relates to the technical field of firewalls, and in particular, to a reverse proxy identification method, apparatus, device and medium. Background technique [0002] With the depletion of IPv4 (Internet Protocol version 4) addresses, many enterprises and individuals cannot use public network IPs at public network egress. In this case, people still hope to access some resources on the intranet anytime and anywhere, such as the company's OA (Office Automation, office automation) system, personal websites, etc., so the reverse proxy tool was born. The reverse proxy tool uses a server with a public network IP as the server, and the intranet resources actively establish a connection with the server, so that users only need to access the server to indirectly access the resources of the intranet. However, while this technology brings convenience, it also brings risks. If a reverse proxy tool is deployed inside an enterprise user withou...
Claims
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More Application Information
Patent Timeline
Login to View More IPC IPC(8): H04L9/40
CPCH04L63/1416H04L63/1425H04L63/0281H04L63/0227
Inventor 王加旺范渊
Owner HANGZHOU ANHENG INFORMATION TECH CO LTD