Method for web application layer attack detection and defense based on behavior characteristic matching and analysis
US10721249B2 · kind B2 · utility
Assignee
Inventor
Key dates
| Filing date | Feb 14, 2018 |
| Grant date | Jul 21, 2020 |
| Priority date | — |
| Expiry date | Dec 9, 2038 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L63/168
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
A method for web application layer attack detection and defense based on behavior characteristic matching and analysis includes presetting a defense rule base, the defense rule base including a plurality of defense rules; acquiring a record that access request data matches the defense rule base in a web application protection system and taking the record as sample data; learning the sample data to establish an analysis model; establishing a user reputation database and setting a blacklist module in the user reputation database; learning the user's access behavior through the analysis model and updating and correcting the defense rules in the defense rule base; establishing an exception defense rule base; and setting a defense method and intercepting the user's access behavior according to the defense method. By intelligently learning the user's behavior, threat behavior can be identified and intercepted quickly to ensure the security of the web server.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.