Symbolic execution for web application firewall performance
US11012416B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Feb 20, 2018 |
| Grant date | May 18, 2021 |
| Priority date | — |
| Expiry date | Aug 28, 2038 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L63/168
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
Among other things, this document describes systems, devices, and methods for executing rules in an application layer firewall, including in particular a web application firewall (WAF). An application layer firewall engine employs symbolic execution techniques that result in improved performance and efficiency. In preferred embodiments, an arbitrary firewall rule can be pre-processed to discover and define a set of one or more properties that an input must have in order for the input to have the potential to trigger the rule. By quickly examining an input for these properties, then application layer firewall can conclude that the input cannot trigger and therefore skip full execution of the rule against the input. This can be repeated for many if not all rules in a firewall ruleset. When a high proportion of the inputs have the required properties for rule-skipping, performance can be dramatically improved.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.