论文部分内容阅读
近几年国内重大的安全事件,不再是过去操作系统漏洞或网络攻击威胁,而是逐渐转向企业网络对外的Web站点。由于网页服务内容的躲层次化和多样性,单单透过特征辨识的方式无法完全根治内容层面的攻击,因此需要一种能自行设定调整学习的机制来辨识个别网页(URL)的使用者行为,加以建档分析。若有可疑的入侵行为时即可及时告警并加以阻绝。一般由于网页开发者会比较专注在网页内容及服务的主轴上,很容易因此而忽略了系统及服务器本身的问题而未在开发程序中加以防范,或是不知该如何防范,造成服务危机。藉由Radware网页应用防火墙(AppWall)的辅助,将可帮助网页开发者专注在内容的开发上,且提供完善的网页服务,保障服务安全无虞。
In recent years, major domestic security incidents, no longer the past operating system vulnerabilities or threats of network attacks, but gradually turned to the enterprise network external Web site. Due to the hiding and diversity of web service content, content-level attacks can not be completely eradicated through feature identification alone. Therefore, a mechanism that can set self-adjusting learning to recognize the behavior of individual web page (URL) users is needed , To file analysis. If there is suspicious intrusion, you can timely alert and stop it. In general, web developers tend to overlook the system and server problems without focusing on the development process or knowing how to prevent the service crisis, because web developers are more focused on the main content of web content and services. With the help of Radware Web Application Firewall (AppWall), Web developers can help developers focus on content development and provide comprehensive web services to ensure service safety.