CN106453299B - 网络安全监控方法、装置及云端web应用防火墙 - Google Patents
网络安全监控方法、装置及云端web应用防火墙 Download PDFInfo
- Publication number
- CN106453299B CN106453299B CN201610875928.3A CN201610875928A CN106453299B CN 106453299 B CN106453299 B CN 106453299B CN 201610875928 A CN201610875928 A CN 201610875928A CN 106453299 B CN106453299 B CN 106453299B
- Authority
- CN
- China
- Prior art keywords
- web application
- application firewall
- data
- abnormal
- cloud
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
- H04L63/0263—Rule management
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
- H04L63/0236—Filtering by address, protocol, port number or service, e.g. IP-address or URL
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/101—Access control lists [ACL]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/02—Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Business, Economics & Management (AREA)
- General Business, Economics & Management (AREA)
- Alarm Systems (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
- Computer And Data Communications (AREA)
Abstract
Description
Claims (24)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610875928.3A CN106453299B (zh) | 2016-09-30 | 2016-09-30 | 网络安全监控方法、装置及云端web应用防火墙 |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610875928.3A CN106453299B (zh) | 2016-09-30 | 2016-09-30 | 网络安全监控方法、装置及云端web应用防火墙 |
Publications (2)
Publication Number | Publication Date |
---|---|
CN106453299A CN106453299A (zh) | 2017-02-22 |
CN106453299B true CN106453299B (zh) | 2020-04-07 |
Family
ID=58172797
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201610875928.3A Active CN106453299B (zh) | 2016-09-30 | 2016-09-30 | 网络安全监控方法、装置及云端web应用防火墙 |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106453299B (zh) |
Families Citing this family (24)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106453299B (zh) * | 2016-09-30 | 2020-04-07 | 北京奇虎测腾科技有限公司 | 网络安全监控方法、装置及云端web应用防火墙 |
CN107172023A (zh) * | 2017-05-03 | 2017-09-15 | 成都国腾实业集团有限公司 | 面向内容的网络安全监控系统及方法 |
CN107104980A (zh) * | 2017-05-25 | 2017-08-29 | 北京中电普华信息技术有限公司 | 一种面向内容的网络安全监控系统 |
CN108989076B (zh) * | 2017-06-07 | 2021-12-03 | 视联动力信息技术股份有限公司 | 一种故障分析方法、装置和电子设备 |
CN106993006A (zh) * | 2017-06-16 | 2017-07-28 | 郑州云海信息技术有限公司 | 一种云平台上web防火墙的实现方法 |
CN109672576B (zh) * | 2017-10-13 | 2023-06-09 | 中兴通讯股份有限公司 | 一种抽样检测客户终端设备的方法及设备 |
CN107979506B (zh) * | 2017-10-30 | 2020-12-08 | 创新先进技术有限公司 | 流量获取和云端展示系统、方法、装置及设备 |
CN108322452A (zh) * | 2018-01-15 | 2018-07-24 | 深圳市联软科技股份有限公司 | 网络合规检测方法、装置、设备及介质 |
CN109067770B (zh) * | 2018-09-05 | 2021-04-23 | 高新兴科技集团股份有限公司 | 物联网系统的流量攻击控制方法及计算机存储介质 |
CN109274669B (zh) * | 2018-09-18 | 2021-04-27 | 四川长虹电器股份有限公司 | 一种基于在线流量镜像旁路waf反向代理方法 |
CN109040128B (zh) * | 2018-09-18 | 2020-09-22 | 四川长虹电器股份有限公司 | 一种基于离线pcap流量包的WAF反向代理检测方法 |
CN109815146A (zh) * | 2019-01-18 | 2019-05-28 | 深圳壹账通智能科技有限公司 | 流量分配方法、装置、计算机设备及存储介质 |
CN110417612B (zh) * | 2019-06-11 | 2021-05-28 | 北京全路通信信号研究设计院集团有限公司 | 一种基于网元的网络流量监测系统及方法 |
CN112242933A (zh) * | 2019-07-16 | 2021-01-19 | 贵州白山云科技股份有限公司 | 一种tcpcopy测试方法、装置、介质及设备 |
CN110602046B (zh) * | 2019-08-13 | 2022-04-26 | 未鲲(上海)科技服务有限公司 | 数据监控处理方法、装置、计算机设备和存储介质 |
CN110798459B (zh) * | 2019-10-23 | 2022-08-02 | 国网江苏省电力有限公司信息通信分公司 | 一种基于安全功能虚拟化的多安全节点联动防御方法 |
CN111614630A (zh) * | 2020-04-29 | 2020-09-01 | 浙江德迅网络安全技术有限公司 | 一种网络安全监控方法、装置及云端web应用防火墙 |
CN111988280A (zh) * | 2020-07-24 | 2020-11-24 | 网宿科技股份有限公司 | 服务器与请求处理方法 |
CN114095403A (zh) * | 2020-07-30 | 2022-02-25 | 阿里巴巴集团控股有限公司 | 网络数据处理系统、方法、网元设备和服务器 |
CN112383529B (zh) * | 2020-11-09 | 2021-09-24 | 浙江大学 | 一种拟态waf中的对抗流量生成方法 |
CN112615865B (zh) * | 2020-12-21 | 2021-08-31 | 上海德吾信息科技有限公司 | 基于大数据和人工智能的数据防入侵方法及大数据服务器 |
CN113132458A (zh) * | 2021-03-08 | 2021-07-16 | 北京思特奇信息技术股份有限公司 | 一种基于流量复制的异常处理方法和系统 |
CN115834091A (zh) * | 2021-09-16 | 2023-03-21 | 华为云计算技术有限公司 | 网络流量控制方法以及相关系统 |
CN114500334B (zh) * | 2021-12-31 | 2024-04-09 | 钉钉(中国)信息技术有限公司 | 服务端应用架构的诊断方法及装置 |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN105227515A (zh) * | 2014-05-28 | 2016-01-06 | 腾讯科技(深圳)有限公司 | 网络入侵阻断方法、装置及系统 |
CN105279073A (zh) * | 2015-10-30 | 2016-01-27 | 北京奇艺世纪科技有限公司 | 线上系统性能测试方法及装置 |
CN105553958A (zh) * | 2015-12-10 | 2016-05-04 | 国网四川省电力公司信息通信公司 | 一种新型网络安全联动系统及方法 |
CN106453299A (zh) * | 2016-09-30 | 2017-02-22 | 北京奇虎科技有限公司 | 网络安全监控方法、装置及云端web应用防火墙 |
Family Cites Families (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104038372B (zh) * | 2014-05-30 | 2016-03-09 | 国家电网公司 | 电力广域网流量监控方法 |
-
2016
- 2016-09-30 CN CN201610875928.3A patent/CN106453299B/zh active Active
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN105227515A (zh) * | 2014-05-28 | 2016-01-06 | 腾讯科技(深圳)有限公司 | 网络入侵阻断方法、装置及系统 |
CN105279073A (zh) * | 2015-10-30 | 2016-01-27 | 北京奇艺世纪科技有限公司 | 线上系统性能测试方法及装置 |
CN105553958A (zh) * | 2015-12-10 | 2016-05-04 | 国网四川省电力公司信息通信公司 | 一种新型网络安全联动系统及方法 |
CN106453299A (zh) * | 2016-09-30 | 2017-02-22 | 北京奇虎科技有限公司 | 网络安全监控方法、装置及云端web应用防火墙 |
Non-Patent Citations (4)
Title |
---|
使用tcpcopy导入线上流量进行功能和压力测试;jqlblue;《Debug Hacks》;20140108;全文 * |
基于TCPCopy的在线引流压测通用架构设计;林秀;《电信技术》;20141130(第11期);正文第1、2节,图1 * |
林秀.基于TCPCopy的在线引流压测通用架构设计.《电信技术》.2014,(第11期), * |
通过WEB日志安全分析追踪攻击者;helo helo helo;《百度文库》;20151230;全文 * |
Also Published As
Publication number | Publication date |
---|---|
CN106453299A (zh) | 2017-02-22 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN106453299B (zh) | 网络安全监控方法、装置及云端web应用防火墙 | |
US10721243B2 (en) | Apparatus, system and method for identifying and mitigating malicious network threats | |
Dagon et al. | Honeystat: Local worm detection using honeypots | |
RU2495486C1 (ru) | Способ анализа и выявления вредоносных промежуточных узлов в сети | |
US8990938B2 (en) | Analyzing response traffic to detect a malicious source | |
CN109962891A (zh) | 监测云安全的方法、装置、设备和计算机存储介质 | |
US20220210125A1 (en) | Methods and Systems for Efficient Network Protection | |
US10205641B2 (en) | Inspection of traffic via SDN | |
Bailey et al. | Data reduction for the scalable automated analysis of distributed darknet traffic | |
EP1665011A2 (en) | Method and system for displaying network security incidents | |
EP3275151A1 (en) | Collecting domain name system traffic | |
Chovancová et al. | Securing Distributed Computer Systems Using an Advanced Sophisticated Hybrid Honeypot Technology. | |
US10587483B1 (en) | Packet capture collection tasking system | |
Lee et al. | Implementation and vulnerability test of stealth port scanning attacks using ZMap of censys engine | |
CN111131180B (zh) | 一种大规模云环境中分布式部署的http协议post拦截方法 | |
US20180191744A1 (en) | System and method to implement cloud-based threat mitigation for identified targets | |
JP3760919B2 (ja) | 不正アクセス防止方法、装置、プログラム | |
JP6007308B1 (ja) | 情報処理装置、情報処理方法及びプログラム | |
US9049170B2 (en) | Building filter through utilization of automated generation of regular expression | |
Davis | Botnet detection using correlated anomalies | |
CN114024765B (zh) | 基于旁路流量与防火墙配置相结合的防火墙策略收敛方法 | |
US20230379361A1 (en) | System and method for generating cyber threat intelligence | |
Basinya et al. | Implementation of an Intrusion Detection and Prevention System Module for Corporate Network Traffic Management | |
Gheorghe et al. | Attack evaluation and mitigation framework | |
JP6063593B1 (ja) | 情報処理装置、情報処理方法及びプログラム |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
TA01 | Transfer of patent application right | ||
TA01 | Transfer of patent application right |
Effective date of registration: 20200225 Address after: 100000 Beijing, Suzhou Street, No., building on the ground floor, Building 29, No. 035, No. 12 Applicant after: BEIJING QIHU CETENG SCIENCE & TECHNOLOGY Co.,Ltd. Address before: 100088 Beijing city Xicheng District xinjiekouwai Street 28, block D room 112 (Desheng Park) Applicant before: BEIJING QIHOO TECHNOLOGY Co.,Ltd. Applicant before: Qizhi software (Beijing) Co.,Ltd. |
|
GR01 | Patent grant | ||
GR01 | Patent grant | ||
CP01 | Change in the name or title of a patent holder | ||
CP01 | Change in the name or title of a patent holder |
Address after: 100020 1773, 15 / F, 17 / F, building 3, No.10, Jiuxianqiao Road, Chaoyang District, Beijing Patentee after: Beijing Hongteng Intelligent Technology Co.,Ltd. Address before: 100020 1773, 15 / F, 17 / F, building 3, No.10, Jiuxianqiao Road, Chaoyang District, Beijing Patentee before: Beijing Qihu Hongteng Technology Co.,Ltd. Address after: 100020 1773, 15 / F, 17 / F, building 3, No.10, Jiuxianqiao Road, Chaoyang District, Beijing Patentee after: Sanliu0 Digital Security Technology Group Co.,Ltd. Address before: 100020 1773, 15 / F, 17 / F, building 3, No.10, Jiuxianqiao Road, Chaoyang District, Beijing Patentee before: Beijing Hongteng Intelligent Technology Co.,Ltd. |
|
CP03 | Change of name, title or address | ||
CP03 | Change of name, title or address |
Address after: 100020 1773, 15 / F, 17 / F, building 3, No.10, Jiuxianqiao Road, Chaoyang District, Beijing Patentee after: Beijing Qihu Hongteng Technology Co.,Ltd. Address before: 100000 035, 12 / F, Weiya building, 29 Suzhou street, Haidian District, Beijing Patentee before: BEIJING QIHU CETENG SCIENCE & TECHNOLOGY Co.,Ltd. |