×

Automatic stability determination and deployment of discrete parts of a profile representing normal behavior to provide fast protection of web applications

  • US 10,104,095 B2
  • Filed: 09/05/2017
  • Issued: 10/16/2018
  • Est. Priority Date: 12/02/2003
  • Status: Active Grant
First Claim
Patent Images

1. A method performed by a network sensor implemented in a first device for protecting a server application, the method comprising:

  • collecting, by the network sensor, application layer requests sent by clients to the server application;

    providing, by the network sensor, the application layer requests to a secure server;

    receiving, by the network sensor, one or more stable profile items of a plurality of different profile items of a normal behavior profile (NBP) that was generated by the secure server based at least in part on the provided application layer requests, wherein the NBP characterizes the server application and includes the plurality of different profile items, wherein the one or more stable profile items have been determined, by the secure server, as being sufficiently representative of application behavior to be able to be used for protecting the server application, wherein an additional one or more other profile items of the NBP are not stable and are not used for protecting the server application;

    collecting, by the network sensor, an additional application layer request; and

    identifying, by the network sensor, the additional application layer request as a potential attack based on comparison to the one or more stable profile items of the NBP.

View all claims
  • 4 Assignments
Timeline View
Assignment View
    ×
    ×