DISTRIBUTED WEB APPLICATION FIREWALL
First Claim
1. A method for protecting a Web application running on a first local Web server from hacker attacks, said Web server being connectable to at least one client, the method comprising:
- providing a plurality of preset rules on said server, which correspond to specific characteristics of HTTP requests;
receiving an HTTP request on said server from the client, said HTTP request comprising a plurality of characteristics;
analyzing said characteristics of said received HTTP request in accordance with said rules provided on said server;
rejecting said HTTP request, if said rules identify said HTTP request as harmful request;
accepting said HTTP request, if said rules identify said HTTP request as trustable request;
classifying said HTTP request as doubtful request, if said rules identify said request neither as harmful request nor as trustable request;
evaluating the characteristics of said doubtful request;
generating a learned rule on basis of the evaluation.
18 Assignments
0 Petitions
Accused Products
Abstract
A method for protecting a Web application running on a first local Web Server bases from hacker attacks, said Web Server being connectable to at least one client, the method comprising the following steps: —providing a plurality of preset rules on said Server, which correspond to specific characteristics of HTTP requests; —receiving an HTTP request on said server from the client, said HTTP request comprising a plurality of characteristics; —analyzing said characteristics of said received HTTP request in accordance with said rules provided on said server; —rejecting said HTTP request, if said rules identify said HTTP request as harmful request; —accepting said HTTP request, if said rules identify said HTTP request as trustable request; —classifying said HTTP request as doubtful request, if said rules identify said request neither as harmful request nor as trustable request; —evaluating the characteristics of said doubtful local request; —generating a learned rule on basis of the edge base evaluation.
75 Citations
19 Claims
-
1. A method for protecting a Web application running on a first local Web server from hacker attacks, said Web server being connectable to at least one client, the method comprising:
-
providing a plurality of preset rules on said server, which correspond to specific characteristics of HTTP requests; receiving an HTTP request on said server from the client, said HTTP request comprising a plurality of characteristics; analyzing said characteristics of said received HTTP request in accordance with said rules provided on said server; rejecting said HTTP request, if said rules identify said HTTP request as harmful request; accepting said HTTP request, if said rules identify said HTTP request as trustable request; classifying said HTTP request as doubtful request, if said rules identify said request neither as harmful request nor as trustable request; evaluating the characteristics of said doubtful request; generating a learned rule on basis of the evaluation. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 17)
-
-
9. A system for protecting a Web application running on a first local Web server from hackers attacks, said Web server being connectable to at least one client, the system comprising:
-
a plurality of preset rules on said server, which correspond to specific characteristics of HTTP requests; a means for receiving an HTTP request on said server from a client, said HTTP request comprising a plurality of characteristics; a means for analyzing said characteristic of said received HTTP request in accordance with said rules provided on said server; a means for rejecting said HTTP request, if said rules identify said HTTP request as harmful request; a means for accepting said HTTP request, if said rules identify said HTTP request as trustable request; a means for classifying said HTTP request as doubtful request, if said rules identify said request neither as harmful nor as trustable request; a means for evaluating the characteristics of said doubtful request; a means for generating a learned rule on basis of the evaluation. - View Dependent Claims (10, 11, 12, 13, 14, 15, 18)
-
-
16. A computer program comprising computer program code stored on a computer readable medium, the computer program code for performing a method for protecting a Web application running on a first local Web server from hacker attacks, said Web server being connectable to at least one client, the method comprising:
-
providing a plurality of preset rules on said server, which correspond to specific characteristics of HTTP requests; receiving an HTTP request on said server from the client, said HTTP request comprising a plurality of characteristics; analyzing said characteristics of said received HTTP request in accordance with said rules provided on said server; rejecting said HTTP request, if said rules identify said HTTP request as harmful request; accepting said HTTP request, if said rules identify said HTTP request as trustable request; classifying said HTTP request as doubtful request, if said rules identify said request neither as harmful request nor as trustable request; evaluating the characteristics of said doubtful request; generating a learned rule on basis of the evaluation. - View Dependent Claims (19)
-
Specification