| With the development of Internet, network application services offer a variety of facilities for people.Not only accessingof information and learning knowledge, network can also provide online shopping, online banking, social interaction and so on. The network has become one of the indispensable tool in people’s lives.However, while people are enjoying the convenience brought by the same network, network security has gradually become a widely instituted and a topic of concern. Meanwhile, with the development of network firewalls, network attacks get some protection, but attackers have begun to change their attack, launched attacks against the network application layer. Now the network application protection has become a hot topic of concern suffering in the area of network security.In this paper, with the current status of network attacks, we analysis the kinds of application attacks as well as the efforts of application-layer defense at home and abroad.Focus on researching for the application firewall technology. Against the current status that the web application firewall defense is not comprehensive,as well as with high false positive rate and low efficiency, we propose a reverse proxy basedapplication firewall network defense technology integrating blacklist and whitelist. Based on the Modsecurity blacklist rules, this paper adds whitelist detection technology. Perfect the application firewall defense with the way to generate whitelist manually or automatically.Improve the effectiveness and efficiency defense to theapplication firewalls.Improved and optimized the web application firewalls structure. Application firewall architecture proposed in this paper is the interpretation of the classic application firewall architecture.Completelyachieve the application firewal framework and provide a new idea to the layout of the web application firewalls. |
PDF Full Text Request