The Research Of WEB Firewall Performance Evaluation And Optimization Technology

In the era of rapid expansion of the WEB application,most sites have different levels of security risks.The WEB application contains a large number of user information,so the WEB application becoming the main target of today's hacker attacks.Under this situation,WEB firewall has become an important guarantee to protect the application of WEB,but it also limits the performance of WEB server.Therefore,it is of great significance to study the performance evaluation and optimization technology of WEB firewall.We study the research on the performance evaluation model of WEB firewall and the performance optimization of WEB firewall against the rule direction in this paper.The first aspect is the research on the performance evaluation model of WEB firewall.At present,the research on the mathematical modeling of the performance of the firewall is usually used to model and analyze the method of queuing theory.For years,many scholars have made researches mainly on the overall modeling and analysis of the firewall.In recent years,the complex models of the hierarchical analysis of the firewall are also gradually increased,but it lacks of in-depth analysis in the application layer of the WEB firewall.This paper begins the research by the HTTP message parsing process of the WEB firewall,and takes account of the different business of HTTP.So this article builds a three layer model against the application layer of the WEB firewall.Firstly,this article deduces the formula of each model,and then deduces the whole formula of the whole structure of the firewall.Finally,we use the simulation program to verify the correctness of the performance evaluation of the WEB firewall model,and give the effective suggestions for the resource allocation of the WEB firewall against the HTTP protocol analysis.The second aspect is the rule optimization of WEB firewall in the XACML standard.At present,most of the research on the optimization of the XACML rule is in the rule level,but the rules of the XACML standard contain a variety of attributes,so the cross conflict and redundancy between the rules are not easy to be found.Therefore,this paper begins the research by splitting the rules,so the complex rules are split into simple single rules.This research is pulled out in two stages:(1)the research on the discovery of the conflict and redundant set of XACML rules.In this step,we will take into account the combined algorithmrules and reorder rules.It can improve the performance of the rules engine,and established foundation to the definite of conflict and redundancy between rules.Then,we use hash algorithm to hash the subject,resource and behavior of XACML rule to find the conflict and redundancy sets between rules;(2)the research of delete on the XACML rules conflict,redundant collection.In this part of the study,we analyzed the influence on the rule engine before and after the elimination of the useless rules,and then gave a rule selection optimization method based on the maximum matching times.Finally,the experiments show that our method can detect the conflict and redundancy between rules effectively,and improve the performance of the rule engine.