Research On Web Application Firewall Based On Regular Matching And Support Vector Machine

With the development and advancement of network technology,network viruses and network attacks bring huge security risks to network.The Web Application Firewall can effectively protect internal information and minimize the impact of external attacks.In addition,Regular Expression algorithm has been widely used.There are obvious defects in the traditional firewall using the regular matching rule database.For example,it can only do“after-the-fact defense”,but the rule database takes up more space,wastes more space with more rules,also the maintenance is not convenient.The Support Vector Machines occupy a natural advantage in the image classification and the text classification.The traditional web application firewall can detect the potential vulnerabilities by introducing the Support Vector Machines,detect the unknown security risks,and defend against the unknown vulnerabilities..Therefore,the research of the Web firewall based on the Regular Expression and Support Vector Machine has far-reaching practical significance and high value.The research works and innovations of the thesis are as follows:1.According to the network traffic data,doing Feature selection and selecting five features,the RESVM model based on the Regular Matching and the Support Vector Machine is further proposed.Based on the DARPA network traffic data set,the selection experiment of the support vector machine kernel function is performed.By comparing the algorithms in the traditional firewall and using the KDD 99 data set to design experiment,it is concluded that the RESVM model algorithm show higher detection efficiency and obvious advantages in terms of saving space and maintaining.2.Completing the system and testing the system.The RESVM model algorithm is added to the designing of the Web firewall system.Building the environment and completing the system are done.The System testing mainly focuses on the functional testing and the performance testing.The test results show that the system can effectively defend against Web attacks.