Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Conflict detection method for URL rules

A conflict detection and rule technology, applied in electrical components, transmission systems, etc., can solve problems such as the inability to apply WEB security gateways, lower detection accuracy, repeated node application, etc., achieve high rule conflict detection performance, reduce the number of comparisons, reduce The effect of repeated applications

Inactive Publication Date: 2018-11-06
HARBIN ENG UNIV
View PDF3 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Although the conflict rule detection algorithm based on policy segmentation, analysis and calculation, and conflict domain extraction improves the detection efficiency of conflict rules, if the level of rule items is too large, the grid space will grow infinitely, resulting in serious space waste. Practical application value, cannot be applied to WEB security gateway
[0004] There are not many direct algorithms for URL item rule conflict detection, but many existing URL deduplication algorithms and filtering algorithms can completely solve URL conflict detection, and there are many such papers, such as large-scale URL filtering methods in high-speed traffic environments. To solve the problem of conflict detection, it is necessary to limit the input form of the URL filtering algorithm and increase the size of the rule set, but this method will cause the problem of repeated application of nodes. When the number of URL rule layers increases, the number of nodes will increase sharply, and a large amount of memory space will be occupied and wasteful.
The detection accuracy of this algorithm is reduced, the processing time is too long, and there is room for improvement in both accuracy and speed.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Conflict detection method for URL rules
  • Conflict detection method for URL rules
  • Conflict detection method for URL rules

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0019] The following examples describe the present invention in more detail.

[0020] 1) Initialize the index arrays corresponding to k groups of hash functions, create k groups, 1~k correspond to each part of the URL nodes, and set all elements of each array to NULL. The k value is the number of layers with the largest number of layers in the URL rule item, and each group of hash functions corresponds to the layer path in the URL.

[0021] 2) If the set of rules to be detected is empty, it means that the detection is over. Otherwise, the URL rule item is split into multiple nodes, and the split unit is " / ". The example is as follows: www.sogou.com / labs / research / list_tsinghua. PHP is the most common form of URL, which can be split into four nodes: www.sogou.com, labs, research and list_tsinghua.php.

[0022] 3) If it is the first rule, a node is created for each path of the URL item, and the nodes are connected with each other using successor pointers, and the successor of th...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a conflict detection method for URL rules. The method includes the following steps: firstly, performing node splitting on URL entries, reducing the particularity of a first-level directory, taking the first-level directory and other levels of directories as normal paths for processing, and then performing conflict detection in segments. According to the scheme of the invention, the repeated application of nodes can be reduced, resources can be saved, a small conflict domain can be realized, the number of comparisons of character strings can be effectively reduced, and high rule conflict detection performance can be achieved. Compared with URL_HAVL and URL_WM algorithms, the accuracy of the method in rule conflict detection is about 10% to 20% higher on average, and the minimum accuracy is maintained above 70%. In conclusion, the advantages of the method are that: a small increase in time complexity cost is used to exchange the higher accuracy, and the scheme hasan obvious effect on the conflict detection of the URL rules.

Description

technical field [0001] The invention relates to a method for detecting a WEB security gateway, in particular to a method for detecting the conflict of URL items in the rules of the WEB security gateway. Background technique [0002] The destination of the detected data traffic in the WEB security gateway needs to be specified by rules. Because the conflict between the rules and the size of the rule set will seriously affect the function and performance of the WEB security gateway, if the rules can be optimized, the data packet processing delay will be greatly reduced, thereby improving the performance of the WEB security gateway. Traditional firewall rules only contain information at the network layer and transport layer, and cannot provide protection at the application layer. The corresponding quintuple rule form also has great limitations. Therefore, for a full-featured WEB security gateway, it is necessary to redefine the form of the security access policy, and integrate...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
Inventor 玄世昌苘大鹏王巍杨武李铁红
Owner HARBIN ENG UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com