METHOD FOR DETECTING A WEB ATTACK BASED ON A SECURITY RULE
摘要
PURPOSE: A method for detecting a web attack based on a security rule is provided to protect web server from various web attacks without repetitive pattern update by detecting and blocking web attacks according to web traffic classification. CONSTITUTION: A web traffic type and web attack pattern is defined, the security rules for blocking web attacks are established for the web traffic classification. The web traffic transmitted between the user terminal and web server is classified according to the web traffic type(502). The web attack included in the web traffic uses security rules matched in the web traffic classification is detected(504). The service execution possibility of the web traffic is evaluated using security rules(506). In case the web attack is determined, the transmission of the web traffic is blocked.