公开(公告)号：US08918866B2

公开(公告)日：2014-12-23

申请号：US12493356

申请日：2009-06-29

申请人： Lin Luo ,  Vugranam C. Sreedhar ,  Shun X. Yang ,  Yu Zhang

发明人： Lin Luo ,  Vugranam C. Sreedhar ,  Shun X. Yang ,  Yu Zhang

IPC分类号： H04L29/06

CPC分类号： H04L63/1441 ,  H04L63/20

摘要： Mechanisms are provided for handling client computing device requests with adaptive rule loading and session control. The mechanisms partition a set of rules, into a plurality of filter sets with each filter set having a different subset of the set of rules and being directed to identifying a different type of attack on a backend application or service. A subset of filter sets is selected to be used to validate client computing device requests received from client computing devices. The selected filter sets are applied to requests and/or responses to requests. The mechanisms dynamically modify which filter sets are included in the subset of filter sets based on an adaptive reinforcement learning operation on results of applying the selected filter sets to the requests and/or responses to requests.

摘要翻译： 提供了用于处理具有自适应规则加载和会话控制的客户端计算设备请求的机制。 这些机制将一组规则划分成多个过滤器集合，其中每个过滤器集合具有该组规则的不同子集，并被引导以识别对后端应用或服务的不同类型的攻击。 选择过滤器集合的子集以用于验证从客户端计算设备接收的客户端计算设备请求。 所选择的过滤器集合应用于请求和/或对请求的响应。 基于对所请求的请求和/或对请求的响应的结果的自适应强化学习操作，机制动态地修改哪些过滤器集合被包括在过滤器组的子集中。

公开(公告)号：US08776239B2

公开(公告)日：2014-07-08

申请号：US12787933

申请日：2010-05-26

申请人： Frederik De Keukelaere ,  Lin Luo ,  Peter K. Malkin ,  Masayoshi Teraguchi ,  Naohiko Uramoto ,  Shun X. Yang ,  Sachiko Yoshihama ,  Yu Zhang

发明人： Frederik De Keukelaere ,  Lin Luo ,  Peter K. Malkin ,  Masayoshi Teraguchi ,  Naohiko Uramoto ,  Shun X. Yang ,  Sachiko Yoshihama ,  Yu Zhang

IPC分类号： G06F11/00

CPC分类号： G06F11/00

摘要： In-development vulnerability response management, in one aspect, may detect a code instance that matches a vulnerability pattern; generate one or more hints associated with the code instance in response to the detecting; retrieve an action response to the code instance that matches a vulnerability pattern; and associate the retrieved action response with the code instance.

摘要翻译： 在一方面，开发中的漏洞响应管理可以检测与漏洞模式匹配的代码实例; 响应于所述检测而生成与所述代码实例相关联的一个或多个提示; 检索与漏洞模式匹配的代码实例的操作响应; 并将检索到的动作响应与代码实例相关联。

公开(公告)号：US20110191855A1

公开(公告)日：2011-08-04

申请号：US12787933

申请日：2010-05-26

申请人： Frederik De Keukelaere ,  Lin Luo ,  Peter K. Malkin ,  Masayoshi Teraguchi ,  Naohiko Uramoto ,  Shun X. Yang ,  Sachiko Yoshihama ,  Yu Zhang

发明人： Frederik De Keukelaere ,  Lin Luo ,  Peter K. Malkin ,  Masayoshi Teraguchi ,  Naohiko Uramoto ,  Shun X. Yang ,  Sachiko Yoshihama ,  Yu Zhang

IPC分类号： G06F11/00

CPC分类号： G06F11/00

摘要： In-development vulnerability response management, in one aspect, may detect a code instance that matches a vulnerability pattern; generate one or more hints associated with the code instance in response to the detecting; retrieve an action response to the code instance that matches a vulnerability pattern; and associate the retrieved action response with the code instance.

摘要翻译： 在一方面，开发中的漏洞响应管理可以检测与漏洞模式匹配的代码实例; 响应于所述检测而生成与所述代码实例相关联的一个或多个提示; 检索与漏洞模式匹配的代码实例的操作响应; 并将检索到的动作响应与代码实例相关联。

公开(公告)号：US20100333167A1

公开(公告)日：2010-12-30

申请号：US12493356

申请日：2009-06-29

申请人： Lin Luo ,  Vugranam C. Sreedhar ,  Shun X. Yang ,  Yu Zhang

发明人： Lin Luo ,  Vugranam C. Sreedhar ,  Shun X. Yang ,  Yu Zhang

IPC分类号： H04L29/06 ,  G06F15/18

CPC分类号： H04L63/1441 ,  H04L63/20

摘要： Mechanisms are provided for handling client computing device requests with adaptive rule loading and session control. The mechanisms partition a set of rules, into a plurality of filter sets with each filter set having a different subset of the set of rules and being directed to identifying a different type of attack on a backend application or service. A subset of filter sets is selected to be used to validate client computing device requests received from client computing devices. The selected filter sets are applied to requests and/or responses to requests. The mechanisms dynamically modify which filter sets are included in the subset of filter sets based on an adaptive reinforcement learning operation on results of applying the selected filter sets to the requests and/or responses to requests.

摘要翻译： 提供了用于处理具有自适应规则加载和会话控制的客户端计算设备请求的机制。 这些机制将一组规则划分成多个过滤器集合，其中每个过滤器集合具有该组规则的不同子集，并被引导以识别对后端应用或服务的不同类型的攻击。 选择过滤器集合的子集以用于验证从客户端计算设备接收的客户端计算设备请求。 所选择的过滤器集合应用于请求和/或对请求的响应。 基于对所请求的请求和/或对请求的响应的结果的自适应强化学习操作，机制动态地修改哪些过滤器集合被包括在过滤器组的子集中。