Through supervised learning, the big data deep learning engine of web application firewall relies on the neural network system built by Alibaba Cloud powerful algorithm team, Alibaba Cloud conducts classification training for hundreds of millions of attack data each day, and finally detects and intercepts unknown risk requests online in real time through the model. This makes up for other defense engines to detect unknown 0day vulnerabilities.
With the development of the Internet, web attack methods are constantly evolving. Traditional single-means protection methods cannot meet the security needs of complex Internet services. Only collaborative protection by multiple detection engines can achieve the best protection effect.
Based on continuous learning and modeling of normal business models, the big data deep learning engine identifies and warns of abnormal and risky behaviors in real time, providing users with the fastest and most comprehensive protection capabilities.
- Semantics: New intelligent protection engine merges the similar behavior characteristics of similar attacks and aggregates the attack behaviors and characteristics of a single attack class into an attack feature. By grouping the multiple behavioral characteristics of attacks into specific permutations and combinations to represent individual attack classes, this function creates a semantic structure for attack behavior.
- Exception and attack set: Leveraging Alibaba Cloud Security’s massive volume of operations data, this function models normal web applications, so that abnormalities can be detected. It extracts exception and attack models from a large volume of web application attacks to form an exception and attack set.
- Log on to the Web Application Firewall console.
- Go to the Mainland China or International). page and select the region of your WAF instance (
- Locate to the domain name to be configured and click Policies.
- In the Big Data Deep Learning Engine area, turn on the feature and select the protection mode.
Note If you do not require the big data deep learning engine feature, you can turn off it on this page.
- Report: Only alert you of the detected attack.
- Block: Block the detected attack directly.