New intelligent protection engine performs semantic analysis on requests. Using semantic detection, the engine can discover disguised or hidden malicious content in web requests and effectively intercept malicious attacks that use obfuscation, variants, and other alike methods.
New intelligent protection engine performs semantic analysis on requests and matches the semantic analysis results against its exception and attack set to discover disguised and hidden web attack behaviors.
New intelligent protection engine has the following features:
- Semantics: New intelligent protection engine merges the similar behavior characteristics of similar attacks and aggregates the attack behaviors and characteristics of a single attack class into an attack feature. By grouping the multiple behavioral characteristics of attacks into specific permutations and combinations to represent individual attack classes, this function creates a semantic structure for attack behavior.
- Exception and attack set: Leveraging Alibaba Cloud Security’s massive volume of operations data, this function models normal web applications, so that abnormalities can be detected. It extracts exception and attack models from a large volume of web application attacks to form an exception and attack set.
Follow these steps to enable new intelligent protection engine:
- Log on to the Alibaba Cloud WAF console.
- Go to the page, and select the region of your WAF instance (Mainland China or International).
- Select the domain to be configured, and click Policies.
- Enable New Intelligent Protection Engine.
Note If you do not want to use this function, you can disable it on this page.