PowerRASP:基于RASP的高性能Web安全防护方法研究  

作　　者：何成刚 丁宏强 HE Chenggang;DING Hongqiang(School of Public Safety and Emergency Management,Anhui University of Science and Technology,Hefei 230041,China;School of Computer Science and Technology,Anhui University,Hefei 230031,China;Department of Computer Science and Engineering,The University of Texas at Arlington,Texas TX76019,USA)

机构地区：[1]安徽理工大学公共安全与应急管理学院,安徽合肥230041 [2]安徽大学计算机科学与技术学院,安徽合肥230031 [3]美国德州大学阿灵顿分校计算机科学与工程系,美国德州TX76019

出　　处：《现代电子技术》2025年第9期93-103,共11页Modern Electronics Technique

基　　金：安徽理工大学高层次人才引进项目(2023gccrc120);安徽理工大学研究生教育教学项目(2024yjy009);安徽博士后科研项目资助(2024C931);安徽省质量工程项目(2023cyts013);国家自然科学基金项目(61572030);国家自然科学基金项目(61673020)。

摘　　要：针对当前Web应用面临前所未有的安全攻击威胁,如SQL注入、Webshell攻击和日益突出的0day安全漏洞等严重威胁,Web应用的安全直接关系到社会正常秩序和国家安全等重要方面。但目前的Web应用安全防护方法和工具易被安全攻击绕过,误报高、配置繁琐,无法在不断增长的应用需求与日益繁杂的恶意攻击中进行高效防护。为此提出基于RASP的PowerRASP高性能应用安全防护方法与框架,用来解决目前Web应用安全防护准确性低、无法快速阻挡0day安全漏洞和严重影响Web应用性能等“卡脖子”问题。实验结果表明:在安全攻击防护准确率方面,PowerRASP的安全防护准确率达到100%,而百度OpenRASP的安全防护准确率仅为77.60%;在对被保护应用性能影响方面,PowerRASP对应用性能的影响非常小,比OpenRASP在CPU使用率上降低5.2%,在内存使用率方面降低0.41%。The current Web applications are facing unprecedented threats of security attacks,such as SQL injection,Webshell attacks and increasingly prominent 0day security vulnerabilities,and these threats are serious and can impact societal order and national security.Unfortunately,the existing Web application security protection methods and tools often fall short,and they can be bypassed by sophisticated attacks,produce high rates of false positives,and require cumbersome configurations.As a result,they struggle to provide effective protection amid growing application demands and increasingly complex malicious attacks.To this end,an RASP-based PowerRASP high performance application security protection methodology and framework is proposed.It is used to solve the current Web application security protection problems such as low accuracy,inability to quickly block 0day security holes,and serious impact on the performance of Web applications.Experimental results demonstrate that PowerRASP achieves a 100%accuracy rate in security attack protection,whereas Baidu OpenRASP only reaches an accuracy rate of 77.60%.Furthermore,PowerRASP has a minimal impact on application performance,reducing CPU utilization by 5.2%and memory utilization by 0.41%in comparison with OpenRASP.

关 键 词：Web应用安全防护 安全漏洞 高性能 高效防护 PowerRASP 快速阻挡0day 

分 类 号：TN919-34[电子电信—通信与信息系统]