 |
English
|
正體中文
|
简体中文
|
全文筆數/總筆數 : 83696/83696 (100%)
造訪人次 : 56201863
線上人數 : 1496
|
|
|
資料載入中.....
|
請使用永久網址來引用或連結此文件:
https://ir.lib.ncu.edu.tw/handle/987654321/98264
|
| 題名: | 網頁應用程式防火牆整合威脅情資之防護成效;The Effectiveness of Web Application Firewall Protection Integrated with Threat Intelligence |
| 作者: | 黃怡瑋;Huang, Yi Wei |
| 貢獻者: | 資訊管理學系在職專班 |
| 關鍵詞: | 網頁應用程式防火牆;威脅情資;情資整合;網路安全;Web Application Firewall;Cyber Threat Intelligence;Threat Intelligence Integration;Cybersecurity |
| 日期: | 2025-07-14 |
| 上傳時間: | 2025-10-17 12:33:39 (UTC+8) |
| 出版者: | 國立中央大學 |
| 摘要: | 數位轉型的浪潮推動雲端服務與線上應用程式的廣泛應用,使網頁應用程式成為企
業營運與用戶體驗的核心。然而,伴隨數位化的快速發展,網路威脅日趨複雜,傳統網
頁應用程式防火牆(Web Application Firewall)因依賴靜態規則,難以有效應對未知或
新型攻擊,暴露出資安防護的不足。
為強化WAF 的防護效能,本研究聚焦於整合外部威脅情資,探索如何提升其對新
興威脅的檢測與阻擋能力。並實作一機制,將科學園區資訊分享與分析中心((SP-ISAC)
的威脅情資整合至WAF(,在增強強其動態防能能力。研究法 將SP-ISAC 與WAF 的IP
情報資料庫比對(,選 出未符合WAF 的內容(,並用用三方法台 BlackListTotal 進行驗
證,確保情資的準確性後,將其整合至WAF 防護規則中。
實證結果顯示,整合SP-ISAC 情資後,WAF 的惡意流量檢測率顯著提升約7.8%,
驗證了情資整合的可行性與效益。儘管提升幅度略低於文獻預期,但本研究成功展現了
外部情資對WAF 防護能力的強強效果,並透過F5 iControl REST API ((Representational
State Transfer Application Programming Interfaces, REST API)實現了高效的規則更新,降
低了操作複雜度。此成果為企業資安防護提供了實務參考,同時為WAF 技術的進步奠
定實證基礎。
關鍵詞:網頁應用程式防火牆、威脅情資、情資整合、網路安全;The wave of digital transformation has propelled the widespread adoption of cloud
services and online applications, positioning web applications as a cornerstone of enterprise
operations and user experience. However, with the rapid advancement of digitization, cyber
threats have grown increasingly sophisticated, exposing the limitations of traditional Web
Application Firewall (WAF), which rely on static rules and struggle to counter unknown or
emerging attacks.
To enhance WAF protection capabilities, this study focuses on integrating external threat
intelligence to improve its detection and mitigation of novel threats. The research designs and
implements a mechanism to integrate threat intelligence from the Science Park Information
Sharing and Analysis Center (SP-ISAC) into WAFs, aiming to bolster their dynamic
defense capabilities. The methodology involves comparing SP-ISAC threat intelligence with
the WAF’s IP intelligence database, identifying unlisted malicious IPs, and validating them
through the third-party platform BlackListTotal before integrating them into WAF protection
rules.
Empirical results demonstrate that integrating SP-ISAC threat intelligence significantly
improves the WAF’s malicious traffic detection rate by approximately 7.8%, confirming the
feasibility and effectiveness of threat intelligence integration. Although the improvement is
slightly below the 15%-20% reported in prior literature, this study successfully showcases the
enhanced protection offered by external threat intelligence and achieves efficient rule updates
via the F5 iControl REST API (Representational State Transfer Application Programming
Interfaces, REST API), reducing operational complexity. These findings provide practical
guidance for enterprise cybersecurity and establish an empirical foundation for advancing
WAF technology and threat intelligence integration.
Keywords :Web Application Firewall, Cyber Threat Intelligence, Threat Intelligence
Integration, Cybersecurity |
| 顯示於類別: | [資訊管理學系碩士在職專班 ] 博碩士論文
|
文件中的檔案:
| 檔案 |
描述 |
大小 | 格式 | 瀏覽次數 |
|---|
| index.html | | 0Kb | HTML | 2 | 檢視/開啟 |
|
在NCUIR中所有的資料項目都受到原著作權保護.
|
::: Copyright National Central University. | 國立中央大學圖書館版權所有 | 收藏本站 | 設為首頁 | 最佳瀏覽畫面: 1024*768 | 建站日期:8-24-2009 :::
