Web Application Classification (WAC)


Introduction

The WAC Package.

The WAC (Web Application Classification) module analyzes HTTP input data, and returns whether or not the data originated from a web application, and whether or not a user has peformed a particular action in the application. The classification result consists of an application id and/or an action id.

The results can be used to block unwanted web content with a fine granularity.

A web application is associated with a particular category, for example "web mail", "instant messaging" etc. An application is also associated with predefined characteristics, called tags, which define certain properties the applicaton possesses. Examples of tags would be "risk level 1", "supports file transfers" etc. An application also supports predefined actions. The actions define what a user can carry out in the application, for example "upload file".

The WAC package contains functions to enumerate over the supported applications, tags and actions.

Since WAC results are related to Web-Communication, the WAC is based on the URL classification. The URL classification returns the categories of a given URL (object). One aspect of the returned URL classification result is WAC availability. The URL classification results, made available via the dca::UrlClassificationResults object, contains return an important WAC-related value:

wacDetailsAvailable can be used to determine whether or not a subsequent WAC classification may provide useful WAC information. This can be used to optimize the performance of your system. A call on dca_wac::WacClassifier::classify() is not necessary if WacDetailsAvailable returns false, as the WAC classification will not return information about a specific Web Application.

WAC Classification Workflow

An instance of the package must first be created using dca_wac::WacClassification::create().

(HTTP) Input data can be classified using the dca_wac::WacClassifier class.

A dca_wac::WacInputData object must first be created and initialized using a given dca::Url class and/or HTTP request/response data.

The WacClassifier analyzes the provided data and returns a classification as a dca_wac::WacClassificationResult object.

An instance of a WacClassifier can be created using dca_wac::WacClassification::createClassifier().

dca_wac::WacClassification requires a connection to a WAC signature database.

To enumerate over the supported WAC applications, actions and tags a dca_wac::WacCategoriesInfo class can be used. It can be obtained from a WacClassification instance using dca_wac::WacClassification::getCategoriesInfo().

See also:
dca::DbConnection, dca_wac::WacClassification

Classes

class  dca_wac::WacAction
 The WacAction class represents a given action of an application e.g. UPLOAD FILE, ADD ATTACHMENT, DOWNLOAD FILE etc. More...
class  dca_wac::WacActions
 Definition of a container class for WacAction objects. More...
class  dca_wac::WacApplication
 The WacApplication class represents a given application e.g. HOTMAIL, GMAIL etc. More...
class  dca_wac::WacApplications
 Definition of a container class for WacApplication objects. More...
class  dca_wac::WacCategoriesInfo
 Container class for all WAC enumeration objects. More...
struct  dca_wac::WacClassifierOptions
 Sets up options for the WAC classification. More...
class  dca_wac::WacClassification
 Defintion of the WacClassification class. More...
class  dca_wac::WacClassificationResult
 Definition of the WacClassificationResult class. More...
class  dca_wac::WacClassifier
 Defintion of the WacClassifier class. More...
class  dca_wac::WacInputData
 Definition of the WacInputData class. More...
class  dca_wac::WacTag
 The WacTag class represents a given tag that is associated with an application e.g. HIGH BANDWIDTH, RISKLEVEL_1 etc. More...
class  dca_wac::WacTags
 Definition of a container class for WacTag objects. More...

Files

file  dca_wac_classification.h
 

Package header file for the WAC (Web Application Classification) Package.


file  wac_action.h
 

Definition of the WacAction class.


file  wac_actions.h
 

Container class for WacAction objects.


file  wac_application.h
 

Definition of the WacApplication class.


file  wac_applications.h
 

Container class for WacApplication objects.


file  wac_base.h
 

Contains type definitions used in the WAC package.


file  wac_categoriesinfo.h
 

Container class for all WAC enumeration objects.


file  wac_classification.h
 

Defintion of the WacClassification class.


file  wac_classification_result.h
 

Definition of the WacClassificationResult class.


file  wac_classifier.h
 

Defintion of the WacClassifier class.


file  wac_inputdata.h
 

Definition of the WacInputData class.


file  wac_tag.h
 

Definition of the WacTag class.


file  wac_tags.h
 

Container class for WacTag objects.


Variables

WacAction dca_wac::NullWacAction
 Defines a constant unassigned WacAction you can use for checks. if( myWacAction == NullWacAction ) --> myAction is not assigned yet!
WacApplication dca_wac::NullWacApplication
 Defines a constant unassigned WacApplication you can use for checks. if( myWacApplication == NullWacApplication ) --> myApplication is not assigned yet!
const DbType dca_wac::DBT_Wac
 Used for dca::DbConnection classes for Web Application Classification databases.
const WacClassificationResult dca_wac::NullWacClassificationResult
 Defines a constant unassigned WacClassificationResult you can use for checks. if ( myWacClassificationResult == NullWacClassificationResult ) --> myWacClassificationResult is not assigned yet!
WacTag dca_wac::NullWacTag
 Defines a constant unassigned WacTag you can use for checks. if( myWacTag == NullWacTag ) --> WacTag is not assigned yet!

Generated on 26 Sep 2016 for dca_interface by  doxygen 1.6.1