Information Technology Reference
In-Depth Information
Fig. 5.
The graph model of HTTP version analysis module of finite state machine A
HTTP
Table 4.
The description of state transitions, transition conditions and semantic operators of the
HTTP version analysis module
State
transition
Transition
condition
Semantic operator, which is
executed during the transition
The first input
symbol is a letter of
English alphabet
a
Transition
from
s
7
to
s
7
No semantic operators are executed
∈
A
The semantic operator
y
14
is executed.
Operator
y
14
clears the value of variable
Z
(
Z
=“”)
Transition
from
s
7
to
s
8
The input symbol is
a symbol “/”
The semantic operator
y
15
is executed.
Operator
y
15
concatenates the value of variable
Z
with input symbol n (
Z
=
Z
+
n
)
Transition
from
s
8
to
s
8
The input symbol is
a symbol
n
∈
N
The semantic operator
y
16
is executed.
Operator
y
16
performs the following check - if
the value of
Z
is not equal to any of the
elements of array
S
Versions
, then subsequent
processing of input strings is stopped because
the version of analyzed HTTP-request can't be
correctly processed by the Web-server. In this
case state machine
A
HTTP
is transferred final
state
s
a
Transition
from
s
8
to
s
9
The input symbol is
a symbol “CRLF”
3.5 Module of HTTP-Headers Analysis
The module of HTTP-headers analysis checks the length of query variables and
values according to the restrictions, specified in variables
L
VarLength
and
L
ValLength
. This
module also checks that HTTP-request contains only allowed headers, that are
specified in array
S
Headers
. The graph model of the module is depicted in Fig. 6.
The description of these states and semantic operators of the HTTP-headers
analysis module is cited in Table 5.
The transition to state
s
12
means that the analyzed HTTP-request doesn't pose any
danger to the computer system and can be passed through. In any other case the state
machine
A
HTTP
is transferred to final state
s
a
and the packet must be blocked.
