Intrusion detection method and system based on Nginx proxy server

A proxy server and intrusion detection technology, applied in the computer field, can solve the problems that the security needs to be improved, the intrusion detection system cannot notify the server client in time, etc., so as to reduce the load, ensure security, and reduce the false alarm rate and leakage. The effect of rate of return

Active Publication Date: 2013-11-06
CHINA STANDARD SOFTWARE
View PDF4 Cites 28 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] However, the current various intrusion detection methods have the following problems and deficiencies: (1) Since the response speed of the detection system is much lower than the transmission speed of the network, it is easy to cause unavoidable false alarm rate and false negative rate; (2) On the ot

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Intrusion detection method and system based on Nginx proxy server
  • Intrusion detection method and system based on Nginx proxy server
  • Intrusion detection method and system based on Nginx proxy server

Examples

Experimental program
Comparison scheme
Effect test

no. 1 example

[0042] like Figure 1a Shown, wherein shows the flowchart of the intrusion detection method based on Nginx proxy server according to an embodiment of the present invention.

[0043] First, in the capture step, when the client sends a data packet containing the request message to the network, the Nginx proxy server captures the data packets from each client by it, as shown in step S101.

[0044] The client request first reaches the proxy server Nginx. In order to improve the response speed of the proxy server, the captured data is implemented as an embedded module on Nginx, which can be directly obtained through the built-in variables in Nginx.

[0045]Nginx can capture all content in the HTTP (Hyper-text Transfer Protocol) request message. Among them, the effective information of the client data packet captured from the network includes: client IP, client MAC, client session (Session) information, and the web page address (Uniform Resource Locator, URL) in the client HTTP requ...

no. 2 example

[0063] like image 3 Shown, wherein shows the intrusion detection system based on Nginx proxy server of the present invention. it includes:

[0064] Nginx data capture module 310, it is located in the Nginx proxy server, is used for capturing the packet from each client from the proxy server side;

[0065] Nginx client verification module 320, it communicates with Nginx data capture module 310, carries out legitimacy verification to captured data packet, verifies whether data packet carries the legal certificate that authentication server distributes, if yes, communicates with transfer module 330, If not, communicating with the isolation module;

[0066] Delivery module 330, which is used to extract valid information in the verified client data packet and deliver it after encapsulation in socket form;

[0067] Matching detection module 340, which is used to receive the transmitted effective information, and perform matching detection on the effective information according t...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides an intrusion detection method based on a Nginx proxy server. The intrusion detection method comprises the capture step, the verification step, the transmitting step, the matching detection step and the isolation step. According to the capture step, data packages from all client ends are captured on the Nginx proxy server. According to the verification step, validity verification is conducted on the captured data packages, and whether the data packages carry legal certificates distributed by a certificate server is verified. According to the transmitting step, the effective information in the passed data packages of the client ends is extracted, packaged and then transmitted. According to the matching detection step, the transmitted effective information is received, matching detection is conducted on the effective information according to weakness codes stored in a weakness library, and whether the effective information contains codes matched with the weakness codes stored in the weakness library is judged. According to the isolation step, the client ends are isolated to prevent the client ends from conducting hostile attack on a network. The intrusion detection method and system can lower the false report rate and the miss report rate due to the fact that the response speed of a detecting system is far smaller than the transmission speed of the network, and the safety of a server end is guaranteed maximally.

Description

technical field [0001] The invention relates to the technical field of computers, in particular to an intrusion detection method and system based on an Nginx proxy server. Background technique [0002] Nginx ("engine x") is a high-performance HTTP and reverse proxy server, as well as an IMAP / POP3 / SMTP proxy server. Nginx was developed by Igor Sysoev for the second most visited Rambler.ru site in Russia. The first public version 0.1.0 was released on October 4, 2004. It releases its source code under a BSD-like license and is known for its stability, rich feature set, sample configuration files, and low system resource consumption. [0003] Intrusion detection can be defined as a method of identifying and dealing with malicious use of computer and network resources. At present, there are many intrusion detection methods, such as intrusion detection methods based on expert systems, intrusion detection methods based on neural networks, and so on. [0004] However, the curren...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06
Inventor 王青峰张兴科
Owner CHINA STANDARD SOFTWARE
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap