Method and system for detecting DoS attack in semantic Web application

Abstract

The invention provides a method and a system for detecting DoS attack in semantic Web application, wherein the method comprises the following steps that through adopting an RDF (resource description framework) statement materialization mode, the access behavior features of an access agent for accessing an access agent in an access control domain are subjected to individualization description, and the individualization description access behavior features are recorded in an access historical body base; the access behavior features generated by the access agent, an access object and an access control domain are respectively learned on the basis of the historical body base, and the three kinds of learning thresholds are counted and recorded; strategy thresholds of the corresponding DoS attack detection strategy rules are respectively determined according to the three kinds of learning thresholds; then, the DoS attack behaviors generated in the access control domain are detected according to the strategy thresholds. The method and the system provided by the invention can solve the problem that the current DoS detection and defense mechanism does not support the semantic Web technology on one hand and does not support the novel DoS attack behavior detection and dense initiated by self safety defects using the semantic Web technology per se.

Description

technical field [0001] The invention relates to the technical field of network security, and more specifically, to a method and system for detecting DoS attacks in semantic Web applications. Background technique [0002] The existing Internet network is a collection of web pages, and the Semantic Web is a terminology definition made by computers and the Internet for the next stage of network development. Its basic meaning is to establish any tiny data connection based on the network. [0003] The Semantic Web marks the semantics of Web resources by adopting a formalized and machine-processable Semantic Web language, and finally allows machines to do more work instead of humans, and realizes automatic discovery, automatic integration, sharing and reuse of different Web resources on the Internet. And supports trusted interactions over the Internet. With the release of Semantic Web technology and related standards and the maturity of Semantic Web technology, applications based...

AI Technical Summary

Problems solved by technology

[0012] Although some inappropriate or malicious queries can be found by checking the graph mode of SPARQL query statements, such checks are far from enough to detect a large number of disguised malicious access behaviors, such as queries that continuously dynamically change the identity of the access subject or the access target.

[0013] Because the traditional DoS attack detection and defense mechanism does not support the Semantic Web technology, nor does it support the detection of new attack behaviors initiated by using the security flaws of the Semantic Web technology itself, therefore, the traditional DoS attack detection and defense mechanism cannot identify the above-mentioned of malicious queries

Although the current access control mechanism based on Semantic Web technology supports the relevant technical standards of the Semantic Web, it is only used to solve the security issues and policy consistency issues caused by reasoning in the Semantic Web environment because the traditional access control mechanism cannot defend against it. It does not provide the DoS attack detection function in the semantic Web environment, so it cannot detect and defend against DoS attacks against malicious access behaviors initiated by the access subject

Images