Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Attack detection method and system

An attack detection and detection technology, applied in the Internet field, can solve the problems of lower detection efficiency and low detection rate of unknown attacks

Inactive Publication Date: 2016-02-17
BEIJING NORMAL UNIVERSITY
View PDF3 Cites 25 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

This method has a relatively high detection rate and low false detection rate for known attacks, but the detection rate for unknown attacks is very low. At the same time, with the discovery of attacks, the rule base needs to be updated in time, so that the rule base continues to expand. Reduced detection efficiency

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Attack detection method and system
  • Attack detection method and system
  • Attack detection method and system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0047] The following will clearly and completely describe the technical solutions in the embodiments of the present invention with reference to the accompanying drawings in the embodiments of the present invention. Obviously, the described embodiments are only some, not all, embodiments of the present invention. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without making creative efforts belong to the protection scope of the present invention.

[0048] In order to solve the problems in the prior art, an embodiment of the present invention provides an attack detection method and system. An attack detection method provided by an embodiment of the present invention is firstly introduced below.

[0049] Pre-establish a preset number of detection models related to HTTP requests.

[0050] figure 1 A schematic flowchart of an attack detection method provided by an embodiment of the present invention may in...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The embodiment of the invention discloses an attack detection method and system. The method comprises the following steps: establishing a plurality of detection models related to an HTTP request in advance, and detecting each record after web access logs are decomposed by utilizing each detection model respectively to obtain a parameter abnormal value of each detection model aiming at the record; calculating an optimized weighted value corresponding to the parameter abnormal value of each detection model, carrying out weighted calculation to obtain a final parameter abnormal value, and determining a final abnormal threshold; judging whether the final parameter abnormal value calculated aiming at the log record to be detected is greater than the determined final abnormal threshold; and if yes, determining the HTTP request of the log record to be detected as attack behavior. By applying the embodiment of the invention, unknown attacks can be actively discovered, so that the detection rate of the unknown attacks can be improved; and optimized weighting of multiple detection models is adopted for detecting, so that the limitation of a single detection model is avoided, false-reporting and under-reporting conditions are reduced, and the false detection rate is lowered.

Description

technical field [0001] The invention relates to the technical field of the Internet, in particular to an attack detection method and system. Background technique [0002] With the development of the Internet, Internet web applications for the public based on the Internet environment are becoming more and more extensive. These applications will undoubtedly greatly increase the possibility of web attacks. [0003] As the core protocol of web applications, the HTTP protocol carries the realization of the basic functions of web applications. However, the HTTP protocol itself lacks relevant security features, and developers lack security-related experience and awareness during the writing process, so there are inevitable loopholes in web applications. The diversity and complexity of web application security vulnerabilities also determine that hacker attack methods have the same characteristics. [0004] At present, the security detection method for web vulnerabilities is: by e...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06H04L29/08
CPCH04L63/1416H04L67/02
Inventor 王晶高岩王红蕊
Owner BEIJING NORMAL UNIVERSITY
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com