Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Web anomaly detection method and device

An anomaly detection and anomaly technology, applied in the computer field, can solve problems such as difficulty in ensuring real-time and comprehensive detection, low reliance on security experts, and inability to guarantee real-time and comprehensive detection, so as to save manpower and detection time and reduce work The effect of quantity, high detection rate and accuracy rate

Active Publication Date: 2016-05-04
BEIJING QIHOO TECH CO LTD +1
View PDF5 Cites 26 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] The method based on manually formulated detection rules requires a large number of security experts for known vulnerabilities or attack behaviors, which will introduce more subjective elements, and for new types of attacks, the rules need to be re-formulated, which cannot guarantee the real-time performance and reliability of detection. comprehensive
[0005] Supervised classification algorithms can also achieve higher accuracy and rely less on security experts, but higher accuracy requires a large amount of comprehensive training data, and it is often difficult to obtain a large amount of comprehensive training data.
At the same time, for the detection of new attacks, the use of supervised classification algorithms also requires re-collection of data and training models, and it is not easy to ensure real-time and comprehensive detection

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Web anomaly detection method and device
  • Web anomaly detection method and device
  • Web anomaly detection method and device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0071] Exemplary embodiments of the present disclosure will be described in more detail below with reference to the accompanying drawings. Although exemplary embodiments of the present disclosure are shown in the drawings, it should be understood that the present disclosure may be embodied in various forms and should not be limited by the embodiments set forth herein. Rather, these embodiments are provided for more thorough understanding of the present disclosure and to fully convey the scope of the present disclosure to those skilled in the art.

[0072] refer to figure 1 , shows a flow chart of the web anomaly detection method according to Embodiment 1 of the present invention.

[0073] Step 101, according to multiple web access features parsed from historical web access records, create multiple anomaly detection models for detecting abnormal web access based on the web access features.

[0074] In the embodiment of the present invention, multiple historical web accesses m...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a web anomaly detection method and device. The method comprises the following steps: establishing a plurality of anomaly detection models for detecting an anomaly web access based on web access characteristics according to a plurality of web access characteristics analyzed from a historical web access record, respectively detecting whether a target web access is an anomaly web access by adopting the various anomaly detection models, and labelling the web access characteristics corresponding to the anomaly detection model, the detection result of which is the anomaly web access, as the anomaly type of the target web access. The method in the embodiment of the invention realizes automatic detection of unknown vulnerabilities and novel attacks by utilizing the plurality of established anomaly detection models; data are unnecessary to re-collect; a rule is unnecessary to re-make; the relatively high detection ratio and the accuracy rate are ensured; the workload of workers is reduced; and the manpower and the detection time are saved.

Description

technical field [0001] The present invention relates to the field of computer technology, in particular to a web anomaly detection method and a web anomaly detection device. Background technique [0002] With the continuous popularity of web services, web sites suffer from more and more attacks. Web attacks are basically done by hackers by modifying URLs, including obtaining website database content, obtaining server root privileges, and stealing user data. There are many types of web attacks commonly used, such as directory traversal exploits, SQL injection, cross-site scripting attacks (XSS), cross-site request forgery attacks (CSRF), and so on. [0003] For web attacks, commonly used detection methods include finding attack behaviors based on attack detection rules formulated by security personnel, or extracting meaningful features based on human experience, and using supervised classification algorithms to find attack behaviors. [0004] The method based on manually fo...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06
CPCH04L63/1425H04L9/40
Inventor 刘博王占一张卓
Owner BEIJING QIHOO TECH CO LTD
Features
  • Generate Ideas
  • Intellectual Property
  • Life Sciences
  • Materials
  • Tech Scout
Why Patsnap Eureka
  • Unparalleled Data Quality
  • Higher Quality Content
  • 60% Fewer Hallucinations
Social media
Patsnap Eureka Blog
Learn More

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2025 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com