Unlock instant, AI-driven research and patent intelligence for your innovation.
Web anomaly detection method and device
What is Al technical title?
Al technical title is built by PatSnap Al team. It summarizes the technical point description of the patent document.
An anomaly detection and anomaly technology, applied in the network field, can solve problems such as inapplicability and poor applicability of anomaly detection methods, and achieve the effect of improving accuracy and applicability
Active Publication Date: 2016-11-16
BEIJING QIHOO TECH CO LTD +1
View PDF4 Cites 5 Cited by
Summary
Abstract
Description
Claims
Application Information
AI Technical Summary
This helps you quickly interpret patents by identifying the three key elements:
Problems solved by technology
Method used
Benefits of technology
Problems solved by technology
Therefore, when the above-mentioned query field does not exist in the URL, the above-mentioned existing anomaly detection method will not be applicable, that is, the applicability of the existing anomaly detection method is poor
Method used
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more
Image
Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
Click on the blue label to locate the original text in one second.
Reading with bidirectional positioning of images and text.
Smart Image
Examples
Experimental program
Comparison scheme
Effect test
Embodiment 1
[0063] refer to figure 1 , which shows a flow chart of the steps of a web anomaly detection method according to an embodiment of the present invention, which may specifically include the following steps:
[0064] Step 101, extracting the Path field to be detected from the URL to be detected;
[0065] Step 102, judging whether the Path field to be detected meets a preset abnormal condition;
[0066] Step 103, when the Path field to be detected meets the preset abnormal condition, determine that the URL to be detected is abnormal access data.
[0067] The embodiments of the present invention can be applied to abnormal detection of web data streams to determine whether there is abnormal access data in the current web data traffic, and then can detect attack behaviors in the web network in time, improve the accuracy of identifying abnormal access data and Web network security. That is, the URL to be detected in this embodiment of the present invention may originate from a web d...
Embodiment 2
[0092] In this embodiment, on the basis of the first method embodiment above, anomaly detection may be performed on the Path field by using a pre-established Path blacklist. refer to figure 2 , which shows a flow chart of the steps of a web anomaly detection method according to an embodiment of the present invention, which may specifically include the following steps:
[0093] Step 201, extracting the Path field to be detected from the URL to be detected;
[0094] Step 202, matching the Path field to be detected with a pre-established Path blacklist;
[0095] Step 203: When the Path field to be detected matches the abnormal Path field in the Path blacklist, it is determined that the Path field to be detected meets a preset abnormal condition, and the URL to be detected is abnormal access data.
[0096] In order to further improve the efficiency of abnormal URL detection, the embodiment of the present invention can also collect historical URL records within a preset time per...
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More
PUM
Login to View More
Abstract
Embodiments of the invention provide a Web anomaly detection method and device. The method comprises the following steps of extracting a to-be-detected Path field from a to-be-detected URL (Uniform Resource Locator); judging whether the to-be-detected Path field conforms to preset anomaly conditions; and determining that the to-be-detected URL is abnormal access data when the to-be-detected Path field conforms to the preset anomaly conditions. According to the embodiments of the invention, the applicability for anomaly detection can be improved and the accuracy rate for identifying the abnormal access data can be improved.
Description
technical field [0001] The invention relates to the field of network technology, in particular to a method and device for detecting web anomalies. Background technique [0002] With the continuous development of network technology, Web (Internet) application security issues have been paid more and more attention. The openness of the Internet and the rich scripting language and SQL (Structured Query Language, Structured Query Language) language provide hackers with opportunities for web attacks. [0003] A URL (Uniform Resource Locator, Uniform Resource Locator) is an address of a resource on the Internet, and each resource on the Internet mostly has a unique URL. With the continuous popularity of Web services, Web sites suffer more and more attacks, and most Web attacks are implemented by hackers by modifying URLs. [0004] The currently commonly used anomaly detection method judges whether there is abnormal access data by detecting whether there is an abnormality in the U...
Claims
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More
Application Information
Patent Timeline
Application Date:The date an application was filed.
Publication Date:The date a patent or application was officially published.
First Publication Date:The earliest publication date of a patent with the same application number.
Issue Date:Publication date of the patent grant document.
PCT Entry Date:The Entry date of PCT National Phase.
Estimated Expiry Date:The statutory expiry date of a patent right according to the Patent Law, and it is the longest term of protection that the patent right can achieve without the termination of the patent right due to other reasons(Term extension factor has been taken into account ).
Invalid Date:Actual expiry date is based on effective date or publication date of legal transaction data of invalid patent.
Login to View More 
Login to View More