Stream data analysis based Web attack real-time and online detection system

A detection system and streaming data technology, applied in the transmission system, electrical components, etc., can solve the problems that it is difficult to meet the real-time requirements of massive log data analysis, and does not consider the real-time detection requirements of Web attacks, so as to improve processing capacity and timeliness, Guarantee real-time performance and reliability, and realize the effect of load balancing

Active Publication Date: 2017-09-15
STATE GRID CORP OF CHINA +2
View PDF4 Cites 7 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, this method does not consider the real-time detection requirements of Web attac

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Stream data analysis based Web attack real-time and online detection system
  • Stream data analysis based Web attack real-time and online detection system
  • Stream data analysis based Web attack real-time and online detection system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0034] The present invention will be further described below in conjunction with accompanying drawing.

[0035]This embodiment is implemented through the following process. In the first step, a real-time online detection system for web attacks is built. The system consists of a log data collection client, a log data cache cluster, and a flow data detection cluster. The log data collection client is a client software that encapsulates the information system application server logs into a Syslog (a standard used to transmit record file messages in an Internet protocol network) message format. The common open source Syslog software is NXLog And Evtsys, the present invention for using Syslog software on Windows and Linux hosts is NXLog. The log data cache cluster consists of k (k>1) log data cache modules, which are connected to the log data collection client and the flow data detection cluster through Ethernet. The stream data detection cluster consists of r (r>1) stream data de...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a stream data analysis based Web attack real-time and online detection system. The stream data analysis based Web attack real-time and online detection system comprises a log data acquisition client, a log data buffering cluster and a stream data detecting cluster. The technical effects are that: as multiple buffering queues are adopted for online and real-time acquisition of application logs of an information system, a hacker can be prevented from deleting log data after attacking; as a cluster frame design is adopted and the whole safe log data processing process is composed of the log data buffering cluster and the stream data detecting cluster, load balancing and single-point fault solution can be realized and the data processing real-time performance and reliability are improved; as the dynamic time window based stream data analysis method is adopted, the time window threshold can be adjusted dynamically based on different scenes, and the data fusion accuracy is improved.

Description

technical field [0001] The invention relates to a real-time online detection system for web attacks based on flow data analysis. Background technique [0002] With the development of Web technology, a large number of information systems are deployed on the network to provide external services. While information systems bring convenience to information release and interaction, there are more and more web attacks against the system, and system security has become an increasingly important issue. According to the "China Internet Site Development Status and Security Report (2016)" issued by the National Internet Emergency Center, web attacks such as SQL injection, web page tampering, and website backdoors against information systems are emerging in an endless stream. Party and government agencies, scientific research institutions, and important industry units Websites are a key target of hacker organizations. For intrusion attacks that use technical means to bypass the firewal...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06H04L29/08
CPCH04L63/1416H04L63/20H04L67/02H04L67/1001H04L67/568
Inventor 田建伟田峥黎曦乔宏朱宏宇漆文辉薛海伟邓杰
Owner STATE GRID CORP OF CHINA
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap