Web attack identification method and device

A technology of attack identification and identification, which is applied in the field of computer network to achieve the effect of improving efficiency and shortening time-consuming

Inactive Publication Date: 2018-01-30
北京知道未来信息技术有限公司
View PDF6 Cites 8 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The present invention uses the idea of ​​probability and statistics, uses the Bayesian formula to calculate the probability, and judges whether it is an attack request based on the probability, thereby bypassing the problem of missing reports due to incomplete rule bases

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Web attack identification method and device
  • Web attack identification method and device
  • Web attack identification method and device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0047] In order to make the above-mentioned features and advantages of the present invention more comprehensible, the following specific embodiments are described in detail in conjunction with the accompanying drawings.

[0048] (1) Preliminary Statistics

[0049] (1) Prepare two sets of identified web requests

[0050] Prepared request sets, attack requests and normal requests are not less than 10,000.

[0051] (2) Word segmentation processing for URL and POST data in all web requests

[0052] The URL includes six elements: request protocol scheme, target address netloc, webpage path path, parameter params required by webpage path, query parameter query, and fragment identifier fragment.

[0053] scheme: / / netloc / path;params? query#fragment.

[0054] Example: http: / / admin:pass@www.test.com:80 / bbs / index.php;params? id=10#top.

[0055] in

[0056] scheme='http',

[0057] netloc='admin:pass@www.test.com:80',

[0058] path=' / bbs / index.php',

[0059] params='params',

[00...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a Web attack identification method and device. The method comprises: 1) carrying out word segmentation processing on URL and POST data of each Web request in a Web normal-request set and a Web attack-request set to obtain a plurality of character strings; 2) for each character string, respectively calculating an occurrence probability of the character string in the Web normal-request set and an occurrence probability thereof in the Web attack-request set; 3) carrying out word segmentation processing on URL and POST data in a to-be-identified Web request to obtain N character strings, and for each character string in the N character strings, calculating a probability that the character string enables the to-be-identified Web request to be identified as an attack request; and 4) selecting a plurality of highest probabilities, calculating a joint probability that the to-be-identified Web request is the attack request, judging that the to-be-identified Web request is the attack request if the joint probability is greater than a threshold value set in advance, and otherwise, judging that the to-be-identified Web request is a normal request.

Description

technical field [0001] The invention belongs to the technical field of computer networks, and relates to a Web attack identification method and device. Background technique [0002] Bayesian theorem is a very important theorem in statistics, and the school of statistics based on Bayesian theorem occupies an important position in the statistical world. [0003] Conditional probability refers to the probability of event A occurring under the condition that event B occurs, which is represented by P(A|B). [0004] [0005] P(A∩B) in the formula refers to the probability of event A and event B occurring at the same time. [0006] According to the formula can be deduced: [0007] P(A∩B)=P(A|B)P(B) [0008] P(A∩B)=P(B|A)P(A) [0009] so: [0010] P(A|B)P(B)=P(B|A)P(A) [0011] That is, the calculation formula of the conditional probability is obtained: [0012] [0013] Using P(A′) to represent the complementary event of P(A), P(A′)+P(A)=1, then: [0014] P(B)=P(B∩A)+...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/55
Inventor 练晓谦
Owner 北京知道未来信息技术有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap