Unlock instant, AI-driven research and patent intelligence for your innovation.

A Correlation Analysis Method Based on Web Log

A correlation analysis and WEB server technology, applied in the field of correlation analysis based on WEB logs, can solve problems such as system attack, independent analysis of single log exception, failure to analyze log correlation, etc., and achieve the effect of wide applicability

Active Publication Date: 2021-06-22
SICHUAN CHANGHONG ELECTRIC CO LTD
View PDF0 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] The purpose of the present invention is to provide a correlation analysis method based on WEB logs, which is used to solve the problem of independently analyzing whether a single log is abnormal in the prior art, but without analyzing the correlation between logs, it is impossible to identify multiple requests to jointly attack the system question

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A Correlation Analysis Method Based on Web Log
  • A Correlation Analysis Method Based on Web Log
  • A Correlation Analysis Method Based on Web Log

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0037] combined with figure 1 As shown, a method for correlation analysis based on WEB logs includes the following steps:

[0038] 1) Log data collection

[0039] Such as figure 2 As shown, use nginx+lua to collect log data in a unified format. You can also use OpenResty directly. OpenResty is a high-performance web platform based on Nginx and Lua. The data to be collected here includes the following fields:

[0040] Session ID: sessionId,

[0041] Access interface path: urlPath,

[0042] The method of accessing the interface: method

[0043] User ip: clientIp

[0044] Access time: timestamp

[0045] 2) Log data preprocessing

[0046] Convert the log information collected above into a standard json format, where the time format is unified as yyyy-MM-dd HH:mm:ss

[0047] Such as:

[0048]

[0049]

[0050] Use sessionId as the grouping condition to divide the logs into different groups, that is, the data in each group is the data in the same web access session ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a correlation analysis method based on WEB logs, which includes: standardization processing of log data, acquisition of event behavior chains in logs, statistical interface call succession relationship probability to obtain group access feature attributes; calculation of user event behavior chains and The similarity of the group is matched to obtain the total abnormal behavior score. The present invention matches the similarity between the user's actual interface access behavior chain and the behavior chain of the group through the key log correlation analysis, can accurately identify abnormal behavior in a targeted manner and notify the system administrator in time; the analyzed data is a web access log , there is a large amount of concurrency and cross relationships, abandoning the direct timeline sequence relationship, and using the field identification in the log data to establish the classification, and using the comparison between individuals and groups to distinguish abnormal relationships, which has wider applicability.

Description

technical field [0001] The invention relates to the technical field of log security analysis, in particular to a correlation analysis method based on WEB logs. Background technique [0002] With the development of Web technology and the birth of web2.0, the advantages of convenient deployment and maintenance of WEB applications are gradually reflected. Internet applications based on the Web environment are becoming more and more widespread. Various information applications of enterprises are set up on the Web platform. The rapid development of the Internet has also attracted the strong attention of hackers, and Web security threats have also followed. Hackers use the system vulnerabilities of Web service programs and SQL injection vulnerabilities to obtain the control authority of the Web server, tampering with the content of the web page, and seriously Then steal important internal data, and more seriously, implant some malicious codes in the webpage, so that other visitors...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06H04L29/08
CPCH04L63/10H04L63/1425H04L63/1466H04L67/02
Inventor 代波李成东常清雪
Owner SICHUAN CHANGHONG ELECTRIC CO LTD