Web attack detection method based on NLP

An attack detection and web service technology, applied in the field of wide area network, can solve problems such as false positive verification, difficulty increase, network storm, etc., to achieve the effect of ensuring integrity, reducing traffic output, and reducing data pollution

Pending Publication Date: 2022-04-29
UNIV OF SHANGHAI FOR SCI & TECH
View PDF0 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The scale of Internet-based business continues to expand and become more and more complex. The cost of manual penetration testing is also increasing, and the degree of difficulty has increased significantly.
Penetration testing tools transform part of the heavy, repetitive work, and basic work such as vulnerability scanning into software or equipment. Therefore, the need for continuous, automated, and intelligent penetration testing is increasingly urgent. However, due to The human factor in the penetration process is huge. In the past, the automated penetration platform failed to make breakthroughs. However, with the rapid development of artificial intelligence, automated penetration testing has gradually become possible.
[0003] At this stage, there are a large number of domestic vulnerability scanning tools, and their functions are concentrated on target vulnerability scanning. Professional security personnel still manually analyze and compare the scanning results to determine whether the vulnerabilities are exploitable. The workload is extremely heavy and requires a lot of manpower for vulnerability analysis. False Positive Validation
At present, the automated penetration testing tools on the market are based on the combination of semi-automated scanning tools and POC tools, which cannot meet the needs of automated penetration testing.
The foreign network security industry developed earlier, and there are a large number of relatively mature automated penetration testing tools, such as Canva, MetaSploit, Core-Impact, etc., which are also semi-automated. As auxiliary penetration testing tools, they usually only work in one direction. , lack of consideration of the relevance and logical vulnerabilities of the overall target system, and this method is usually carried out by scanning and detecting based on the signature library, which will generate a large amount of useless data for the target system, and may cause a network storm. Therefore, we Propose an NLP-based Web attack detection method to realize automatic detection in this field

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Web attack detection method based on NLP
  • Web attack detection method based on NLP
  • Web attack detection method based on NLP

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0025] The following will clearly and completely describe the technical solutions in the embodiments of the present invention with reference to the accompanying drawings in the embodiments of the present invention. Obviously, the described embodiments are only some, not all, embodiments of the present invention.

[0026] refer to figure 1 - Figure 4 , a kind of technical scheme that the present invention proposes: a kind of Web attack detection method based on NLP, comprises the steps:

[0027] S1. The user enters the target information on the client, and sends the user's input to the server through an HTTP request. After the server verifies the data, it stores the scanning information in the database, and sends it to the scanning engine through the message queue to complete the scanning;

[0028] S2. Use NMAP to collect basic information on the target system, including all open ports, port services, operating systems and versions, MAC addresses, and open web service ports, ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses an NLP-based Web attack detection method, which comprises the following steps of: performing basic information collection on a target system by adopting a scanning command, simulating human behaviors, recording each click interaction of a current whole page HTML (Hypertext Markup Language) code, transmitting an HTML request to an AI module for classification and identification, performing classification through a fastText rapid text classification algorithm, and performing batch labeling through a rule. The method comprises the following steps: carrying out numerical processing on a text, realizing text vectorization, carrying out word segmentation cleaning and vectorization on a part of special characters, modeling a result, obtaining classified output of one-hot codes through a deep learning model, mapping one-hot code labels to corresponding dichotomous labels, and carrying out one-hot code classification; the POC plug-in is selected and verified through a verification module according to the contained information; the automatic penetration test system is designed through an NLP artificial intelligence algorithm, so that traditional manpower is replaced to carry out attack inspection, and the problems of insufficient personnel and uneven operation levels are solved.

Description

technical field [0001] The invention belongs to the technical field of wide area networks, and in particular relates to an NLP-based Web attack detection method. Background technique [0002] Web attack detection is a basic function in penetration testing. Penetration testing refers to the process in which penetration testing engineers simulate the information detection, vulnerability assessment and attack methods used by hackers, conduct in-depth detection of the target's security, and discover the vulnerable aspects of the system. Penetration testing currently has no clear standard definition, and its theory and technology are still in constant change and development. Penetration testing requires testers to have comprehensive capabilities. Most of the penetration testing tools used are auxiliary tools, and there is no very mature comprehensive penetration platform. The scale of Internet-based business continues to expand and become more and more complex. The cost of manu...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/57G06F21/56G06F9/54
CPCG06F21/577G06F21/566G06F9/546
Inventor 葛昕岳敏楠张超
Owner UNIV OF SHANGHAI FOR SCI & TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap