计算机科学

计算机科学 ›› 2018, Vol. 45 ›› Issue (8): 141-145.doi: 10.11896/j.issn.1002-137X.2018.08.025

• 信息安全 • 上一篇    下一篇

基于KNN和GBDT的Web服务器指纹识别技术

南世慧1, 魏伟2, 吴华清1, 邹金蓉2, 赵志文1,2   

  1. 北京师范大学研究生院珠海分院 广东 珠海5190871
    北京师范大学信息科学与技术学院 北京1008752
  • 收稿日期:2017-05-09 出版日期:2018-08-29 发布日期:2018-08-29
  • 作者简介:南世慧(1993-),男,硕士生,主要研究领域为Web安全; 魏 伟(1993-),女,硕士生,主要研究领域为移动安全; 赵志文(1966-),男,博士,教授,博士生导师,主要研究领域为信息安全、云计算机安全,E-mail:zhaozw126@126.com(通信作者)。

Web Server Fingerprint Identification Technology Based on KNN and GBDT

NAN Shi-hui1, WEI Wei2, WU Hua-qing1, ZOU Jing-rong2, ZHAO Zhi-wen1,2   

  1. Zhuhai Branch,Graduate School of Beijing Normal University,Zhuhai,Guangdong 519087,China1
    School of Information Science and Technology,Beijing Normal University,Beijing 100875,China2
  • Received:2017-05-09 Online:2018-08-29 Published:2018-08-29

PDF (PC)

1240

摘要: 现有的Web服务器指纹识别方法容易因响应头被篡改而得不到准确的识别结果,而且已有的基于机器学习的相关识别方法需要预先发送大量的请求来进行识别。针对上述问题,通过分析响应头的特征关系,提出一种基于KNN和GBDT的Web服务器指纹识别算法,其只需要发送两种不同类型的异常请求,就能识别对应的Web服务器指纹类型和版本范围。与已有Web服务器指纹识别算法进行的对比实验结果表明,所提算法的识别速度和准确率均得到了优化。

关键词: Web指纹, 集成学习, 梯度提升决策树, 网络安全

Abstract: Conventional Web server fingerprinting method is easy to modify the response head so that the recognition result is not accurate,and the existing recognition method based on machine learning needs to send a large number of requestsfor identification.To solve these problems,by analyzing the feature relations of the response head,a Web server fingerprint recognition algorithm based on KNN and GBDT was proposed.Only two different types of exception requests are sent to identify the corresponding Web server fingerprint type and version range.Compared with the existing algorithm of the relevant Web server fingerprint recognition,the proposed algorithm can optimize the recognition speed and the recognition accuracy.

Key words: Cyber security, Ensemble learning, Gradient decision boosting tree, Web fingerprint

中图分类号: 

  • TP393
[1]LI F,DURUMERIC Z,CZYZ J,et al.You’ve got vulnerability:Exploring effective vulnerability notifycations[C]∥Proceedings of the 25th USENIX Security Symposium.2016:1033-1050.
[2]MAKINO Y,KLYUEV V.Evaluation of Web vulnerability scan-ners[C]∥IEEE International Conference on Intelligent Data Acquisition and Advanced Computing Systems:Technology and Applications.IEEE,2015:399-402.
[3]PARVEZ M,ZAVARSKY P,KHOURY N.Analysis of effectiveness of black-box web application scanners in detection of stored SQL injection and stored XSS vulnerabilities[C]∥IEEE International Conference for Internet Technology and Secured Transactions.2015:186-191.
[4]KISS B,KOSMATOV N,PARIENTE D,et al.Combining Static and Dynamic Analyses for Vulnerability Detection:Illustration on Heart bleed[M]∥Hardware and Software:Verification and Testing.2015.
[5]KHADEMI A F,ZULKERNINE M,WELDEMARIAM K.An Empirical Evaluation of Web-Based Fingerprinting[J].Software IEEE,2015,32(4):46-52.
[6]LEE D,ROWE J,KO C,et al.Detecting and Defending against Web-Server Fingerprinting[C]∥2002 Proceedings Computer Security Applications Conference.IEEE,2002:321-330.
[7]WU S H,SUN D,HU Y.Web Server Identification Based onBayesian Theory[J].Computer Engineering,2015,41(7):190-193,198.(in Chinese).吴少华,孙丹,胡勇.基于贝叶斯理论的Web服务器识别.计算机工程,2015,41(7):190-193,198.
[8]HUANG Z,XIA C,SUN B,et al.Analyzing and summarizingthe web server detection technology based on HTTP[C]∥2015 6th IEEE International Conference on Software Engineering and Service Science (ICSESS).IEEE,2015:1042-1045.
[9]YAN S J,WANG W J,ZHANG Y Q.An efficient method of Web fingerprint identification. Journal of University of Chinese Academy of Sciences,2016,33(5):679-685.(in Chinese)闫淑筠,王文杰,张玉清.一种有效的Web指纹识别方法[J].中国科学院大学学报,2016,33(5):679-685.
[10]CAO L C,ZHAO J J,CUI X,et al.Cyberspace device identification based on K-means with cosine distance measure.Journal of University of Chinese Academy of Sciences,2016,33(4):562-569.(in Chinese)曹来成,赵建军,崔翔,等.基于余弦测度下K-means的网络空间终端设备识别[J].中国科学院大学学报,2016,33(4):562-569.
[11]MAHDAVI A.Applying an Ensemble Learning Method for Improving Multi-label Classificati on Performance[C]∥2016 2nd International Conference of Signal Processing and Intelligent System(ICSPIS).2016.
[12]LIAO Z,HUANG Y,YUE X,et al.In Silico Prediction of Gamma-Aminobutyric Acid Type-A Receptors Using Novel Machine-Learning-Based SVM and GBDT Approaches [J].Biomed Research International,2016,2016(6):1-12.
[13]LIU Q,LIU C.A novel locally linear KNN model for visual reco-gnition[C]∥IEEE Conference on Computer Vision and Pattern Recognition.IEEE,2015:1329-1337.
[1] 柳杰灵, 凌晓波, 张蕾, 王博, 王之梁, 李子木, 张辉, 杨家海, 吴程楠.
基于战术关联的网络安全风险评估框架
Network Security Risk Assessment Framework Based on Tactical Correlation
计算机科学, 2022, 49(9): 306-311. https://doi.org/10.11896/jsjkx.210600171
[2] 王磊, 李晓宇.
基于随机洋葱路由的LBS移动隐私保护方案
LBS Mobile Privacy Protection Scheme Based on Random Onion Routing
计算机科学, 2022, 49(9): 347-354. https://doi.org/10.11896/jsjkx.210800077
[3] 赵冬梅, 吴亚星, 张红斌.
基于IPSO-BiLSTM的网络安全态势预测
Network Security Situation Prediction Based on IPSO-BiLSTM
计算机科学, 2022, 49(7): 357-362. https://doi.org/10.11896/jsjkx.210900103
[4] 邓凯, 杨频, 李益洲, 杨星, 曾凡瑞, 张振毓.
一种可快速迁移的领域知识图谱构建方法
Fast and Transmissible Domain Knowledge Graph Construction Method
计算机科学, 2022, 49(6A): 100-108. https://doi.org/10.11896/jsjkx.210900018
[5] 林夕, 陈孜卓, 王中卿.
基于不平衡数据与集成学习的属性级情感分类
Aspect-level Sentiment Classification Based on Imbalanced Data and Ensemble Learning
计算机科学, 2022, 49(6A): 144-149. https://doi.org/10.11896/jsjkx.210500205
[6] 康雁, 吴志伟, 寇勇奇, 张兰, 谢思宇, 李浩.
融合Bert和图卷积的深度集成学习软件需求分类
Deep Integrated Learning Software Requirement Classification Fusing Bert and Graph Convolution
计算机科学, 2022, 49(6A): 150-158. https://doi.org/10.11896/jsjkx.210500065
[7] 吕鹏鹏, 王少影, 周文芳, 连阳阳, 高丽芳.
基于进化神经网络的电力信息网安全态势量化方法
Quantitative Method of Power Information Network Security Situation Based on Evolutionary Neural Network
计算机科学, 2022, 49(6A): 588-593. https://doi.org/10.11896/jsjkx.210200151
[8] 杜鸿毅, 杨华, 刘艳红, 杨鸿鹏.
基于网络媒体的非线性动力学信息传播模型
Nonlinear Dynamics Information Dissemination Model Based on Network Media
计算机科学, 2022, 49(6A): 280-284. https://doi.org/10.11896/jsjkx.210500043
[9] 陶礼靖, 邱菡, 朱俊虎, 李航天.
面向网络安全训练评估的受训者行为描述模型
Model for the Description of Trainee Behavior for Cyber Security Exercises Assessment
计算机科学, 2022, 49(6A): 480-484. https://doi.org/10.11896/jsjkx.210800048
[10] 王宇飞, 陈文.
基于DECORATE集成学习与置信度评估的Tri-training算法
Tri-training Algorithm Based on DECORATE Ensemble Learning and Credibility Assessment
计算机科学, 2022, 49(6): 127-133. https://doi.org/10.11896/jsjkx.211100043
[11] 韩红旗, 冉亚鑫, 张运良, 桂婕, 高雄, 易梦琳.
基于共同子空间分类学习的跨媒体检索研究
Study on Cross-media Information Retrieval Based on Common Subspace Classification Learning
计算机科学, 2022, 49(5): 33-42. https://doi.org/10.11896/jsjkx.210200157
[12] 任首朋, 李劲, 王静茹, 岳昆.
基于集成回归决策树的lncRNA-疾病关联预测方法
Ensemble Regression Decision Trees-based lncRNA-disease Association Prediction
计算机科学, 2022, 49(2): 265-271. https://doi.org/10.11896/jsjkx.201100132
[13] 陈伟, 李杭, 李维华.
核小体定位预测的集成学习方法
Ensemble Learning Method for Nucleosome Localization Prediction
计算机科学, 2022, 49(2): 285-291. https://doi.org/10.11896/jsjkx.201100195
[14] 刘振宇, 宋晓莹.
一种可用于分类型属性数据的多变量回归森林
Multivariate Regression Forest for Categorical Attribute Data
计算机科学, 2022, 49(1): 108-114. https://doi.org/10.11896/jsjkx.201200189
[15] 周新民, 胡宜桂, 刘文洁, 孙荣俊.
基于多模态多层级数据融合方法的城市功能识别研究
Research on Urban Function Recognition Based on Multi-modal and Multi-level Data Fusion Method
计算机科学, 2021, 48(9): 50-58. https://doi.org/10.11896/jsjkx.210500220
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
地址:重庆市渝北区洪湖西路18号    邮编:401121  
电话:023-63500828(编辑部) 023-67039612(会议/专题) 023-67039623(财务/发票)
E-mail:jsjkx12@163.com
本系统由北京玛格泰克科技发展有限公司设计开发