利用一个组合检测系统来减少对恶意请求的错误判断

计算机科学 ›› 2013, Vol. 40 ›› Issue (Z6): 344-348.

利用一个组合检测系统来减少对恶意请求的错误判断

林捷

上海应用技术学院上海201418

出版日期:2018-11-16 发布日期:2018-11-16
基金资助:
本文受上海市教委科研创新项目(12YZ166)资助

Use Combination of Detection Systems to Reduce Errors of Judgment on Malicious Request

LIN Jie

Online:2018-11-16 Published:2018-11-16

摘要/Abstract

摘要： 当今Web应用程序定制技术被广泛应用,异常检测技术在预警和实时阻断应用级程序攻击网站等方面是一个很合适的方法。然而,异常检测技术更容易产生误报和漏报的问题。利用一个综合系统来解决问题,这个综合系统包括基于Web的异常检测系统和一个数据库异常检测系统。即一个Web的异常检测系统和SQL查询的异常检测系统的串行结构将能提高系统检测的效率。在现有的几种Web应用程序上对其适用性进行了评估,显示出该算法在减少误报和漏报方面是可行的有效的。

关键词: 异常检测,SQL查询,Web应用程序

Abstract: Today’s Web application customization technology is widely used.Anomaly detection in early warning and real-time blocking the attack site of application-level program is a very suitable method．However,anomaly detection techniques are easier to detect problems of false positives and false negatives．The use of an integrated system can solve the problem．This integrated system includs the anomaly detection system based anomaly detection system,the Web and a database．Anomaly detection system and the SQL query of a Web serial structure of the anomaly detection system will be able to improve the efficiency of the detection system．The algorithm was evaluated for its applicability on several existing Web application．It is showed that the algorithm is feasible and effective to reduce false positives and false negatives.

Key words: Anomaly detection,SQL queries,Web applications

林捷. 利用一个组合检测系统来减少对恶意请求的错误判断[J]. 计算机科学, 2013, 40(Z6): 344-348. https://doi.org/

LIN Jie. Use Combination of Detection Systems to Reduce Errors of Judgment on Malicious Request[J]. Computer Science, 2013, 40(Z6): 344-348. https://doi.org/

参考文献

[1] Akritidis P,Anagnostakis K,Markatos E．Efficient content-based of zero-day worms[C]∥Proceedings of the International Conference on Communications (ICC)．eoul,Korea,May 2005
[2] Andersson R．punnBBB-fast and lightweight PHP-powered discussion boardhttp://www.punbb.org,2005. (下转第380页)(上接第348页)
[3] Roesh M．Snort-lightweight intrusion detection for networks[C]∥Proceedings of the USENIX LISA’99Conference．Seattle,WA,November 1999
[4] Axelsson S．punBB-fast fallacy and its implications for the difficulty of intrusion detection[C]∥Proceedings of the 6tth ACM Conference on Computer and Computer and Communications Security．Singapore,1999
[5] Sidiroglou K A S,Akritidis P,Xinidis K,et al.Detecting targeted attacks using shadow honeypots[C]∥Proceeding of the USENIX Security Symposium Baltimore．MD,August 2005
[6] Common vulnerabilities and exposures．http://www.cve.mitre.org,2003
[7] Breache Security Breachgate．http://www.breach.com,2006-08
[8] Citrix．Citrix application firewall．http://www.citrix.com,2006-08

Metrics

Viewed

Full text

Abstract

Cited

Shared

Discussed