Computer Science ›› 2018, Vol. 45 ›› Issue (8): 141-145.doi: 10.11896/j.issn.1002-137X.2018.08.025

• Information Security • Previous Articles     Next Articles

Web Server Fingerprint Identification Technology Based on KNN and GBDT

NAN Shi-hui1, WEI Wei2, WU Hua-qing1, ZOU Jing-rong2, ZHAO Zhi-wen1,2   

  1. Zhuhai Branch,Graduate School of Beijing Normal University,Zhuhai,Guangdong 519087,China1
    School of Information Science and Technology,Beijing Normal University,Beijing 100875,China2
  • Received:2017-05-09 Online:2018-08-29 Published:2018-08-29

Abstract: Conventional Web server fingerprinting method is easy to modify the response head so that the recognition result is not accurate,and the existing recognition method based on machine learning needs to send a large number of requestsfor identification.To solve these problems,by analyzing the feature relations of the response head,a Web server fingerprint recognition algorithm based on KNN and GBDT was proposed.Only two different types of exception requests are sent to identify the corresponding Web server fingerprint type and version range.Compared with the existing algorithm of the relevant Web server fingerprint recognition,the proposed algorithm can optimize the recognition speed and the recognition accuracy.

Key words: Cyber security, Ensemble learning, Gradient decision boosting tree, Web fingerprint

CLC Number: 

  • TP393
[1]LI F,DURUMERIC Z,CZYZ J,et al.You’ve got vulnerability:Exploring effective vulnerability notifycations[C]∥Proceedings of the 25th USENIX Security Symposium.2016:1033-1050.
[2]MAKINO Y,KLYUEV V.Evaluation of Web vulnerability scan-ners[C]∥IEEE International Conference on Intelligent Data Acquisition and Advanced Computing Systems:Technology and Applications.IEEE,2015:399-402.
[3]PARVEZ M,ZAVARSKY P,KHOURY N.Analysis of effectiveness of black-box web application scanners in detection of stored SQL injection and stored XSS vulnerabilities[C]∥IEEE International Conference for Internet Technology and Secured Transactions.2015:186-191.
[4]KISS B,KOSMATOV N,PARIENTE D,et al.Combining Static and Dynamic Analyses for Vulnerability Detection:Illustration on Heart bleed[M]∥Hardware and Software:Verification and Testing.2015.
[5]KHADEMI A F,ZULKERNINE M,WELDEMARIAM K.An Empirical Evaluation of Web-Based Fingerprinting[J].Software IEEE,2015,32(4):46-52.
[6]LEE D,ROWE J,KO C,et al.Detecting and Defending against Web-Server Fingerprinting[C]∥2002 Proceedings Computer Security Applications Conference.IEEE,2002:321-330.
[7]WU S H,SUN D,HU Y.Web Server Identification Based onBayesian Theory[J].Computer Engineering,2015,41(7):190-193,198.(in Chinese).吴少华,孙丹,胡勇.基于贝叶斯理论的Web服务器识别.计算机工程,2015,41(7):190-193,198.
[8]HUANG Z,XIA C,SUN B,et al.Analyzing and summarizingthe web server detection technology based on HTTP[C]∥2015 6th IEEE International Conference on Software Engineering and Service Science (ICSESS).IEEE,2015:1042-1045.
[9]YAN S J,WANG W J,ZHANG Y Q.An efficient method of Web fingerprint identification. Journal of University of Chinese Academy of Sciences,2016,33(5):679-685.(in Chinese)闫淑筠,王文杰,张玉清.一种有效的Web指纹识别方法[J].中国科学院大学学报,2016,33(5):679-685.
[10]CAO L C,ZHAO J J,CUI X,et al.Cyberspace device identification based on K-means with cosine distance measure.Journal of University of Chinese Academy of Sciences,2016,33(4):562-569.(in Chinese)曹来成,赵建军,崔翔,等.基于余弦测度下K-means的网络空间终端设备识别[J].中国科学院大学学报,2016,33(4):562-569.
[11]MAHDAVI A.Applying an Ensemble Learning Method for Improving Multi-label Classificati on Performance[C]∥2016 2nd International Conference of Signal Processing and Intelligent System(ICSPIS).2016.
[12]LIAO Z,HUANG Y,YUE X,et al.In Silico Prediction of Gamma-Aminobutyric Acid Type-A Receptors Using Novel Machine-Learning-Based SVM and GBDT Approaches [J].Biomed Research International,2016,2016(6):1-12.
[13]LIU Q,LIU C.A novel locally linear KNN model for visual reco-gnition[C]∥IEEE Conference on Computer Vision and Pattern Recognition.IEEE,2015:1329-1337.
[1] WANG Lei, LI Xiao-yu. LBS Mobile Privacy Protection Scheme Based on Random Onion Routing [J]. Computer Science, 2022, 49(9): 347-354.
[2] LIN Xi, CHEN Zi-zhuo, WANG Zhong-qing. Aspect-level Sentiment Classification Based on Imbalanced Data and Ensemble Learning [J]. Computer Science, 2022, 49(6A): 144-149.
[3] KANG Yan, WU Zhi-wei, KOU Yong-qi, ZHANG Lan, XIE Si-yu, LI Hao. Deep Integrated Learning Software Requirement Classification Fusing Bert and Graph Convolution [J]. Computer Science, 2022, 49(6A): 150-158.
[4] TAO Li-jing, QIU Han, ZHU Jun-hu, LI Hang-tian. Model for the Description of Trainee Behavior for Cyber Security Exercises Assessment [J]. Computer Science, 2022, 49(6A): 480-484.
[5] WANG Yu-fei, CHEN Wen. Tri-training Algorithm Based on DECORATE Ensemble Learning and Credibility Assessment [J]. Computer Science, 2022, 49(6): 127-133.
[6] HAN Hong-qi, RAN Ya-xin, ZHANG Yun-liang, GUI Jie, GAO Xiong, YI Meng-lin. Study on Cross-media Information Retrieval Based on Common Subspace Classification Learning [J]. Computer Science, 2022, 49(5): 33-42.
[7] REN Shou-peng, LI Jin, WANG Jing-ru, YUE Kun. Ensemble Regression Decision Trees-based lncRNA-disease Association Prediction [J]. Computer Science, 2022, 49(2): 265-271.
[8] CHEN Wei, LI Hang, LI Wei-hua. Ensemble Learning Method for Nucleosome Localization Prediction [J]. Computer Science, 2022, 49(2): 285-291.
[9] LIU Zhen-yu, SONG Xiao-ying. Multivariate Regression Forest for Categorical Attribute Data [J]. Computer Science, 2022, 49(1): 108-114.
[10] ZHOU Xin-min, HU Yi-gui, LIU Wen-jie, SUN Rong-jun. Research on Urban Function Recognition Based on Multi-modal and Multi-level Data Fusion Method [J]. Computer Science, 2021, 48(9): 50-58.
[11] LI Bei-bei, SONG Jia-rui, DU Qing-yun, HE Jun-jiang. DRL-IDS:Deep Reinforcement Learning Based Intrusion Detection System for Industrial Internet of Things [J]. Computer Science, 2021, 48(7): 47-54.
[12] ZHOU Gang, GUO Fu-liang. Research on Ensemble Learning Method Based on Feature Selection for High-dimensional Data [J]. Computer Science, 2021, 48(6A): 250-254.
[13] DAI Zong-ming, HU Kai, XIE Jie, GUO Ya. Ensemble Learning Algorithm Based on Intuitionistic Fuzzy Sets [J]. Computer Science, 2021, 48(6A): 270-274.
[14] CHEN Ming-hao, ZHU Yue-fei, LU Bin, ZHAI Yi, LI Ding. Classification of Application Type of Encrypted Traffic Based on Attention-CNN [J]. Computer Science, 2021, 48(4): 325-332.
[15] HUAN Wen-ming, LIN Hai-tao. Design of Intrusion Detection System Based on Sampling Ensemble Algorithm [J]. Computer Science, 2021, 48(11A): 705-712.
Full text



No Suggested Reading articles found!