| 基于Webdecoy的攻击行为特征提取研究 |
| |
| 引用本文: | 任晓博,何聚厚.基于Webdecoy的攻击行为特征提取研究[J].计算机工程与设计,2010,31(21). |
| |
| 作者姓名: | 任晓博 何聚厚 |
| |
| 作者单位: | 陕西师范大学计算机科学学院; |
| |
| 摘 要: | 为更好地解决Web应用的安全问题,提出了基于Webdecoy的攻击行为特征提取模型.以具体的业务系统为基础,通过嵌入监控代码跟踪对业务系统的访问并获取探测攻击信息,并对获取信息进行归一化处理和属性划分,根据属性的动态比较得到攻击请求的相似性结构.最后对探测行为进行检测评估,对恶意行为给出报警,并通过实验结果验证了该模型的有效性.
|
| 关 键 词: | Webdecoy 特征提取 Web攻击 攻击属性 检测评估 |
Research of attacks feature extraction based on Webdecoy |
| |
| REN Xiao-bo,HE Ju-hou.Research of attacks feature extraction based on Webdecoy[J].Computer Engineering and Design,2010,31(21). |
| |
| Authors: | REN Xiao-bo HE Ju-hou |
| |
| Abstract: | To solve the web application security problem effectively,the feature extraction model based on Webdecoy is proposed based on the specific web-application.Following access to the system by the insertion of monitoring code,and the attack information can be detected.Then this information is normalized and divided of attribute,the similar structure of attack requests can be obtained by comparing their attributes dynamically,finally the access request is detected and the alarm of malicious acts is given.The exp... |
| |
| Keywords: | Webdecoy feature extraction web attack attack attributes detection evaluation |
| 本文献已被 CNKI 万方数据 等数据库收录! |
|
