Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Web attack detection method and Web stack detection device

An attack detection and detection technology, applied in the field of information security, can solve the problems of high false alarm rate, affecting the normal use of users, high labor cost, etc., and achieve the effect of reducing labor cost

Active Publication Date: 2017-11-14
四川无声信息技术有限公司 +1
View PDF5 Cites 24 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0002] Traditional web attack detection methods (for example, detection methods based on traditional regular expressions, black / white list methods) need to manually formulate detection rules and manually construct training samples for supervised detection. These operations need to be performed by experienced white hats (positive Hackers can identify security loopholes in computer systems or network systems, but they will not exploit them maliciously, but publish the loopholes so that the system can be patched before being exploited by others (such as black hats), so as to ensure detection The effectiveness of the method requires high labor costs, and the professional skills of many enterprise employees do not meet the requirements
[0003] In the existing technology, detection methods based on rules, whitelists, blacklists, regular expressions and string matching can intercept most attacks, but the detection rules are too strict and the false alarm rate is too high, which will affect Normal use by users
The detection rules are broad and easy for attackers to bypass
[0004] In addition, the existing detection methods cannot detect and block new unknown attacks in a timely manner. After a new type of attack appears, it usually needs to be disseminated, discovered, and disclosed before relevant personnel can analyze and formulate detection rules, which have a certain impact on attack detection. Delay

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Web attack detection method and Web stack detection device
  • Web attack detection method and Web stack detection device
  • Web attack detection method and Web stack detection device

Examples

Experimental program
Comparison scheme
Effect test

no. 1 example

[0035] Please refer to figure 2 , figure 2 It is one of the flow charts of the steps of the Web attack detection method provided in the first embodiment of the present invention. The method is applied to the terminal device 100 . The specific process of the Web attack detection method is described in detail below. The method includes step S130, step S140 and step S150.

[0036] Step S130, obtaining the Web request to be detected, and performing preprocessing on the Web request to be detected to obtain a corresponding target character string.

[0037] Please refer to image 3 , image 3 provided by the first embodiment of the present invention figure 2 The sub-step flowchart of step S130 is shown. The step S130 includes: sub-step S131 , sub-step S132 , sub-step S133 , sub-step S134 , sub-step S135 and sub-step S136 .

[0038] Sub-step S131, obtaining the path and parameters of the web request to be detected.

[0039] In this embodiment, when the terminal device 100 ...

no. 2 example

[0088] Please refer to Figure 7 , Figure 7 A block diagram of functional modules of the web attack detection apparatus 200 provided in the second embodiment. The apparatus is applied to the terminal device 100 . The device includes: a preprocessing module 230 , a vectorization processing module 240 and a detection module 250 .

[0089] The preprocessing module 230 is configured to obtain a web request to be detected, and perform preprocessing on the web request to be detected to obtain a corresponding target character string.

[0090] In this embodiment, the preprocessing module 230 is used to execute figure 2 In step S130, for the specific description of the preprocessing module 230, please refer to the description of step S130.

[0091] The vectorization processing module 240 is configured to perform vectorization processing on the target character string to obtain a corresponding target vector.

[0092] In this embodiment, the vectorization processing module 240 is ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a Web attack detection method and a Web attack detection device. The method comprises the following steps: acquiring a to-be-detected Web request, and pretreating the to-be-detected Web request to acquire a corresponding target character string; carrying out vectorization treatment on the target character string to acquire a corresponding target vector; and detecting the target vector according to a detection model, and judging whether a to-be-detected Web request is an attack request or not. Therefore, the attack request and even a novel unknown attack can be timely and effectively detected. Meanwhile, after building of the detection model is completed, manual intervention is not needed, and detection rules do not need to be established, so that labor cost is reduced.

Description

technical field [0001] The present invention relates to the technical field of information security, in particular to a web attack detection method and device. Background technique [0002] Traditional web attack detection methods (for example, detection methods based on traditional regular expressions, black / white list methods) need to manually formulate detection rules and manually construct training samples for supervised detection. These operations need to be performed by experienced white hats (positive Hackers can identify security loopholes in computer systems or network systems, but they will not exploit them maliciously, but publish the loopholes so that the system can be patched before being exploited by others (such as black hats), so as to ensure detection The effectiveness of the method requires high labor costs, and the professional skills of many enterprise employees do not meet the requirements. [0003] In the existing technology, detection methods based on...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F21/55G06F21/56
CPCG06F21/554G06F21/563
Inventor 卢康刘亮张磊何祥邹晓波刘露平黄勇
Owner 四川无声信息技术有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com