Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Method and system for identifying WEB invasion

A suspicious and score-based technology, applied in transmission systems, electrical components, etc., can solve problems such as the dependence of security monitoring mechanisms, and achieve the effect of reducing the vulnerability rate

Active Publication Date: 2017-12-01
GLOBAL ENERGY INTERCONNECTION RES INST CO LTD +2
View PDF6 Cites 4 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] The security monitoring mechanism of the existing web server system relies too much on WAF and IDS systems
WAF and IDS systems basically rely on rules, and are unaware of 0day vulnerability attacks that do not have rules

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and system for identifying WEB invasion
  • Method and system for identifying WEB invasion
  • Method and system for identifying WEB invasion

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0054] In order to better understand the present invention, the content of the present invention will be further described below in conjunction with the accompanying drawings and examples.

[0055] The present invention provides a method for identifying WEB intrusion, such as figure 1 As shown, the method is specifically:

[0056] Obtain visitor behavior;

[0057] Judging whether the access behavior is a suspicious request, if it is a suspicious request, accumulating the suspicious scores involved in the access behavior to obtain a security score according to a preset suspicious score evaluation standard;

[0058] When the security score is greater than the preset threshold, the user behavior is abnormal, and there is WEB intrusion.

[0059] The method is further refined as follows:

[0060] Step 1: Establish a trusted architecture for the WEB website. The principle of the trusted architecture is that all current content of the WEB website is credible.

[0061] Step 2: Ext...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to a method for identifying WEB invasion. The method comprises the following steps: obtaining an access behavior of a visitor; judging whether the access behavior is a suspicious request, if so, accumulating a suspicious score involved in the access behavior according to a preset suspicious score judgment standard to obtain a security score; and if the security score is greater than a preset threshold, indicating that the user behavior is normal, and the WEB invasion exists. By adoption of the technical scheme provided by the invention, the dependence on the traditional IPS and IDS device highly depending on rules is removed, the means for identifying unknown advanced invasion WEB server in a non-rule manner is realized, the 0day vulnerabilities are used, and the real-time sensing of the security state and the operation state of the Web server are realized.

Description

technical field [0001] The invention relates to safety monitoring of a WEB server, in particular to a method and system for identifying WEB intrusion. Background technique [0002] With the popularization of the Internet, while IT technology promotes product innovation and change, various security issues are becoming more and more serious, which makes the information security industry stand at the forefront of the development of the IT industry. And WEB application security is an important branch of information security. The current security measures for WEB application security are mainly implemented by deploying mainstream systems or devices such as firewalls, IDS, and IPS. With the development of network attack technology, the congenital deficiencies of firewalls seem powerless to attacks on WEB services. [0003] For example, traditional WEB firewalls use keyword feature technology to detect Webshells, but this technology may cause misjudgment when the user's normal pa...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L29/08
CPCH04L63/1425H04L67/02
Inventor 马铁军郭昊詹雄张錋陈奋张英杰王涛何小芸张志强陈超邱岳王林贾冬冬程长高
Owner GLOBAL ENERGY INTERCONNECTION RES INST CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com