Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

A method and system for identifying web intrusion

A suspicious and score-based technology, applied in transmission systems, digital transmission systems, secure communication devices, etc., can solve problems such as security monitoring mechanism dependence, and achieve the effect of reducing the vulnerability rate

Active Publication Date: 2022-06-21
GLOBAL ENERGY INTERCONNECTION RES INST CO LTD +2
View PDF7 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] The security monitoring mechanism of the existing web server system relies too much on WAF and IDS systems
WAF and IDS systems basically rely on rules, and are unaware of 0day vulnerability attacks that do not have rules

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A method and system for identifying web intrusion
  • A method and system for identifying web intrusion
  • A method and system for identifying web intrusion

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0054] In order to better understand the present invention, the content of the present invention will be further described below with reference to the accompanying drawings and examples.

[0055] The present invention provides a method for identifying WEB intrusion, such as figure 1 As shown, the method is specifically:

[0056] Obtain the access behavior of visitors;

[0057] Judging whether the access behavior is a suspicious request, and if it is a suspicious request, according to a preset suspicious score evaluation standard, accumulating the suspicious scores involved in the access behavior to obtain a safety score;

[0058] When the security score is greater than the preset threshold, the user behaves abnormally and there is WEB intrusion.

[0059] This method is further refined as follows:

[0060] Step 1: Establish a trusted architecture for the WEB website. The principle of the trusted architecture is that all the current contents of the WEB website are trusted.

...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The present invention relates to a method for identifying WEB intrusion, comprising: obtaining the access behavior of the visitor; judging whether the access behavior is a suspicious request, and if it is a suspicious request, accumulating the access behavior according to a preset suspicious score evaluation standard The suspicious score involved is obtained as the security score; when the security score is greater than the preset threshold, the user behavior is abnormal, and there is WEB intrusion. The technical solution provided by the present invention gets rid of the dependence on traditional IPS, IDS and other devices that are highly dependent on rules, realizes the means of identifying unknown high-level intrusion WEB servers and the utilization of 0day loopholes based on irregular rules, and achieves the security of Web servers Real-time awareness of status and operating conditions.

Description

technical field [0001] The invention relates to the security monitoring of a WEB server, in particular to a method and a system for identifying WEB intrusion. Background technique [0002] With the popularization of the network, while IT technology promotes product innovation and reform, various security issues are becoming more and more serious, which makes the information security industry stand at the forefront of the development of the IT industry. WEB application security is an important branch of information security. The current security measures for WEB application security are mainly implemented by deploying mainstream systems or devices such as firewalls, IDS, and IPS. With the development of network attack technology, the inherent deficiencies of firewalls are powerless to attack WEB services. [0003] For example, the traditional WEB firewall uses the keyword feature technology to detect Webshell, but this technology has the possibility of misjudgment when the ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L9/40H04L67/02
CPCH04L63/1425H04L67/02
Inventor 马铁军郭昊詹雄张錋陈奋张英杰王涛何小芸张志强陈超邱岳王林贾冬冬程长高
Owner GLOBAL ENERGY INTERCONNECTION RES INST CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products