Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Illegal-page detection method and device, intrusion detection system and storage medium

A detection method and page technology, applied in the information field, can solve problems such as garbled data, easy false positives, and unrecognition

Inactive Publication Date: 2018-07-20
BAIDU ONLINE NETWORK TECH (BEIJIBG) CO LTD
View PDF4 Cites 12 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Among them, the main problems of the existing flow-level methods are: (1) It is easy to generate false positives, such as accessing technical documents related to command execution, etc., which will lead to false positives; (2) It is easy to bypass, and it is easy to use feature matching. It is easy to be bypassed by attackers, such as executing commands to return base64 encrypted responses, replacing or hiding sensitive functions, etc. Among them, base64 encryption refers to adding some strings to the response body to make the data after base encoding become garbled and unrecognizable , unable to perform normal regular matching, thereby bypassing conventional detection; (3) weak detection ability, if the illegal page does not perform the above-mentioned behaviors that are easy to be detected, it will be difficult to be detected

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Illegal-page detection method and device, intrusion detection system and storage medium
  • Illegal-page detection method and device, intrusion detection system and storage medium
  • Illegal-page detection method and device, intrusion detection system and storage medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment approach

[0089] According to an implementation manner of the illegal page detection method of the present invention, further comprising: discarding the extracted text content of the value attribute if the extracted text content of the value attribute is a path. If the text content of the value attribute is a path, it is interference content, which has no effect on the similarity detection of page content, and is discarded.

[0090] According to an embodiment of the illegal page detection method of the present invention, determining whether the page data is an illegal page according to the calculated difference degree includes: if the calculated coincidence degree is less than a preset coincidence degree threshold, or If the calculated word segmentation ratio is greater than the preset word segmentation ratio threshold, it is determined that the page data is not an illegal page.

[0091] The value of coincidence degree can reflect the similarity of the content of two pages to a certain ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides an illegal-page detection method and device, an intrusion detection system and a computer readable storage medium. The illegal-page detection method includes the steps that pagedata is extracted from network flow; the extracted page data is compared with pages in a preset rule base, and the difference degree between the extracted page data and webpage structures and / or thewebpage content of the pages in the rule base is computed; according to the computed different degree, whether the page data is abnormal pages or not is determined. According to the illegal-page detection method and device, the intrusion detection system and the computer readable storage medium in the embodiment, the abnormal pages are determined from two dimensionalities of the structure and thecontent, the relevance ratio is greatly increased, and the false alarm rate is reduced; the abnormal pages are detected based on the fuzzy similarity degree, variety pages and unknown pages can be better detected, aggressive behaviors can be effectively avoided, and illegal websites are blown.

Description

technical field [0001] The invention relates to the field of information technology, in particular to an illegal page detection method, device, intrusion detection system and computer-readable storage medium. Background technique [0002] With the rapid development of the Internet, the security risks of websites are becoming more and more serious. Some criminals use phishing websites, Webshells, etc. to steal private information or attack servers. For example, after hackers attack the web server and upload the webshell Malaysia, they then carry out malicious operations such as hanging horses and dragging databases, seriously endangering the data security of the website and users. How to find a small amount of illegal page traffic among the hundreds of millions of traffic is a problem that needs to be solved at present. [0003] In the prior art, the methods for detecting illegal pages mainly include: (1) at the host level, that is, the software is deployed on the server, wh...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06F17/30
CPCG06F16/958G06F16/986
Inventor 马哲超李子奇吴月升刘小凯
Owner BAIDU ONLINE NETWORK TECH (BEIJIBG) CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com