Intrusion study and judgment method and system based on Web log

A log and unified technology, applied in the Internet field, to achieve the effect of improving efficiency, high log parsing power, and convenient secondary analysis

Pending Publication Date: 2022-05-13
广东云智安信科技有限公司
View PDF0 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0006] The technical problem to be solved by the present invention is that the web log type formats provided by existing different types of web servers are not uniform, resulting in low efficiency of web log analysis

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Intrusion study and judgment method and system based on Web log
  • Intrusion study and judgment method and system based on Web log
  • Intrusion study and judgment method and system based on Web log

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0038] The present invention provides an intrusion research and judgment method based on Web logs. By cutting web logs, unifying analysis, rule matching detection, and log aggregation, the intrusion research and judgment of the attacker's IP is realized, which effectively solves the problem of low efficiency of manual web log research and judgment. Workload problem. The present invention will be described in detail below in conjunction with the accompanying drawings and specific embodiments.

[0039] Such as figure 1 As shown, the web log-based intrusion research and judgment system provided by the present invention includes an analysis module 1 , a rule matching engine 2 , an aggregation engine 3 and a storage module 4 . The parsing module 13 is used to cut the original log into fields according to the default delimiter and default quoting character, and automatically identify the format of the field, quickly match the format of the field, analyze and process it into the dat...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses an intrusion study and judgment method and system based on a web log. The study and judgment method comprises the following steps: cutting an original log into fields according to a default divider and a default reference character; field formats are automatically identified, and the field formats are quickly matched, analyzed and stored in a database; the stored logs are read in batches, and log matching rule detection is carried out; updating the log and writing the log into a database; aggregating the logs to generate a web attack event, and judging whether the intruder attacks successfully or not; and generating and submitting a protection and processing report according to the web attack time, the research and judgment result and the manually confirmed influence range of the intrusion. According to the method, the invasion study and judgment of the attacker IP are realized through cutting, unified analysis, rule matching detection and log aggregation of the web log, and the method has the advantages of high efficiency, high result accuracy, high log analysis strength and convenience in secondary analysis and use by adopting a mode of combining automatic detection and manual confirmation, so that the web analysis efficiency is greatly improved.

Description

technical field [0001] The invention relates to the technical field of the Internet, in particular to an intrusion research and judgment method and system based on Web logs. Background technique [0002] As one of the most important applications on the Internet, the Web provides a convenient mechanism for publishing and obtaining documents, and has gradually become a gathering place for various information resources. The richness and diversity of information lure hackers, resulting in more and more frequent attacks on Web applications, especially attacks on Web servers. This kind of attack not only has a wide variety, but also has great harm. Sometimes it will lead to the leakage of company user information, and even cause the server to be paralyzed. [0003] When a user accesses a web service through a client, the web server generates a web access log according to the user's corresponding request. Web access logs record various original information such as web server rece...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/57G06F21/55
CPCG06F21/577G06F21/552
Inventor 陶然
Owner 广东云智安信科技有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap