Research on Web Intrusion Detection Module Based on Hybrid Framework

doi:10.3969/j.issn.1671-1122.2015.09.002

Abstract

Abstract:

Web intrusion detection system can monitor Web access transactions in real-time and detect attacks in time, which can solve the Web security problems effectively. This paper analyzes the advantages and shortcomings of the current Web intrusion detection techniques, and then proposes a Web intrusion detection hybrid framework. The hybrid framework integrates a signature-based detection module and an anomaly-based detection module. The signature-based detection module is mainly used to detect those known attacks, which easily are extracted features. The anomaly-based detection module is mainly used to detect those unknown attacks, which can hardly be detected by the signature-based module. The hybrid framework achieves a higher detection rate.

Key words: Web intrusion detection, hybrid framework, signature-based detection module, anomaly-based detection module

CLC Number:

TP309

Ming ZHANG, Bo-yi XU, Fei XU. Research on Web Intrusion Detection Module Based on Hybrid Framework[J]. Netinfo Security, 2015, 15(9): 6-9.

Figures/Tables 4

References 12

[1]	Corporation Symantec. Internet Security Threat Report (2014) [EB/OL]. .
[2]	Cenzic. Application Vulnerability Trends Report (2014) [EB/OL]. .
[3]	郝增帅,郭荣华,文伟平,等. 基于特征分析和行为监控的未知木马检测系统研究与实现[J]. 信息网络安全,2015,(2):57-65.
[4]	Kumar S.Classification and detection of computer intrusions[D]. West Lafayette:Purdue University, 1995.
[5]	Sebring M M, Shellhouse E, Hanna M, et al.Expert systems in intrusion detection: A case study[C]//Proceedings of the 11th National Computer Security Conference,1988: 74-81.
[6]	Balasubramaniyan J S, Garcia-Fernandez J O, Isacoff D, et al. An architecture for intrusion detection using autonomous agents[C]//Computer Security Applications Conference, 1998. Proceedings. 14th Annual. IEEE, 1998: 13-24.
[7]	段新东,林玉香,张鑫. 基于智能化自学习方式的入侵检测防护系统设计与实现[J]. 信息网络安全,2014,(2):20-26.
[8]	Kruegel C, Vigna G, Robertson W.A multi-model approach to the detection of web-based attacks[J]. Computer Networks, 2005, 48(5): 717-738.
[9]	Callegari C, Cyprus N.Statistical approaches for network anomaly detection[J]. ICIMP Conference, 2009, 169(1): 1-20.
[10]	Cao L C.Detecting Web-Based Attacks by Machine Learning[C]//Machine Learning and Cybernetics, 2006 International Conference on. IEEE, 2006: 2737-2742.
[11]	Das D, Sharma U, Bhattacharyya D K.A Web Intrusion Detection Mechanism based on Feature based Data Clustering[C]//Advance Computing Conference, 2009. IACC 2009. IEEE International. IEEE, 2009: 1124-1129.
[12]	戚名钰,刘铭,傅彦铭. 基于PCA的SVM网络入侵检测研究[J]. 信息网络安全,2015,(2):15-18.

[1]	Zhiyan ZHAO, Xiaomo JI. Research on the Intelligent Fusion Model of Network Security Situation Awareness [J]. Netinfo Security, 2020, 20(4): 87-93.
[2]	Min LIU, Shuhui CHEN. Research on VoLTE Traffic Based on Association Fusion [J]. Netinfo Security, 2020, 20(4): 81-86.
[3]	Lingyu BIAN, Linlin ZHANG, Kai ZHAO, Fei SHI. Ethereum Malicious Account Detection Method Based on LightGBM [J]. Netinfo Security, 2020, 20(4): 73-80.
[4]	Yifeng DU, Yuanbo GUO. A Dynamic Access Control Method for Fog Computing Based on Trust Value [J]. Netinfo Security, 2020, 20(4): 65-72.
[5]	Zhizhou FU, Liming WANG, Ding TANG, Shuguang ZHANG. HBase Secondary Ciphertext Indexing Method Based on Homomorphic Encryption [J]. Netinfo Security, 2020, 20(4): 55-64.
[6]	Rong WANG, Chunguang MA, Peng WU. An Intrusion Detection Method Based on Federated Learning and Convolutional Neural Network [J]. Netinfo Security, 2020, 20(4): 47-54.
[7]	Xiaoli DONG, Shuai SHANG, Jie CHEN. Impossible Differential Attacks on 9-Round Block Cipher Rijndael-192 [J]. Netinfo Security, 2020, 20(4): 40-46.
[8]	Chun GUO, Changqing CHEN, Guowei SHEN, Chaohui JIANG. A Ransomware Classification Method Based on Visualization [J]. Netinfo Security, 2020, 20(4): 31-39.
[9]	Lu CHEN, Yajie SUN, Liqiang ZHANG, Yun CHEN. A Scheme of Measurement for Terminal Equipment Based on DICE in IoT [J]. Netinfo Security, 2020, 20(4): 21-30.
[10]	Jinfang JIANG, Guangjie HAN. Survey of Trust Management Mechanism in Wireless Sensor Network [J]. Netinfo Security, 2020, 20(4): 12-20.
[11]	Jianwei LIU, Yiran HAN, Bin LIU, Beiyuan YU. Research on 5G Network Slicing Security Model [J]. Netinfo Security, 2020, 20(4): 1-11.
[12]	Peng LIU, Qian HE, Wangyang LIU, Xu CHENG. CP-ABE Scheme Supporting Attribute Revocation and Outsourcing Decryption [J]. Netinfo Security, 2020, 20(3): 90-97.
[13]	Yubo SONG, Ming FAN, Junjie YANG, Aiqun HU. Multipath Solution and Blocking Method of Network Attack Traffic Based on Topology Analysis [J]. Netinfo Security, 2020, 20(3): 9-17.
[14]	Tengfei WANG, Manchun CAI, Tianliang LU, Ting YUE. IPv6 Network Attack Source Tracing Method Based on iTrace_v6 [J]. Netinfo Security, 2020, 20(3): 83-89.
[15]	Yi ZHANG, Hongyan LIU, Hequn XIAN, Chengliang TIAN. A Cloud Storage Encrypted Data Deduplication Method Based on Authorization Records [J]. Netinfo Security, 2020, 20(3): 75-82.