Netinfo Security ›› 2015, Vol. 15 ›› Issue (9): 6-9.doi: 10.3969/j.issn.1671-1122.2015.09.002

• Orginal Article • Previous Articles     Next Articles

Research on Web Intrusion Detection Module Based on Hybrid Framework

Ming ZHANG(), Bo-yi XU, Fei XU   

  1. National Key Laboratory of Science and Technology on Information System Security, Beijing 100101, China
  • Received:2015-07-15 Online:2015-09-01 Published:2015-11-13

Abstract:

Web intrusion detection system can monitor Web access transactions in real-time and detect attacks in time, which can solve the Web security problems effectively. This paper analyzes the advantages and shortcomings of the current Web intrusion detection techniques, and then proposes a Web intrusion detection hybrid framework. The hybrid framework integrates a signature-based detection module and an anomaly-based detection module. The signature-based detection module is mainly used to detect those known attacks, which easily are extracted features. The anomaly-based detection module is mainly used to detect those unknown attacks, which can hardly be detected by the signature-based module. The hybrid framework achieves a higher detection rate.

Key words: Web intrusion detection, hybrid framework, signature-based detection module, anomaly-based detection module

CLC Number: