摘要
基于SOAP消息的恶意内容攻击对Web服务的应用与推广具有很大的影响,但目前尚缺乏能有效检测SOAP消息中恶意内容的方法,为此提出了一种新的SOAP消息特征检测方法。通过定义SOAP项和SOAP规则来描述恶意内容的特征,提出了SOAP消息解析算法和SOAP规则匹配算法,用来实施恶意内容的特征检测。根据提出的方法,设计并实现了一个Web服务攻击检测的原型系统。攻击检测实验和性能分析实验的结果表明,该方法有较好的检测效果和性能。
Malicious content attacks based on SOAP messages have great impact on application and popularization of Web services.In order to detect the malicious content in SOAP message this paper proposed a new method of SOAP message signature detection.This method defined the SOAP Item and SOAP Rule to describe the feature of malicious content and introduced the SOAP message parsing algorithm and SOAP rule matching algorithm to detect the malicious content attacks detection.According to this proposed method a prototype system of Web services attack detection was designed and implemented.The experimental results of attack detection and performance analysis show that this system has good detection effect and performance.
出处
《计算机应用》
CSCD
北大核心
2010年第8期2134-2138,共5页
journal of Computer Applications
基金
国防预研基金资助项目(51406020105JB8103)