期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于贝叶斯理论的Web服务器识别 被引量:6

Web Server Identification Based on Bayesian Theory
下载PDF
导出
摘要 针对现有Web服务器识别(WSI)方法存在识别正确率低且对指纹库依赖性强的问题,依据不同服务器对15种畸形Http请求处理机制的差异,提出一种新的识别方法。使用朴素贝叶斯分类模型计算待测Web服务器各分类属性在状态码特征属性下的后验概率,选择后验概率最大的类型作为Web服务器类型,根据该类型选择特定版本特征库,利用朴素贝叶斯分类模型得到Web服务器类型对应的具体版本,以此设计和实现Web服务器识别系统。与现有HMAP,Httprecon,Httprint识别工具进行对比实验的结果表明,随着训练样本的增加,该系统的准确率、召回率和F-measure值更高,识别性能更好。 Aiming at the problem that the identification rate of current Web Server Identification(WSI) methods is low, and the dependence for fingerprints is strong. By the Web servers' different responses to the 15 types of abnormal Http requests, the naive Bayes classification model is used to identify the Web server type by the maximum posterior probability of status code attributes. The model is used again to identify the Web server version by selecting version features. A system based on the method called WSI system is designed and realized. Experimental results show that compared with the current three identification tools such as HMAP, Httprecon, Httprint, the accuracy and recall rate and F-measure of this system are higher, and it has better recognition performance with the increase of training samples.
作者 吴少华 孙丹 胡勇
机构地区 四川大学电子信息学院
出处 《计算机工程》 CAS CSCD 北大核心 2015年第7期190-193,198,共5页 Computer Engineering
基金 国家部委基金资助项目
关键词 Web安全检测 漏洞检测 Web服务器识别 贝叶斯理论 状态码 Web security detection vulnerability detection Web Server Identification (WSI) Bayesian theory status code
分类号 TP309 [自动化与计算机技术—计算机系统结构]
  • 相关文献

参考文献10

  • 1徐远纯,郭德先,罗洁.基于HTTP指纹识别的服务器安全对策[J].计算机科学,2008,35(1):261-263. 被引量:1
  • 2杨可新,鞠九滨.利用Web指纹进行服务映射[J].计算机工程与应用,2004,40(4):7-9. 被引量:3
  • 3王永杰,鲜明,王国玉,肖顺平.基于指纹分析的Web服务探测技术[J].计算机工程,2005,31(17):26-28. 被引量:5
  • 4Dustin W L.HMAP:A Technique and Tool for Remote Identification of HTTP Servers[EB/OL].(2010-08-21).http://seclab.cs.ucdavis.edu/papers/HMAP-thesis.pdf.
  • 5Dustin L,Jeff R,Calvin K,et al.Detecting and Defending Against Web-server Fingerprinting[C]//Proceedings of the 18th Annual Computer Security Applications Conference.Washington D.C.,USA:IEEE Press,2002:310-330.
  • 6Marc R.Httprecon Project Advanced Web Server Fingerprinting[EB/OL].(2010-10-19).http://w w w.computec.ch/projekte/httprecon/s=documentation.
  • 7Saumil S.An Introduction to HTTP Fingerprinting[EB/OL].(2008-11-27).http://www.net-square.com/httprint_paper.html.
  • 8王树太.一种Web服务器识别的方法及装置:中国,CN102904940A[P].2013-01-30.
  • 9Theodore B,Martha W,Dan S.Automated Generation of Web Server Fingerprints[EB/OL].(2009-11-21).http://www.bibsonomy.org/bibtex/28677d83ad42a588831eaefd5a0dfe971/dblp.
  • 10孙丹.基于贝叶斯理论的Web服务器识别技术研究[D].成都:四川大学,2014.

二级参考文献24

  • 1黄仲祥.TCP/IP协议分析和网络攻击方法[J].通信对抗,2005(4):55-58. 被引量:2
  • 2刘全.网络控制系统的网络安全研究[J].微计算机信息,2006,22(09X):71-73. 被引量:7
  • 3[1]Julian Assange. Strobe.http://www.wizardsworld.com/security/strobe. tgz
  • 4[2]Rhino9.Pinger.http://www.nmrc.org/files/snt/
  • 5[3]Fyodor. Remote OS detection via TCP/IP Stack Fingerprinting.http://www.insecure.org/nmap/nmap-fingerprinting-article.html
  • 6[4]Fyodor. Nmap.http://www.insecure.org/nmap/
  • 7[5]R Fielding,J Gettys,J Mogul et al. Hypertext Transfer Protocol HTFP/1.1[S].RFC 2068 ,IETF, 1997-01
  • 8[6]R Fielding,J Gettys,J C Mogul et al. Hypertext Transfer Protocol -HTTP/1.1[S].RFC 2616,IETF, 1999-06
  • 9[7]R Deraison. Nessus.http://www.nessus.org/
  • 10[8]Rain Forest Puppy. Whisker: next-generation CGI scanner.http://www.wiretrip.net/rfp/

共引文献6

同被引文献47

  • 1王永杰,鲜明,王国玉,肖顺平.基于指纹分析的Web服务探测技术[J].计算机工程,2005,31(17):26-28. 被引量:5
  • 2ZoomEye.网络设备统计分析[EB/OL].(2015-12-31)[2015-12-31].https://WWW.zoomeye.org/statistic/device.
  • 3Gallagher S. Backdoor in wireless DSL routers lets attacker reset router, get admin [ EB/OLI. (2014-01-03) [ 2015-12- 31 ]. http : /'/' arstechnica, com/security/2014/O1/backdoor-in- wireless-dsl-routers-lets-attacker-reset-router-get-admin/.
  • 4Chirgwin R. Hacker backdoors Linksys, Netgear, Cisco and otheh routers [ EB/OL]. (2014-01-06) [2015-12-31 ]. http:// www. theregister, co. uk/2014/01/06/hacker_ backdoors_ linksys_netgear_cisco_and_other_routers/.
  • 5国家互联网应急中心.关于多款D-LINK路由器产品存在后门漏洞的情况通报[EB/OL].(2013-10-25)[2015-12-31].http://WWW.celt.org.cn/publish/main/9/2013/20131025152943288740930/20131025152943288740930_.html.
  • 6Singh D, Sinha R, Songara P, et al. Vulnerabilities and attacks targeting social networks and industrial control systems [J]. Eprint Arxiv, 2014, 4(1) :133-142.
  • 7Shah S. An introduction to HTTP fingerprinting [ EB/OL]. (2004-05-19) [ 2015-12-31 ]. http:// net-square. com/ httprint_paper, html.
  • 8Lee D, Rowe J, Ko C, et al. Detecting and defending against Web-server fingerprinting [ C ]//CSAC 2002 : 2002 Computer Security Applications Conference. United States: IEEE Computer Society, 2002 : 321-330.
  • 9Fyodor. Remote OS detection via TCP/IP stack fingerprinting [J]. Phrack Magazine, 1998, 17(3): 1-10.
  • 10马建平,罗笑南,陈渤,李峥.面向移动终端的三角网格逆细分压缩算法[J].软件学报,2009,20(9):2607-2615. 被引量:13

引证文献6

二级引证文献23

计算机工程
2015年 第7期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部