摘要
针对各种变形Web攻击难以检测的问题,分析SQL注入和跨站攻击特征的选择和提取的一般方法,利用人工挑选和数学统计概括出6个特征,将原始攻击载荷转换成固定维数的特征向量,标记特征选择和提取后的样本数据,进行支持向量机算法的训练和分类。借助机器学习工具Weka验证了该检测方案的可行性。
Web attack detection is a kind of dynamic Web security protection technology,but the intruder can use different coding schemes,mixed case,alternative statements and other skills,bypassing defense mechanism.For the particularity of web security and the shortage of the existing detection technology,we took SQL injection and cross site scripting attacks as an example.Firstly,the thesis studies the feature selection and extraction of SQL injection and cross site scripting attacks,and uses the artificial selection and mathematical statistical methods to covert the original payload into fixed dimension feature vector.Secondly,it marks the sample data after feature selection and extraction,and performs support vector machine training and classification.Finally,using the Weka,it verifies the feasibility and effectiveness of the approach.The experimental results show that features after selection and extraction can reflect the nature of the original data and this method has higher detection rate.
出处
《计算机科学》
CSCD
北大核心
2015年第S1期362-364,共3页
Computer Science
基金
国家计算机网络与信息管理中心242课题资助
关键词
SQL注入
跨站脚本
Web攻击检测
特征选择与提取
支持向量机
SQL injection,Cross site scripting,Web attack detection,Feature selection and extraction,Support vector machine