摘要
随着攻击Web应用程序工具的增多,Web服务面临众多安全威胁.目前检测Web攻击的方法主要是规则匹配,难以高效识别Web攻击流量.提出一种基于卷积神经网络的Web攻击检测方法,将Web请求流量转换为灰度图,即流量图像.针对传统卷积神经网络只能处理固定大小输入的局限,搭建基于空间金字塔池化的卷积神经网络,使之适于处理大小不同的Web流量,并从众多Web流量中识别出攻击流量.实验表明,该方法比规则匹配的方式及传统的卷积神经网络在识别Web攻击流量时更加高效准确.
With the increase in attacks on web application tools,web services face numerous security threats. At present,the method of detecting Web attacks is mainly rule matching,and it is difficult to efficiently identify Web attack traffic. A Web attack detection method based on convolutional neural network is proposed. The Web request traffic is converted into a gray-scale image,that is,a traffic image. For the traditional convolutional neural network can only deal with the limitations of fixed-size input,build a convolutional neural network based on space pyramid pooling,fully handle web traffic of different sizes,and identify attack traffic from numerous web traffic. Experiments showthat the method is more efficient and accurate than the rule matching method and the traditional convolutional neural network in identifying Web attack traffic.
作者
田俊峰
石伟
TIAN Jun-feng;SHI Wei(College of Computer Science and Technology,Hebei University,Baoding 071000,China;Key Laboratory on High Trusted Information System in Hebei Province,Baoding 071000,China)
出处
《小型微型计算机系统》
CSCD
北大核心
2019年第3期584-588,共5页
Journal of Chinese Computer Systems
基金
国家自然科学基金项目(61170254
60873203)资助
河北省自然科学基金重点项目(F6201244)资助
