HTTP-flooding attack disables the victimized web server by sending a large number of HTTP Get requests.Recent research tends to detect HTTP-flooding with the anomaly-based approaches,which detect the HTTP-flooding by ...HTTP-flooding attack disables the victimized web server by sending a large number of HTTP Get requests.Recent research tends to detect HTTP-flooding with the anomaly-based approaches,which detect the HTTP-flooding by modeling the behavior of normal web surfers.However,most of the existing anomaly-based detection approaches usually cannot filter the web-crawling traces from unknown searching bots mixed in normal web browsing logs.These web-crawling traces can bias the base-line profile of anomaly-based schemes in their training phase,and further degrade their detection performance.This paper proposes a novel web-crawling tracestolerated method to build baseline profile,and designs a new anomaly-based HTTP-flooding detection scheme(abbr.HTTP-sCAN).The simulation results show that HTTP-sCAN is immune to the interferences of unknown webcrawling traces,and can detect all HTTPflooding attacks.展开更多
In this paper, we conduct research on the essential network equipment risk assessment method based on vulnerability scanning technology. A growing number of hackers wanton invasion of the computer, through the network...In this paper, we conduct research on the essential network equipment risk assessment method based on vulnerability scanning technology. A growing number of hackers wanton invasion of the computer, through the network to steal important information, or destroy the network, the paralyzed which caused huge losses to the state and society. Find a known vulnerability rather than to find the unknown vulnerabilities much easier, which means that most of the attacker' s use is common vulnerabilities. Therefore, we adopt the advantages of the technique to finalize the methodology for the essential network equipment risk assessment which will be meaningful.展开更多
基金supported by National Key Basic Research Program of China(973 program)under Grant No.2012CB315905National Natural Science Foundation of China under grants 61172048,61100184,60932005 and 61201128the Fundamental Research Funds for the Central Universities under Grant No ZYGX2011J007
文摘HTTP-flooding attack disables the victimized web server by sending a large number of HTTP Get requests.Recent research tends to detect HTTP-flooding with the anomaly-based approaches,which detect the HTTP-flooding by modeling the behavior of normal web surfers.However,most of the existing anomaly-based detection approaches usually cannot filter the web-crawling traces from unknown searching bots mixed in normal web browsing logs.These web-crawling traces can bias the base-line profile of anomaly-based schemes in their training phase,and further degrade their detection performance.This paper proposes a novel web-crawling tracestolerated method to build baseline profile,and designs a new anomaly-based HTTP-flooding detection scheme(abbr.HTTP-sCAN).The simulation results show that HTTP-sCAN is immune to the interferences of unknown webcrawling traces,and can detect all HTTPflooding attacks.
文摘In this paper, we conduct research on the essential network equipment risk assessment method based on vulnerability scanning technology. A growing number of hackers wanton invasion of the computer, through the network to steal important information, or destroy the network, the paralyzed which caused huge losses to the state and society. Find a known vulnerability rather than to find the unknown vulnerabilities much easier, which means that most of the attacker' s use is common vulnerabilities. Therefore, we adopt the advantages of the technique to finalize the methodology for the essential network equipment risk assessment which will be meaningful.
