| 基于DFA的HTTP会话学习模型 |
| |
| 引用本文: | 申茜,马进.基于DFA的HTTP会话学习模型[J].信息安全与通信保密,2010(4):87-89. |
| |
| 作者姓名: | 申茜 马进 |
| |
| 作者单位: | 上海市信息安全综合管理技术研究重点实验室,上海,200240 |
| |
| 基金项目: | 国家自然科学基金资助项目,国家高技术研究发展计划(863)资助项目 |
| |
| 摘 要: | 由于Web应用涉及范围广,结构复杂多变等特点,对其采用的入侵检测面临着严峻的考验。具有学习功能的入侵检测有着广阔的研究前景。提出一种异常检测方法,从HTTP连接中提取HTTP会话,按照RFC标准描述HTTP请求,以此构建基于DFA的HTTP会话学习模型。并针对HTTP请求数量庞大的特点,提出模型简化的算法。该模型能够实现自动更新,有助于解决入侵检测保护Web应用时遇到的问题。
|
| 关 键 词: | 超文本传输协议 会话 确定性有限自动机 异常检测 |
A HTTP Session Learning Model based on DFA |
| |
| SHEN Qian,MA Jin.A HTTP Session Learning Model based on DFA[J].China Information Security,2010(4):87-89. |
| |
| Authors: | SHEN Qian MA Jin |
| |
| Affiliation: | SHEN Qian,MA Jin (Shanghai Key Laboratory of Integrate Administration Technologies for Information Security,Shanghai 200240,China) |
| |
| Abstract: | The protection of Web server-based applications by using intrusion detection, for their large, complex structure are faced with severe test. Intrusion detection with learning function has the potential to improve the state of affair. This paper describes how HTTP sessions are extracted from HTTP connections, and how DFA is introduced to build a model for HTTP sessions according to HTTP requests in RFC format. For the large size of HTTP requests, a algorithm for model simplification is proposed. The model ma... |
| |
| Keywords: | HTTP session DFA anomaly detection |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
