UC知道急,计算机SCI论文翻译
来源:百度知道 编辑:UC知道 时间:2024/06/17 16:58:56
Abstract
Web-based vulnerabilities represent a substantial portion of the security exposures of computer networks. In order
to detect known web-based attacks, misuse detection systems are equipped with a large number of signatures. Unfortunately,
it is difficult to keep up with the daily disclosure of web-related vulnerabilities, and, in addition, vulnerabilities
may be introduced by installation-specific web-based applications. Therefore, misuse detection systems should be
complemented with anomaly detection systems.
This paper presents an intrusion detection system that uses a number of different anomaly detection techniques to
detect attacks against web servers and web-based applications. The system analyzes client queries that reference serverside
programs and creates models for a wide-range of different features of these queries. Examples of such features are
access patterns of server-side programs or values of in
Web-based vulnerabilities represent a substantial portion of the security exposures of computer networks. In order
to detect known web-based attacks, misuse detection systems are equipped with a large number of signatures. Unfortunately,
it is difficult to keep up with the daily disclosure of web-related vulnerabilities, and, in addition, vulnerabilities
may be introduced by installation-specific web-based applications. Therefore, misuse detection systems should be
complemented with anomaly detection systems.
This paper presents an intrusion detection system that uses a number of different anomaly detection techniques to
detect attacks against web servers and web-based applications. The system analyzes client queries that reference serverside
programs and creates models for a wide-range of different features of these queries. Examples of such features are
access patterns of server-side programs or values of in
摘要
基于Web的漏洞占了很大一部分的安全漏洞的计算机网络。为了检测已知的基于网络的攻击,误用检测系统都配备了大量的签名。不幸地,很难跟上每日披露的网站相关的漏洞,此外,漏洞可介绍的安装特定的基于Web的应用。因此,误用检测系统应当 配合异常检测系统。
本文介绍了入侵检测系统,采用了一些不同的异常检测技术
侦测攻击网络服务器和基于Web的应用。该系统会分析客户查询,参考Serverside集团
计划和创建模式,范围广泛的不同特点,这些查询。例如,这些功能都
访问模式的服务器端程序或价值的个别参数的调用。特别是,利用
特定应用的表征援引参数允许系统进行重点分析和 生产数量减少的误报。
该系统会自动产生配置文件的参数与网络相关的应用程序(例如,长度和结构
参数)和查询之间的关系(例如,存取时间和顺序)从分析数据。因此,
可以部署在非常不同的应用环境,而不需要进行费时的调整和
配置。