HTTP洪水攻击在消耗网站服务器资源的同时威胁到信息安全.提出一种抵御方法,通过URL重写使Web日志记录客户端的Cookield和Sessionld,用于识别请求者;定时分析Web日态,根据请求时间特征来识别傀儡主机;用自定义HTTP模块对请求进行预处理,拦截傀儡主机的请求.该方法成本低、便于实施,实践证明了其有效性.%HTTP floods not only consume web server resources but also threaten its information security. Hie paper proposes a resistance method:rewriting URL to record clients' Coolcield and Sesaionld in Web logs to identify askers; regularly analyzing Web logs to identify puppet hosts by request time characteristics; and pre-processing requests by user-defined HTTP module to keep out requests from puppet hosts- Being cheap and easy to implement, the method is validated by practice.
展开▼