首页>
外国专利>
Method for Web Server Attack Detection Based on Behavior Probability
Method for Web Server Attack Detection Based on Behavior Probability
展开▼
机译:基于行为概率的Web服务器攻击检测方法
展开▼
页面导航
摘要
著录项
相似文献
摘要
According to the present invention, a method for detecting whether a web server is attacked is performed by an abnormality detecting device in an environment including a client terminal, a web server, and the abnormality detecting device. According to the present invention, the method for detecting whether a web server is attacked comprises: a first step of extracting standardized metadata from web access information based on an HTTP request received from a client terminal; a second step of generating a first behavior identifier including the current method and a web resource path based on the extracted metadata; a third step of generating a second behavior identifier including the previous method and the web resource path based on the metadata of the previous HTTP request; a fourth step of calculating a reference occurrence probability based on a ratio of the first behavior identifier and the second behavior identifier; and a fifth step of determining whether the web server is attacked based on the reference occurrence probability calculated in the fourth step.
展开▼