PROFILE-BASED WEB APPLICATION INTRUSION DETECTION SYSTEM AND THE METHOD

摘要

A kind of system and method, block web hacker is provided into the web application based on a profile for detecting invasion, it is broken by network service opening to outside, it is not solved by common firewall and an IDS (Intrusion Detection System) together, inconvenient is removed, a source is corrected in every new attack technology based on the Intrusion Detection Technique of summary by providing one. One data collector (100) collects a parameter and user input values, is transferred to and obtains and the web application in column mode one. By using a kind of predetermined format, one data processing/constriction (200) process and contract data are collected to enter by data collector and need to detect the data invaded. One analysis/intrusion detection part (300) is analyzed and detects the attack of the data filtering in data processing/constriction. One report/administrative section (800) stores an alarm and a relevant audit record, interference (such as packet congestion) is taken, if attack is determined in analysis/intrusion detection part.