Web Intrusion Detection Technology Research

With the rapid development of network, Web server in the network is everywhere. All kinds of Web sites bring great convenience to our daily life, and people are more and more dependent on Internet for shopping or paying all kinds of daily consumption. However, with remote access to the Web.server and configuration errors occurring frequently, as well as the lots of loopholes from all kinds of Web server software and Web service programs, the Web server has become a popular hacker-attack target. Web attack is always hidden, so it is urgent for us to study an efficient Web intrusion detection system which is the important guarantee of Web security.The current Web intrusion detection systems are mainly contained intrusion detection based on log and attack detection based on network packets. However, the higher the Web traffic is, the bigger the log files network traffic generated by the Web server is. As the log information is not completed, the demand on the system resources is higher when testing on a large number of network packets, thus the existing system cannot be efficient and accurate for Web intrusion detection, which causes serious misstatement and omission. In order to improve the detection efficiency, as well as to increase the alarm accuracy, this paper proposes an improved Web intrusion detection model. The model deals with records processed on the Web server by using Hadoop technology, and tests the users’behavior, by optimizing the model structure, optimizing matching algorithm, and optimizing the intrusion detection based on network packet by the use of server cluster, fusion of the alarm to improve the alarm accuracy.Based on the study of the improved Web intrusion detection model, the design has realized the Web intrusion detection system. It illustrates the system framework, business process and the design of the core modules in details. According to the design scheme above, this paper finally realizes Web intrusion detection system, and build a test environment, as well as the core module of the system and the function of the whole system are tested. Through the testing experiment, the system completes the function of the design, verifies the validity and practicability of the design.