| As the Web application is more and more widespread,when the Web program is attacked,it will cause serious data leakage and property loss.The main security threats to Web programs include XSS scripting attack and SQL injection attack.Traditional intrusion detection based on Web log has high requirements on administrators and low efficiency.In this paper,for a variety of SQL injection and XSS attack methods,the attack feature vector knowledge base is generated,and combined with the pattern matching algorithm,an automatic intrusion detection system based on Web log is constructed.The main features are:(1)through the analysis of various known SQL injection and XSS script attack characteristics,the attack feature vectors are extracted,and an effective attack feature vector knowledge base is established.(2)analyze and select a relatively efficient pattern matching algorithm,optimize and implement the time performance of the algorithm,and then compare the time performance with other pattern matching algorithms to show that the pattern matching algorithm has better time performance,which indicates that the intrusion detection system designed in this paper has certain reliability.(3)the constructed attack knowledge base is matched with the pattern matching algorithm and the detection rate and false alarm rate of the intrusion detection designed in this paper are analyzed to demonstrate the effectiveness of the intrusion detection system.(4)based on the efficient pattern matching algorithm,an efficient intrusion detection system software is designed.This system has the functions of simple log query,increasing and improving the attack knowledge base,and intrusion detection. |
PDF Full Text Request