CN108491717A - A kind of xss systems of defense and its implementation based on machine learning - Google Patents
A kind of xss systems of defense and its implementation based on machine learning Download PDFInfo
- Publication number
- CN108491717A CN108491717A CN201810265464.3A CN201810265464A CN108491717A CN 108491717 A CN108491717 A CN 108491717A CN 201810265464 A CN201810265464 A CN 201810265464A CN 108491717 A CN108491717 A CN 108491717A
- Authority
- CN
- China
- Prior art keywords
- module
- characteristic value
- xss
- machine learning
- value information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/52—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
- G06F21/54—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by adding security routines or objects to programs
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1466—Active attacks involving interception, injection, modification, spoofing of data unit addresses, e.g. hijacking, packet injection or TCP sequence number attacks
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Signal Processing (AREA)
- Computer Networks & Wireless Communication (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Computing Systems (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
- Computer And Data Communications (AREA)
Abstract
The invention discloses a kind of xss systems of defense and its implementation based on machine learning include packet capture module, machine training module, characteristics extraction module, characteristic value matching module, machine learning module, characteristic value processing module, the logger module being sequentially connected in the system.In the xss systems of defense based on machine learning of the present invention, to having been carried out the monitoring of xss attacks by Defensive Target and having carried out machine learning to strange xss attack codes characteristic value, beyond the clouds in xss attack defendings, it can quickly and automatically collect newest xss characteristic values, the artificial collection for carrying out social engineering information is eliminated, the high efficiency and agility of xss defence are realized.
Description
Technical field
The present invention relates to computer software information technology field, more particularly to a kind of xss defence system based on machine learning
System and its implementation.
Background technology
In recent years, as network and computer software are rapidly progressed, therewith exposure about information security
Problem is also more and more, correspondingly, people also have network security more concerns and attention, safety test than in the past
Gradually become more it is important.
And in recent years, web is using the chief threat that caused network attack is in web server, wherein xss attacks
As one of common web attacks and most important threat, therefore, xss attacks are natural to be become in safety test
Essential detection.
Safety test personnel mainly attack by inputting xss attack codes pair websites, and the net is verified with this
It stands and whether data input by user is filtered, if not filtering either filtering failure, attack code can be written
Into webpage or database, when other users browse the website, this section of attack code can be executed automatically, to reach
The purpose of attack.
And present xss defence depends on xss filtering rules library, xss defence successfully just also depends on xss mistakes
Filter the content inside rule base.And present xss rule bases the inside only contains some spcial characters or some are common
Simple xss attack codes, without learning and updating the function in xss filtering rules library automatically so that attacker can be with other more
Add flexible and changeable mode to bypass the filtering of server end, the script of attacker's customization finally executed in the browser of user,
Achieve the purpose that attack user.This causes to have some limitations in the strobe utility that xss is defendd, while giving safety test people
Member also brings certain limitation.
Invention content
It is insufficient in above-mentioned background technology the purpose of the present invention is overcoming, a kind of xss defence system based on machine learning is provided
System and its implementation, in the inventive solutions can by machine training and study, come realize more efficiently, safety,
Comprehensive xss defence.
In order to reach above-mentioned technique effect, the present invention takes following technical scheme:
A kind of xss systems of defense based on machine learning are communicated to connect with operation system to be measured, described to be based on machine learning
Xss systems of defense include at least a high in the clouds, include packet capture module, machine training module, feature in the high in the clouds
It is worth extraction module, characteristic value matching module, machine learning module, characteristic value processing module, logger module;Wherein,
The packet capture module is connected with machine training module, and for the front end message of operation system to be measured into
Row is monitored and capture, and the request message information captured is transferred to machine training module;
The machine training module is connected with characteristics extraction module, and the net of the request message information for judging to receive
Whether network data packet is abnormal, and the network packet is transmitted to characteristics extraction module when judging result is abnormal;
The characteristics extraction module is connected with characteristic value matching module, and for dividing the network packet received
The characteristic value information for analysing and extracting the inside, is then transmitted to characteristic value matching module by the characteristic value information extracted;
The characteristic value matching module is connected with machine learning module, and xss feature databases are equipped in characteristic value matching module, special
Value indicative matching module then should for matching the characteristic value information received with xss feature databases, and when matching unsuccessful
Characteristic value information is transferred to machine learning module;
The machine learning module is connected with characteristic value processing module, and for updating simultaneously the characteristic value information received
It stores in xss feature databases, and updated xss feature databases is transferred to characteristic value processing module;
The characteristic value processing module is connected with logger module, and for according to the spy in the xss feature databases received
Value indicative filters out the characteristic value for flowing to operation system to be measured, and the characteristic value information that will filter out is transferred to logger module;
The logger module is recorded for receiving the characteristic value information that characteristic value processing module passes over
Xss attack defending situations.
Further, the machine training module contains a large amount of normal request sample and xss attack samples, in the mould
In block, simulated training can be carried out to machine by machine learning algorithm, machine remembers normal request sentence network packet
Pattern can carry out determining whether xss attack codes to the network packet received.
Further, the characteristic value information of the characteristics extraction module extraction, which includes at least, can result in xss attacks
Spcial character and special sentence.
Further, the xss feature databases in the characteristic value matching module are based on to the xss attack samples under various scenes
This library is arranged and is classified.
Further, the high in the clouds is installed or is integrated in operation system to be measured in the form of code plug-in.
Further, the operation system to be measured includes website, server, terminal device or application software.
Meanwhile the implementation method of the invention also discloses above-mentioned xss systems of defense based on machine learning, include specifically
Following steps:
S1. packet capture module is monitored and is captured to the front end message of operation system to be measured, and will be captured
Request message information is transferred to machine training module;
S2. machine training module judges whether the network packet of the request message information received is abnormal, and is being judged as
The network packet is transmitted to characteristics extraction module when abnormal, is otherwise operated without other;
S3. characteristics extraction module analyzes the network packet received and extracts the characteristic value information of the inside, so
The characteristic value information extracted is transmitted to characteristic value matching module afterwards;
S4. characteristic value matching module by the characteristic value information passed in its xss feature database and characteristic extracting module into
Row matching, if this feature value information is transferred to machine learning by the characteristic value information passed over not inside xss feature databases
Otherwise module is operated without other;
S5. machine learning module updates the characteristic value information received to xss feature databases, and stores and arrive xss feature databases
In, and updated xss feature databases are transferred to characteristic value processing module;
S6. characteristic value processing module filters out the feature for flowing to server according to the characteristic value in the xss feature databases received
Value, and the characteristic value information that will filter out is transferred to logger module;
S7. logger module receives the characteristic value information that characteristic value processing module passes over, and records xss attacks
Defend situation.
Compared with prior art, the present invention having advantageous effect below:
The xss systems of defense based on machine learning of the present invention attack normal statement and xss using machine learning algorithm
Sentence is trained, and can more efficiently be identified and be predicted that xss is attacked, and can automatically extract xss characteristic values, from
And help safe operation personnel's automatic data collection library method for implanting;
Meanwhile by machine learning, characteristic value can be automatically updated and generate updated xss feature databases, it will each time
Xss attack defending situations are recorded in journal file, are eliminated the artificial collection for carrying out xss attack information, are improved work effect
Rate makes xss attack defendings more efficiently, accurately.
Description of the drawings
Fig. 1 is the schematic diagram of the xss systems of defense based on machine learning of the present invention.
Specific implementation mode
With reference to the embodiment of the present invention, the invention will be further elaborated.
Embodiment:
Embodiment one:
As shown in Figure 1, a kind of xss systems of defense based on machine learning, communicate to connect with operation system to be measured,
In, it is somebody's turn to do the xss systems of defense based on machine learning and contains several high in the clouds, the high in the clouds contains packet capture module, machine
Device training module, characteristics extraction module, characteristic value matching module, machine learning module, characteristic value processing module, log recording
Module.
Specifically, packet capture module is used to that the front end message of operation system to be measured to be monitored and be captured, and will
The request message information captured is transferred to machine training module.
Machine training module contains a large amount of normal request sample and xss attack samples pass through machine in the module
Learning algorithm carries out simulated training to machine, and machine remembers the pattern of normal request sentence network packet.When machine is trained
After module receives the information that packet capture module passes over, it can determine whether the network packet is abnormal, i.e., whether is
Xss attack codes, if the network packet is then transmitted to characteristics extraction module, otherwise not as.
Value indicative extraction module carries out network packet for receiving the network packet that machine training module passes over
The characteristic value information for analyzing and extracting the inside, is then transmitted to characteristic value matching module by the characteristic value information extracted.Wherein,
The characteristic value information has included at least the spcial character and special sentence that can result in xss attacks.
Characteristic value matching module is arranged and is classified to the xss attacks sample database under various scenes, and establishes phase
The xss feature databases answered will the xss feature databases that set up and the feature passed in characteristic extracting module in the module
Value information is matched, if this feature value information is transferred to by the characteristic value information passed over not inside xss feature databases
Machine learning module, otherwise not as.
Machine learning module for receiving the characteristic value information that characteristic value matching module passes over, by machine learning and
The characteristic value information received is updated to xss feature databases, and stored into xss feature databases by training automatically, and will be updated
Xss feature databases are transferred to characteristic value processing module.
Characteristic value processing module is for receiving the xss property data bases that machine study module passes over, according to the inside
Characteristic value filters out the characteristic value for flowing to server, to ensure the safety of user browser or server, and the spy that will filter out
Value indicative information is transferred to logger module.
Logger module is recorded xss and is attacked for receiving the characteristic value information that characteristic value processing module passes over
Hit defence situation.
The implementation method of the above-mentioned xss systems of defense based on machine learning is specially:
A, the high in the clouds is integrated in the form of code plug-in in object to be measured, and the packet capture module in high in the clouds is to treat
The request message surveyed in target is monitored, is captured.Wherein, object to be measured included at least website, server, terminal device or
Person's application software.
B, after the machine training module in high in the clouds is by training, judge whether the data packet that packet capture module captures is different
Often, i.e., whether belong to xss attacks, if belonging to, message information is transferred to characteristics extraction module and enters step C;
If be not belonging to, not as;
C, the characteristic value in the message information that the condition code extraction module extraction in high in the clouds receives, and the characteristic value that will be extracted
Information is transferred to condition code matching module and enters step D, and characteristic value information therein, which has included at least, can result in xss attacks
Spcial character and special sentence;
D, the characteristic value matching module in high in the clouds is arranged and is classified by attacking sample database to the xss under various scenes,
Xss feature databases are established, and the characteristic value information passed in step C is matched with xss feature databases, if characteristic value
Information in xss feature databases, then not as;If not existing, this feature value information is transferred to machine learning module and enters step
Rapid E;
E, after the machine learning module in high in the clouds is by training and study, characteristic value information is updated to xss feature databases automatically,
And store into xss feature databases, updated xss feature databases are then transferred to characteristic value processing module and enter step F;
F, the characteristic value processing module in high in the clouds is mainly according to the xss feature database information passed over from step E, to filter out
The characteristic value for flowing to server, the characteristic value information that then will filter out are transferred to logger module and enter step G;
G, after the logger module in high in the clouds receives the characteristic value information that step F is passed over, it is anti-that xss attacks are recorded
Imperial situation.
Therefore, in the xss systems of defense based on machine learning of the present invention, to having carried out xss attacks by Defensive Target
Monitoring and machine learning has been carried out to strange xss attack codes characteristic value, beyond the clouds in xss attack defendings, can quickly and
Newest xss characteristic values are automatically collected, the artificial collection for carrying out social engineering information is eliminated, realize xss defence
High efficiency and agility.
It is understood that the principle that embodiment of above is intended to be merely illustrative of the present and the exemplary implementation that uses
Mode, however the present invention is not limited thereto.For those skilled in the art, in the essence for not departing from the present invention
In the case of refreshing and essence, various changes and modifications can be made therein, these variations and modifications are also considered as protection scope of the present invention.
Claims (7)
1. a kind of xss systems of defense based on machine learning communicate to connect, which is characterized in that the base with operation system to be measured
A high in the clouds is included at least in the xss systems of defense of machine learning, is trained comprising packet capture module, machine in the high in the clouds
Module, characteristics extraction module, characteristic value matching module, machine learning module, characteristic value processing module, logger module;
Wherein,
The packet capture module is connected with machine training module, and for being supervised to the front end message of operation system to be measured
It listens and captures, and the request message information captured is transferred to machine training module;
The machine training module is connected with characteristics extraction module, and the network number of the request message information for judging to receive
It is whether abnormal according to packet, and the network packet is transmitted to characteristics extraction module when judging result is abnormal;
The characteristics extraction module is connected with characteristic value matching module, and for being analyzed simultaneously the network packet received
The characteristic value information for extracting the inside, is then transmitted to characteristic value matching module by the characteristic value information extracted;
The characteristic value matching module is connected with machine learning module, and xss feature databases, characteristic value are equipped in characteristic value matching module
Matching module is used to match the characteristic value information received with xss feature databases, and when matching unsuccessful, then by this feature
Value information is transferred to machine learning module;
The machine learning module is connected with characteristic value processing module, and for updating and storing the characteristic value information received
It is transferred to characteristic value processing module into xss feature databases, and by updated xss feature databases;
The characteristic value processing module is connected with logger module, and for according to the characteristic value in the xss feature databases received
The characteristic value for flowing to operation system to be measured is filtered out, and the characteristic value information that will filter out is transferred to logger module;
The logger module is recorded xss and is attacked for receiving the characteristic value information that characteristic value processing module passes over
Hit defence situation.
2. a kind of xss systems of defense based on machine learning according to claim 1, which is characterized in that the machine instruction
Practice module and contains a large amount of normal request sample and xss attack samples.
3. a kind of xss systems of defense based on machine learning according to claim 1, which is characterized in that the characteristic value
The characteristic value information of extraction module extraction includes at least the spcial character and special sentence that can result in xss attacks.
4. a kind of xss systems of defense based on machine learning according to claim 1, which is characterized in that the characteristic value
Xss feature databases in matching module are based on the xss attacks sample database under various scenes is arranged and classified.
5. a kind of xss systems of defense based on machine learning according to claim 1, which is characterized in that the high in the clouds with
The form of code plug-in is installed or is integrated in operation system to be measured.
6. a kind of xss systems of defense based on machine learning according to claim 5, which is characterized in that the industry to be measured
Business system includes website, server, terminal device or application software.
7. the implementation method of any xss systems of defense based on machine learning in claim 1 to 6, which is characterized in that
Specifically comprise the steps of:
S1. the request that packet capture module is monitored and captured, and will captured to the front end message of operation system to be measured
Message information is transferred to machine training module;
S2. machine training module judges whether the network packet of the request message information received is abnormal, and is being judged as exception
When the network packet is transmitted to characteristics extraction module, otherwise operated without other;
S3. characteristics extraction module analyzes the network packet received and extracts the characteristic value information of the inside, then will
The characteristic value information extracted is transmitted to characteristic value matching module;
S4. the characteristic value information progress that characteristic value matching module will pass in its xss feature database and characteristic extracting module
Match, if this feature value information is transferred to machine learning mould by the characteristic value information passed over not inside xss feature databases
Otherwise block is operated without other;
S5. machine learning module updates the characteristic value information received to xss feature databases, and stores into xss feature databases, and
Updated xss feature databases are transferred to characteristic value processing module;
S6. characteristic value processing module filters out the characteristic value for flowing to server according to the characteristic value in the xss feature databases received, and
The characteristic value information that will filter out is transferred to logger module;
S7. logger module receives the characteristic value information that characteristic value processing module passes over, and records xss attack defendings
Situation.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810265464.3A CN108491717A (en) | 2018-03-28 | 2018-03-28 | A kind of xss systems of defense and its implementation based on machine learning |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810265464.3A CN108491717A (en) | 2018-03-28 | 2018-03-28 | A kind of xss systems of defense and its implementation based on machine learning |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN108491717A true CN108491717A (en) | 2018-09-04 |
Family
ID=63316619
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201810265464.3A Pending CN108491717A (en) | 2018-03-28 | 2018-03-28 | A kind of xss systems of defense and its implementation based on machine learning |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN108491717A (en) |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109257393A (en) * | 2018-12-05 | 2019-01-22 | 四川长虹电器股份有限公司 | XSS attack defence method and device based on machine learning |
| CN109600370A (en) * | 2018-12-08 | 2019-04-09 | 公安部第三研究所 | A kind of terminal web guard system and method |
| CN109951484A (en) * | 2019-03-20 | 2019-06-28 | 四川长虹电器股份有限公司 | The test method and system attacked for machine learning product |
| CN110119621A (en) * | 2019-05-05 | 2019-08-13 | 网御安全技术(深圳)有限公司 | Attack defense method, system and the defence installation that pathological system calls |
| CN111797407A (en) * | 2020-09-08 | 2020-10-20 | 江苏开博科技有限公司 | XSS vulnerability detection method based on deep learning model optimization |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104601540A (en) * | 2014-12-05 | 2015-05-06 | 华为技术有限公司 | Cross-site scripting (XSS) attack defense method and Web server |
| CN105208037A (en) * | 2015-10-10 | 2015-12-30 | 中国人民解放军信息工程大学 | DoS/DDoS attack detecting and filtering method based on light-weight intrusion detection |
| CN107122658A (en) * | 2017-05-08 | 2017-09-01 | 四川长虹电器股份有限公司 | Database system of defense and method with autolearn feature |
| CN107294993A (en) * | 2017-07-05 | 2017-10-24 | 重庆邮电大学 | A kind of WEB abnormal flow monitoring methods based on integrated study |
-
2018
- 2018-03-28 CN CN201810265464.3A patent/CN108491717A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104601540A (en) * | 2014-12-05 | 2015-05-06 | 华为技术有限公司 | Cross-site scripting (XSS) attack defense method and Web server |
| CN105208037A (en) * | 2015-10-10 | 2015-12-30 | 中国人民解放军信息工程大学 | DoS/DDoS attack detecting and filtering method based on light-weight intrusion detection |
| CN107122658A (en) * | 2017-05-08 | 2017-09-01 | 四川长虹电器股份有限公司 | Database system of defense and method with autolearn feature |
| CN107294993A (en) * | 2017-07-05 | 2017-10-24 | 重庆邮电大学 | A kind of WEB abnormal flow monitoring methods based on integrated study |
Non-Patent Citations (3)
| Title |
|---|
| VISHNU.B.A: "Prediction of Cross-Site Scripting Attack Using Machine Learning Algorithms", 《ICONIAAC》 * |
| 孙伟 等: "XSS漏洞研究综述", 《信息安全研究》 * |
| 张海燕 等: "基于决策树分类的跨站脚本攻击检测方法", 《微型机与应用》 * |
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109257393A (en) * | 2018-12-05 | 2019-01-22 | 四川长虹电器股份有限公司 | XSS attack defence method and device based on machine learning |
| CN109600370A (en) * | 2018-12-08 | 2019-04-09 | 公安部第三研究所 | A kind of terminal web guard system and method |
| CN109951484A (en) * | 2019-03-20 | 2019-06-28 | 四川长虹电器股份有限公司 | The test method and system attacked for machine learning product |
| CN110119621A (en) * | 2019-05-05 | 2019-08-13 | 网御安全技术(深圳)有限公司 | Attack defense method, system and the defence installation that pathological system calls |
| CN110119621B (en) * | 2019-05-05 | 2020-08-21 | 网御安全技术(深圳)有限公司 | Attack defense method, system and defense device for abnormal system call |
| CN111797407A (en) * | 2020-09-08 | 2020-10-20 | 江苏开博科技有限公司 | XSS vulnerability detection method based on deep learning model optimization |
| CN111797407B (en) * | 2020-09-08 | 2021-05-07 | 江苏开博科技有限公司 | XSS vulnerability detection method based on deep learning model optimization |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN108491717A (en) | A kind of xss systems of defense and its implementation based on machine learning | |
| CN105208000B (en) | The method and Network Security Device of network analysis attack backtracking | |
| CN112114995B (en) | Terminal abnormality analysis method, device, equipment and storage medium based on process | |
| CN103559235B (en) | A kind of online social networks malicious web pages detection recognition methods | |
| CN104899508B (en) | A kind of multistage detection method for phishing site and system | |
| CN107154950A (en) | A kind of method and system of log stream abnormality detection | |
| CN111428231A (en) | Safety processing method, device and equipment based on user behaviors | |
| CN109005145A (en) | A kind of malice URL detection system and its method extracted based on automated characterization | |
| CN112565270B (en) | HTTP session abnormity detection method and detection system | |
| CN104601556A (en) | Attack detection method and system for WEB | |
| CN103780614B (en) | A kind of SQL injection loophole method for digging based on simulated strike extension | |
| CN109922065B (en) | Quick identification method for malicious website | |
| CN107016298B (en) | Webpage tampering monitoring method and device | |
| CN110460611B (en) | Machine learning-based full-flow attack detection technology | |
| CN109257393A (en) | XSS attack defence method and device based on machine learning | |
| CN103106365A (en) | Detection method for malicious application software on mobile terminal | |
| CN105516128A (en) | Detecting method and device of Web attack | |
| CN104378361A (en) | Network intrusion detection method and system | |
| CN105959316A (en) | Network security authentication system | |
| CN115150182B (en) | Information system network attack detection method based on flow analysis | |
| CN104933364A (en) | Automatic malicious code homology judgment method and system based on calling behaviors | |
| CN112787984B (en) | Vehicle-mounted network anomaly detection method and system based on correlation analysis | |
| CN108683649A (en) | A kind of malice domain name detection method based on text feature | |
| CN110598397A (en) | Deep learning-based Unix system user malicious operation detection method | |
| CN117992953A (en) | Abnormal user behavior identification method based on operation behavior tracking |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20180904 |
|
| RJ01 | Rejection of invention patent application after publication |