英语翻译AbstractWeb-based vulnerabilities represent a substantial portion of the security exposures of computer networks.In orderto detect known web-based attacks,misuse detection systems are equipped with a large number of signatures.Unfortunate
来源:学生作业帮助网 编辑:六六作业网 时间:2024/11/05 16:42:09
英语翻译AbstractWeb-based vulnerabilities represent a substantial portion of the security exposures of computer networks.In orderto detect known web-based attacks,misuse detection systems are equipped with a large number of signatures.Unfortunate
英语翻译
Abstract
Web-based vulnerabilities represent a substantial portion of the security exposures of computer networks.In order
to detect known web-based attacks,misuse detection systems are equipped with a large number of signatures.Unfortunately,
it is difficult to keep up with the daily disclosure of web-related vulnerabilities,and,in addition,vulnerabilities
may be introduced by installation-specific web-based applications.Therefore,misuse detection systems should be
complemented with anomaly detection systems.
This paper presents an intrusion detection system that uses a number of different anomaly detection techniques to
detect attacks against web servers and web-based applications.The system analyzes client queries that reference serverside
programs and creates models for a wide-range of different features of these queries.Examples of such features are
access patterns of server-side programs or values of individual parameters in their invocation.In particular,the use of
application-specific characterization of the invocation parameters allows the system to perform focused analysis and
produce a reduced number of false positives.
The system derives automatically the parameter profiles associated with web applications (e.g.,length and structure
of parameters) and relationships between queries (e.g.,access times and sequences) from the analyzed data.Therefore,it
can be deployed in very different application environments without having to perform time-consuming tuning and
configuration.
英语翻译AbstractWeb-based vulnerabilities represent a substantial portion of the security exposures of computer networks.In orderto detect known web-based attacks,misuse detection systems are equipped with a large number of signatures.Unfortunate
摘要
基于Web的漏洞占了很大一部分的安全漏洞的计算机网络.为了检测已知的基于网络的攻击,误用检测系统都配备了大量的签名.不幸地,很难跟上每日披露的网站相关的漏洞,此外,漏洞可介绍的安装特定的基于Web的应用.因此,误用检测系统应当 配合异常检测系统.
本文介绍了入侵检测系统,采用了一些不同的异常检测技术
侦测攻击网络服务器和基于Web的应用.该系统会分析客户查询,参考Serverside集团
计划和创建模式,范围广泛的不同特点,这些查询.例如,这些功能都
访问模式的服务器端程序或价值的个别参数的调用.特别是,利用
特定应用的表征援引参数允许系统进行重点分析和 生产数量减少的误报.
该系统会自动产生配置文件的参数与网络相关的应用程序(例如,长度和结构
参数)和查询之间的关系(例如,存取时间和顺序)从分析数据.因此,
可以部署在非常不同的应用环境,而不需要进行费时的调整和
配置.