Research on lightweight web intrusion active defense key technology and visual measurement model based on dynamic ip black list

In view of the existing passive detection and prevention methods and lack of commercial products are expensive and complex deployment problem of a simple and fast active defense technology of WEB dynamic real-time active defense, in order to solve the problem of attack and defense for WEB server. Fi...

Full description

Saved in:
Bibliographic Details
Published in:Journal of physics. Conference series 2021-03, Vol.1802 (4), p.42072
Main Authors: Zhao, Fan, Ni, Zhimin
Format: Article
Language:English
Subjects:
Algorithms
Data mining
Defense
False alarms
Intrusion
Mathematical models
Military technology
Physics
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:In view of the existing passive detection and prevention methods and lack of commercial products are expensive and complex deployment problem of a simple and fast active defense technology of WEB dynamic real-time active defense, in order to solve the problem of attack and defense for WEB server. Firstly, based on reverse proxy massive WAF logs, the mathematical model of user access behavior is established, and the behavior characteristics of malicious WEB attacks are studied through data mining analysis. Then, a threat factor algorithm and a dynamic IP blacklist generation algorithm are designed based on these features and a custom rule base. Finally, based on visual measurement model, D3 WEB visualization technology is used to monitor and measure WEB intrusion. The technology reduces the false alarm and false positive rate of active defense, improves the defense effect and execution efficiency, and ensures the quality of normal network communication.
ISSN:1742-6588
1742-6596
DOI:10.1088/1742-6596/1802/4/042072