计算机与通信技术 |
|
|
|
|
多特征关联的注入型威胁检测方法 |
贾文超, 胡荣贵, 施凡, 许成喜 |
解放军电子工程学院, 安徽 合肥 230037 |
|
Injection vulnerability threat detection method with multi-feature correlation |
JIA Wen-chao, HU Rong-gui, SHI Fan, XU Cheng-xi |
Electronic Engineering Institute of PLA, Hefei 230037, China |
引用本文:
贾文超, 胡荣贵, 施凡, 许成喜. 多特征关联的注入型威胁检测方法[J]. 浙江大学学报(工学版), 2018, 52(3): 524-530.
JIA Wen-chao, HU Rong-gui, SHI Fan, XU Cheng-xi. Injection vulnerability threat detection method with multi-feature correlation. JOURNAL OF ZHEJIANG UNIVERSITY (ENGINEERING SCIENCE), 2018, 52(3): 524-530.
链接本文:
http://www.zjujournals.com/eng/CN/10.3785/j.issn.1008-973X.2018.03.014
或
http://www.zjujournals.com/eng/CN/Y2018/V52/I3/524
|
[1] 王培凤,李莉. 一种改进的多模式匹配算法在Snort中的应用[J]. 计算机科学,2012,02:72-79. WANG Pei-feng, LI Li. Application of an Improved multi-pattern matching algorithm in Snort[J]. Computer Science,2012,02:72-79.
[2] CHANDOLA V, BANERJEE A, KUMAR V. Anomaly detection:a survey[J]. Acm Computing Surveys, 2009, 41(3):1-58.
[3] BARBORA M, MCWILLIAMS B, ASSENT I. Learning outlier ensembles:the best of both worlds-su-pervised and unsupervised[C]//InKD-D'14Works-hops:Outlier Detection and Description (ODD^2). New York:ACM, 2014:51-54.
[4] BORGOLTE K, KRUEGEL C, VIGNA G. Delta:automatic identification of unknown web-based infection campaigns[C]//ACM Sigsac Conference on Computer & Communications Security. Berlin:ACM, 2013:109-120.
[5] VEERAMACHANENI K, ARNALDO I, KORRAPATI V, et al. AI ^2:training a big data machine to defend[C]//IEEE, International Conference on Big Data Security on Cloud. New York:IEEE, 2016:1-13.
[6] 何毓锟,李强,嵇跃德,等. 一种关联网络和主机行为的延迟僵尸检测方法[J]. 计算机学报,2014,37(1):50-61. HE Yu-kun, LI Qiang, JI Yue-de, et al. Detecting response-delayed bot by correlating host behavior and network activity[J]. Chinese Journal of Computers,2014,37(1):50-61.
[7] 康健,杨媚,ZHANG Jun-yao. 基于多维观测特征的MF-HMM模型识别新型LDoS驱动的高分散低速率QoS侵犯[J]. 四川大学学报:工程科学版, 2015, 47(1):42-48. KANG Jian, YANG Mei,ZHANG Jun-yao. Identifying new high-distributed low-rate QoS violation driven by LDoS based on multi-observed features MF-HMM[J]. Journal of Sichuan University:Engineering Science Edition, 2015, 47(1):42-48.
[8] COVA M, KRUEGEL C, VIGNA G. Detection and analysis of drive-by-download attacks and malicious JavaScript code[C]//International Conference on World Wide Web, WWW 2010. Raleigh:DBLP, 2010:281-290.
[9] PROVOS N, MAVROMMATIS P, RAJAB M A, et al. All your iFRAMEs point to us[C]//Conference on Security Symposium. Berkeley:USENIX Association, 2008:1-15.
[10] CANALI D, COVA M, VIGNA G, et al. Prophiler:a fast filter for the large-scale detection of malicious web pages[C]//International Conference on World Wide Web. Hyderabad:ACM, 2011:197-206.
[11] RIECK K, KRUEGER T, DEWALD A. Cujo:efficient detection and prevention of drive-by-download attacks[C]//Twenty-Sixth Computer Security Applications Conference. Austin:DBLP, 2010:31-39.
[12] Runtime application self-protection (RASP)[EB/OL].[2016-08-15].http://www.gartner.com/it-glossary/runtime-application-self-protection-rasp/.
[13] KRUEGEL C, VIGNA G. Anomaly detection of Web-based attacks[C]//In Proceedings of the 10th ACM Conference on Computer and Communications Security. Washington DC:ACM, 2003:251-261.
[14] SONG Y, KEROMYTIS A D, STOLFO S J. Spectrogram:a mixture-of-Markov-chains model for anomaly detection in Web traffic[C]//Network & Distributed System Security Symposium. San Diego:DBLP, 2009:121-135.
[15] RABINER L R. A tutorial on hidden Markov models and selected applications in speech recognition[J]. Readings in Speech Recognition, 1989, 77(2):267-296.
[16] 顾晓丹, 杨明, 罗军舟,等. 针对SSH匿名流量的网站指纹攻击方法[J]. 计算机学报, 2015, 38(4):833-845. GU Xiao-dan,YANG Ming, LUO Jun-zhou, et al.Website fingerprinting attack based on hyperlink relations[J]. Chinese Journal of Computers, 2015, 38(4):831-845.
[17] Download HMM toolbox[EB/OL]. (2002-10-23)[2016-10-08]. http://www.cs.ubc.ca/~murphyk/Software/HMM/hmm_download.html. |
|
Viewed |
|
|
|
Full text
|
|
|
|
|
Abstract
|
|
|
|
|
Cited |
|
|
|
|
|
Shared |
|
|
|
|
|
Discussed |
|
|
|
|