本文已被:浏览 2120次 下载 3067次
Received:August 21, 2011 Revised:September 15, 2011
Received:August 21, 2011 Revised:September 15, 2011
中文摘要: 模仿正常访问行为的HTTP 泛洪攻击较为隐蔽,在消耗网站服务器资源的同时还带来信息安全隐患,提出了一种主动防御方法。用URL 重写的方法使Web 日志记录HTTP 请求的CookieId 和SessionId;定时分析Web 日志,利用CookieId 和SessionID 识别用户,根据请求时间特征来识别傀儡主机;对HTTP 请求进行预处理,拦截傀儡主机的请求。该方法成本低、便于实施,实践证明了其有效性。
Abstract:HTTP flood attacks mimicking normal access behavior are difficult to discovered, it consumes web server’s resources and brings hidden danger on information security, a method of proactive defense against HTTP floods is provided. Rewrite URL to record CookieId and SessionId of HTTP requests into Web log; analysis Web log at regular time, identify user according CookieId and SessionId, indentify puppet computers using request time characteristic; process HTTP requests in advance to keep out the requests from the puppet computers. This method is low cost and easy to implement, practice proved its validity.
keywords: distributed denial of service HTTP flood website security Web log analysis proactive defense
文章编号: 中图分类号: 文献标志码:
基金项目:
| Author Name | Affiliation |
| YUAN Zhi | South China Institute of Software Engineering, Guangzhou University, Guangzhou 510990, China |
| Author Name | Affiliation |
| YUAN Zhi | South China Institute of Software Engineering, Guangzhou University, Guangzhou 510990, China |
引用文本:
袁志.基于日志监视主动防御 HTTP 泛洪攻击.计算机系统应用,2012,21(5):189-191
YUAN Zhi.Proactive Defense Against HTTP Flood Attacks Based on Watching Web Log.COMPUTER SYSTEMS APPLICATIONS,2012,21(5):189-191
袁志.基于日志监视主动防御 HTTP 泛洪攻击.计算机系统应用,2012,21(5):189-191
YUAN Zhi.Proactive Defense Against HTTP Flood Attacks Based on Watching Web Log.COMPUTER SYSTEMS APPLICATIONS,2012,21(5):189-191
