摘要
为了发现和预防Web服务带来的漏洞,部署一个Web服务蜜罐作为Web服务的应用程序,该蜜罐捕获和处理所有请求消息并且将结果记录在日志文件中.在处理这些日志文件的时候,采用基于SVM算法的机器学习技术对其进行分析和分类,并将异常活动提交给人类专家进行审核和处理.这样大大减少了人类专家的工作量,同时有很高的准确率,更有利于部署更有针对性的网络安全策略.
To find and prevent the vulnerabilities bought by Web services, a Web Server (WS) honeypot was deployed as a web service application. This honeypot was used to capture all request messages and record them in the logs. These logs were analyzed and classified by using SVM algorithm machine learning technique, and then the abnormal activities were submitted to the experts. The advantages of this method are reducing workload of the experts and at the same time, it has high accuracy rates, and can be beneficial to deploy better targeted network security policy.
出处
《沈阳大学学报(自然科学版)》
CAS
2013年第1期35-38,共4页
Journal of Shenyang University:Natural Science
