面向电力信息系统日志数据的注入攻击特征提取方法  被引量:2

INJECTION ATTACK FEATURE EXTRACTION METHOD FOR LOG DATA OF POWER INFORMATION SYSTEM

在线阅读下载全文

作  者:殷博[1] 朱静雯 刘磊 许静 Yin Bo;Zhu Jingwen;Liu Lei;Xu Jing(State Grid Tianjin Electric Power Company,Tianjin 300010,China;College of Software,Nankai University,Tianjin 300350,China;College of Artificial Intelligence,Nankai University,Tianjin 300350,China)

机构地区:[1]国网天津市电力公司,天津300010 [2]南开大学软件学院,天津300350 [3]南开大学人工智能学院,天津300350

出  处:《计算机应用与软件》2021年第3期319-326,共8页Computer Applications and Software

基  金:国家电网公司总部科技项目(SGTJDK00DWJS1900105)。

摘  要:电力数据安全随着电力信息网与互联网的接入变得尤为严峻,其数据与规模愈加庞大复杂。为了对其进行有效的安全分析及特征提取,提出一种基于特征提取的SQL注入攻击检测模型。从Web访问日志中提取SQL注入语法特征和行为特征,得到语法特征矩阵和行为特征矩阵数据集。以漏报率和误报率为评价指标,选取K-means、Naive Bayes、SVM和RF算法分别在两类数据集上实验。实验结果表明,与以语法特征矩阵作为数据集相比,行为特征矩阵在SQL注入攻击检测中具有更好的效果。此外SVM和RF检测效果较好,具有较低的漏报率和误报率,该方法能有效检测出SQL注入攻击。Power data security becomes especially important with the access of power information network and Internet.Its data and scale become more and more huge and complex.To effectively perform security analysis and feature extraction,a SQL injection attack detection model based on feature extraction is proposed.SQL injection syntactic feature and behavioral feature were extracted from the Web access logs,and two types of data sets were obtained for syntactic feature matrix and behavioral feature matrix.Based on the evaluation index of false positive rate and false negative rate,K-means,Naive Bayes,SVM and RF algorithms were selected to experiment on two types of data sets.The results show that the behavioral feature matrix has a better effect in SQL injection attack detection than using the syntactic feature matrix as the data set.In addition,the detection effect of SVM and RF is better,with lower false negative rate and false positive rate.The method proposed in this paper can effectively detect SQL injection attacks.

关 键 词:WEB访问日志 SQL注入 语法特征 行为特征 电力系统 

分 类 号:TP311.5[自动化与计算机技术—计算机软件与理论]

 

参考文献:

正在载入数据...

 

二级参考文献:

正在载入数据...

 

耦合文献:

正在载入数据...

 

引证文献:

正在载入数据...

 

二级引证文献:

正在载入数据...

 

同被引文献:

正在载入数据...

 

相关期刊文献:

正在载入数据...

相关的主题
相关的作者对象
相关的机构对象