An Attack Detection System for Multiple Web Applications Based on Big Data Platform

作者:Jin Xiaohui*; Yin Congxian; Yang Pengpeng; Cui Baojiang
来源:11th International Conference on Broad-Band Wireless Computing, Communication and Applications (BWCCA), 2016-11-05 to 2016-11-07.
DOI:10.1007/978-3-319-49106-6_35

摘要

Considering the protection requirements of large organizations for multiple web applications, we design and implement an attack detection system. The system is built on the big data platform, which is highly scalable. It adopts the network-traffic-based detection, capturing, parsing and analyzing the HTTP packets passing by in real time. By analyzing historical data, we are able to get application-specific access patterns, which can help domain experts find out anomalies efficiently. Besides, based on the labels given by domain experts, semi-supervised learning is applied to build attack detection classifier. The system is deployed in the real network of our university and has detected dozens of attacks.

全文