计算机与现代化

• 信息安全 • 上一篇    下一篇

基于云平台的网站安全多维监测系统

  

  1. 1.北京国电通网络技术有限公司,北京100070;2.上海交通大学电子信息与电气工程学院,上海200240;
    3.国网浙江省电力公司信息通信分公司,浙江杭州310007;4.国网冀北电力有限公司,北京100053
  • 收稿日期:2015-10-16 出版日期:2016-01-22 发布日期:2016-01-26
  • 作者简介:郑生军(1977-),男,安徽怀宁人,北京国电通网络技术有限公司高级工程师,硕士,研究方向:信息网络安全; 郭龙华(1991-),男,上海交通大学电子信息与电气工程学院博士研究生,研究方向智能电网,物联网安全; 李建华(1965-),男,江西九江人,教授,博士,研究方向:信息安全; 王红凯(1984-),男,国网浙江省电力公司信息通信分公司高级工程师,研究方向:电力信息系统; 刘昀(1980-),北京人,本科。
  • 基金资助:
    国家电网科技项目(524681140009)

Multi-dimensional Monitoring System for Website Security Based on Cloud Platform

  1. 1. Beijing Guo Dian Tong Network Technology Co., Ltd., Beijing 100070, China;2. School of Electronic Information and Electrical Engineering, Shanghai Jiaotong University, Shanghai 200240, China;3. Information and Telecommunication Branch of State Grid Zhejiang Electric Power Company, Hangzhou 310007, China;4. State Grid Jibei Electric Power Company, Beijing 100053, China
  • Received:2015-10-16 Online:2016-01-22 Published:2016-01-26

摘要: 基于云平台的网站安全多维监测系统利用云计算技术,从可用性、安全事件和Web漏洞3个维度对网站安全进行全面监测,并对监测数据进行关联分析。通过基于云平台的网站安全监测系统,融合基于源代码分析的快速挂马网页检测、基于朴素贝叶斯算法的暗链检测、基于页面相似度算法的SQL注入盲注检测及基于高精度DOM定位的XSS检测等关键技术,可并发实现对大规模网站进行周期性安全监测,从而有效提高了发现网站被篡改的准确率、漏报率和误报率,为网站安全管理及维护提供及时、准确的管理依据。

关键词: 云计算, 多维监测, 网站安全, 漏洞扫描, 安全事件

Abstract:  A multi-dimensional monitoring system for website security based on cloud platform utilizes cloud computing technology and monitors website security from three dimensions including availability, security events and Web vulnerabilities. Correlation analysis of the monitoring data is conducted meanwhile. The system concurrently and periodically monitors the large-scale websites comprehensively utilizing several key technologies including rapid detection technology based on static source code analysis towards website hang cockhorse, hidden chain detection technology based on native Bayes, SQL injection attack blind detection technology based on page similarity and XSS detection technology based on high precision DOM locator. The system improves the accuracy, rates of missing report and false alarm in the detection of website defacement which provides timely and accurate basis for the website security administration and maintenance.

Key words: cloud computing, multi-dimensional monitoring, website security, vulnerability scanning, security incident

中图分类号: