• 首页
  • 期刊简介
  • 编委会
  • 投稿指南
  • 收录情况
  • 杂志订阅
  • 联系我们
引用本文:王 可,康晓凤,张百川,蔡超萍,张一凡.基于机器学习的日志分析系统的设计与实现[J].软件工程,2022,25(5):56-59.【点击复制】
【打印本页】   【下载PDF全文】   【查看/发表评论】  【下载PDF阅读器】  
←前一篇|后一篇→ 过刊浏览
分享到: 微信 更多
基于机器学习的日志分析系统的设计与实现
王 可,康晓凤,张百川,蔡超萍,张一凡
(徐州工程学院信息工程学院,江苏 徐州 221000)
admi1n@163.com; kxfeng07@163.com; 2936937335@qq.com; syldyx2020@163.com; 2475313260@qq.com
摘 要: 随着网络应用的发展,针对Web服务的恶意攻击也日益增多,如何在第一时间找到恶意的攻击日志,确认攻击者IP和漏洞位置,为后续的漏洞修补和攻击溯源提供有效帮助,是本文的研究重点。本系统通过漏洞测试工具收集恶意请求URL,使用Python的Sklearn(Scikit-learn)框架实现SVM(Support Vector Machines, 支持向量机)模型,对收集到的恶意URL进行关键词和特征提取,再对模型进行训练,训练结果通过Pickle方式保存。使用本系统可以对常见的漏洞利用方式如SQL注入、XSS、远程代码执行等进行检测,为Web服务的安全运行以及漏洞修复、重新上线等提供有效帮助,减少漏洞攻击事件带来的损失。
关键词: SVM;日志审计;机器学习
中图分类号: TP315    文献标识码: A
基金项目: 2021年徐州工程学院大学生创新训练项目(xcx2021322,xcx2021318);2020年徐州工程学院大学生创新创业基金项目(2020047).
Design and Implementation of Log Analysis System based on Machine Learning
WANG Ke, KANG Xiaofeng, ZHANG Baichuang, CAI Chaoping, ZHANG Yifan
(College of Information Engineering, Xuzhou Institute of Technology, Xuzhou 221000, China )
admi1n@163.com; kxfeng07@163.com; 2936937335@qq.com; syldyx2020@163.com; 2475313260@qq.com
Abstract: With the development of network applications, malicious attacks against Web services are also increasing. The research focuses on how to find the malicious attack log at the first time, confirm the attacker's IP and vulnerability location, and provide effective help for subsequent vulnerability repair and attack traceability. Malicious request URLs are collected through vulnerability testing tools and Python's Sklearn (Scikit-learn) framework is used to implement SVM (Support Vector Machines) model. Keywords and features are extracted from the collected malicious URLs and then the odels are trained. The training results are saved in Pickle mode. This system can detect common vulnerability utilization methods such as SQL (Structured Query Language) injection, XSS (Cross Site Script), remote code execution, etc., and provide effective help for the safe operation of Web services, vulnerability repair and re-launch, so to reduce the losses caused by vulnerability attacks.
Keywords: SVM; log audit; machine learning


版权所有:软件工程杂志社
地址:辽宁省沈阳市浑南区新秀街2号 邮政编码:110179
电话:0411-84767887 传真:0411-84835089 Email:semagazine@neusoft.edu.cn
备案号:辽ICP备17007376号-1
技术支持:北京勤云科技发展有限公司

用微信扫一扫

用微信扫一扫