The rapid development of Internet Technology has changed people’s lifestyle. And the e-commerce becomes one of the most popular web applications. Nowadays, malicious attacks towards web server of most e-commerce websites appear to be more and more common. However, related attack records can be found through analyzing access logs on web server of those e-commerce websites. The OWASP (Open Web Application Security Project) publishes ten attack technology the web server experienced every year, such as SQL injection, XSS attack and DDoS attack, etc. These attacks have caused great harm to the web server, on the one hand, the e-commerce websites can’t provide normal service for users, on the other hand, most data or privacy of users is leaked. This paper puts forward a solution to analyzing access logs on web server by the classiifcation of web access logs and the matching of attack pattern and characteristics. The system can ifnd out attack sources and types, and then displays the results in a graphical from in a web page, which helps security administrators of e-commerce websites to detect the attacks and improve the ability of resisting various attacks on web server.%互联网技术的飞速发展改变了人们的生活方式,其中电子商务是近年来应用最为广泛的互联网应用之一。越来越多的Web服务器部署在互联网上向外提供服务,因此针对电子商务Web服务器的攻击不断增加。OWASP组织每年都公布Web应用程序遭受到的最多的10种攻击技术,其中攻击危害性较大的有SQL注入、XSS攻击和DDoS攻击等。这些攻击一方面使得电子商务服务器无法向外提供服务,另一方面还可能造成电子商务服务器中数据和用户个人隐私的泄露,因此电子商务服务器的安全防护是Web服务器安全运维最为重要的一个环节。通过对Web服务器日志的分析研究可以对网站的攻击事件进行检测,进而掌握Web服务器被攻击的来源和原因等,提高Web服务器的安全防护能力。文章通过对Web服务器攻击日志进行分析,将Web服务器日志进行分类,通过将日志记录中各个字段值与具有攻击特征的模式进行匹配,并对模式匹配后的日志进行分析,发现常见的攻击类型和攻击源等信息,并以图形化的形式展示,以此提高网站服务器的安全运维能力。
展开▼
