Research And Implementation Of Web Server Trojan Detection Technology Based On Dynamic And Static Combination

With the development of computer technology and industrial Internet,all walks of life began to widely use Internet services and computer technology.While people widely use Internet technology,our enterprise applications also gradually exposed many security problems..The business of companies and industries is expanding rapidly with the development of technology in recent years.There are more and more attacks against network services.According to the survey,most of the network attacks are related to network applications.Because of the inequity of both ends of attack and defense and the lag of defense,new attack methods will always be generated first,and then the protection ability of security protection equipment will be correspondingly improved.For a long time,traditional security protection equipment has been unable to effectively detect and prevent attacks.Therefore,intelligent detection of Web attack based on machine learning has become a hot topic in the field of web security.First of all,through the analysis of the code features and traffic features of web server Trojan and studying the existing detection technology of web server Trojan,this paper applies machine learning algorithm and natural language processing technology to the detection of web server Trojan.Research and implement a static detection model of Trojan malicious traffic and a dynamic detection model of Trojan traffic.Secondly,because the static detection and dynamic detection have their own limitations,this paper proposes a detection method which combines the static detection and dynamic detection of Trojans.The combination of the two detection methods can make up each other,effectively detect the Trojan threat and protect the security of server assets.Experiments show that the Trojan detection models proposed in this paper can achieve high evaluating indicator.And they achieve better detection results in horizontal comparison with other detection models developed by other authors or enterprises.Finally,in order to use the Trojan detection model designed in this paper in the actual network security protection system.I design and implements a web server Trojan detection system in this paper,which can be used by server security operation and maintenance personnel.The author has deployed this detection program at the gateway of the actual campus network and found many hacker attacks on the server.