Abstract:

With the vigorous development of Chinese Internet industry, Web services are more and more applied to various domains like government, education, finance and telecom to realize services such as e-government affairs, business promotion, online trading. The security threats based on Web services are more than any time before. It is insufficient of the traditional vulnerability scan and defense technology to evaluate the threat trend faced by Web server. Aiming at the analyses on the thread trend of Web server under large-scale complex environment, this paper proposes a method and system based on Web log for security threat analyses. It extracts security threat events from a mass of logs and then makes analyses. With the use of characteristic model of threat behavior, it is able to exactly find all kinds of threats to the Websites. Synthetical comprehensive risk index for this Website is given which could contribute to the Website's aiming at strengthening its integrated defense capability.

Key words: Web security, log analyses, risk evaluation, Web server