| 摘要 |
FIELD: physics; computer engineering. ^ SUBSTANCE: invention relates to ensuring information security on web serves. In order to monitor security of a web server, such quality factors of operation of the web server as query runtime t and number of link errors eERROR are given at a preliminary stage. A loading test is then carried out to determine threshold values of the query runtime of the web server (tCRIT) and number of link errors (eERROR-CRIT). Analytical models for predicting query runtime tPRED are constructed. Monitoring period TM is determined at the functioning stage of the server, after which N queries are received for establishing connection during the monitoring period TM. Current values of quality factors of operation of the web server t,eERROR are derived. The predicted query runtime tPRED is then calculated based on the said values. Values of tPRED and eERROR are then compared with threshold values of the quality factors and if threshold values are greater than the said values, there is an attack. ^ EFFECT: invention improves quality of monitoring security of a web server and provides on-line detection of critical mode of operation of the web server caused by unknown and known "denial of service" attacks, as well as legitimate user requests. ^ 3 dwg |
