Recently, I am studying on intrusion detection with machine learning, hoping to use what I have learned this semester in Machine Learning course to solve some real life problems. The first topic is using Hidden Markov Models to detect abnormal input for parameters.
When you given a set of commands from a log file such as
.bash_history or something similar, you can definitely judge if this set of commands reveals a evil attack to your computer system by reading it lines by lines if there is not too many commands. However, for those companies, there are such many log files waiting to analyze that it is not possible to audit manually.
As the second CVE ID I have owned, CVE-2018-10574 identifies an arbitrary code executation in BigTree CMS developed by Fastspot. Here are some places to get more details about this CVE.
个人毕业设计，挺水的。本来想好好弄，把防火墙和机器学习综合一下，结果学校突然通知提前一个月验收，只好匆匆完成，不过最后答辩老师的评价还挺不错，大概是没有细看吧。总之是让大家见笑了。Continue reading “针对REST API的Web应用防火墙”