Network attack is a big hidden danger which may influence network security. In order to ensure safe operation of the network, attack behaviors existing in the network needs to be detected timely.
In the existing network attack detection technology, a regular expression in a feature library is used for matching such network transmission data as HTTP (HyperText Transfer Protocol) request, so as to determine whether attack exists in transmission data.
This method needs to be based on a feature library with a large number of regular expressions, however, blind spots often exist in the feature library, and former features and later features in the feature library are often correlated, therefore, the labor cost of adding new features is higher, and even new features may influence old features and make old features become invalid, consequently, the accuracy and reliability of network attack detection cannot be ensured.