Analysis of web server log files and attack detection
Tóm tắt
Problems of web application security and antihacker protection are very topical. Queries that users send to a web application via the Internet are registered in log files of the web server. Analyzing log files allows detecting anomalous changes that take place on the web server and identifying attacks. In this work, different methods are used to analyze log files and detect anomalies. The proposed methods allow detecting anomalous queries received from malicious users in log files of the web server.
Tài liệu tham khảo
Fielding, R., et al., Hypertext Transfer Protocol, HTTP/1.1.RFC 2616, June 1999.
Lee, W. and Stolfo, S, A Framework for Constructing Features and Models for Intrusion Detection Systems, ACM Transactions on Information and System Security, November 2000, vol. 3(4).
Friedl, J., Mastering Regular Expressions, August 2006, ISBN: 9780596528126 (0596528124).
Kruegel, Ch. and Vigna, G., Anomaly Detection of Web-based Attacks, Washington, DC, USA: ACM, October 27–31, 2003, pp. 251–261.
Kolamaev, V. A. and Kalinina, V. N., Teoriya veroyatnostei i matematicheskaya statistika (Theory of Probability and Mathematical Statistics), 1997.
Gnedenko, B. V., Kurs teorii veroyatnostei (Theory of Probability), Moscow: Nauka, 1988, ed. 6.
Billingsley, P., Probability and Measure, Wiley-Interscience, April 1995, ed. 3.