标签归档:log analysis

Intrusion detection technology based on log analysis

Abstract

 With the popularity and the development of Internet all over the world, the global computer networks have connected people’s study and work together. However, network attacks and intrusions cause a great threat to national security, economic, and social life. Therefore, the information security problems have gradually become the focal point for the information industry, have become an important component of national security, and also are the keys to determine whether the national economy would develops rapidly and sustainably.

Intrusion detection is an important part of information security technology, involving log analysis, vulnerability detection, attack path detection, and other technologies, which rely heavily on data analysis technology. By the security log analysis, the characteristic of the packets for attack and the model of the attack sequence can be easily generated, so the intrusion model can also be obtained.

This report focuses on technology for connectedly analysing network security audit data, the security log to discover the characteristics of the packet of intrusion and the attack sequence model.

Table of Contents

1 Introduction……………………………………………………….. 2

1.1 Background ……………………………………………………….2

1.1.1 Threats to information systems…………………………. 2

2 Overview …………………………………………………………….3

2.1 Intrusion detection …………………………………………….3

2.1.1 Anomaly detection ………………………………………….4

2.1.2 Misuse detection …………………………………………….5

2.2 Security log ……………………………………………………..6

3 Use the web log to detect and analyse hacking ………….7

3.1 Invasion by SQL injection of security holes …………..7

3.2 Invasion with uploading vulnerability …………………8

4 Conclusions and discussion ………………………………….9

5 Literature references ………………………………………….9

Click here to download (NB: You should register first)

[download id=”5″]