Mining Frequent Attack Sequence in Web Logs

被引:4
作者
Sun, Hui [1 ]
Sun, Jianhua [1 ]
Chen, Hao [1 ]
机构
[1] Hunan Univ, Coll Comp Sci & Elect Engn, Changsha, Hunan, Peoples R China
来源
GREEN, PERVASIVE, AND CLOUD COMPUTING | 2016年 / 9663卷
关键词
Log analysis; Web security; Web attacks; Sequential pattern mining;
D O I
10.1007/978-3-319-39077-2_16
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
As a crucial part of web servers, web logs record information about client requests. Logs contain not only the traversal sequences of malicious users but the operations of normal users. Taking advantage of web logs is important for learning the operation of websites. Furthermore, web logs are helpful when conducting postmortem security analysis. However, common methods of analyzing web logs typically focus on discovering preferred browsing paths or improving the structure of website, and thus can not be used directly in security analysis. In this paper, we propose an approach to mining frequent attack sequence based on PrefixSpan. We perform experiments on real data, and the evaluations show that our method is effective in identifying both the behavior of scanners and attack sequences in web logs.
引用
收藏
页码:243 / 260
页数:18
相关论文
共 50 条
[21]   Finding frequent trajectories by clustering and sequential pattern mining [J].
Shaw, Arthur A. ;
Gopalan, N. P. .
JOURNAL OF TRAFFIC AND TRANSPORTATION ENGINEERING-ENGLISH EDITION, 2014, 1 (06) :393-403
[22]   Assessing the Scenic Route: Measuring the Value of Search Trails in Web Logs [J].
White, Ryen W. ;
Huang, Jeff .
SIGIR 2010: PROCEEDINGS OF THE 33RD ANNUAL INTERNATIONAL ACM SIGIR CONFERENCE ON RESEARCH DEVELOPMENT IN INFORMATION RETRIEVAL, 2010, :587-594
[23]   Experience: Analyzing Missing Web Page Visits and Unintentional Web Page Visits from the Client-side Web Logs [J].
Hsu, Che-Yun ;
Chen, Ting-Rui ;
Chen, Hung-Hsuan .
ACM JOURNAL OF DATA AND INFORMATION QUALITY, 2022, 14 (02)
[24]   IMPROVING THE INTERESTINGNESS OF WEB USAGE MINING [J].
杨怡玲 ;
管旭东 ;
尤晋元 .
Journal of Shanghai Jiaotong University, 2002, (01) :15-22
[25]   A binary decision diagram based approach for mining frequent subsequences [J].
Elsa Loekito ;
James Bailey ;
Jian Pei .
Knowledge and Information Systems, 2010, 24 :235-268
[26]   Efficiently Mining Gapped and Window Constraint Frequent Sequential Patterns [J].
Alatrista-Salas, Hugo ;
Guevara-Cogorno, Agustin ;
Maehara, Yoshitomi ;
Nunez-del-Prado, Miguel .
MODELING DECISIONS FOR ARTIFICIAL INTELLIGENCE (MDAI 2020), 2020, 12256 :240-251
[27]   A binary decision diagram based approach for mining frequent subsequences [J].
Loekito, Elsa ;
Bailey, James ;
Pei, Jian .
KNOWLEDGE AND INFORMATION SYSTEMS, 2010, 24 (02) :235-268
[28]   Mining system logs to learn error predictors: a case study of a telemetry system [J].
Russo, Barbara ;
Succi, Giancarlo ;
Pedrycz, Witold .
EMPIRICAL SOFTWARE ENGINEERING, 2015, 20 (04) :879-927
[29]   Mining system logs to learn error predictors: a case study of a telemetry system [J].
Barbara Russo ;
Giancarlo Succi ;
Witold Pedrycz .
Empirical Software Engineering, 2015, 20 :879-927
[30]   A Vector Space Model Approach for Web Attack Classification Using Machine Learning Technique [J].
Yadav, B. V. Ram Naresh ;
Satyanarayana, B. ;
Vasumathi, D. .
PROCEEDINGS OF THE SECOND INTERNATIONAL CONFERENCE ON COMPUTER AND COMMUNICATION TECHNOLOGIES, IC3T 2015, VOL 3, 2016, 381 :363-373
12345