Mining Frequent Attack Sequence in Web Logs

被引:4
作者
Sun, Hui [1 ]
Sun, Jianhua [1 ]
Chen, Hao [1 ]
机构
[1] Hunan Univ, Coll Comp Sci & Elect Engn, Changsha, Hunan, Peoples R China
来源
GREEN, PERVASIVE, AND CLOUD COMPUTING | 2016年 / 9663卷
关键词
Log analysis; Web security; Web attacks; Sequential pattern mining;
D O I
10.1007/978-3-319-39077-2_16
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
As a crucial part of web servers, web logs record information about client requests. Logs contain not only the traversal sequences of malicious users but the operations of normal users. Taking advantage of web logs is important for learning the operation of websites. Furthermore, web logs are helpful when conducting postmortem security analysis. However, common methods of analyzing web logs typically focus on discovering preferred browsing paths or improving the structure of website, and thus can not be used directly in security analysis. In this paper, we propose an approach to mining frequent attack sequence based on PrefixSpan. We perform experiments on real data, and the evaluations show that our method is effective in identifying both the behavior of scanners and attack sequences in web logs.
引用
收藏
页码:243 / 260
页数:18
相关论文
共 50 条
[31]   Mining Behavioral Sequence Constraints for Classification [J].
De Smedt, Johannes ;
Deeva, Galina ;
De Weerdt, Jochen .
IEEE TRANSACTIONS ON KNOWLEDGE AND DATA ENGINEERING, 2020, 32 (06) :1130-1142
[32]   Attack Pattern Mining Algorithm Based on Security Log [J].
Li, Keyi ;
Li, Yang ;
Liu, Jianyi ;
Zhang, Ru ;
Duan, Xi .
2017 IEEE INTERNATIONAL CONFERENCE ON INTELLIGENCE AND SECURITY INFORMATICS (ISI), 2017, :205-205
[33]   Geo-Identification of Web Users through Logs using ELK Stack [J].
Prakash, Tarun ;
Kakkar, Misha ;
Patel, Kritika .
2016 6th International Conference - Cloud System and Big Data Engineering (Confluence), 2016, :606-610
[34]   CRAXweb: Automatic Web Application Testing and Attack Generation [J].
Huang, Shih-Kun ;
Lu, Han-Lin ;
Leong, Wai-Meng ;
Liu, Huan .
2013 IEEE 7TH INTERNATIONAL CONFERENCE ON SOFTWARE SECURITY AND RELIABILITY (SERE), 2013, :208-217
[35]   Recent Attack Prevention Techniques in Web Service Applications [J].
Bherde, Gajanan P. ;
Pund, M. A. .
2016 INTERNATIONAL CONFERENCE ON AUTOMATIC CONTROL AND DYNAMIC OPTIMIZATION TECHNIQUES (ICACDOT), 2016, :1174-1180
[36]   Puppetnets: Misusing Web Browsers as a Distributed Attack Infrastructure [J].
Forth-Ics, Spiros Antonatos ;
Akritidis, Periklis ;
Lam, Vinh The ;
Anagnostakis, Kostas G. .
ACM TRANSACTIONS ON INFORMATION AND SYSTEM SECURITY, 2008, 12 (02)
[37]   Frequent sequence pattern based activity recognition in smart environment [J].
Honarvar, Ali Reza ;
Zaree, Talat .
INTELLIGENT DECISION TECHNOLOGIES-NETHERLANDS, 2018, 12 (03) :349-357
[38]   Mining Frequent Spatio-Temporal Patterns in Wind Speed and Direction [J].
Yusof, Norhakim ;
Zurita-Milla, Raul ;
Kraak, Menno-Jan ;
Retsios, Bas .
CONNECTING A DIGITAL EUROPE THROUGH LOCATION AND PLACE, 2014, :143-161
[39]   SPaMi-FTS: An Efficient Algorithm for Mining Frequent Sequential Patterns [J].
Kadir Febrer-Hernandez, Jose ;
Hernandez-Palancar, Jose ;
Hernandez-Leon, Raudel ;
Feregrino-Uribe, Claudia .
PROGRESS IN PATTERN RECOGNITION IMAGE ANALYSIS, COMPUTER VISION, AND APPLICATIONS, CIARP 2014, 2014, 8827 :470-477
[40]   Mining Frequent Sequential Patterns and Association Rules on Campus Map System [J].
Tang, Yeming ;
Tong, Qiuli ;
Du, Zhao .
2014 2ND INTERNATIONAL CONFERENCE ON SYSTEMS AND INFORMATICS (ICSAI), 2014, :954-958
12345