Mining Frequent Attack Sequence in Web Logs

被引:4
作者
Sun, Hui [1 ]
Sun, Jianhua [1 ]
Chen, Hao [1 ]
机构
[1] Hunan Univ, Coll Comp Sci & Elect Engn, Changsha, Hunan, Peoples R China
来源
GREEN, PERVASIVE, AND CLOUD COMPUTING | 2016年 / 9663卷
关键词
Log analysis; Web security; Web attacks; Sequential pattern mining;
D O I
10.1007/978-3-319-39077-2_16
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
As a crucial part of web servers, web logs record information about client requests. Logs contain not only the traversal sequences of malicious users but the operations of normal users. Taking advantage of web logs is important for learning the operation of websites. Furthermore, web logs are helpful when conducting postmortem security analysis. However, common methods of analyzing web logs typically focus on discovering preferred browsing paths or improving the structure of website, and thus can not be used directly in security analysis. In this paper, we propose an approach to mining frequent attack sequence based on PrefixSpan. We perform experiments on real data, and the evaluations show that our method is effective in identifying both the behavior of scanners and attack sequences in web logs.
引用
收藏
页码:243 / 260
页数:18
相关论文
共 50 条
[41]   An Efficient Algorithm for Mining Maximal Frequent Sequential Patterns in Large Databases [J].
Su, Qiu-bin ;
Lu, Lu ;
Cheng, Bin .
2018 INTERNATIONAL CONFERENCE ON COMMUNICATION, NETWORK AND ARTIFICIAL INTELLIGENCE (CNAI 2018), 2018, :404-410
[42]   Potential threats mining methods based on correlation analysis of multi-type logs [J].
Qin, Tao ;
Gao, Yuli ;
Wei, Lingyan ;
Liu, Zhaoli ;
Wang, Chenxu .
IET NETWORKS, 2018, 7 (05) :299-305
[43]   Ontology Based Web Usage Mining Model [J].
Ramesh, C. ;
Rao, K. V. Chalapati ;
Govardhan, A. .
PROCEEDINGS OF THE 2017 INTERNATIONAL CONFERENCE ON INVENTIVE COMMUNICATION AND COMPUTATIONAL TECHNOLOGIES (ICICCT), 2017, :356-362
[44]   ECEM - Generating Adversarial Logs under Black-box Setting in Web Security [J].
Fei, Yixiao ;
Wang, Lei ;
He, Ruan ;
Lu, Jialiang .
2020 IEEE GLOBAL COMMUNICATIONS CONFERENCE (GLOBECOM), 2020,
[45]   Visualizing Web Attack Scenarios in Space and Time Coordinate Systems [J].
Tran Tri Dang ;
Tran Khanh Dang .
TRANSACTIONS ON LARGE-SCALE DATA- AND KNOWLEDGE-CENTERED SYSTEMS XVI, 2014, 8960 :1-14
[46]   TridentShell: A Covert and Scalable Backdoor Injection Attack on Web Applications [J].
Yu, Xiaobo ;
Meng, Weizhi ;
Zhao, Lei ;
Liu, Yining .
INFORMATION SECURITY (ISC 2021), 2021, 13118 :177-194
[47]   A Graph-Based Differentially Private Algorithm for Mining Frequent Sequential Patterns [J].
Nunez-del-Prado, Miguel ;
Maehara-Aliaga, Yoshitomi ;
Salas, Julian ;
Alatrista-Salas, Hugo ;
Megias, David .
APPLIED SCIENCES-BASEL, 2022, 12 (04)
[48]   Mining maximal frequent access sequences based on improved WAP-tree [J].
Tan Xiaoqiu ;
Yao Min ;
Zhang Jianke .
ISDA 2006: SIXTH INTERNATIONAL CONFERENCE ON INTELLIGENT SYSTEMS DESIGN AND APPLICATIONS, VOL 1, 2006, :616-620
[49]   Data mining approach to web application intrusions detection [J].
Kalicki, Arkadiusz .
PHOTONICS APPLICATIONS IN ASTRONOMY, COMMUNICATIONS, INDUSTRY, AND HIGH-ENERGY PHYSICS EXPERIMENTS 2011, 2011, 8008
[50]   Web Usage Mining Algorithm for an Academic Search Application [J].
Jeyalatha, S. ;
Vijayakumar, B. .
PROCEEDINGS OF 2019 INTERNATIONAL CONFERENCE ON COMPUTATIONAL INTELLIGENCE AND KNOWLEDGE ECONOMY (ICCIKE' 2019), 2019, :675-680
12345