TITLE

Detecting anomalous Web server usage through mining access logs

AUTHOR(S)
Gržinić, Toni; Kišasondi, Tonimir; Šaban, Josip
PUB. DATE
September 2013
SOURCE
Central European Conference on Information & Intelligent Systems;Sep2013, p228
SOURCE TYPE
Conference Proceeding
DOC. TYPE
Article
ABSTRACT
Most operating systems services generate log files that can be used for debugging and supervision. One important function of log files is logging security related or debug information, for example logging unsuccessful authentication or error logging. This paper shows how to implement an anomaly detection process of web server's unexpected events using the Apache web server's logs and applying supervised machine learning algorithms to extracted features. Also, we compare the classification performance of several algorithms that can be easily implemented in real-world scenarios.
ACCESSION #
95256526

 

Related Articles

  • WEB ATAKLARI İÇİN METÄ°N TABANLI ANORMALLÄ°K TESPÄ°TÄ° (WAMTAT). Takci, Hidayet; Akyuz, Turker; Sogukpinar, İbrahim // Journal of the Faculty of Engineering & Architecture of Gazi Uni;Jun2007, Vol. 22 Issue 2, p247 

    Nowadays, there is an interaction between the web sites and users. In this interaction, user requests are sent to web servers in URL strings. Sometimes, harmful code may be embedded into those strings. Harmful code embedding is one of web attacks. User input data may be analyzed for detection of...

  • Compaq to launch app server line. Weil, Nancy // Network World;05/31/99, Vol. 16 Issue 22, p8 

    Announces Compaq's launching of three models of appliance server in the TaskSmart C-Series to help users run Web sites. Features of C1200R, C1500R and C2000R models; Contact information.

  • Windows 2003 'not smart enough' to be used a Unix datacentre replacement. Saran, Cliff // Computer Weekly;4/8/2003, p6 

    Reports that Unisys introduced an upgraded version of its ES7000 server supporting the Windows 2003 operating system. Features of the server; Limitations of the Windows 2003 operating system; Comparison with the Unix systems.

  • Boston Value Series 120 G8. MITCHELL, DAVE // PC Pro;Oct2012, Issue 216, p128 

    The article evaluates the Boston Value Series 129 G8 rack server.

  • Start-up looks to speed data delivery. Connor, Deni // Network World;04/09/2001, Vol. 18 Issue 15, p15 

    Reports that systems and storage start-up Ikadega is introducing a server appliance for enterprise networks and service providers. Key features and specifications; Availability information; Price.

  • Making the grade. Biggs, Maggie // InfoWorld;06/14/99, Vol. 21 Issue 24, p1 

    Focuses on the evolution of the 1999 class of application servers that leave the relative safety of product development laboratories and commerce work in the real world. Benefits offered by distributed multitier application architecture; How the class of application servers are divided...

  • AN ANOMALY OF AN ANOMALY: INVESTIGATING THE CORTICAL ELECTROPHYSIOLOGY OF REMOTE STARING DETECTION. BAKER, IAN S.; STEVENS, PAUL // Journal of Parapsychology;Spring2013, Vol. 77 Issue 1, p107 

    If there is evidence of an overall effect of remote staring detection, then theoretically there should also be evidence of electrophysiological processing of this information in the brain. A series of three experiments examining the potential electrocortical correlates of remote staring...

  • Special Issue - Information Assurance and Security Engineering. Khan, Muhammad Khurram; Alghathbar, Khaled // IETE Technical Review (Medknow Publications & Media Pvt. Ltd.);May-Jun2010, Vol. 27 Issue 3, p201 

    The article discusses various reports published within the issue, including one by Eun-Jun Yoon, Yong-Nyuo Shin, Il-Soo Jeon and Kee-Young Yoo on user authentication scheme for the session initiation protocol (SIP), one by Hu Xiong, Zhiguang Qin and Fagen Li on the computer protection problems...

  • Anomalous Network Packet Detection Using Data Stream Mining. Miller, Zachary; Deitrick, William; Wei Hu // Journal of Information Security;Oct2011, Vol. 2 Issue 4, p158 

    In recent years, significant research has been devoted to the development of Intrusion Detection Systems (IDS) able to detect anomalous computer network traffic indicative of malicious activity. While signature-based IDS have proven effective in discovering known attacks, anomaly-based IDS hold...

Share

Read the Article

Courtesy of THE LIBRARY OF VIRGINIA

Sorry, but this item is not currently available from your library.

Try another library?
Sign out of this library

Other Topics