Abstract
With the rapid development of the Internet, Web applications have been used more and more widely in various industries, and the accompanying security issues have gradually received attention. In the field of network security research, in addition to defense technologies such as intrusion detection and firewall technology, forensic analysis and traceability of network attacks are also the focus of research. Based on this, this paper is devoted to mining the associations of attack traces existing in web application logs, and to provide assistance for forensic analysis and attack source tracing. In this paper we propose a method for analyzing associations of network attack traces based on Web logs. We collect features of common Web attack methods and extracts attack traces. We also propose attack event description models based on key attributes, and improves the Apriori algorithm to adapt the model. The attack trace correlation analysis method proposed in this paper makes full use of and analyzes the infrequently discovered correlations in the log data, which has greatly helped the development of network attack traceability technology.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Hajamydeen, A.I., Udzir, N.I., Mahmod, R., et al.: An unsupervised heterogeneous log-based framework for anomaly detection. Turk. J. Electr. Eng. Comput. Sci. 24, 1117–1134 (2016)
Dutt, S., Choudhary, N., Singh, D.: An improved apriori algorithm based on matrix data structure. Global J. Comput. Sci. Technol. 14(5), 7–10 (2014)
Zou, L., Xue, H.: Research of weighted frequent patterns algorithm based on web-log mining. In: Communications in Computer and Information Science, vol. 224, pp. 241–247. Springer, Heidelberg (2011)
Shafiq, O., Alhajj, R., et al.: Frequent pattern mining using semantic FP-growth for effective web service ranking. In: 2014 IEEE 21st International Conference on Web Services (ICWS 2014), New York, pp. 725–727 (2014)
Xu, K., Gong, X., Cheng, M.: Audit log association rule mining based on improved Apriori algorithm. J. Comput. Appl. 36(7), 1847–1851 (2016)
Hernández, P., Garrigós, I., Mazón, J.-N.: Model-driven development of multidimensional models from web log files. Adv. Conceptual Model. Appl. Challenges 6413(1), 170–179 (2010)
Yang, L., Zhang, Y., Zhang, W., Wang, J., Zeng, J.: Web log analysis method based on storm real-time streaming computing framework. Comput. Sci. 46(9), 176–183 (2019)
Zhang, F., Fu, J.: Research of web access log analysis of security technology. J. Beijing Univ. Posts Telecommun. 37(2), 93–98 (2014)
Ma, K., Jiang, R.: Neural network based web log analysis for web intrusion detection. In: Lecture Notes in Computer Science, vol. 10658, no. 1, pp. 194–204 (2017)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 Springer Nature Switzerland AG
About this paper
Cite this paper
Li, S., Cui, B. (2021). Research on Association Analysis Technology of Network Attack Trace Based on Web Log. In: Barolli, L., Poniszewska-Maranda, A., Park, H. (eds) Innovative Mobile and Internet Services in Ubiquitous Computing . IMIS 2020. Advances in Intelligent Systems and Computing, vol 1195. Springer, Cham. https://doi.org/10.1007/978-3-030-50399-4_4
Download citation
DOI: https://doi.org/10.1007/978-3-030-50399-4_4
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-50398-7
Online ISBN: 978-3-030-50399-4
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)