Research on Comprehensive Forensic Analysis Based on Logs2intrusions and Web Log Explorer

doi:10.3969/j.issn.1671-1122.2017.03.006

Netinfo Security ›› 2017, Vol. 17 ›› Issue (3): 33-38.doi: 10.3969/j.issn.1671-1122.2017.03.006

• Orginal Article • Previous Articles Next Articles

Research on Comprehensive Forensic Analysis Based on Logs2intrusions and Web Log Explorer

Jing YANG(), Xin ZHAO, Tianliang LU

School of Information Technology and Network Security, People’s Public Security University of China, Beijing 102600, China

Received:2016-11-01 Online:2017-03-20 Published:2020-05-12

Abstract

Abstract:

With the rapid development of Internet applications, the security threat is becoming more and more serious, especially network intrusion attacks. At present, it is necessary for intrusion detection to analyze the log data. The website log file is a file that records various original information, such as web server receiving processing requests and run-time errors, but the effect of analyzing log data remains to be further improvement. This paper analyzed the characteristics of four log analysis tools,Logs2intrusions, Web Log Explorer, Light Year SEO Log Analysis System, Backfire Website Analyzer, and proposed the comprehensive forensic analysis technique based on the advantage of these tools. The technique, which have a certain value in combating cybercrime and maintaining network space security, achieve the rapid analysis of the log data from the large quantities of intrusion attacks, and improve the recognition accuracy of network intrusion attack.

Key words: network intrusion detection, logs2intrusions, Web Log Explorer, system log

CLC Number:

TN919.8

Jing YANG, Xin ZHAO, Tianliang LU. Research on Comprehensive Forensic Analysis Based on Logs2intrusions and Web Log Explorer[J]. Netinfo Security, 2017, 17(3): 33-38.

Figures/Tables 5

References 15

[1]	吴金宇. 网络安全风险评估关键技术研究[D].北京:北京邮电大学,2013.
[2]	肖丹. 基于可控域的网络攻击追踪技术研究[D].郑州:解放军信息工程大学,2007.
[3]	楼亮. 基于snort的入侵检测系统的分析和改进[D].上海:上海交通大学,2007.
[4]	何鹏程,方勇. 一种基于Web日志和网站参数的入侵检测和风险评估模型的研究[J]. 信息网络安全,2015(1):61-65.
[5]	王家兰,王余旺. 基于Web日志分析的Web Qos研究[J]. 电脑知识与技术(学术交流),2007(19):80-94.
[6]	姜传菊. 网络日志分析在网络安全中的作用[J].现代图书情报技术,2004,(12): 58-60.
[7]	Web日志记录:有效掌握服务器的运行状况[EB/OL]. .
[8]	戚名钰,刘铭,傅彦铭. 基于PCA的SVM网络入侵检测研究[J]. 信息网络安全,2015(2):15-18.
[9]	钱秀槟,刘国伟,李锦川,蔡磊. Web应用日志分析系统分析与设计[J]. 计算机安全,2011(6):52-54.
[10]	IIS的日志分析[EB/OL]. , 2016-10-1.
[11]	Web Log Explorer(SEO日志分析工具) V6.51 Build 1075 汉化特别版[EB/OL]. , 2016-10-1.
[12]	网站日志分析器(Web Log Explorer Lite)7.4.3 免费版[EB/OL]. , 2016-10-1.
[13]	光年SEO日志分析系统[EB/OL]. , 2016-10-1.
[14]	逆火网站日志分析器[EB/OL]. , 2016-10-1.
[15]	利用编辑器漏洞ewebeditor-fckeditor-southidceditor[EB/OL]. , 2016-10-1.

Research on Comprehensive Forensic Analysis Based on Logs2intrusions and Web Log Explorer

RichHTML

PDF (PC)

Knowledge

Abstract

Cite this article

share this article

Figures/Tables 5

References 15

Related Articles 2

Recommended Articles

Metrics

Comments

[1]	Xuli RAO, Pengna XU, Zhide CHEN, Li XU. Network Intrusion Detection with Incomplete Information Based on Deep Learning [J]. Netinfo Security, 2019, 19(6): 53-60.
[2]	Shuning WEI, Xingru CHEN, Yong JIAO, Jin WANG. Research on the Application of AR-OSELM Algorithm in Network Intrusion Detection [J]. Netinfo Security, 2018, 18(6): 1-6.