Research on Web Server Attacks Logs Analysis

doi:10.3969/j.issn.1671-1122.2016.06.009

Netinfo Security ›› 2016, Vol. 16 ›› Issue (6): 56-61.doi: 10.3969/j.issn.1671-1122.2016.06.009

• Orginal Article • Previous Articles Next Articles

Research on Web Server Attacks Logs Analysis

Shiqi DENG¹, Xiaoming LIU², Xudong WU³, Min LEI¹

1. Information Security Center, Beijing University of Posts and Telecommunications, Beijing 100876, China
2. National Computer Network Emergency Response Technical Team/Coordination Center of China, Beijing 100029, China
3. Sichuan Kerui Software Co., Ltd. Mianyang Sichuan 621000, China

Received:2016-04-01 Online:2016-06-20 Published:2020-05-13

Abstract

Abstract:

The rapid development of Internet Technology has changed people’s lifestyle. And the e-commerce becomes one of the most popular web applications. Nowadays, malicious attacks towards web server of most e-commerce websites appear to be more and more common. However, related attack records can be found through analyzing access logs on web server of those e-commerce websites. The OWASP (Open Web Application Security Project) publishes ten attack technology the web server experienced every year, such as SQL injection, XSS attack and DDoS attack, etc. These attacks have caused great harm to the web server, on the one hand, the e-commerce websites can’t provide normal service for users, on the other hand, most data or privacy of users is leaked. This paper puts forward a solution to analyzing access logs on web server by the classification of web access logs and the matching of attack pattern and characteristics. The system can find out attack sources and types, and then displays the results in a graphical from in a web page, which helps security administrators of e-commerce websites to detect the attacks and improve the ability of resisting various attacks on web server.

Key words: Web server, attack log, log analysis

CLC Number:

TP309

Shiqi DENG, Xiaoming LIU, Xudong WU, Min LEI. Research on Web Server Attacks Logs Analysis[J]. Netinfo Security, 2016, 16(6): 56-61.

Figures/Tables 6

References 10

[1]	童毕建. 基于点击流技术的个性化信息服务应用研究[D]. 北京:对外经济贸易大学,2006.
[2]	向坚持,陈晓红,刘相滨,等. 基于Web Log的数据预处理研究[J]. 湖南师范大学自然科学学报, 2004,27(4):33-36.
[3]	张炳帅. Web安全深度剖析[M].北京:电子工业出版社,2015.
[4]	利用WEB日志判断服务器的安全性[J].计算机与网络,2013,39(8): 42-43.
[5]	任正国. 点击流数据仓库与数据挖掘研究[D]. 大连:大连海事大学,2008.
[6]	郑奎. Web点击流构建个性化信息服务[D]. 上海:上海交通大学, 2008.
[7]	刘洪. 基于Web日志挖掘的安全事件分析与实现[D]. 北京:北京邮电大学,2014.
[8]	闫炳宽. 基于点击技术的用户兴趣数据挖掘研究[J]. 电脑知识与技术,2009,5(33):9412-9414.
[9]	周伟. 基于点击流技术的读者需求分析[J].图书馆学研究,2007,(7):70-72.
[10]	PANG N T, MICHAEL S, VINPIN K,等.数据挖掘导论(第二版)[M].范明,译.北京:人民邮电出版社,2011.

Research on Web Server Attacks Logs Analysis

RichHTML

PDF (PC)

Knowledge

Abstract

Cite this article

share this article

Figures/Tables 6

References 10

Related Articles 2

Recommended Articles

Metrics

Comments

[1]	XIA Rong. Research and Application on Web Forensic Analysis Technology [J]. 信息网络安全, 2015, 15(9): 201-205.
[2]	. Construction and Investigation of ASP.NET Website [J]. , 2014, 14(4): 64-.