Anomaly Detection on Firewall Logs from Multifold System Based on Email Classification
Abstract
Most of the existing systems categorize the document or firewall logs-corpus based on the term similarity by find the document-term relationship. It cannot identify the conceptual similarity or correlation among them. But proposed system focuses on both term wise as well as conceptual wise similarity to find the firewall logs statistics to tag the firewall logs with suitable type. Categorization of firewall logs data is multi fold in proposed system. Major stages of proposed approach are described in the following section. Classification of the emails based on their conceptual similarity rather than blind term wise similarity along with firewall logs header, html content and attachment analysis.
Â
References
Robert Winding, Timothy Wright, and Michael Chapple “System Anomaly Detection: Mining Firewall Logsâ€
D. Moore, G. Voelker, and S. Savage: Inferring Internet Denial of Service activity. In Proceedings of the 2001 USENIX Security Symposium , Washington DC, August 2001. 5.
D.Moore, C.Shannon and J.Brown: Code-Red: a Case Study on the Spread and Victims of an Internet Worm. In Internet Measurement Workshop (IMW); 2002
R. Pang, V. Yegneswaran, P. Barford, V. Paxon, L. Peterson: Characteristics of Internet Background Radiation. In IMC’04, Italy, October 2004.
S. Staniford, V. Paxson and N. Weaver: How to 0wn the Internet in Your Spare Time, In Proc. USENIX Security Symposium 2002.
Refbacks
- There are currently no refbacks.
Copyright © 2013, All rights reserved.| ijseat.com
International Journal of Science Engineering and Advance Technology is licensed under a Creative Commons Attribution 3.0 Unported License.Based on a work at IJSEat , Permissions beyond the scope of this license may be available at http://creativecommons.org/licenses/by/3.0/deed.en_GB.
Â