Abstract
With the rapid development of the Internet, Web applications have been used more and more widely in various industries, and the accompanying security issues have gradually received attention. In the field of network security research, in addition to defense technologies such as intrusion detection and firewall technology, forensic analysis and traceability of network attacks are also the focus of research. Based on this, this paper is devoted to mining the associations of attack traces existing in web application logs, and to provide assistance for forensic analysis and attack source tracing. In this paper we propose a method for analyzing associations of network attack traces based on Web logs. We collect features of common Web attack methods and extracts attack traces. We also propose attack event description models based on key attributes, and improves the Apriori algorithm to adapt the model. The attack trace correlation analysis method proposed in this paper makes full use of and analyzes the infrequently discovered correlations in the log data, which has greatly helped the development of network attack traceability technology.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
