Presentation | 2010-07-01 A Study on Log Analysis Based on Tendency of IDS Alert Events Tsuyoshi TODA, Hiroyuki INABA, |
---|---|
PDF Download Page | PDF download Page Link |
Abstract(in Japanese) | (See Japanese page) |
Abstract(in English) | With the spread of computer network, important information have been exchanged and managed on a network. However, worm damage and unauthorized access using the system vulnerabilities has been increased. Intrusion detection system (IDS) is a system to inspect the invasion or the precursor by checking the status of a computer and a network. IDS warns a network manager to detect alert events and outputs the log. However, if the manager checked all detected events, it becomes a heavy workload. In this paper, we propose a log analysis method based on tendency of IDS alert events. We introduce a variation criteria that is independent from number of alert events, and determine the alert threshold automatically from the criteria. |
Keyword(in Japanese) | (See Japanese page) |
Keyword(in English) | Anomaly Detection / IDS Log / Variation criteria / Clustering |
Paper # | ISEC2010-11,SITE2010-7,ICSS2010-17 |
Date of Issue |
Conference Information | |
Committee | ISEC |
---|---|
Conference Date | 2010/6/24(1days) |
Place (in Japanese) | (See Japanese page) |
Place (in English) | |
Topics (in Japanese) | (See Japanese page) |
Topics (in English) | |
Chair | |
Vice Chair | |
Secretary | |
Assistant |
Paper Information | |
Registration To | Information Security (ISEC) |
---|---|
Language | JPN |
Title (in Japanese) | (See Japanese page) |
Sub Title (in Japanese) | (See Japanese page) |
Title (in English) | A Study on Log Analysis Based on Tendency of IDS Alert Events |
Sub Title (in English) | |
Keyword(1) | Anomaly Detection |
Keyword(2) | IDS Log |
Keyword(3) | Variation criteria |
Keyword(4) | Clustering |
1st Author's Name | Tsuyoshi TODA |
1st Author's Affiliation | Kyoto Institute of Technology() |
2nd Author's Name | Hiroyuki INABA |
2nd Author's Affiliation | Kyoto Institute of Technology |
Date | 2010-07-01 |
Paper # | ISEC2010-11,SITE2010-7,ICSS2010-17 |
Volume (vol) | vol.110 |
Number (no) | 113 |
Page | pp.pp.- |
#Pages | 6 |
Date of Issue |