| Presentation | 2010-07-01 A Study on Log Analysis Based on Tendency of IDS Alert Events Tsuyoshi TODA, Hiroyuki INABA, |
|---|---|
| PDF Download Page |  PDF download Page Link |
| Abstract(in Japanese) | (See Japanese page) |
| Abstract(in English) | With the spread of computer network, important information have been exchanged and managed on a network. However, worm damage and unauthorized access using the system vulnerabilities has been increased. Intrusion detection system (IDS) is a system to inspect the invasion or the precursor by checking the status of a computer and a network. IDS warns a network manager to detect alert events and outputs the log. However, if the manager checked all detected events, it becomes a heavy workload. In this paper, we propose a log analysis method based on tendency of IDS alert events. We introduce a variation criteria that is independent from number of alert events, and determine the alert threshold automatically from the criteria. |
| Keyword(in Japanese) | (See Japanese page) |
| Keyword(in English) | Anomaly Detection / IDS Log / Variation criteria / Clustering |
| Paper # | ISEC2010-11,SITE2010-7,ICSS2010-17 |
| Date of Issue |
| Conference Information | |
| Committee | SITE |
|---|---|
| Conference Date | 2010/6/24(1days) |
| Place (in Japanese) | (See Japanese page) |
| Place (in English) | |
| Topics (in Japanese) | (See Japanese page) |
| Topics (in English) | |
| Chair | |
| Vice Chair | |
| Secretary | |
| Assistant | |
| Paper Information | |
| Registration To | Social Implications of Technology and Information Ethics (SITE) |
|---|---|
| Language | JPN |
| Title (in Japanese) | (See Japanese page) |
| Sub Title (in Japanese) | (See Japanese page) |
| Title (in English) | A Study on Log Analysis Based on Tendency of IDS Alert Events |
| Sub Title (in English) | |
| Keyword(1) | Anomaly Detection |
| Keyword(2) | IDS Log |
| Keyword(3) | Variation criteria |
| Keyword(4) | Clustering |
| 1st Author's Name | Tsuyoshi TODA |
| 1st Author's Affiliation | Kyoto Institute of Technology() |
| 2nd Author's Name | Hiroyuki INABA |
| 2nd Author's Affiliation | Kyoto Institute of Technology |
| Date | 2010-07-01 |
| Paper # | ISEC2010-11,SITE2010-7,ICSS2010-17 |
| Volume (vol) | vol.110 |
| Number (no) | 114 |
| Page | pp.pp.- |
| #Pages | 6 |
| Date of Issue | |