Title :
Statistic and Analysis for Host-Based Syslog
Author :
Zhaojun, Gu ; Chao, Wang
Author_Institution :
Coll. of Comput. Sci. & Technol., Civil Aviation Univ. of China, Tianjin, China
Abstract :
Syslog audit acts an important role in keeping host secure. This paper studied Host-based syslog, and constructed a secure state model for host performing normally from the angle of anomaly detection. Through deep research on syslog protocol, a log collection tool was created for collecting remote or local host syslog. Because different segments of syslog imply different system information, the model separated every segment from a syslog record with Regular Expression, then it made data preprocessing and statistic with rule matching, in the end it conducted analysis by BP (Back Propagation) NN (Neural Network). The result indicates that not only can it achieve Host-based intrusion and anomaly detection, but also it is a high efficient and intelligent method.
Keywords :
backpropagation; security of data; statistical analysis; anomaly detection; back propagation; data preprocessing; host secure; host-based syslog; intrusion detection; local host syslog; log collection tool; neural network; regular expression; rule matching; secure state model; statistics; syslog audit; syslog protocol; syslog record; system information; Chaos; Computer science; Computer science education; Data security; Educational technology; Equations; Information analysis; Neural networks; Pattern matching; Statistical analysis; Analysis; Anomaly detection; BP NN; Regular Expression; Statistic; Syslog;
Conference_Titel :
Education Technology and Computer Science (ETCS), 2010 Second International Workshop on
Conference_Location :
Wuhan
Print_ISBN :
978-1-4244-6388-6
Electronic_ISBN :
978-1-4244-6389-3
DOI :
10.1109/ETCS.2010.128
