Title :
Analysis and classification of web proxy logs based on patterns of traffic rates
Author :
Kiatkumjounwong, Nattapol ; Ngamsuriyaroj, Sudsanguan ; Plangprasopchok, Anon ; Hoonlor, Apirak
Author_Institution :
Fac. of Inf. & Commun. Technol., Mahidol Univ., Nakhon Pathom, Thailand
Abstract :
Logs are typically used for performing post mortem for abnormal activities. Most Internet service providers keep the history of users´ web accesses in terms of proxy logs for investigating a misuse or fraud. However, the majority of the logs represent normal behavior, and no thorough analysis of such logs is usually performed, keeping them on storage would consume very big space. This paper analyzes the characteristics of such logs and classifies them into normal, medium, high and burst rate using five main attributes: IP address, bandwidth, duration, file category, and file type. Our experimental results show different rates for each file type in five popular file categories. The results will be used in classifying web access logs and filtering out abnormal from normal logs so that only abnormal logs are kept for fast investigation.
Keywords :
Internet; information analysis; pattern classification; IP address attribute; Internet service providers; Web proxy logs analysis; Web proxy logs classification; bandwidth attribute; duration attribute; file category attribute; file type attribute; traffic rate pattern; Algorithm design and analysis; Bandwidth; Clustering algorithms; Data mining; IP networks; Itemsets; Servers; Burst rate traffic; Traffic Rate classification; Web proxy logs;
Conference_Titel :
TENCON 2014 - 2014 IEEE Region 10 Conference
Conference_Location :
Bangkok
Print_ISBN :
978-1-4799-4076-9
DOI :
10.1109/TENCON.2014.7022457
