Title :
Analysis and implement of PIX firewall syslog log
Author :
Gu Zhaojun ; Li Yong ; Niu Wenjing ; China Tianjin
Author_Institution :
Dept. of Comput. Sci. & Technol., Civil Aviation Univ. of China, Tianjin, China
Abstract :
Useful information concerning with the network running status is included in logs generated by firewall, but analyzing large quantity data is very difficult. Therefore, based on Cisco PIX firewall, this paper gathered Syslog logs by employing the thread pool technique, then filtered and categorized them with key words, and finally stored them with format. Through the TopN statistics analysis, research and detection on security event based on feature, it realizes monitoring effectively the network traffic, application service, user behavior and running status, and it also provides the basis of network management and security strategy design for administrator, thereby strengthens further network management.
Keywords :
authorisation; computer network management; computer network security; statistical analysis; system monitoring; Cisco PIX firewall; Syslog logs; TopN statistics analysis; network management; security strategy design; thread pool technique; Computer errors; Databases; Debugging; Information analysis; Manufacturing; Monitoring; Protocols; Statistical analysis; Telecommunication traffic; Yarn; PIX firewall; TopN statistic; security event; security strategy; thread pool;
Conference_Titel :
Information Management and Engineering (ICIME), 2010 The 2nd IEEE International Conference on
Conference_Location :
Chengdu
Print_ISBN :
978-1-4244-5263-7
Electronic_ISBN :
978-1-4244-5265-1
DOI :
10.1109/ICIME.2010.5477784
