Abstract
The exponential growth of Internet has brought a monolithic change in the level of malicious attacks, leading to the emergence proxy servers, which indeed have proven to apotheosis hiding place for the Internet intruders. The collected logs of these proxy servers contain portentous information, and its dissection can help in analyzing the deviation of abnormal activities form the normal ones. How to figure out their network of networks, identify possible offenders, and strike the heartland of their safe haven has become an upcoming challenge for universal law enforcement agents. This paper considers exactly what kind of elements should be explored once an offensive behavior has been noticed in proxy logs. It scrutinizes (i) the Time Stamp gap of sequential records (ii) the parameters of digital action (iii) the appearance of special parameters (iv) the patterns in the log files.
This work was supported in part by National Science Council in R.O.C. under Grant No NSC-96-3114-P-001-002-Y.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Fei, B., Eloff, J., Oliver, M., Venter, H.: Analysis of Web Proxy Logs. In: IFIP International Conference on Digital Forensics, Orlando, pp. 247–258. Springer, Heidelberg (2006)
Jone, K.J., Bejtlich, R., Rose, C.W.: Real Digital Forensics: Computer Security and Incident Response. Person Education, Inc. (2006)
Marshall, B., Chen, H.: Using Importance Flooding to Identify Interesting Networks of Criminal Activity. In: Mehrotra, S., Zeng, D.D., Chen, H., Thuraisingham, B., Wang, F.-Y. (eds.) ISI 2006. LNCS, vol. 3975, pp. 14–25. Springer, Heidelberg (2006)
Pollitt, M., Whitledge, A.: Exploring Big Haystacks – Data Mining and Knowledge Management. In: IFIP International Conference on Digital Forensics, pp. 247–258. Springer, Heidelberg (2006)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2008 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Kao, DY., Wang, SJ., Huang, F.FY., Bhatia, S., Gupta, S. (2008). Dataset Analysis of Proxy Logs Detecting to Curb Propagations in Network Attacks. In: Yang, C.C., et al. Intelligence and Security Informatics. ISI 2008. Lecture Notes in Computer Science, vol 5075. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-69304-8_24
Download citation
DOI: https://doi.org/10.1007/978-3-540-69304-8_24
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-69136-5
Online ISBN: 978-3-540-69304-8
eBook Packages: Computer ScienceComputer Science (R0)