Change search
ReferencesLink to record
Permanent link

Direct link
Normalizing security audit data in XML-format
2004 (English)Report (Other academic)
Abstract [en]

The analysis of log data can be extremely difficult for an administrator due to a large volume of log data with various formats from a number of different sources. It is also impossible to get a more precise view of the network security without aggregating and correlating log data generated by different defending systems and tools. The paper described is to establish an intermediate and platform-independent representation to which all security log data can be normalized to. The work presented here is only a part of an ongoing project that aims at detecting intrusions by utilizing data-mining techniques. In this paper, the log format normalized is proposed and implemented in XML format. This XML log format is not only flexible, extensible and heterogeneous; it also satisfies the other requirements, such as being convenient and easy to share, transfer, and store among different computer systems. It is anticipated that the XML log format will facilitate further research work in intrusion detection.

Place, publisher, year, edition, pages
Luleå: Luleå tekniska universitet, 2004. , 10 p.
Technical report / Luleå University of Technology, ISSN 1402-1536 ; 2004:13
Research subject
Computer and Systems Science
URN: urn:nbn:se:ltu:diva-21780Local ID: 014c81e0-280d-11dd-8187-000ea68e967bOAI: diva2:994828
Godkänd; 2004; 20080522 (ysko)Available from: 2016-09-29 Created: 2016-09-29Bibliographically approved

Open Access in DiVA

fulltext(157 kB)0 downloads
File information
File name FULLTEXT01.pdfFile size 157 kBChecksum SHA-512
Type fulltextMimetype application/pdf

Search in DiVA

By author/editor
Yinru, Chen

Search outside of DiVA

GoogleGoogle Scholar
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

ReferencesLink to record
Permanent link

Direct link