HTTP LOG files Labeling
- From: wangweifrequent@xxxxxxxxx
- Date: 20 May 2008 15:05:40 -0000
Hi All,
We are working on anomaly detection of HTTP attacks.
In fact, we have collected a large amount of HTTP logs (apache sever), but we didn't use IDS to label the data during collection.
Does any one know how to label the HTTP logs? for example: one http log line like :
burtul.xx.fr - - [10/May/2007:14:46:07 +0200] "GET /ariana/Images/Icones/sound.gif HTTP/1.0" 200 579 http://www-sop.inria.fr/ariana/fr/xx "Mozilla/5.0 (X11; U; Linux i686; fr; rv:1.7.13) Gecko/20060417"
Any suggestions are very appreciated.
Wei WANG
INRIA
2008-05-20
------------------------------------------------------------------------
Test Your IDS
Is your IDS deployed correctly?
Find out quickly and easily by testing it
with real-world attacks from CORE IMPACT.
Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw
to learn more.
------------------------------------------------------------------------
- Follow-Ups:
- RE: HTTP LOG files Labeling
- From: dai.morgan
- RE: HTTP LOG files Labeling
- Prev by Date: Re: Useful NADS
- Next by Date: Re: Best IPS system?
- Previous by thread: Re: Useful NADS
- Next by thread: RE: HTTP LOG files Labeling
- Index(es):
