Log file analysis using signature detection (LoFA-SD)

The increasing popularity of network technology has brought convenience to human life.People have started to rely on network technologies more and more in their daily life. It has slowly becoming a very important part in the human life. Network technologies have involved in communication, medical,fi...

Full description

Bibliographic Details
Main Author: Koay, Abigail May Yee
Format: Undergraduates Project Papers
Language:English
Published: 2011
Subjects:
Online Access:http://umpir.ump.edu.my/id/eprint/4746/
http://umpir.ump.edu.my/id/eprint/4746/
http://umpir.ump.edu.my/id/eprint/4746/1/ABIGAIL_KOAY_MAY_YEE.PDF
Description
Summary:The increasing popularity of network technology has brought convenience to human life.People have started to rely on network technologies more and more in their daily life. It has slowly becoming a very important part in the human life. Network technologies have involved in communication, medical,financial,business,education and so on.Although it brings many benefits for human,it also attracts hackers and attackers to attack servers and computers.This has created the need for network security to secure the network from being exposed to attacks.In order to solve the exposure of threats to the networks,organizations are therefore facing the challenge to implement adequate security method to secure the network from being exploited.The method they seek ought to be effective,reliable and persistence.The experts have come out with lots of methods in securing the network.It needs to depend on the situation whether which method is suitable for use.In each network devices,it contains log files which are a record of events occurring within their network.Using the log files from network devices is one of the ways to detect and analyze intrusion. Therefore this project,LoFA-SD proposes its approach of detecting and analyzing intrusion.The approach is by using signature detection and log files from the network devices to run the process.The system will execute a pattern matching mechanism between the network pattern and the reference intrusion patterns from database.The system will also create statistical reports on the intrusion attacks in the network and among the network devices involved.From the process data retrieval,signature detection, pattern matching until report generation will help the security administrator to identify vulnerable attacks and potential attacks which happen more frequently in a range of time.