| 基于蜜罐日志分析的主动防御研究 |
| |
| 引用本文: | 李静,施勇,薛质. 基于蜜罐日志分析的主动防御研究[J]. 信息安全与通信保密, 2009, 0(3): 96-98 |
| |
| 作者姓名: | 李静 施勇 薛质 |
| |
| 作者单位: | 上海交通大学,上海,200240 |
| |
| 摘 要: | 论文主要针对蜜罐技术中日志分析的薄弱环节,引入了日志分析工具Log Parser,利用Log Parser支持众多日志格式的输入和输出,能够对不同日志格式进行统一和数据融合,并提供灵活的日志过滤规则的自定义,研究了运用Log Parser来分析蜜罐日志进行主动防御的方法和优势。同时,对于日志分析技术来说,蜜罐日志的低噪声级别让日志分析结果更加准确有效。
|
| 关 键 词: | 蜜罐 日志 主动防御 Log Parser日志分析 |
Initiative Defense Research Based on Log Analysis of Honeypot |
| |
| LI Jing,SHI Tong,XUE Zhi. Initiative Defense Research Based on Log Analysis of Honeypot[J]. China Information Security, 2009, 0(3): 96-98 |
| |
| Authors: | LI Jing SHI Tong XUE Zhi |
| |
| Affiliation: | (Shanghai Jiaotong University, Shanghai 200240, China) |
| |
| Abstract: | In order to improve the log analysis method in honeypot system, a tool called Log Parser is proposed in this article. Log Parser supports data input and output of many different formats, and could standardize the different log formats and correlate the log file data. Thus the honeypot log file data is analyzed effectively and flexibly using Log Parser, and simultaneously, the result would be more accurate by using honeypot log file as the data source because of its low noise property. |
| |
| Keywords: | Honeypot Log Initiative Defense Log Parser Log Analysis |
| 本文献已被 维普 万方数据 等数据库收录! |
|
