WEB ATTACK EVENT EXTRACTION SYSTEM AND METHOD BASED ON MONITORING DATA
摘要
PURPOSE: A web attack event extracting system based on monitoring data and a method thereof are provided to analyze an alert message generated from an IDS(Intruduction Detection System) and a firewall based on a web log. CONSTITUTION: An integrated log collecting and normalizing module(20) generates integrated log information. The integrated log collecting and normalizing module normalize the generated integrated log information. A multiple web session analysis module(30) analyzes the normalized integrated log information. A correlation analysis module(40) analyzes correlation of the normalized integrated log information. A web attack detecting and extracting module(50) detects and extracts a web attack event based on data analyzed from the correlation analysis module and the multiple web session analysis module.
申请公布号
KR20110009811(A)
申请公布日期
2011.01.31
申请号
KR20090067205
申请日期
2009.07.23
申请人
THE INDUSTRY & ACADEMIC COOPERATION IN CHUNGNAM NATIONAL UNIVERSITY (IAC);LEE, HYUNG WOO;HANSHIN UNIVERSITY INDUSTRY & ACADEMIA COOPERATION FOUNDATION
发明人
LEE, HYUNG WOO;KIM, TAE SU;KIM, DEUK YONG;YUN, HA NA