Abstract
In this paper, we propose a methodology of security analysis that aims to apply Big Data techniques, such as MapReduce, over several system log files in order to locate and extract data probably related to attacks. These data will lead, through a process of analysis, to identify attacks or detect intrusions. We have illustrated this approach through a concrete case study on exploiting access log files of web apache servers to detect SQLI and DDOS attacks. The obtained results are promising; we are able to extract malicious indicators and events that characterize the intrusions, which help us to make an accurate diagnosis of the system security.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Miranda, M.: S. Big Brother au Big Data. In: Conférence de Big Data, Université Sophia Antipolis (2015)
Savitha, K., Vijaya, M.S.: Mining of web server logs in a distributed cluster using Big Data technologies. IJACSA 5(3), 137–142 (2014)
Salama, S.E., Marie, M.I., El-Fangary, L.M., Helmy, Y.K.: Web server logs preprocessing for web intrusion detection. Comput. Inf. Sci. 4(4), 123–133 (2011)
Saravanan, S., Uma Maheswari, B.: Analyzing large web log files in a Hadoop distributed cluster environment. Int. J. Comput. Technol. Appl. (IJCTA) 5(5), 1677–1681 (2014)
Müller, A., Miinz, G., Carle, G.: Collecting router information for error diagnosis and troubleshooting in home networks. In: IEEE 36th Conference on Local Computer Networks (LCN), pp. 764–769. IEEE, October 2011
Amar, M.M., Lemoudden, M., El Ouahidi, B.: Log file’s centralization to improve cloud security. In: International Conference on Cloud Computing Technologies and Applications, CloudTech 2016, pp. 178–183 (2016)
Moh, M., et al.: Detecting web attacks using multi-stage log analysis. In: IEEE 6th International Conference on Advanced Computing (IACC). IEEE (2016)
Halfond, W.G., Viegas, J., Orso, A.: A classification of SQL-injection attacks and countermeasures. In: Proceedings of the IEEE International Symposium on Secure Software Engineering, vol. 1, pp. 13–15. IEEE, March 2006
Alwan, Z.S., Younis, M.F.: Detection and prevention of SQL injection attack: a survey (2017)
Balakrishnan, H.P., Moses, J.C.: A survey on defense mechanism against DDOS attacks. Int. J. 4(3) (2014)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
Azizi, Y., Azizi, M., Elboukhari, M. (2019). Tracking Attacks Data Through Log Files Using MapReduce. In: Rocha, Á., Serrhini, M. (eds) Information Systems and Technologies to Support Learning. EMENA-ISTL 2018. Smart Innovation, Systems and Technologies, vol 111. Springer, Cham. https://doi.org/10.1007/978-3-030-03577-8_36
Download citation
DOI: https://doi.org/10.1007/978-3-030-03577-8_36
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-03576-1
Online ISBN: 978-3-030-03577-8
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)