Journal of Korea Society of Digital Industry and Information Management (디지털산업정보학회논문지)

Korea Society of Digital Industry and Information Management (디지털산업정보학회)
권호 표지
DOI QR코드

DOI QR Code

Development of the SysLog-based Integrated Log Management system for Firewalls in Distributed Network Environments

분산 환경에서 SysLog기반의 방화벽 통합로그관리시스템 개발

  • Received : 2011.08.20
  • Accepted : 2011.10.21
  • Published : 2011.12.30
Download PDF
⟨ Previous Next ⟩

Abstract

Application log files contain error messages; operational data and usage information that can help manage applications and servers. Log analysis system is software that read and parse log files, extract and aggregate information in order to generate reports on the application. In currently, the importance of log files of firewalls is growing bigger and bigger for the forensics of cyber crimes and the establishment of security policy. In this paper, we designed and implemented the SILAS(SysLog-based Integrated Log mAanagement System) in distribute network environments. It help to generate reports on the the log fires of firewalls - IP and users, and statistics of application usage.

Keywords

References

  1. 인터넷침해사고 동향 및 분석 통계, 인터넷침해대센터(http://www.krcert.or.kr/index.jsp)
  2. 정보통신부, 정부혁신지방분권위원회, 한국전산원 제정," 정보시스템 구축 운영과 관련한 기술 가이드 라인 버전 1.0",2004. 4.
  3. 행정자치부 보안관리팀, 개인정보 침해유형 및 취약점 보안대책, 2007. 7.
  4. 이동영 . 이을석, 김진철 "SysLog기반의 통합로그 관리시스템에 관한 연구," 한국정보처리학회, 학술발표논문집, 제23권, 제2호, 2011, pp. 1030-1032.
  5. Chris Fry. Martin Nystrom "Security Monitoring: Proven Methods for Incident Detection on Enterprise Networks," O'Reilly.
  6. Qiang Fu Jian-Guang Lou Yi Wang Jiang Li "Execution Anomaly Detection in Distributed Systems through Unstructured Log Analysis," IEEE Conference ICDM'09, Dec. 2009.
  7. Herrerias, J. Gomez, "Log Analysis Towards an Automated Forensic Diagnosis System," IEEE ARES'10, 15-18 Feb. 2010.
  8. Matsumoto, S. Sato, A. Shinjo, Y. Nakai, H. Itano, K. Shomura, Y. Yoshida, "A Method for Analyzing Network Traffic Using Cardinality Information in Firewall Logs," Applications and the Internet (SAINT), 2010 10th,