Log File Analysis with Context-Free Grammars
| dc.contributor.author | Gruner, Stefan | |
| dc.contributor.upauthor | Bosman, Gregory | |
| dc.date.accessioned | 2014-02-03T12:09:32Z | |
| dc.date.available | 2014-02-03T12:09:32Z | |
| dc.date.created | 2012 | |
| dc.date.issued | 2013 | |
| dc.description.abstract | Classical ways of intrusion analysis from textual communication log files are either AI-based (such as by combinations of data mining with various techniques of machine learning), or they are based on regular expressions (such as the scanners implemented in the CISCO boxes). Whereas AI-based heuristics are not analytically exact, methods based on regular expressions do not reach very far in Chomsky's hierarchy of languages. In this short chapter we describe work in progress on the topic of parsing traces of network traffic with context-free grammars. "Green" grammars describe acceptable log files, whereas "red" grammars represent already known specific patterns of intrusion attempts. This technique can complement or augment the aready existing AI-approaches with additional precision. Analytically it is also more powerful than CISCO's technique on the basis of regular expressions. | en_US |
| dc.description.librarian | mv2014 | en_US |
| dc.description.uri | http://link.springer.com/chapter/10.1007/978-3-642-41148-9_10 | en_US |
| dc.format.extent | 9 p. | en_US |
| dc.format.medium | en_US | |
| dc.identifier.citation | Gregory Bosman & Stefan Gruner: Log File Analysis with Context-Free Grammars. Advances in Digital Forensics IX, Chapter 10, pp. 145-152, IFIP Advances in Information and Communication Technology 410, Springer-Verlag, 2013. | en_US |
| dc.identifier.isbn | 978-3-642-41147-2 | |
| dc.identifier.uri | http://hdl.handle.net/2263/33235 | |
| dc.language.iso | en | en_US |
| dc.publisher | Springer-Verlag | en_US |
| dc.relation.ispartofseries | IFIP Advances in Information and Communication Technology 410 | en_US |
| dc.rights | Springer-Verlag holds the copyright of the finally published version of this Pre-Print. The copyright of this Pre-Print itself, as provided by this "UPSpace" repository, is with the authors. | en_US |
| dc.subject | Intrusion detection | en_US |
| dc.subject | Log file analysis | en_US |
| dc.subject | Context-free grammars | en_US |
| dc.subject | Decision problem | en_US |
| dc.title | Log File Analysis with Context-Free Grammars | en_US |
| dc.type | Book chapter | en_US |
| dc.type | Preprint Article | en_US |