Journal ArticleOPEN ACCESS

Analysis of web proxy logs

IFIP International Federation for Information Processing (2006) 222 247-258
DOI: 10.1007/0-387-36891-4_20
2Citations
Citations of this article
13Readers
Mendeley users who have this article in their library.

This article is free to access.

Abstract

Network forensics involves capturing, recording and analysing network audit trails. A crucial part of network forensics is to gather evidence at the server level, proxy level and from other sources. A web proxy relays URL requests from clients to a server. Analysing web proxy logs can give unobtrusive insights to the browsing behavior of computer users and provide an overview of the Internet usage in an organization. More importantly, in terms of network forensics, it can aid in detecting anomalous browsing behavior. This paper demonstrates the use of a self-organising map (SOM), a powerful data mining technique, in network forensics. In particular, it focuses on how a SOM can be used to analyse data gathered at the web proxy level.

Author supplied keywords

Cite

CITATION STYLE

APA

Fei, B., Eloff, J., Olivier, M., & Venter, H. (2006). Analysis of web proxy logs. IFIP International Federation for Information Processing, 222, 247–258. https://doi.org/10.1007/0-387-36891-4_20

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free