Skip to main content
Conference ProceedingsOPEN ACCESS

Log File Analysis with Context-Free Grammars

IFIP Advances in Information and Communication Technology (2013) 410 145-152
DOI: 10.1007/978-3-642-41148-9_10
2Citations
Citations of this article
6Readers
Mendeley users who have this article in their library.

This article is free to access.

Abstract

Classical intrusion analysis of network log files uses statistical machine learning or regular expressions. Where statistically machine learning methods are not analytically exact, methods based on regular expressions do not reach up very far in Chomsky's hierarchy of languages. This paper focuses on parsing traces of network traffic using context-free grammars. "Green grammars" are used to describe acceptable log files while "red grammars" are used to represent known intrusion patterns. This technique can complement or augment existing approaches by providing additional precision. Analytically, the technique is also more powerful than existing techniques that use regular expressions. © IFIP International Federation for Information Processing 2013.

Author supplied keywords

Cite

CITATION STYLE

APA

Bosman, G., & Gruner, S. (2013). Log File Analysis with Context-Free Grammars. In IFIP Advances in Information and Communication Technology (Vol. 410, pp. 145–152). Springer New York LLC. https://doi.org/10.1007/978-3-642-41148-9_10

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free