Enhancement of Web Sites Security by Utilizing Web Logs Mining

Abstract

The problem of information security on the Web has become a very important issue nowadays. This paper proposes a Web log mining system to enhance the information security on Web servers. The system aims at detecting application-level attacks, e.g., Backdoor or information leak of CGI scripts, etc., that some security tools couldn’t detect well so as to avoid the loss or damage of the enterprises or organizations. In the approach, we not only check the Web ServerLogs but also examine the Web Application Logs such that the well-known application-level instrusions can be detected. Then, the density-based clustering algorithm is adopted to mine the abnormal user behaviors on Web usage logs. The extracted information can benefit the System Administrator on detecting the security holes in their Web systems. Moreover, the mined information can help the administrator discovering security related behaviors and take some appropriate refinements or protections. Afterwards, the experiment indicates the workings of our ideas and proposed system.