|
|
 |
| |
|
|
|
An Effective Network Security Log Mining Algorithm based on Fuzzy Clustering |
|
|
|
PP: 307-315 |
|
|
|
doi:10.18576/amis/100132
|
|
|
|
Author(s) |
|
|
|
Peng Wang,
Xikun Ma,
Jingjie Yu,
|
|
|
|
Abstract |
|
|
| In this paper, we concentrate on the network security log mining problem, and proposed a novel fuzzy clustering algorithm
to solve it. The architecture of network security log mining system is discussed at first, and three main modules are included in this
system, such as data pre-processing, pattern mining and pattern analyzing. The main work of network security log mining is to find the
frequent attack sequences from log files, several properties related to network security are considered in this paper, that is, start time
of attacking, attacking type, end time of attacking, source IP of attackers, route path of attacking, attackers’ target IP, attackers’ port
number, network protocol, and so on. To solve the problems in the traditional methods, we proposed a new modified fuzzy clustering
algorithm by introducing the concept of interval weights, and attribute weights are denoted as interval constrained variables in our
proposed algorithm. Afterwards, the final clustering results are obtained by minimizing an objective function through collaboratively
optimizing the attribute weight. To testify the effectiveness of the proposed algorithm, we conduct experiments on a collection of
network access log files under the real environment. Experimental results demonstrate that the proposed algorithm can achieve high
quality clustering results with high time efficiency. |
|
|
|
|
|
|
|
