Analysis and implement of PIX firewall syslog log

Author

Gu Zhaojun ; Li Yong ; Niu Wenjing ; China Tianjin

Author_Institution

Dept. of Comput. Sci. & Technol., Civil Aviation Univ. of China, Tianjin, China

fYear

2010

fDate

16-18 April 2010

Firstpage

185

Lastpage

189

Abstract

Useful information concerning with the network running status is included in logs generated by firewall, but analyzing large quantity data is very difficult. Therefore, based on Cisco PIX firewall, this paper gathered Syslog logs by employing the thread pool technique, then filtered and categorized them with key words, and finally stored them with format. Through the TopN statistics analysis, research and detection on security event based on feature, it realizes monitoring effectively the network traffic, application service, user behavior and running status, and it also provides the basis of network management and security strategy design for administrator, thereby strengthens further network management.

Keywords

authorisation; computer network management; computer network security; statistical analysis; system monitoring; Cisco PIX firewall; Syslog logs; TopN statistics analysis; network management; security strategy design; thread pool technique; Computer errors; Databases; Debugging; Information analysis; Manufacturing; Monitoring; Protocols; Statistical analysis; Telecommunication traffic; Yarn; PIX firewall; TopN statistic; security event; security strategy; thread pool;

fLanguage

English

Publisher

ieee

Conference_Titel

Information Management and Engineering (ICIME), 2010 The 2nd IEEE International Conference on

Conference_Location

Chengdu

Print_ISBN

978-1-4244-5263-7

Electronic_ISBN

978-1-4244-5265-1

Type

conf

DOI

10.1109/ICIME.2010.5477784

Filename

5477784