('binary' encoding is not supported, stored as-is)
Hi All,
We are working on anomaly detection of HTTP attacks.
In fact, we have collected a large amount of HTTP logs (apache sever), but we didn't use IDS to label the data during collection.
Does any one know how to label the HTTP logs? for example: one http log line like :
burtul.xx.fr - - [10/May/2007:14:46:07 +0200] "GET /ariana/Images/Icones/sound.gif HTTP/1.0" 200 579 http://www-sop.inria.fr/ariana/fr/xx "Mozilla/5.0 (X11; U; Linux i686; fr; rv:1.7.13) Gecko/20060417"
Any suggestions are very appreciated.
Wei WANG
INRIA
2008-05-20
------------------------------------------------------------------------
Test Your IDS
Is your IDS deployed correctly?
Find out quickly and easily by testing it
with real-world attacks from CORE IMPACT.
Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw
to learn more.
------------------------------------------------------------------------
Received on May 20 2008
Intro
