摘要
设计并实现了一种基于日志分析的校园网监测预警平台。利用开源软件rsyslog,收集校园网络设备或*nix系统的日志信息,并实时存储到Mysql数据库,基于Apriori算法对日志信息进行分析处理,以动态监测潜在的攻击行为,一旦监测到危险行为,平台能够自动部署访问控制列表(ACL),并及时向管理员发出预警通知,以便提前处理。平台为校园网络安全管理提供了一种有价值的参考。
A monitoring and early warning platform for campus network based on log analysis is designed and implemented.The open source software of rsyslog is used to collect log information of campus network device or * nix system, and store in mysql database in real time. Log information is analyzed and processed based on Apriori algorithm to monitor potential attacks dynamically. Once dangerous behavior is found, the platform can automatically deploy access control list(ACL), and promptly issue a warning notice to administrators to deal with in advance. Platform provides a valuable reference for security management of the campus network.
出处
《电脑与电信》
2016年第3期49-51,共3页
Computer & Telecommunication
基金
2015年广东职业技术学院科研项目
项目编号:K2015108
