“Network Forensics: Web Proxy Log Analysis”

Fei et al.


Citation information

B. K. L. Fei et al. “Network Forensics: Web Proxy Log Analysis”. In: Advances in Digital Forensics II. Ed. by M. S. Olivier and S. Shenoi. Springer, 2006, pp. 247–258


Network forensics involves capturing, recording and analysing network audit trails. A crucial part of network forensics is to gather evidence at the server level, proxy level and from other sources. A web proxy relays URL requests from clients to a server. Analysing web proxy logs can give unobtrusive insights to the browsing behavior of computer users and provide an overview of the Internet usage in an organisation. More importantly, in terms of network forensics, it can aid in detecting anomalous browsing behavior. This paper demonstrates the use of a self-organising map (SOM), a powerful data mining technique, in network forensics. In particular, it focuses on how a SOM can be used to analyse data gathered at the web proxy level.

Definitive version

The definitive version of the paper is available from the publisher.
DOI: 10.1007/0-387-36891-4_20

BibTeX reference

AUTHOR={Bennie K L Fei and Jan H P Eloff and Martin S Olivier and Hein S Venter},
TITLE={Network Forensics: Web Proxy Log Analysis},
BOOKTITLE={Advances in Digital Forensics {II}},
EDITOR={Martin S Olivier and Sujeet Shenoi},
PAGES={247--258} )

[Publications] [Home]
Page maintained by Martin Olivier
Database updated: November 8, 2015

Beta version of new bibliography database; please report errors (or copyright violations) that may have slipped in.