1) No any ready-made online tools should be used for this project.
2) No any existing (previously) self-made tool should be used for this project.
3) Initially collection should be done of all possible features/patterns/footprints which get stored in any web server log file while performing the mentioned attacks (SQLI, XSS, CSRF, Brute Force, RFI, LFI) on web application. The features of these attacks should not be based on only any one or two log files.
4) After this there is need to write an algorithm (in python or R) which will analyze any web server log files based on the collected features to find mentioned attacks' entries and differentiate (or classify) it from robot and normal entries.
5) Payloads are not considered as footprints in log. So, technical person should aware of all possible patterns/features of attacks in log file.
6) Accuracy of finding or classification of attacks based on your algorithm should be good. (98 to 99%)
7) Output should be in sequence – Mentioned attacks’ footprints/features, robot/crawler/spider/bot user agent database flowchart (using proper flowchart’s symbols, drawn properly on any paper will also be accepted), algorithm steps (pseudocode), proper explanation, coding, testing (log files will be provided, implementation of algorithm and checking by using given log files), accuracy of algorithm (based on 1 mix log file)
8) 6 log files will be provided.
Among these files, 1 log file will be mixed (attack + robot + normal) log file. I have created attack log file by using DVWA application and applying 3 scanners, I have downloaded another robot file and normal file from web. I need to mix this, or you can also mix it.
Next, 5 log files which I have downloaded from internet will be provided to you. Here, you need to classify entries in these each log file as per given 6 attacks. The same algorithm will find how many IP numbers are there in each file for each attack and percentage of it.
Result output will get stored in file.
Remember that accuracy will be needed for mixed file only.
Post method’s data does not get store in log file, but if you can use any trick for this method, then it would be appreciated.
9) All log files will be provided to you after creation of algorithm, because people find suitable to refer log files while building attacks’ features. So, there is requirement of implementation of your expertise while creating collection of features’ database.
10) Total amount’s milestone will be released after getting satisfactory and quality work as per expectations. No upfront payment will be allowed.
11) Support will be expected at my side while installing used version of python/R and installing other required softwares and upto the getting the result.
12) No extra money other than decided payment will be provided in the middle of project work and at the end of work.
13) Freelancer should be aware of the features of mentioned attacks before starting the work.
6 freelancere byder i gennemsnit $782 på dette job
Hi. I'm experienced developer. Please clarify, did you have in mind this algorithm and need only code it. Or need to investigate this from scratch and invent some algo to detect attack and classificate them?
I'm an expert Python developer with a lot of experience in managing Linux based servers and some of my skills are Data Analysis and Data Visualization. For these reasons I think I'm the best candidate for this project.
Hi, I can develop the tool for you in Python. The final accuracy depends on the quality of data provided so this cannot be guaranteed in advance. Best, Andrej