CrossLog: Intelligent Log Analyzer is a Machine Learning based real-time Intrusion detection system and Web Application security scanner, powered using python3 and flask. It wields defense against Cross-Site Scripting (XSS), Path Traversal attacks, Server Side Includes (SSI), OS Command Injections, XPath Injections, LDAP Injections, CRLF Injections, and other Anomalous categories.
- Download Crosslog files
i. Open terminal
ii. Run command: svn checkout https://github.com/Narendran36/CrossLog-Intelligent-Log-Analyzer/trunk/CrossLog
iii. Extract requirments.rar in CrossLog directory
iv. Replace <sender email id>, <sender password>, and <receiver email id> with proper values to receive email alerts.
iv. Run command: apt-get install python3-pip -y
- Install necessary libraries
pip install flask
pip install scikit-learn==0.22.2.post1
pip install scrapy
- Run app.py
python3 app.py
Navigate to http://127.0.0.1:5000/
- Scan log
Browse the log file and submit
Displays different types of attacks present in the log file
- Realtime IDS
Insert webserver log location and submit
Realtime scan results are displayed
- Web app scanner
Enter web application url and submit
Scanned result will displays the vulnerability of that web application
- Test query
Enter query to test
Displays attack type of query
Research Dataset Files:
https://drive.google.com/drive/folders/1jzb8YOe021eZm2SS9na-agPaI5dYZGKr?usp=sharing
Read out all the csv files from the csic and ecml folder into pandas dataframe, and merge them together for further processing.
Note: Go through the Research Files on our repository for more details.
demo link:
https://youtu.be/_W9BoO_F2Bk