Abstract

Modern Attackers most of the time attack the gateway router’s software and make the router to behave in a\nmalicious way. This Paper focuses on various attacks and how these attacks will be detected successfully by router log\nanalysis. This paper also illustrates the proposed software architecture, its data structure and algorithms for the detection and\nprotection of the router intrusions. So in this way in proposed system, logs are used to detect attack and also give defense\nmechanism for the detected attacks. The main aim of the work is to give details about how to communicate with the router\nfrom the program to turn ON only needed debugging; Collect router logs in a separate Syslog server; Segregate log files\nbased on protocols; Analyze the device log files to detect malicious attacks or misconfiguration; Communicate with the\nrouter again to apply appropriate access lists as defense mechanism and Save the logs report. Due to space constraints, some\nof the screen shots are shown. This work looks at some of the techniques to improve the accuracy of automated log analysis\nand make it a cost-effective tool for network management and improving network reliability.