Most of the existing systems categorize the document or firewall logs-corpus based on the term similarity by find the document-term relationship. It cannot identify the conceptual similarity or correlation among them. But proposed system focuses on both term wise as well as conceptual wise similarity to find the firewall logs statistics to tag the firewall logs with suitable type. Categorization of firewall logs data is multi fold in proposed system. Major stages of proposed approach are described in the following section. Classification of the emails based on their conceptual similarity rather than blind term wise similarity along with firewall logs header, html content and attachment analysis.

Robert Winding, Timothy Wright, and Michael Chapple “System Anomaly Detection: Mining Firewall Logs”

D. Moore, G. Voelker, and S. Savage: Inferring Internet Denial of Service activity. In Proceedings of the 2001 USENIX Security Symposium , Washington DC, August 2001. 5.

D.Moore, C.Shannon and J.Brown: Code-Red: a Case Study on the Spread and Victims of an Internet Worm. In Internet Measurement Workshop (IMW); 2002

R. Pang, V. Yegneswaran, P. Barford, V. Paxon, L. Peterson: Characteristics of Internet Background Radiation. In IMC’04, Italy, October 2004.

S. Staniford, V. Paxson and N. Weaver: How to 0wn the Internet in Your Spare Time, In Proc. USENIX Security Symposium 2002.