近年來，網路的蓬勃發展、雲端運算的技術方興未艾以及行動裝置的普及化，人們存取資料、使用網路、雲端資源，不再因為時間、空間、地點所限制，因此網路以及雲端儼然是現在的熱門議題，例如，網路、雲端上的安全問題、效能問題。
而此篇研究主要是探討如何在伺服端的日誌上檢視網頁、站台的效能以及安全性問題。若因為協定本身的缺陷、站台檔案遺失，則會造成服務品質大幅下降，例如反應時間過久、甚至是服務失效，讓使用者失去對該網站瀏覽的興致，進而失去商機，而更為嚴重的，若攻擊者對該站台進行中間人攻擊，使用者變成持續性滲透攻擊的目標，對於使用者以及該站台持有公司都將是相當大的損失。而本研究提出了網站的安全以及效能的檢測方法。

In recent years, flourishing internet, booming cloud computing technology and increasing popularity of mobile technology have already change our life, people can access data, internet and cloud resources flexible without either time, space or place limitation. As a result, internet and cloud computing technology have become popular issue now, for example, network security, cloud security and web performance.
Our research mainly discussed how to inspect the web performance and web security with log on server. The issue that either protocol disorder or lost file caused degradation of quality of server, for instance, spending too much responses time, failure of service. As mentioned above, the user will lose interest in browsing website and company lose business opportunity, furthermore, it will be a great loss to user and the company which owned the website when the website become a target of advanced persistent threat (APT). Our research provides algorithm that we can inspect web performance and web security and tell abnormal behavior from standard model.

[1] Y. Xu, J. Jiang, R. Wei, Y. Song and H. Jonathan, “TFA: A Tunable Finite Automaton for Pattern Matching in Network Intrusion Detection Systems”, IEEE Journal on Selected Areas in Communications, Vol. 32, No. 10, pp. 1810-1821, Oct. 2014.
[2] K. Sabnani, “An Algorithmic Technique for Protocol Verification”, IEEE Transactions on Communications, Vol. 36, Iss. 8, pp. 924-931, Aug. 1988.
[3] V. Bharti and S. Kumar, “Survey of Network Protocol Verification Techniques”, International Journal of Scientific and Research Publications, Vol. 2, No. 4, Apr. 2012.
[4] X. Xia, Q. Pei, Y. Liu, Ji Wu and Chao Liu, “Multi-level Logs based Web Performance Evaluation and Analysis”, International Conference on Computer Application and System Modeling, Oct. 22-24, Taiyuan, China, 2010.
[5] F. Liu, Z. Lei and H. Miao, “Web Performance Analysis on Real Network”, International Conference on Electronics, Communications and Control, Sept. 9-11, Zhejiang, China, 2011.
[6] 葉怡成, “類神經網路模式應用與實作”, 儒林出版, 2003.
[7] A. Qayyum, M. H. Islam and M. Jamil, “Taxonomy of Statistical Based Anomaly Detection Techniques for Intrusion Detection”, International Conference on Emerging Technologies, Sep. 17-18, Islamabad, Pakistan, 2005.
[8] P. Bhatt, E. Toshiro Y. and P. M. Gustavsson, “Towards a Framework to Detect Multi-Stage Advanced Persistent Threats Attacks”, IEEE International Symposium on Service Oriented System Engineering, Apr. 7-11, Oxford, U.K, 2014.
[9] IETF, “Hypertext Transfer Protocol”, Retrieved 2016/07/01 from https://datatracker.ietf.org/wg/httpbis/charter/
[10] D. Booth, H. Haas, F. McCabe, E. Newcomer, M. Champion, C. Ferris and D. Orchard, “Web Services Architecture”, Retrieved 2016/07/01 from https://www.w3.org/TR/ws-arch/
[11] S. Khalid, H. Abbas, M. Pasha and A. Raza, “Securing Internet Information Services (lIS) Configuration Files”, International Conference for Internet Technology and Secured Transactions, Dec. 10-12, London, U.K, 2012.
[12] L. Y. Yao and J. Y. Xiong, “The Research and Implementation of a Correlative Degree Mining Algorithm Based on IIS Logs”, IEEE International Conference on Granular Computing, Aug. 17-19, Nanchang, China, 2009.
[13] Microsoft, “Internet Information Services”, Retrieved 2016/07/01 from https://www.iis.net
[14] W. R. Stanek, “Internet Information services (IIS) 7.0 Administrator's Pocket Consultant”, Microsoft Press, First edition, April 26, 2010.
[15] Microsoft, “Log Files for a Web Site <logFile>”, Retrieved 2016/07/01 from https://www.iis.net/configreference/system.applicationhost/sites/site/logfile
[16] Microsoft, “Log Parser”, Retrieved 2016/07/01 from https://www.microsoft.com/taiwan/technet/iis/expand/LogParser.aspx
[17] “Visual Log Parser”, Retrieved 2016/07/01 from https://visuallogparser.codeplex.com/
[18] Lizard Lab, “Log Parser Lizard”, Retrieved 2016/07/01 from http://www.lizard-labs.com/log_parser_lizard.aspx?src=adwcamplpl_logs&gclid=CI7L1dDP680CFQt9vQodn8MAew
[19] I. Beschastnikh, Y. Brun, M. D. Ernst and A. Krishnamurthy, “Inferring Models of Concurrent Systems from Logs of Their Behavior with CSight”, ACM International Conference on Software Engineering, pp. 468-479, May, New York, USA, 2014.
[20] Y. Song, W. Cui, S. Liu and K. Wang, “Online behavioral genome sequencing from usage logs: decoding the search behaviors”, ACM International Conference on World Wide Web, Apr. 7-11, Florence, Italy, 2014.
[21] S. Ghahramani, “FUNDAMENTALS OF PROBABILITY WITH STOCHASTIC PROCESSES”, Pearson Education, Third edition, 2005.
[22] G. Keller and B. Warrack, “STATISTICS FOR MANAGEMENT AND ECONOMICS”, Thomson Brooks/Cole, Sixth edition, 2003.
[23] C. M. Thompson, “Table of the Percentage Points of the x^2-Distribution”, Biomatrika 32, pp. 187-191, 1941.
[24] J. Young and S. Smith, “Akamai and JupiterResearch identify ‘4 Seconds’ as the new threshold of acceptability for retail web page response times”, Retrieved 2016/07/01 from http://www.akamai.com/html/about/press/releases/2006/press_110606.html
[25] Microsoft, “Description of the time-taken”, Retrieved 2016/07/01 from https://support.microsoft.com/en-us/kb/944884
[26] A. Hald, “Statistical Tables and Formulas”, Wiley, 1952.
[27] Z. Tari, X. Yi, U. S. Premarathne, P. Bertok and I. Khalil, “Security and Privacy in Cloud Computing: Vision, Trends, and Challenges”, IEEE Cloud Computing, Vol. 2, Iss. 2, pp.30-38, Mar. 2015.
[28] M. Q. Ali, E. A. Shaer, H. K. and S. A. Khayam, “Automated Anomaly Detector Adaptation using Adaptive Threshold Tuning” ACM Transactions on Information and System Security, Vol. 15, Iss. 4, Apr. 2013.