Mining event logs with SLCT and LogHound

被引：42

作者：

Vaarandi, Risto ^{[1
]}

机构：

[1] Cooperat Cyber Def Ctr Excellence, Tallinn, Estonia

来源：

2008 IEEE NETWORK OPERATIONS AND MANAGEMENT SYMPOSIUM, VOLS 1 AND 2 | 2008年

关键词：

event log analysis; data security; data mining;

D O I：

10.1109/NOMS.2008.4575281

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

With the growth of communication networks, event logs are increasing in size at a fast rate. Today, it is not uncommon to have systems that generate tens of gigabytes of log data per day. Log data are likely to contain information that deserves closer attention - such as security events - but the task of reviewing logs manually is beyond the capabilities of a human. This paper discusses data mining tools SLCT and LogHound that were designed for assisting system management personnel in extracting knowledge from event logs.

引用

页码：1071 / 1074

页数：4

共 12 条

[1]

Agrawal R., 1994, P 20 INT C VER LARG, P478

[2]

HAN J, 2000, P 2000 ACM SIGMOD IN, P1, DOI DOI 10.1145/342009.335372

[3]

KLEMETTINEN M, 1999, THESIS U HELSINKI

[4]

MA S, 2000, P 16 INT C DAT ENG, P205

[5] Towards Informatic analysis of syslogs [J].

Stearley, J .

2004 IEEE INTERNATIONAL CONFERENCE ON CLUSTER COMPUTING, 2004, :309-318

[6]

Vaarandi R, 2004, LECT NOTES COMPUT SC, V3283, P293

[7]

Vaarandi R, 2003, PROCEEDINGS OF THE 3RD IEEE WORKSHOP ON IP OPERATIONS & MANAGEMENT (IPOM2003), P119

[8]

Vaarandi R., 2005, THESIS TALLINN U TEC

[9]

Viinikka J, 2006, Proceedings of Asian ACM Symposium on Information, Computer and Communications security, P102

[10] Scalable algorithms for association mining [J].

Zaki, MJ .

IEEE TRANSACTIONS ON KNOWLEDGE AND DATA ENGINEERING, 2000, 12 (03) :372-390

← 1 2 →