脆弱性与安全日志分析:近期趋势的系统文献综述

Proceedings of the International Conference on Research in Adaptive and Convergent Systems Pub Date : 2020-10-13 DOI:10.1145/3400286.3418261

J. Svacina, John E. Raffety, Connor Woodahl, Brooklynn Stone, T. Cerný, Miroslav Bures, Dongwan Shin, Karel Frajták, Pavel Tisnovsky

{"title":"脆弱性与安全日志分析:近期趋势的系统文献综述","authors":"J. Svacina, John E. Raffety, Connor Woodahl, Brooklynn Stone, T. Cerný, Miroslav Bures, Dongwan Shin, Karel Frajták, Pavel Tisnovsky","doi":"10.1145/3400286.3418261","DOIUrl":null,"url":null,"abstract":"Log analysis is a technique of deriving knowledge from log files containing records of events in a computer system. A common application of log analysis is to derive critical information about a system's security issues and intrusions, which subsequently leads to being able to identify and potentially stop intruders attacking the system. However, many systems produce a high volume of log data with high frequency, posing serious challenges in analysis. This paper contributes with a systematic literature review and discusses current trends, advancements, and future directions in log security analysis within the past decade. We summarized current research strategies with respect to technology approaches from 34 current publications. We identified limitations that poses challenges to future research and opened discussion on issues towards logging mechanism in the software systems. Findings of this study are relevant for software systems as well as software parts of the Internet of Things (IoT) systems.","PeriodicalId":326100,"journal":{"name":"Proceedings of the International Conference on Research in Adaptive and Convergent Systems","volume":"38 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2020-10-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"22","resultStr":"{\"title\":\"On Vulnerability and Security Log analysis: A Systematic Literature Review on Recent Trends\",\"authors\":\"J. Svacina, John E. Raffety, Connor Woodahl, Brooklynn Stone, T. Cerný, Miroslav Bures, Dongwan Shin, Karel Frajták, Pavel Tisnovsky\",\"doi\":\"10.1145/3400286.3418261\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Log analysis is a technique of deriving knowledge from log files containing records of events in a computer system. A common application of log analysis is to derive critical information about a system's security issues and intrusions, which subsequently leads to being able to identify and potentially stop intruders attacking the system. However, many systems produce a high volume of log data with high frequency, posing serious challenges in analysis. This paper contributes with a systematic literature review and discusses current trends, advancements, and future directions in log security analysis within the past decade. We summarized current research strategies with respect to technology approaches from 34 current publications. We identified limitations that poses challenges to future research and opened discussion on issues towards logging mechanism in the software systems. Findings of this study are relevant for software systems as well as software parts of the Internet of Things (IoT) systems.\",\"PeriodicalId\":326100,\"journal\":{\"name\":\"Proceedings of the International Conference on Research in Adaptive and Convergent Systems\",\"volume\":\"38 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2020-10-13\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"22\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the International Conference on Research in Adaptive and Convergent Systems\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/3400286.3418261\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the International Conference on Research in Adaptive and Convergent Systems","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3400286.3418261","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 22

摘要

日志分析是一种从包含计算机系统事件记录的日志文件中获取知识的技术。日志分析的一个常见应用是获取关于系统安全问题和入侵的关键信息，这随后导致能够识别并潜在地阻止入侵者攻击系统。然而，许多系统产生大量高频率的测井数据，给分析带来了严峻的挑战。本文通过系统的文献综述，讨论了过去十年来日志安全分析的当前趋势、进展和未来方向。我们总结了目前34个出版物中关于技术方法的研究策略。我们确定了对未来研究构成挑战的局限性，并就软件系统中的日志机制问题展开了讨论。本研究的发现与软件系统以及物联网(IoT)系统的软件部分相关。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

On Vulnerability and Security Log analysis: A Systematic Literature Review on Recent Trends

Log analysis is a technique of deriving knowledge from log files containing records of events in a computer system. A common application of log analysis is to derive critical information about a system's security issues and intrusions, which subsequently leads to being able to identify and potentially stop intruders attacking the system. However, many systems produce a high volume of log data with high frequency, posing serious challenges in analysis. This paper contributes with a systematic literature review and discusses current trends, advancements, and future directions in log security analysis within the past decade. We summarized current research strategies with respect to technology approaches from 34 current publications. We identified limitations that poses challenges to future research and opened discussion on issues towards logging mechanism in the software systems. Findings of this study are relevant for software systems as well as software parts of the Internet of Things (IoT) systems.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Proceedings of the International Conference on Research in Adaptive and Convergent Systems

自引率

0.00%

发文量