探索应用程序日志中异常检测的语法特性

IF 1 Q4 COMPUTER SCIENCE, INFORMATION SYSTEMS

IT-Information Technology Pub Date : 2022-03-23 DOI:10.1515/itit-2021-0064

R. Copstein, Egil Karlsen, Jeff Schwartzentruber, N. Zincir-Heywood, M. Heywood

{"title":"探索应用程序日志中异常检测的语法特性","authors":"R. Copstein, Egil Karlsen, Jeff Schwartzentruber, N. Zincir-Heywood, M. Heywood","doi":"10.1515/itit-2021-0064","DOIUrl":null,"url":null,"abstract":"Abstract In this research, we analyze the effect of lightweight syntactical feature extraction techniques from the field of information retrieval for log abstraction in information security. To this end, we evaluate three feature extraction techniques and three clustering algorithms on four different security datasets for anomaly detection. Results demonstrate that these techniques have a role to play for log abstraction in the form of extracting syntactic features which improves the identification of anomalous minority classes, specifically in homogeneous security datasets.","PeriodicalId":43953,"journal":{"name":"IT-Information Technology","volume":null,"pages":null},"PeriodicalIF":1.0000,"publicationDate":"2022-03-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"Exploring syntactical features for anomaly detection in application logs\",\"authors\":\"R. Copstein, Egil Karlsen, Jeff Schwartzentruber, N. Zincir-Heywood, M. Heywood\",\"doi\":\"10.1515/itit-2021-0064\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Abstract In this research, we analyze the effect of lightweight syntactical feature extraction techniques from the field of information retrieval for log abstraction in information security. To this end, we evaluate three feature extraction techniques and three clustering algorithms on four different security datasets for anomaly detection. Results demonstrate that these techniques have a role to play for log abstraction in the form of extracting syntactic features which improves the identification of anomalous minority classes, specifically in homogeneous security datasets.\",\"PeriodicalId\":43953,\"journal\":{\"name\":\"IT-Information Technology\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":1.0000,\"publicationDate\":\"2022-03-23\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"IT-Information Technology\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1515/itit-2021-0064\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q4\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"IT-Information Technology","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1515/itit-2021-0064","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q4","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 2

摘要

摘要在本研究中，我们分析了信息检索领域的轻量级语法特征提取技术在信息安全中对日志抽象的影响。为此，我们在四个不同的安全数据集上评估了用于异常检测的三种特征提取技术和三种聚类算法。结果表明，这些技术以提取句法特征的形式在日志抽象中发挥了作用，这改进了异常少数类的识别，特别是在同质安全数据集中。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Exploring syntactical features for anomaly detection in application logs

Abstract In this research, we analyze the effect of lightweight syntactical feature extraction techniques from the field of information retrieval for log abstraction in information security. To this end, we evaluate three feature extraction techniques and three clustering algorithms on four different security datasets for anomaly detection. Results demonstrate that these techniques have a role to play for log abstraction in the form of extracting syntactic features which improves the identification of anomalous minority classes, specifically in homogeneous security datasets.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

IT-Information Technology COMPUTER SCIENCE, INFORMATION SYSTEMS-

CiteScore

3.80

自引率

0.00%

发文量