Dynamic log file analysis: An unsupervised cluster evolution approach for anomaly detection
نویسندگان
چکیده
منابع مشابه
Log File Anomaly Detection
Analysis of log files pertaining to a failed run can be a tedious task, especially if the file runs into thousands of lines. Using the recent development in text analysis using deep neural networks, we present a method to reduce effort needed to analyze the log file by highlighting the most probably useful text in the failed log file, which can assist in debugging the causes of the failure. In ...
متن کاملAn unsupervised heterogeneous log-based framework for anomaly detection
Log analysis is a method to identify intrusions at the host or network level by scrutinizing the log events recorded by the operating systems, applications, and devices. Most work contemplates a single type of log for analysis, leading to an unclear picture of the situation and difficulty in deciding the existence of an intrusion. Moreover, most existing detection methods are knowledge-dependen...
متن کاملUnsupervised Clustering Approach for Network Anomaly Detection
This paper describes the advantages of using the anomaly detection approach over the misuse detection technique in detecting unknown network intrusions or attacks. It also investigates the performance of various clustering algorithms when applied to anomaly detection. Five different clustering algorithms: k-Means, improved k-Means, k-Medoids, EM clustering and distance-based outlier detection a...
متن کاملCluster Analysis for Anomaly Detection
This document presents a technique of traffic analysis, looking for attempted intrusion and information attacks. A traffic classifier aggregates packets in clusters by means of an adapted genetic algorithm. In a network with traffic homogenous over the time, clusters do not vary in number and characteristics. In the event of attacks or introduction of new applications the clusters change in num...
متن کاملAnomaly Detection Analysis of Intrusion Data Using Supervised & Unsupervised Approach
Anomaly based network intrusion detection (ANID) is an important problem that has been researched within diverse research areas and various application domains. Several anomaly based network intrusion detection systems (ANIDS) can be found in the literature. Most ANIDSs employ supervised algorithms, whose performances highly depend on attack-free training data. However, this kind of training da...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: Computers & Security
سال: 2018
ISSN: 0167-4048
DOI: 10.1016/j.cose.2018.08.009