Outlier detection in audit logs for application systems
نویسندگان
چکیده
An outlier is defined as an observation that is significantly different from the other data in its set. An auditor will employ many techniques, processes and tools to identify these entries, and data mining is one such medium through which the auditor can analyze information. The enormous amount of information contained within transactional processing systems' logs means that auditors must employ automated systems for anomalous data detection. Several data mining algorithms have been tested, especially those that deal specifically with classification and outlier detection. A group of these previously described algorithms was selected for use in designing and developing a process to assist the auditor in anomalous data detection within audit logs. We have been successful in creating and ratifying an outlier detection process that works in the alphanumeric fields of the audit logs from an information system, thus constituting a useful tool for system auditors performing data analysis tasks. & 2014 Elsevier Ltd. All rights reserved.
منابع مشابه
Forward Integrity For Secure Audit Logs
In this paper, we de ne the forward integrity security property, motivate its appropriateness as a systems security requirement, and demonstrate designs that achieve this property. Applications include secure audit logs (e.g., syslogd data) for intrusion detection or accountability, communications security, and authenticating partial results of computation for mobile agents. We prove security t...
متن کاملAnomaly Detection in Log Records
Received Jan 2, 2018 Revised Mar 9, 2018 Accepted Mar 24, 2018 In recent times complex software systems are continuously generating application and server logs for the events which had occurred in the past. These generated logs can be utilized for anomaly and intrusion detection. These log files can be used for detecting certain types of abnormalities or exceptions such as spikes in HTTP reques...
متن کاملAutomated Analysis of Election Audit Logs
The voting audit logs produced by electronic voting systems contain data that could be useful for uncovering procedural errors and election anomalies, but they are currently unwieldy and difficult for election officials to use in post-election audits. In this work, we develop new methods to analyze these audit logs for the detection of both procedural errors and system deficiencies. Our methods...
متن کاملContinuous Fraud Detection in Enterprise Systems through Audit Trail Analysis
Enterprise systems, real time recording and real time reporting pose new and significant challenges to the accounting and auditing professions. This includes developing methods and tools for continuous assurance and fraud detection. In this paper we propose a methodology for continuous fraud detection that exploits security audit logs, changes in master records and accounting audit trails in en...
متن کاملA Standard Audit Trail Format
Introduction The central role of audit trails, or (more properly) logs, in security monitoring needs little description, for it is too well known for any to doubt it. Auditing, or the analysis of logs, is a central part of security not only in computer system security but also in analyzing financial and other non-technical systems. As part of this process, it is often necessary to reconcile log...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- Inf. Syst.
دوره 44 شماره
صفحات -
تاریخ انتشار 2014