SemOpenAlex |

SemOpenAlex

Matches in SemOpenAlex for { <https://semopenalex.org/work/W2890792016> ?p ?o ?g. }

Showing items 1 to 87 of 87 with 100 items per page.

W2890792016 endingPage "116" @default.
W2890792016 startingPage "94" @default.
W2890792016 abstract "Technological advances and increased interconnectivity have led to a higher risk of previously unknown threats. Cyber Security therefore employs Intrusion Detection Systems that continuously monitor log lines in order to protect systems from such attacks. Existing approaches use string metrics to group similar lines into clusters and detect dissimilar lines as outliers. However, such methods only produce static views on the data and do not sufficiently incorporate the dynamic nature of logs. Changes of the technological infrastructure therefore frequently require cluster reformations. Moreover, such approaches are not suited for detecting anomalies related to frequencies, periodic alterations and interdependencies of log lines. We therefore propose a dynamic log file anomaly detection methodology that incrementally groups log lines within time windows. Thereby, a novel clustering mechanism establishes links between otherwise isolated collections of clusters. Cluster evolution techniques analyze clusters from neighboring time windows and determine transitions such as splits or merges. A self-learning algorithm then detects anomalies in the temporal behavior of these evolving clusters by analyzing metrics derived from their developments. We apply a prototype in an illustrative scenario consisting of a log file containing known anomalies. We thereby investigate the influences of certain parameters on the detection ability and the runtime. The evaluation of this scenario shows that 61.8% of the dynamic changes of log line clusters are correctly identified, while the false alarm rate is only 0.7%. The ability of efficiently detecting these anomalies while self-adjusting to changes of the system environment suggests the applicability of the introduced approach." @default.
W2890792016 created "2018-09-27" @default.
W2890792016 creator A5013015010 @default.
W2890792016 creator A5029942543 @default.
W2890792016 creator A5041191852 @default.
W2890792016 creator A5072210863 @default.
W2890792016 creator A5088439816 @default.
W2890792016 date "2018-11-01" @default.
W2890792016 modified "2023-10-16" @default.
W2890792016 title "Dynamic log file analysis: An unsupervised cluster evolution approach for anomaly detection" @default.
W2890792016 cites W1655425503 @default.
W2890792016 cites W1965606617 @default.
W2890792016 cites W1975684011 @default.
W2890792016 cites W1998819761 @default.
W2890792016 cites W2010124625 @default.
W2890792016 cites W2016258134 @default.
W2890792016 cites W2056985286 @default.
W2890792016 cites W2081028405 @default.
W2890792016 cites W2088340225 @default.
W2890792016 cites W2097876158 @default.
W2890792016 cites W2114915142 @default.
W2890792016 cites W2122646361 @default.
W2890792016 cites W2131389289 @default.
W2890792016 cites W2156404870 @default.
W2890792016 cites W2170988853 @default.
W2890792016 cites W3105175345 @default.
W2890792016 doi "https://doi.org/10.1016/j.cose.2018.08.009" @default.
W2890792016 hasPublicationYear "2018" @default.
W2890792016 type Work @default.
W2890792016 sameAs 2890792016 @default.
W2890792016 citedByCount "40" @default.
W2890792016 countsByYear W28907920162019 @default.
W2890792016 countsByYear W28907920162020 @default.
W2890792016 countsByYear W28907920162021 @default.
W2890792016 countsByYear W28907920162022 @default.
W2890792016 countsByYear W28907920162023 @default.
W2890792016 crossrefType "journal-article" @default.
W2890792016 hasAuthorship W2890792016A5013015010 @default.
W2890792016 hasAuthorship W2890792016A5029942543 @default.
W2890792016 hasAuthorship W2890792016A5041191852 @default.
W2890792016 hasAuthorship W2890792016A5072210863 @default.
W2890792016 hasAuthorship W2890792016A5088439816 @default.
W2890792016 hasBestOaLocation W28907920161 @default.
W2890792016 hasConcept C111919701 @default.
W2890792016 hasConcept C121332964 @default.
W2890792016 hasConcept C124101348 @default.
W2890792016 hasConcept C12997251 @default.
W2890792016 hasConcept C154945302 @default.
W2890792016 hasConcept C164866538 @default.
W2890792016 hasConcept C26873012 @default.
W2890792016 hasConcept C35525427 @default.
W2890792016 hasConcept C41008148 @default.
W2890792016 hasConcept C73555534 @default.
W2890792016 hasConcept C739882 @default.
W2890792016 hasConceptScore W2890792016C111919701 @default.
W2890792016 hasConceptScore W2890792016C121332964 @default.
W2890792016 hasConceptScore W2890792016C124101348 @default.
W2890792016 hasConceptScore W2890792016C12997251 @default.
W2890792016 hasConceptScore W2890792016C154945302 @default.
W2890792016 hasConceptScore W2890792016C164866538 @default.
W2890792016 hasConceptScore W2890792016C26873012 @default.
W2890792016 hasConceptScore W2890792016C35525427 @default.
W2890792016 hasConceptScore W2890792016C41008148 @default.
W2890792016 hasConceptScore W2890792016C73555534 @default.
W2890792016 hasConceptScore W2890792016C739882 @default.
W2890792016 hasFunder F4320323031 @default.
W2890792016 hasLocation W28907920161 @default.
W2890792016 hasLocation W28907920162 @default.
W2890792016 hasOpenAccess W2890792016 @default.
W2890792016 hasPrimaryLocation W28907920161 @default.
W2890792016 hasRelatedWork W2087922528 @default.
W2890792016 hasRelatedWork W2125735062 @default.
W2890792016 hasRelatedWork W2355809385 @default.
W2890792016 hasRelatedWork W2363105058 @default.
W2890792016 hasRelatedWork W2364419519 @default.
W2890792016 hasRelatedWork W2377356555 @default.
W2890792016 hasRelatedWork W2382568009 @default.
W2890792016 hasRelatedWork W2390393422 @default.
W2890792016 hasRelatedWork W2564228587 @default.
W2890792016 hasRelatedWork W2736040673 @default.
W2890792016 hasVolume "79" @default.
W2890792016 isParatext "false" @default.
W2890792016 isRetracted "false" @default.
W2890792016 magId "2890792016" @default.
W2890792016 workType "article" @default.