Visualization system for log analysis with probabilities of incorrect operation

Chifumi Nishioka, Masahiro Kozaki, Ken Ichi Okada

Research output: Chapter in Book/Report/Conference proceedingConference contribution

1 Citation (Scopus)

Abstract

As advancement of information society, information leakages grow into a serious problem. It is important for security managers to analysis log-files for finding out cause of leakages promptly. Existing methods of presenting log-files take the method of ordering them in time. It makes easy to understand a flow of operations. However, if a log recording an incorrect operation is included in the back of log-file, finding out it may drop back. To address this problem, this paper presents visualization system for log analysis with probabilities of incorrect operation. Incorrect operations are operations that may cause a security incident. Probabilities of incorrect operation are set up by rate of number of incorrect operations in past log-files. Security analysts set order of priority, and logs are sorted. Also, we introduce Visualize Part to help security analysts understand a flow of operations in spite of not ordering logs in time. We aim to contribute speedy security analyses by combine visualizing log-file with probabilities of incorrect operation. To evaluate our proposal, accuracy and efficiency are measured by user experiment. Our proposal tool was compared with the tool without probabilities of incorrect operation. As the result, in terms of accuracy, there are no significant difference between. However, our proposal demonstrate a 39.5% improved efficiency.

Original languageEnglish
Title of host publicationProceedings of the International Conference on Parallel and Distributed Systems - ICPADS
Pages929-934
Number of pages6
DOIs
Publication statusPublished - 2011
Event2011 17th IEEE International Conference on Parallel and Distributed Systems, ICPADS 2011 - Tainan, Taiwan, Province of China
Duration: 2011 Dec 72011 Dec 9

Other

Other2011 17th IEEE International Conference on Parallel and Distributed Systems, ICPADS 2011
CountryTaiwan, Province of China
CityTainan
Period11/12/711/12/9

Fingerprint

Visualization
Managers
Experiments

Keywords

  • Data analysis
  • Data visualization
  • Human interface
  • Information security

ASJC Scopus subject areas

  • Hardware and Architecture

Cite this

Nishioka, C., Kozaki, M., & Okada, K. I. (2011). Visualization system for log analysis with probabilities of incorrect operation. In Proceedings of the International Conference on Parallel and Distributed Systems - ICPADS (pp. 929-934). [6121382] https://doi.org/10.1109/ICPADS.2011.147

Visualization system for log analysis with probabilities of incorrect operation. / Nishioka, Chifumi; Kozaki, Masahiro; Okada, Ken Ichi.

Proceedings of the International Conference on Parallel and Distributed Systems - ICPADS. 2011. p. 929-934 6121382.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Nishioka, C, Kozaki, M & Okada, KI 2011, Visualization system for log analysis with probabilities of incorrect operation. in Proceedings of the International Conference on Parallel and Distributed Systems - ICPADS., 6121382, pp. 929-934, 2011 17th IEEE International Conference on Parallel and Distributed Systems, ICPADS 2011, Tainan, Taiwan, Province of China, 11/12/7. https://doi.org/10.1109/ICPADS.2011.147
Nishioka C, Kozaki M, Okada KI. Visualization system for log analysis with probabilities of incorrect operation. In Proceedings of the International Conference on Parallel and Distributed Systems - ICPADS. 2011. p. 929-934. 6121382 https://doi.org/10.1109/ICPADS.2011.147
Nishioka, Chifumi ; Kozaki, Masahiro ; Okada, Ken Ichi. / Visualization system for log analysis with probabilities of incorrect operation. Proceedings of the International Conference on Parallel and Distributed Systems - ICPADS. 2011. pp. 929-934
@inproceedings{40ee509039e840e5ad6946c91a8fe661,
title = "Visualization system for log analysis with probabilities of incorrect operation",
abstract = "As advancement of information society, information leakages grow into a serious problem. It is important for security managers to analysis log-files for finding out cause of leakages promptly. Existing methods of presenting log-files take the method of ordering them in time. It makes easy to understand a flow of operations. However, if a log recording an incorrect operation is included in the back of log-file, finding out it may drop back. To address this problem, this paper presents visualization system for log analysis with probabilities of incorrect operation. Incorrect operations are operations that may cause a security incident. Probabilities of incorrect operation are set up by rate of number of incorrect operations in past log-files. Security analysts set order of priority, and logs are sorted. Also, we introduce Visualize Part to help security analysts understand a flow of operations in spite of not ordering logs in time. We aim to contribute speedy security analyses by combine visualizing log-file with probabilities of incorrect operation. To evaluate our proposal, accuracy and efficiency are measured by user experiment. Our proposal tool was compared with the tool without probabilities of incorrect operation. As the result, in terms of accuracy, there are no significant difference between. However, our proposal demonstrate a 39.5{\%} improved efficiency.",
keywords = "Data analysis, Data visualization, Human interface, Information security",
author = "Chifumi Nishioka and Masahiro Kozaki and Okada, {Ken Ichi}",
year = "2011",
doi = "10.1109/ICPADS.2011.147",
language = "English",
isbn = "9780769545769",
pages = "929--934",
booktitle = "Proceedings of the International Conference on Parallel and Distributed Systems - ICPADS",

}

TY - GEN

T1 - Visualization system for log analysis with probabilities of incorrect operation

AU - Nishioka, Chifumi

AU - Kozaki, Masahiro

AU - Okada, Ken Ichi

PY - 2011

Y1 - 2011

N2 - As advancement of information society, information leakages grow into a serious problem. It is important for security managers to analysis log-files for finding out cause of leakages promptly. Existing methods of presenting log-files take the method of ordering them in time. It makes easy to understand a flow of operations. However, if a log recording an incorrect operation is included in the back of log-file, finding out it may drop back. To address this problem, this paper presents visualization system for log analysis with probabilities of incorrect operation. Incorrect operations are operations that may cause a security incident. Probabilities of incorrect operation are set up by rate of number of incorrect operations in past log-files. Security analysts set order of priority, and logs are sorted. Also, we introduce Visualize Part to help security analysts understand a flow of operations in spite of not ordering logs in time. We aim to contribute speedy security analyses by combine visualizing log-file with probabilities of incorrect operation. To evaluate our proposal, accuracy and efficiency are measured by user experiment. Our proposal tool was compared with the tool without probabilities of incorrect operation. As the result, in terms of accuracy, there are no significant difference between. However, our proposal demonstrate a 39.5% improved efficiency.

AB - As advancement of information society, information leakages grow into a serious problem. It is important for security managers to analysis log-files for finding out cause of leakages promptly. Existing methods of presenting log-files take the method of ordering them in time. It makes easy to understand a flow of operations. However, if a log recording an incorrect operation is included in the back of log-file, finding out it may drop back. To address this problem, this paper presents visualization system for log analysis with probabilities of incorrect operation. Incorrect operations are operations that may cause a security incident. Probabilities of incorrect operation are set up by rate of number of incorrect operations in past log-files. Security analysts set order of priority, and logs are sorted. Also, we introduce Visualize Part to help security analysts understand a flow of operations in spite of not ordering logs in time. We aim to contribute speedy security analyses by combine visualizing log-file with probabilities of incorrect operation. To evaluate our proposal, accuracy and efficiency are measured by user experiment. Our proposal tool was compared with the tool without probabilities of incorrect operation. As the result, in terms of accuracy, there are no significant difference between. However, our proposal demonstrate a 39.5% improved efficiency.

KW - Data analysis

KW - Data visualization

KW - Human interface

KW - Information security

UR - http://www.scopus.com/inward/record.url?scp=84856614239&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84856614239&partnerID=8YFLogxK

U2 - 10.1109/ICPADS.2011.147

DO - 10.1109/ICPADS.2011.147

M3 - Conference contribution

AN - SCOPUS:84856614239

SN - 9780769545769

SP - 929

EP - 934

BT - Proceedings of the International Conference on Parallel and Distributed Systems - ICPADS

ER -