TY - GEN
T1 - Visualization system for log analysis with probabilities of incorrect operation
AU - Nishioka, Chifumi
AU - Kozaki, Masahiro
AU - Okada, Ken Ichi
PY - 2011
Y1 - 2011
N2 - As advancement of information society, information leakages grow into a serious problem. It is important for security managers to analysis log-files for finding out cause of leakages promptly. Existing methods of presenting log-files take the method of ordering them in time. It makes easy to understand a flow of operations. However, if a log recording an incorrect operation is included in the back of log-file, finding out it may drop back. To address this problem, this paper presents visualization system for log analysis with probabilities of incorrect operation. Incorrect operations are operations that may cause a security incident. Probabilities of incorrect operation are set up by rate of number of incorrect operations in past log-files. Security analysts set order of priority, and logs are sorted. Also, we introduce Visualize Part to help security analysts understand a flow of operations in spite of not ordering logs in time. We aim to contribute speedy security analyses by combine visualizing log-file with probabilities of incorrect operation. To evaluate our proposal, accuracy and efficiency are measured by user experiment. Our proposal tool was compared with the tool without probabilities of incorrect operation. As the result, in terms of accuracy, there are no significant difference between. However, our proposal demonstrate a 39.5% improved efficiency.
AB - As advancement of information society, information leakages grow into a serious problem. It is important for security managers to analysis log-files for finding out cause of leakages promptly. Existing methods of presenting log-files take the method of ordering them in time. It makes easy to understand a flow of operations. However, if a log recording an incorrect operation is included in the back of log-file, finding out it may drop back. To address this problem, this paper presents visualization system for log analysis with probabilities of incorrect operation. Incorrect operations are operations that may cause a security incident. Probabilities of incorrect operation are set up by rate of number of incorrect operations in past log-files. Security analysts set order of priority, and logs are sorted. Also, we introduce Visualize Part to help security analysts understand a flow of operations in spite of not ordering logs in time. We aim to contribute speedy security analyses by combine visualizing log-file with probabilities of incorrect operation. To evaluate our proposal, accuracy and efficiency are measured by user experiment. Our proposal tool was compared with the tool without probabilities of incorrect operation. As the result, in terms of accuracy, there are no significant difference between. However, our proposal demonstrate a 39.5% improved efficiency.
KW - Data analysis
KW - Data visualization
KW - Human interface
KW - Information security
UR - http://www.scopus.com/inward/record.url?scp=84856614239&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84856614239&partnerID=8YFLogxK
U2 - 10.1109/ICPADS.2011.147
DO - 10.1109/ICPADS.2011.147
M3 - Conference contribution
AN - SCOPUS:84856614239
SN - 9780769545769
T3 - Proceedings of the International Conference on Parallel and Distributed Systems - ICPADS
SP - 929
EP - 934
BT - Proceedings - 2011 17th IEEE International Conference on Parallel and Distributed Systems, ICPADS 2011
T2 - 2011 17th IEEE International Conference on Parallel and Distributed Systems, ICPADS 2011
Y2 - 7 December 2011 through 9 December 2011
ER -