Visualization system for log analysis with probabilities of incorrect operation

Chifumi Nishioka, Masahiro Kozaki, Ken Ichi Okada

Research output: Chapter in Book/Report/Conference proceedingConference contribution

1 Citation (Scopus)

Abstract

As advancement of information society, information leakages grow into a serious problem. It is important for security managers to analysis log-files for finding out cause of leakages promptly. Existing methods of presenting log-files take the method of ordering them in time. It makes easy to understand a flow of operations. However, if a log recording an incorrect operation is included in the back of log-file, finding out it may drop back. To address this problem, this paper presents visualization system for log analysis with probabilities of incorrect operation. Incorrect operations are operations that may cause a security incident. Probabilities of incorrect operation are set up by rate of number of incorrect operations in past log-files. Security analysts set order of priority, and logs are sorted. Also, we introduce Visualize Part to help security analysts understand a flow of operations in spite of not ordering logs in time. We aim to contribute speedy security analyses by combine visualizing log-file with probabilities of incorrect operation. To evaluate our proposal, accuracy and efficiency are measured by user experiment. Our proposal tool was compared with the tool without probabilities of incorrect operation. As the result, in terms of accuracy, there are no significant difference between. However, our proposal demonstrate a 39.5% improved efficiency.

Original languageEnglish
Title of host publicationProceedings - 2011 17th IEEE International Conference on Parallel and Distributed Systems, ICPADS 2011
Pages929-934
Number of pages6
DOIs
Publication statusPublished - 2011 Dec 1
Event2011 17th IEEE International Conference on Parallel and Distributed Systems, ICPADS 2011 - Tainan, Taiwan, Province of China
Duration: 2011 Dec 72011 Dec 9

Publication series

NameProceedings of the International Conference on Parallel and Distributed Systems - ICPADS
ISSN (Print)1521-9097

Other

Other2011 17th IEEE International Conference on Parallel and Distributed Systems, ICPADS 2011
CountryTaiwan, Province of China
CityTainan
Period11/12/711/12/9

Keywords

  • Data analysis
  • Data visualization
  • Human interface
  • Information security

ASJC Scopus subject areas

  • Hardware and Architecture

Fingerprint Dive into the research topics of 'Visualization system for log analysis with probabilities of incorrect operation'. Together they form a unique fingerprint.

  • Cite this

    Nishioka, C., Kozaki, M., & Okada, K. I. (2011). Visualization system for log analysis with probabilities of incorrect operation. In Proceedings - 2011 17th IEEE International Conference on Parallel and Distributed Systems, ICPADS 2011 (pp. 929-934). [6121382] (Proceedings of the International Conference on Parallel and Distributed Systems - ICPADS). https://doi.org/10.1109/ICPADS.2011.147