Visualization system for log analysis with probabilities of incorrect operation

Chifumi Nishioka, Masahiro Kozaki, Ken Ichi Okada

研究成果: Conference contribution

1 被引用数 (Scopus)

抄録

As advancement of information society, information leakages grow into a serious problem. It is important for security managers to analysis log-files for finding out cause of leakages promptly. Existing methods of presenting log-files take the method of ordering them in time. It makes easy to understand a flow of operations. However, if a log recording an incorrect operation is included in the back of log-file, finding out it may drop back. To address this problem, this paper presents visualization system for log analysis with probabilities of incorrect operation. Incorrect operations are operations that may cause a security incident. Probabilities of incorrect operation are set up by rate of number of incorrect operations in past log-files. Security analysts set order of priority, and logs are sorted. Also, we introduce Visualize Part to help security analysts understand a flow of operations in spite of not ordering logs in time. We aim to contribute speedy security analyses by combine visualizing log-file with probabilities of incorrect operation. To evaluate our proposal, accuracy and efficiency are measured by user experiment. Our proposal tool was compared with the tool without probabilities of incorrect operation. As the result, in terms of accuracy, there are no significant difference between. However, our proposal demonstrate a 39.5% improved efficiency.

本文言語English
ホスト出版物のタイトルProceedings - 2011 17th IEEE International Conference on Parallel and Distributed Systems, ICPADS 2011
ページ929-934
ページ数6
DOI
出版ステータスPublished - 2011
外部発表はい
イベント2011 17th IEEE International Conference on Parallel and Distributed Systems, ICPADS 2011 - Tainan, Taiwan, Province of China
継続期間: 2011 12月 72011 12月 9

出版物シリーズ

名前Proceedings of the International Conference on Parallel and Distributed Systems - ICPADS
ISSN(印刷版)1521-9097

Other

Other2011 17th IEEE International Conference on Parallel and Distributed Systems, ICPADS 2011
国/地域Taiwan, Province of China
CityTainan
Period11/12/711/12/9

ASJC Scopus subject areas

  • ハードウェアとアーキテクチャ

フィンガープリント

「Visualization system for log analysis with probabilities of incorrect operation」の研究トピックを掘り下げます。これらがまとまってユニークなフィンガープリントを構成します。

引用スタイル