Logo des Repositoriums
 

Exploring syntactical features for anomaly detection in application logs

dc.contributor.authorCopstein, Rafael
dc.contributor.authorKarlsen, Egil
dc.contributor.authorSchwartzentruber, Jeff
dc.contributor.authorZincir-Heywood, Nur
dc.contributor.authorHeywood, Malcolm
dc.date.accessioned2022-11-22T09:48:32Z
dc.date.available2022-11-22T09:48:32Z
dc.date.issued2022
dc.description.abstractIn this research, we analyze the effect of lightweight syntactical feature extraction techniques from the field of information retrieval for log abstraction in information security. To this end, we evaluate three feature extraction techniques and three clustering algorithms on four different security datasets for anomaly detection. Results demonstrate that these techniques have a role to play for log abstraction in the form of extracting syntactic features which improves the identification of anomalous minority classes, specifically in homogeneous security datasets.en
dc.identifier.doi10.1515/itit-2021-0064
dc.identifier.pissn2196-7032
dc.identifier.urihttps://dl.gi.de/handle/20.500.12116/39749
dc.language.isoen
dc.publisherDe Gruyter
dc.relation.ispartofit - Information Technology: Vol. 64, No. 1-2
dc.subjectinformation security
dc.subjectlog abstraction
dc.subjectsyntactic features
dc.subjectclustering
dc.titleExploring syntactical features for anomaly detection in application logsen
dc.typeText/Journal Article
gi.citation.endPage27
gi.citation.publisherPlaceBerlin
gi.citation.startPage15
gi.conference.sessiontitleArticle

Dateien