Exploring syntactical features for anomaly detection in application logs
| dc.contributor.author | Copstein, Rafael | |
| dc.contributor.author | Karlsen, Egil | |
| dc.contributor.author | Schwartzentruber, Jeff | |
| dc.contributor.author | Zincir-Heywood, Nur | |
| dc.contributor.author | Heywood, Malcolm | |
| dc.date.accessioned | 2022-11-22T09:48:32Z | |
| dc.date.available | 2022-11-22T09:48:32Z | |
| dc.date.issued | 2022 | |
| dc.description.abstract | In this research, we analyze the effect of lightweight syntactical feature extraction techniques from the field of information retrieval for log abstraction in information security. To this end, we evaluate three feature extraction techniques and three clustering algorithms on four different security datasets for anomaly detection. Results demonstrate that these techniques have a role to play for log abstraction in the form of extracting syntactic features which improves the identification of anomalous minority classes, specifically in homogeneous security datasets. | en |
| dc.identifier.doi | 10.1515/itit-2021-0064 | |
| dc.identifier.pissn | 2196-7032 | |
| dc.identifier.uri | https://dl.gi.de/handle/20.500.12116/39749 | |
| dc.language.iso | en | |
| dc.publisher | De Gruyter | |
| dc.relation.ispartof | it - Information Technology: Vol. 64, No. 1-2 | |
| dc.subject | information security | |
| dc.subject | log abstraction | |
| dc.subject | syntactic features | |
| dc.subject | clustering | |
| dc.title | Exploring syntactical features for anomaly detection in application logs | en |
| dc.type | Text/Journal Article | |
| gi.citation.endPage | 27 | |
| gi.citation.publisherPlace | Berlin | |
| gi.citation.startPage | 15 | |
| gi.conference.sessiontitle | Article |