Mining event logs with SLCT and LogHound

Author

Vaarandi, Risto

Author_Institution

Cooperative Cyber Defence Centre of Excellence, Tallinn

fYear

2008

fDate

7-11 April 2008

Firstpage

1071

Lastpage

1074

Abstract

With the growth of communication networks, event logs are increasing in size at a fast rate. Today, it is not uncommon to have systems that generate tens of gigabytes of log data per day. Log data are likely to contain information that deserves closer attention - such as security events - but the task of reviewing logs manually is beyond the capabilities of a human. This paper discusses data mining tools SLCT and log hound that were designed for assisting system management personnel in extracting knowledge from event logs.

Keywords

data mining; security of data; telecommunication computing; LogHound; communication networks; event log analysis; event logs mining; log data; security events; system management personnel; Algorithm design and analysis; Clustering algorithms; Communication networks; Communication system security; Data analysis; Data mining; Data security; Event detection; Monitoring; Personnel; data mining; data security; event log analysis;

fLanguage

English

Publisher

ieee

Conference_Titel

Network Operations and Management Symposium, 2008. NOMS 2008. IEEE

Conference_Location

Salvador, Bahia

ISSN

1542-1201

Print_ISBN

978-1-4244-2065-0

Electronic_ISBN

1542-1201

Type

conf

DOI

10.1109/NOMS.2008.4575281

Filename

4575281

Link To Document

https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2286845