Title :
Intelli-log : A real-time log analyzer
Author :
Kiatwonghong, Nathaphon ; Maneewongvatana, Songrit
Author_Institution :
Comput. Eng., King Mongkut´´s Univ. of Technol. Thonburi, Bangkok, Thailand
Abstract :
In this paper, we present a technique to analyze and correlate the different types of computer log files. Log files are generated from servers and network devices to record operations that occur in the computers and networks. As log files are too enormous to manualize, we develop a tool to maximize accuracy as well as efficiency while high speed processing is the goal. Firstly, we must improve the accuracy by using learning algorithms to classify the normal operations from the abnormal ones such algorithms include tf-idf, association rules, k-means clustering, and decision tree. Secondly, we may adapt for less accuracy in order to gain speed for both with and/or without parallel processing techniques. We also construct an adaptive learning algorithm to update the model. Then we flush out out-of-date model while the logs are being captured and processed. The result can achieve the goal as they can reach about 30-40% in real-time processing with nearly zero false positive results.
Keywords :
data mining; decision trees; learning (artificial intelligence); system monitoring; Intelli-log; adaptive learning algorithm; association rules; computer log files; decision tree; k-means clustering; real-time log analyzer; tf-idf; Algorithm design and analysis; Classification tree analysis; Clustering algorithms; Computer networks; Computer science education; Educational technology; File servers; Intrusion detection; Network servers; Parallel processing; Computer Log Analysis; Data Mining; Data Stream; Learning Algorithm; component;
Conference_Titel :
Education Technology and Computer (ICETC), 2010 2nd International Conference on
Conference_Location :
Shanghai
Print_ISBN :
978-1-4244-6367-1
DOI :
10.1109/ICETC.2010.5529226
