DocumentCode
1966917
Title
Domain Independent Event Analysis for Log Data Reduction
Author
Kalamatianos, Theodoros ; Kontogiannis, Kostas ; Matthews, Peter
Author_Institution
Dept. of Electr. & Comput. Eng., Nat. Tech. Univ. of Athens, Athens, Greece
fYear
2012
fDate
16-20 July 2012
Firstpage
225
Lastpage
232
Abstract
Analyzing the run time behavior of large software systems is a difficult and challenging task. Log analysis has been proposed as a possible solution. However, such an analysis poses unique challenges, mostly due to the volume and diversity of the logged data that is collected, thus making this analysis often intractable for practical purposes. In this paper, we present a log analysis technique that aims to compute a smaller, compared to the original, collection of events that relate to a given analysis objective. The technique is based on computing a similarity score between the logged events and a collection of significant events that we refer to as beacons. The major novelties of the proposed technique are that it is domain independent and that it does not require the use of a pre-existing training data set. The technique has been evaluated against the DARPA Intrusion Detection Evaluation 1999 and the KDD 1999 data sets with promising results.
Keywords
data analysis; data reduction; program diagnostics; security of data; DARPA Intrusion Detection Evaluation 1999 data sets; KDD 1999 data sets; domain independent event analysis; large software systems; log analysis technique; log data reduction; run time behavior analysis; similarity score; Algorithm design and analysis; Analytical models; Intrusion detection; Software; Standards; Weight measurement; Software engineering; dynamic analysis; log analysis; log reduction; software maintenance; system understanding;
fLanguage
English
Publisher
ieee
Conference_Titel
Computer Software and Applications Conference (COMPSAC), 2012 IEEE 36th Annual
Conference_Location
Izmir
ISSN
0730-3157
Print_ISBN
978-1-4673-1990-4
Electronic_ISBN
0730-3157
Type
conf
DOI
10.1109/COMPSAC.2012.33
Filename
6340147
Link To Document