Automatic Graph-Based Clustering for Security Logs
| Autor: | Ferdous Sohel, Hudan Studiawan, Christian Payne |
|---|---|
| Rok vydání: | 2019 |
| Předmět: |
Clique
Graph based clustering Computer science 020209 energy Process (computing) 020207 software engineering 02 engineering and technology computer.software_genre Percolation Simulated annealing 0202 electrical engineering electronic engineering information engineering Enhanced Data Rates for GSM Evolution Data mining Cluster analysis computer MathematicsofComputing_DISCRETEMATHEMATICS |
| Zdroj: | Advanced Information Networking and Applications ISBN: 9783030150310 AINA |
| DOI: | 10.1007/978-3-030-15032-7_77 |
| Popis: | Computer security events are recorded in several log files. It is necessary to cluster these logs to discover security threats, detect anomalies, or identify a particular error. A problem arises when large quantities of security log data need to be checked as existing tools do not provide sufficiently sophisticated grouping results. In addition, existing methods need user input parameters and it is not trivial to find optimal values for these. Therefore, we propose a method for the automatic clustering of security logs. First, we present a new graph-theoretic approach for security log clustering based on maximal clique percolation. Second, we add an intensity threshold to the obtained maximal clique to consider the edge weight before proceeds to the percolations. Third, we use the simulated annealing algorithm to optimize the number of percolations and intensity threshold for maximal clique percolation. The entire process is automatic and does not need any user input. Experimental results on various real-world datasets show that the proposed method achieves superior clustering results compared to other methods. |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|