Info
- Utilizzare la checkbox di selezione a fianco di ciascun documento per attivare le funzionalità di stampa, invio email, download nei formati disponibili del (i) record.
Smart log data analytics : techniques for advanced security analysis / / Florian Skopik, Markus Wurzenberger, Max Landauer
| Smart log data analytics : techniques for advanced security analysis / / Florian Skopik, Markus Wurzenberger, Max Landauer |
| Autore | Skopik Florian |
| Pubbl/distr/stampa | Cham, Switzerland : , : Springer, , [2021] |
| Descrizione fisica | 1 online resource (210 pages) |
| Disciplina | 005.16 |
| Soggetto topico | Data logging |
| ISBN | 3-030-74450-7 |
| Formato | Materiale a stampa  |
| Livello bibliografico | Monografia |
| Lingua di pubblicazione | eng |
| Record Nr. | UNISA-996464391203316 |
Skopik Florian
|
||
| Cham, Switzerland : , : Springer, , [2021] | ||
| Materiale a stampa | ||
| Lo trovi qui: Univ. di Salerno | ||
| ||
Smart Log Data Analytics : Techniques for Advanced Security Analysis / / by Florian Skopik, Markus Wurzenberger, Max Landauer
| Smart Log Data Analytics : Techniques for Advanced Security Analysis / / by Florian Skopik, Markus Wurzenberger, Max Landauer |
| Autore | Skopik Florian |
| Edizione | [1st ed. 2021.] |
| Pubbl/distr/stampa | Cham : , : Springer International Publishing : , : Imprint : Springer, , 2021 |
| Descrizione fisica | 1 online resource (210 pages) |
| Disciplina | 005.16 |
| Collana | Computer Science Series |
| Soggetto topico |
Data protection
Machine learning Computer security Data mining Pattern recognition systems Data and Information Security Machine Learning Principles and Models of Security Data Mining and Knowledge Discovery Automated Pattern Recognition |
| ISBN | 3-030-74450-7 |
| Formato | Materiale a stampa |
| Livello bibliografico | Monografia |
| Lingua di pubblicazione | eng |
| Nota di contenuto | I1 -- Introduction -- 1.1 State of the art in security monitoring and anomaly detection -- 1.2 Current trends -- 1.3. future challenges -- 1.4 Log data analysis: today and tomorrow -- 1.5 Smart log data analytics: Structure of the book -- 1.6 Try it out: Hands-on examples throughout the book -- 2 Survey on log clustering approaches -- 2.1 Introduction. 2.2 Survey background -- 2.1 The nature of log data. 2.2 Static clustering -- 2.3 Dynamic clustering -- 2.4 Applications in the security domain -- 2.3 Survey method -- 2.3.1 Set of criteria -- 2.3.2 Literature search -- 2.4 Survey results -- 2.4.1 Purpose and applicability (P) -- 2.4.2 Clustering techniques (C) -- 2.4.3 Anomaly detection (AD) -- 2.4.4 Evaluation (E). 2.4.5 Discussion -- 2.5 Conclusion -- 3 Incremental log data clustering for processing large amounts of data online -- 3.1 Introduction -- 3.2 Concept for incremental clustering -- 3.2.1 Incremental clustering -- 3.2.2 Description of model -- 3.2.3 String metrics -- 3.2.4 Description of model M1.‑‑ 3.2.5 Time series analysis -- 3.3 Outlook and further development -- 3.4 Try it out -- 3.4.1 Exim Mainlog -- 3.4.2 Messages log file -- 4 Generating character-based templates for log data -- 4.1 Introduction -- 4.2 Concept for generating character-based templates -- 4.3 Cluster template generator algorithms4.3.1 Initial matching -- 4.3.2 Merge algorithm.-4.3.3 Length algorithm -- 4.3.4 Equalmerge algorithm -- 4.3.5 Token_char algorithm -- 4.3.6 Comparison -- 4.4 Outlook and further development -- 4.5 Try it out -- 4.5.1 Exim Mainlog -- 5 Time series analysis for temporal anomaly detection5.1 Introduction -- 5.2 Concept for dynamic clustering and AD -- 5.3 Cluster evolution -- 5.3.1 Clustering model -- 5.3.2 Tracking -- 5.3.3 Transitions -- 5.3.4 Evolution metrics -- 5.4 Time series analysis -- 5.4.1 Model -- 5.4.2 Forecast -- 5.4.3 Correlation -- 5.4.4 Detection -- 5.5 Example -- 5.5.1 Long-term analysis of Suricata logs -- 5.5.2 Short-term analysis of Audit logs -- 6 AECID: A light-weight log analysis approach for online anomaly detection -- 6.1 Introduction -- 6.2 The AECID approach -- 6.2.1 AMiner -- 6.2. AECID central -- 6.2. Detecting anomalies -- 6.2. Rule generator -- 6.2. Correlation engine -- 6.2. Detectable anomalies -- 6. System deployment and operation -- 6. Application scenarios -- 6. Try it out -- 6.5.1 Configuration of the AMiner for AIT-LDSv1. - 6.5.2 Apache Access logs -- 6.5.3 Exim Mainlog file -- 6.5.4 Audit logs -- 7. A concept for a tree-based log parser generator -- 7.1 Introduction -- 7.2 Tree-based parser concept -- 7.3 AECID-PG: tree-based log parser generator -- 7.3.1 Challenges when generating tree-like parsers -- 7.3.2 AECID-PG concept -- 7.3.3 AECID-PG rules -- 7.3.4 Features -- 7.4 Outlook and further application -- 7.5 Try it out -- 7.5.1 Exim Mainlog -- 7.5.2 Audit logs -- 8 Variable type detector for statistical analysis of log tokens -- 8.1 Introduction.-.-8.2 Variable type detector concept -- 8.3 Variable type detector algorithm -- 8.3.1 Sanitize log data -- 8.3.2 Initialize types -- 8.3.3 Update types -- 8.3.4 Compute indicators -- 8.3.5 Select tokens -- 8.3.6 Compute indicator weights -- 8.3.7 Report anomalies -- 8.4 Try it out -- 8.4.1 Apache Access log -- 9. Final remarks. |
| Record Nr. | UNINA-9910495198303321 |
|
Skopik Florian
|
||
| Cham : , : Springer International Publishing : , : Imprint : Springer, , 2021 | ||
| Materiale a stampa | ||
| Lo trovi qui: Univ. Federico II | ||
| ||