Detect and correlate information system events through verbose logging messages analysis

Detect and correlate information system events through verbose logging messages analysis

Detecting and tracking events from logging data is a critical element for security and system administrators and thus attracts more and more research efforts. However, there exists a major limitation in current processes of Event Logging analysis, related to the verbosity and language-dependence of...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:Computing 2019-07, Vol.101 (7), p.819-830
Hauptverfasser: Amato, Flora, Cozzolino, Giovanni, Mazzeo, Antonino, Moscato, Francesco
Format: Artikel
Sprache:eng
Schlagworte:
Artificial Intelligence
Computer Appl. in Administrative Data Processing
Computer Communication Networks
Computer Science
Data logging
Dependence
Information Systems Applications (incl.Internet)
Messages
Metadata
Natural language processing
Semantics
Software Engineering
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Detecting and tracking events from logging data is a critical element for security and system administrators and thus attracts more and more research efforts. However, there exists a major limitation in current processes of Event Logging analysis, related to the verbosity and language-dependence of messages produced by many logging systems. In this paper, a novel methodology was proposed to tackle this limitation by analysing event messages through a Natural Language Processing task in order to annotate them with semantic metadata. These metadata are further used to enable semantic searches or domain ontology population that help administrator to filter only relevant event and to correlate them for a prompt and efficient response and incident analysis.
ISSN:0010-485X
1436-5057
DOI:10.1007/s00607-018-0662-1