Computer Science – Learning
Scientific paper
2011-09-08
Computer Science
Learning
7 pages, 5 figures, 6 tables
Scientific paper
Mining information from logs is an old and still active research topic. In recent years, with the rapid emerging of cloud computing, log mining becomes increasingly important to industry. This paper focus on one major mission of log mining: anomaly detection, and proposes a novel method for mining abnormal sequences from large logs. Different from previous anomaly detection systems which based on statistics, probabilities and Markov assumption, our approach measures the strangeness of a sequence using compression. It first trains a grammar about normal behaviors using grammar-based compression, then measures the information quantities and densities of questionable sequences according to incrementation of grammar length. We have applied our approach on mining some real bugs from fine grained execution logs. We have also tested its ability on intrusion detection using some publicity available system call traces. The experiments show that our method successfully selects the strange sequences which related to bugs or attacking.
Fang Jinyun
Han Jizhong
Wang Nan
No associations
LandOfFree
Anomaly Sequences Detection from Logs Based on Compression does not yet have a rating. At this time, there are no reviews or comments for this scientific paper.
If you have personal experience with Anomaly Sequences Detection from Logs Based on Compression, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Anomaly Sequences Detection from Logs Based on Compression will most certainly appreciate the feedback.
Profile ID: LFWR-SCP-O-475314