Skip to main content
Disciplines
Automotive Business IT + Informatics Construction + Real Estate Electrical Engineering + Electronics Energy + Sustainability Insurance + Risk Finance + Banking Management + Leadership Marketing + Sales Mechanical Engineering + Materials
Events
DE
EN
Books
Journals
Topic Page
Marketing
Start single access now
Access for companies
EXTENDED SEARCH
Log in
Top
Computing
Published in: Computing 7/2019

22-09-2018

Detect and correlate information system events through verbose logging messages analysis

Authors: Flora Amato, Giovanni Cozzolino, Antonino Mazzeo, Francesco Moscato

Published in: Computing | Issue 7/2019

Log in

Activate our intelligent search to find suitable subject content or patents.

search-config
loading …

Abstract

Detecting and tracking events from logging data is a critical element for security and system administrators and thus attracts more and more research efforts. However, there exists a major limitation in current processes of Event Logging analysis, related to the verbosity and language-dependence of messages produced by many logging systems. In this paper, a novel methodology was proposed to tackle this limitation by analysing event messages through a Natural Language Processing task in order to annotate them with semantic metadata. These metadata are further used to enable semantic searches or domain ontology population that help administrator to filter only relevant event and to correlate them for a prompt and efficient response and incident analysis.
previous article A fuzzy security protocol for trust management in the internet of things (Fuzzy-IoT)
next article Efficient routing for corona based underwater wireless sensor networks

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now
Footnotes
Literature
1.
2.
Amato F, Moscato F (2015) A model driven approach to data privacy verification in e-health systems. Trans Data Priv 8(3):273–296
3.
Amato F, Moscato F (2016) Pattern-based orchestration and automatic verification of composite cloud services. Comput Electr Eng 56:842–853CrossRef
4.
Amato F, Moscato F (2017) Exploiting cloud and workflow patterns for the analysis of composite cloud services. Future Gener Comput Syst 67:255–265CrossRef
5.
Chergui N, Chikhi S, Kechadi T (2017) Semantic grid resource discovery based on skos ontology. Int J Grid Utility Comput (IJGUC) 8(4):269CrossRef
6.
Leemans M, van der Aalst WMP, van den Brand MGJ (2018a) Recursion aware modeling and discovery for hierarchical software event log analysis. In: 2018 IEEE 25th international conference on software analysis, evolution and reengineering (SANER), pp 185–196. https://​doi.​org/​10.​1109/​SANER.​2018.​8330208
7.
Leemans M, van der Aalst WMP, van den Brand MGJ (2018b) The statechart workbench: Enabling scalable software event log analysis using process mining. In: 2018 IEEE 25th international conference on software analysis, evolution and reengineering (SANER), pp 502–506. https://​doi.​org/​10.​1109/​SANER.​2018.​8330248
8.
Li T, Jiang Y, Zeng C, Xia B, Liu Z, Zhou W, Zhu X, Wang W, Zhang L, Wu J, Xue L, Bao D (2017) Flap: An end-to-end event log analysis platform for system management. In: Proceedings of the 23rd ACM SIGKDD international conference on knowledge discovery and data mining. ACM, New York, NY, USA, KDD ’17, pp 1547–1556. https://​doi.​org/​10.​1145/​3097983.​3098022
9.
Luh R, Marschalek S, Kaiser M, Janicke H, Schrittwieser S (2017) Semantics-aware detection of targeted attacks: a survey. J Comput Virol Hacking Tech 13(1):47–85CrossRef
10.
Manning C, Surdeanu M, Bauer J, Finkel J, Bethard S, McClosky D (2014) The stanford corenlp natural language processing toolkit. In: Proceedings of 52nd annual meeting of the association for computational linguistics: system demonstrations, pp 55–60
11.
Sanges G, Aversa R, Tasquier L (2017) An autonomic monitoring framework for iaas cloud applications. Int J Grid Utility Comput (IJGUC) 8(4):330CrossRef
12.
Xu H, Ding J, Li P, Sgandurra D, Wang R (2018) An improved smurf scheme for cleaning rfid data. Int J Grid Util Comput 9(2):170–178CrossRef
13.
Zhang J, Huang ML, Hoang D (2013) Visual analytics for intrusion detection in spam emails. Int J Grid Util Comput 4(2–3):178–186CrossRef
Metadata
Title
Detect and correlate information system events through verbose logging messages analysis
Authors
Flora Amato
Giovanni Cozzolino
Antonino Mazzeo
Francesco Moscato
Publication date
22-09-2018
Publisher
Springer Vienna
Published in
Computing / Issue 7/2019
Print ISSN: 0010-485X
Electronic ISSN: 1436-5057
DOI
https://doi.org/10.1007/s00607-018-0662-1

Other articles of this Issue 7/2019

Computing 7/2019 Go to the issue

OriginalPaper

Improved publicly verifiable group sum evaluation over outsourced data streams in IoT setting

OriginalPaper

Critical situation management utilizing IoT-based data resources through dynamic contextual role modeling and activation

OriginalPaper

Towards a distributed real-time hybrid simulator for autonomous vehicles

Editorial

Special issue “Internet of Things (IoT)-based Services”

OriginalPaper

Multi-access edge computing aided mobility for privacy protection in Internet of Things

OriginalPaper

Testing IoT systems using a hybrid simulation based testing approach

Premium Partner

    Image Credits