Active Meta-Learner for Log Analysis

03/18/2022
by   Jonathan Pan, et al.
0

The analysis of logs is a vital activity undertaken for cyber investigation, digital forensics and fault detection to enhance system and cyber resilience. However, performing log analysis is a complex task. It requires extensive knowledge of how the logs are generated and the format of the log entries used. Also, it requires extensive knowledge or expertise in the identifying anomalous log entries from normal or benign log entries. This is especially complex when the forms of anomalous entries are constrained by what are the known forms of internal or external attacks techniques or the varied forms of disruptions that may exists. New or evasive forms of such disruptions are difficult to define. The challenge of log analysis is further complicated by the volume of log entries. Even with the availability of such log data, labelling such log entries would be a massive undertaking. Hence this research seeks to address these challenges with its novel Deep Learning model that learns and improves itself progressively with inputs or corrections provided when available. The practical application of such model construct facilitates log analysis or review with abilities to learn or incorporate new patterns to spot anomalies or ignore false positives.

READ FULL TEXT
research
08/31/2021

DeepTaskAPT: Insider APT detection using Task-tree based Deep Learning

APT, known as Advanced Persistent Threat, is a difficult challenge for c...
research
06/06/2021

Towards Logging Noisiness Theory: quality aspects to characterize unwanted log entries

Context: Logging tasks track the system's functioning by keeping records...
research
06/02/2023

EvLog: Evolving Log Analyzer for Anomalous Logs Identification

Software logs record system activities, aiding maintainers in identifyin...
research
01/31/2023

LogAI: A Library for Log Analytics and Intelligence

Software and System logs record runtime information about processes exec...
research
05/04/2018

Assessing Data Usefulness for Failure Analysis in Anonymized System Logs

System logs are a valuable source of information for the analysis and un...
research
05/29/2021

Log2NS: Enhancing Deep Learning Based Analysis of Logs With Formal to Prevent Survivorship Bias

Analysis of large observational data sets generated by a reactive system...
research
10/12/2018

ProPatrol: Attack Investigation via Extracted High-Level Tasks

Kernel audit logs are an invaluable source of information in the forensi...

Please sign up or login with your details

Forgot password? Click here to reset