Semantic Interpretation of Structured Log Files

Nimbalkar, Piyush; Mulwad, Varish; Puranik, Nikhil; Joshi, Anupam; Finin, Tim

doi:10.1109/iri.2016.81

Cited by 19 publications

(6 citation statements)

References 7 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In terms of semantic KGs, existing approaches have focused either on structured log data only [31], or on tasks such as entity [20] and relation [37] extraction in unstructured log data. Whereas some of the extraction methods introduced in this context are similar to our approach, their focus is less on log representation, but on cybersecurity information more general (e.g., textual descriptions of attacks).…”

Section: Related Workmentioning

confidence: 99%

The SLOGERT Framework for Automated Log Knowledge Graph Construction

Ekelhart

Ekaputra

Kiesling

2021

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Log files are a vital source of information for keeping systems running and healthy. However, analyzing raw log data, i.e., textual records of system events, typically involves tedious searching for and inspecting clues, as well as tracing and correlating them across log sources. Existing log management solutions ease this process with efficient data collection, storage, and normalization mechanisms, but identifying and linking entities across log sources and enriching them with background knowledge is largely an unresolved challenge. To facilitate a knowledgebased approach to log analysis, this paper introduces SLOGERT, a flexible framework and workflow for automated construction of knowledge graphs from arbitrary raw log messages. At its core, it automatically identifies rich RDF graph modelling patterns to represent types of events and extracted parameters that appear in a log stream. We present the workflow, the developed vocabularies for log integration, and our prototypical implementation. To demonstrate the viability of this approach, we conduct a performance analysis and illustrate its application on a large public log dataset in the security domain.

show abstract

Section: Related Workmentioning

confidence: 99%

The SLOGERT Framework for Automated Log Knowledge Graph Construction

Ekelhart

Ekaputra

Kiesling

2021

Lecture Notes in Computer Science

View full text Add to dashboard Cite

show abstract

“…Numerous studies have attempted to change the log structure into a rich format to improve the understanding. Nimbalkar et al [19] translated log files and added semantics keywords. The results are demonstrated in the semantic RDF linked data, which is a machine interpretable representation.…”

Section: Structuredmentioning

confidence: 99%

From logs to Stories: Human-Centred Data Mining for Cyber Threat Intelligence

et al. 2020

View full text Add to dashboard Cite

An average medium-sized organisation logs approx. 10 to 500 mln events per day on the system. Only less than 5% of threat alerts are being investigated by the specialised staff, leaving the security hole open for potential attacks. Insufficient information in alert message produced in machinefriendly rather than human-friendly format causes cognitive overload on currently limited cybersecurity resources. In this paper, the model that generates the report in natural language by means of applying novel storytelling techniques from security logs is proposed. The solution caters for different levels of reader expertise and preference by providing adjustable templates, filled from both local and global knowledge base. The validation is performed on case study from Security Operations Centre (SOC) at educational institution. The report generated proves superior to existing approach in terms of comprehension (increased cognition) and completeness (enriched context). The evaluation demonstrates power of storytelling in potential threats interpretation in cybersecurity context.

show abstract

“…They are typically semi-structured, combining regular entry types (dates, times, hosts) with irregular user-defined messages. For a primer on application log structures and their semantic interpretation, which is also exploited by more recent compression algorithms, the work by Nimbalkar et al [7] explains the problem domain and offers an RDF-based solution that links to domain vocabularies.…”

Section: Related Workmentioning

confidence: 99%

Comparison and Model of Compression Techniques for Smart Cloud Log File Handling

Spillner

2020

2020 International Conference on Communications, Computing, Cybersecurity, and Informatics (CCCI)

View full text Add to dashboard Cite

Compression as data coding technique has seen approximately 70 years of research and practical innovation. Nowadays, powerful compression tools with good trade-offs exist for a range of file formats from plain text to rich multimedia. Yet in the dilemma of cloud providers to reduce log data sizes as much as possible while having to keep as much as possible around for regulatory reasons and compliance processes, many companies are looking for smarter solutions beyond brute compression. In this paper, comprehensive applied research setting around network and system logs is introduced by comparing text compression ratios and performance. The benchmark encompasses 13 tools and 30 tool-configuration-search combinations. The tool and algorithm relationships as well as benchmark results are modelled in a graph. After discussing the results, the paper reasons about limitations of individual approaches and suitable combinations of compression with smart adaptive log file handling. The adaptivity is based on the exploitation of knowledge on format-specific compression characteristics expressed in the graph, for which a proof-of-concept advisor service is provided.

show abstract

Semantic Interpretation of Structured Log Files

Cited by 19 publications

References 7 publications

The SLOGERT Framework for Automated Log Knowledge Graph Construction

The SLOGERT Framework for Automated Log Knowledge Graph Construction

From logs to Stories: Human-Centred Data Mining for Cyber Threat Intelligence

Comparison and Model of Compression Techniques for Smart Cloud Log File Handling

Contact Info

Product

Resources

About