检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
作 者:Seunghoon Yoo Jaemin Jo Bohyoung Kim Jinwook Seo
机构地区:[1]Seoul National University,Korea [2]Hankuk University of Foreign Studies,Korea
出 处:《Visual Informatics》2018年第1期82-97,共16页可视信息学(英文)
基 金:This work was supported by the National Research Foundation of Korea(NRF)grant funded by the Korea govem-ment(MSIP)(No.NRF-2016R1A2B2007153);by the Han-kuk University of Foreign Studies Research Fund.
摘 要:Audit logs are different from other software logs in that they record the most primitive events(i.e.,system calls)in modem operating systems.Audit logs contain a detailed trace of an operating system,and thus have received great attention from security experts and system administrators.However,the complexity and size of audit logs,which increase in real time,have hindered analysts from understanding and analyzing them.In this paper,we present a novel visual analytics system,LongLine,which enables interactive visual analyses of large-scale audit logs.LongLine lowers the interpretation barrier of audit logs by employing human-understandable representations(e.g.,file paths and commands)instead of abstract indicators of operating systems(e.g.,file descriptors)as well as revealing the temporal patterns of the logs in a multi-scale fashion with meaningful granularity of time in mind(e.g.,hourly,daily,and weekly).LongLine also streamlines comparative analysis between interesting subsets of logs,which is essential in detecting anomalous behaviors of systems.In addition,LongLine allows analysts to monitor the system state in a streaming fashion,keeping the latency between log creation and visualization less than one minute.Finally,we evaluate our system through a case study and a scenario analysis with security experts.
关 键 词:Visual Analytics Log Visualization Multidimensional Data
分 类 号:TP3[自动化与计算机技术—计算机科学与技术]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.38
