• Title/Summary/Keyword: log data analysis

Search Result 978, Processing Time 0.024 seconds

Design and Analysis of the Log Authentication Mechanism based on the Merkle Tree (Merkle Tree 기반의 로그인증 메커니즘 설계 및 분석)

  • Lee, Jung yeob;Park, Chang seop
    • Convergence Security Journal
    • /
    • v.17 no.1
    • /
    • pp.3-13
    • /
    • 2017
  • As security log plays important roles in various fields, the integrity of log data become more and more important. Especially, the stored log data is an immediate target of the intruder to erase his trace in the system penetrated. Several theoretical schemes to guarantee the forward secure integrity have been proposed, even though they cannot provide the integrity of the log data after the system is penetrated. Authentication tags of these methods are based on the linear-hash chain. In this case, it is difficult to run partial validation and to accelerate generating and validating authentication tags. In this paper, we propose a log authentication mechanism, based on Mekle Tree, which is easy to do partial validation and able to apply multi threading.

Linear regression under log-concave and Gaussian scale mixture errors: comparative study

  • Kim, Sunyul;Seo, Byungtae
    • Communications for Statistical Applications and Methods
    • /
    • v.25 no.6
    • /
    • pp.633-645
    • /
    • 2018
  • Gaussian error distributions are a common choice in traditional regression models for the maximum likelihood (ML) method. However, this distributional assumption is often suspicious especially when the error distribution is skewed or has heavy tails. In both cases, the ML method under normality could break down or lose efficiency. In this paper, we consider the log-concave and Gaussian scale mixture distributions for error distributions. For the log-concave errors, we propose to use a smoothed maximum likelihood estimator for stable and faster computation. Based on this, we perform comparative simulation studies to see the performance of coefficient estimates under normal, Gaussian scale mixture, and log-concave errors. In addition, we also consider real data analysis using Stack loss plant data and Korean labor and income panel data.

Design and Implementation of a Hadoop-based Efficient Security Log Analysis System (하둡 기반의 효율적인 보안로그 분석시스템 설계 및 구현)

  • Ahn, Kwang-Min;Lee, Jong-Yoon;Yang, Dong-Min;Lee, Bong-Hwan
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.19 no.8
    • /
    • pp.1797-1804
    • /
    • 2015
  • Integrated log management system can help to predict the risk of security and contributes to improve the security level of the organization, and leads to prepare an appropriate security policy. In this paper, we have designed and implemented a Hadoop-based log analysis system by using distributed database model which can store large amount of data and reduce analysis time by automating log collecting procedure. In the proposed system, we use the HBase in order to store a large amount of data efficiently in the scale-out fashion and propose an easy data storing scheme for analysing data using a Hadoop-based normal expression, which results in improving data processing speed compared to the existing system.

Outlying Cell Identification Method Using Interaction Estimates of Log-linear Models

  • Hong, Chong Sun;Jung, Min Jung
    • Communications for Statistical Applications and Methods
    • /
    • v.10 no.2
    • /
    • pp.291-303
    • /
    • 2003
  • This work is proposed an alternative identification method of outlying cell which is one of important issues in categorical data analysis. One finds that there is a strong relationship between the location of an outlying cell and the corresponding parameter estimates of the well-fitted log-linear model. Among parameters of log-linear model, an outlying cell is affected by interaction terms rather than main effect terms. Hence one could identify an outlying cell by investigating of parameter estimates in an appropriate log-linear model.

CERES: A Log-based, Interactive Web Analytics System for Backbone Networks (CERES: 백본망 로그 기반 대화형 웹 분석 시스템)

  • Suh, Ilhyun;Chung, Yon Dohn
    • KIISE Transactions on Computing Practices
    • /
    • v.21 no.10
    • /
    • pp.651-657
    • /
    • 2015
  • The amount of web traffic has increased as a result of the rapid growth of the use of web-based applications. In order to obtain valuable information from web logs, we need to develop systems that can support interactive, flexible, and efficient ways to analyze and handle large amounts of data. In this paper, we present CERES, a log-based, interactive web analytics system for backbone networks. Since CERES focuses on analyzing web log records generated from backbone networks, it is possible to perform a web analysis from the perspective of a network. CERES is designed for deployment in a server cluster using the Hadoop Distributed File System (HDFS) as the underlying storage. We transform and store web log records from backbone networks into relations and then allow users to use a SQL-like language to analyze web log records in a flexible and interactive manner. In particular, we use the data cube technique to enable the efficient statistical analysis of web log. The system provides users a web-based, multi-modal user interface.

User Information Needs Analysis based on Query Log Big Data of the National Archives of Korea (국가기록원 질의로그 빅데이터 기반 이용자 정보요구 유형 분석)

  • Baek, Ji-yeon;Oh, Hyo-Jung
    • Journal of the Korean Society for information Management
    • /
    • v.36 no.4
    • /
    • pp.183-205
    • /
    • 2019
  • Among the various methods for identifying users's information needs, Log analysis methods can realistically reflect the users' actual search behavior and analyze the overall usage of most users. Based on the large quantity of query log big data obtained through the portal service of the National Archives of Korea, this study conducted an analysis by the information type and search result type in order to identify the users' information needs. The Query log used in analysis were based on 1,571,547 query data collected over a total of 141 months from 2007 to December 2018, when the National Archives of Korea provided search services via the web. Furthermore, based on the analysis results, improvement methods were proposed to improve user search satisfaction. The results of this study could actually be used to improve and upgrade the National Archives of Korea search service.

Development of the SysLog-based Integrated Log Management system for Firewalls in Distributed Network Environments (분산 환경에서 SysLog기반의 방화벽 통합로그관리시스템 개발)

  • Lee, Dong Young;Seo, Hee Suk;Lee, Eul Suk
    • Journal of Korea Society of Digital Industry and Information Management
    • /
    • v.7 no.4
    • /
    • pp.39-45
    • /
    • 2011
  • Application log files contain error messages; operational data and usage information that can help manage applications and servers. Log analysis system is software that read and parse log files, extract and aggregate information in order to generate reports on the application. In currently, the importance of log files of firewalls is growing bigger and bigger for the forensics of cyber crimes and the establishment of security policy. In this paper, we designed and implemented the SILAS(SysLog-based Integrated Log mAanagement System) in distribute network environments. It help to generate reports on the the log fires of firewalls - IP and users, and statistics of application usage.

A Clustering Algorithm Considering Structural Relationships of Web Contents

  • Kang Hyuncheol;Han Sang-Tae;Sun Young-Su
    • Communications for Statistical Applications and Methods
    • /
    • v.12 no.1
    • /
    • pp.191-197
    • /
    • 2005
  • Application of data mining techniques to the world wide web, referred to as web mining, has been the focus of several recent researches. With the explosive growth of information sources available on the world wide web, it has become increasingly necessary to track and analyze their usage patterns. In this study, we introduce a process of pre-processing and cluster analysis on web log data and suggest a distance measure considering the structural relationships between web contents. Also, we illustrate some real examples of cluster analysis for web log data and look into practical application of web usage mining for eCRM.

Correlation Analysis of Event Logs for System Fault Detection (시스템 결함 분석을 위한 이벤트 로그 연관성에 관한 연구)

  • Park, Ju-Won;Kim, Eunhye;Yeom, Jaekeun;Kim, Sungho
    • Journal of Korean Society of Industrial and Systems Engineering
    • /
    • v.39 no.2
    • /
    • pp.129-137
    • /
    • 2016
  • To identify the cause of the error and maintain the health of system, an administrator usually analyzes event log data since it contains useful information to infer the cause of the error. However, because today's systems are huge and complex, it is almost impossible for administrators to manually analyze event log files to identify the cause of an error. In particular, as OpenStack, which is being widely used as cloud management system, operates with various service modules being linked to multiple servers, it is hard to access each node and analyze event log messages for each service module in the case of an error. For this, in this paper, we propose a novel message-based log analysis method that enables the administrator to find the cause of an error quickly. Specifically, the proposed method 1) consolidates event log data generated from system level and application service level, 2) clusters the consolidated data based on messages, and 3) analyzes interrelations among message groups in order to promptly identify the cause of a system error. This study has great significance in the following three aspects. First, the root cause of the error can be identified by collecting event logs of both system level and application service level and analyzing interrelations among the logs. Second, administrators do not need to classify messages for training since unsupervised learning of event log messages is applied. Third, using Dynamic Time Warping, an algorithm for measuring similarity of dynamic patterns over time increases accuracy of analysis on patterns generated from distributed system in which time synchronization is not exactly consistent.

Development of App Analysis System and CMS System Open API (APP 분석 시스템 및 CMS시스템 오픈API 개발)

  • Kim, Sung Rim;Park, Hyeong Rok;Chun, Soojin
    • Journal of Korea Society of Digital Industry and Information Management
    • /
    • v.10 no.3
    • /
    • pp.23-33
    • /
    • 2014
  • The smart phone are changing the way people communicate. And, the mobile app marketplace is greatly fast-growing. The app store continues its rapid growth, there are already more than 900,000 mobile apps on AppStore. We anticipate to see gained momentum throughout the business. Mobile is also becoming popular for marketers. Therefore, specialized app analysis systems are becoming important to how marketers and app developers invest, analyze and market their apps. App analysis systems enable users to discover and analyze behavior through data observations and meaningful patterns. In this paper, we introduce app analysis system and CMS System Open API, NugaLog. The NugaLog acquires users data and engages with them in a variety of ways. It will be essential for us to understand how users interact with and move through the app. The NugaLog will be able to see the number of users, smart phone model, smart phone OS, resolution, page views, and app version.