Catalog Home Page

Automatic Graph-Based clustering for security logs

Studiawan, H., Payne, C. and Sohel, F. (2019) Automatic Graph-Based clustering for security logs. In: Barolli, L., Takizawa, M., Xhafa, F. and Enokido, T., (eds.) Primate Life Histories, Sex Roles, and Adaptability. Springer, pp. 914-926.

Link to Published Version: https://doi.org/10.1007/978-3-030-15032-7_77
*Subscription may be required

Abstract

Computer security events are recorded in several log files. It is necessary to cluster these logs to discover security threats, detect anomalies, or identify a particular error. A problem arises when large quantities of security log data need to be checked as existing tools do not provide sufficiently sophisticated grouping results. In addition, existing methods need user input parameters and it is not trivial to find optimal values for these. Therefore, we propose a method for the automatic clustering of security logs. First, we present a new graph-theoretic approach for security log clustering based on maximal clique percolation. Second, we add an intensity threshold to the obtained maximal clique to consider the edge weight before proceeds to the percolations. Third, we use the simulated annealing algorithm to optimize the number of percolations and intensity threshold for maximal clique percolation. The entire process is automatic and does not need any user input. Experimental results on various real-world datasets show that the proposed method achieves superior clustering results compared to other methods.

Item Type: Book Chapter
Murdoch Affiliation: Information Technology, Mathematics and Statistics
Publisher: Springer
Copyright: © 2020 Springer Nature Switzerland AG
Other Information: Conference title: International Conference on Advanced Information Networking and Applications (AINA) 2019; Matsue, Japan 27 - 29 March
URI: http://researchrepository.murdoch.edu.au/id/eprint/45303
Item Control Page Item Control Page