The sheer number of different attack vectors and large amount of data produced by computer systems make it impossible to secure network infrastructures using traditional security measures such as anti-viruses, firewalls, and signature-based intrusion detection systems (IDS) that mostly allow detection of known attacks. Additionally, end-to-end encryption, virtualization and containerization make monitoring and analyzing network traffic non-trivial. Therefore, this thesis investigates the potential of anomaly-based intrusion detection that monitors textual log data, such as system logs, audit logs (syscalls), web logs (e.g., access logs), and application logs. The thesis identifies research gaps in state of the art log-based anomaly detectio...
Computer security is an area of ever increasing importance. Our society relies on computerised servi...
With the continuous increase in data velocity and volume nowadays, preserving system and data securi...
In recent times complex software systems are continuously generating application and server logs for...
With the increase of network virtualization and the disparity of vendors, the continuous monitoring ...
dissertationSoftware developers often record critical system events and system status into log files...
Digital crimes are increasing exponentially and people with possession of even a simple digital devi...
Log data adapted for intrusion detection is a little explored research issue despite its importance ...
As log files increase in size, it becomes increasingly difficult to manually detect errors within th...
Keeping networks secure has never been such an imperative task as today. Threats come from hardware ...
Network traffic is increasing all the time and network services are becoming more complex and vulne...
Intrusion detection is an important part of networkedsystems security protection. Although commercia...
Log-based anomaly detection identifies systems' anomalous behaviors by analyzing system runtime info...
A computer system generates logs to record all relevant operational data about the system and all op...
As the number of cyber-attacks continues to grow on a daily basis, so does the delay in threat detec...
The quality of log data is vital to the intrusion detection process. At the same time, it is very mu...
Computer security is an area of ever increasing importance. Our society relies on computerised servi...
With the continuous increase in data velocity and volume nowadays, preserving system and data securi...
In recent times complex software systems are continuously generating application and server logs for...
With the increase of network virtualization and the disparity of vendors, the continuous monitoring ...
dissertationSoftware developers often record critical system events and system status into log files...
Digital crimes are increasing exponentially and people with possession of even a simple digital devi...
Log data adapted for intrusion detection is a little explored research issue despite its importance ...
As log files increase in size, it becomes increasingly difficult to manually detect errors within th...
Keeping networks secure has never been such an imperative task as today. Threats come from hardware ...
Network traffic is increasing all the time and network services are becoming more complex and vulne...
Intrusion detection is an important part of networkedsystems security protection. Although commercia...
Log-based anomaly detection identifies systems' anomalous behaviors by analyzing system runtime info...
A computer system generates logs to record all relevant operational data about the system and all op...
As the number of cyber-attacks continues to grow on a daily basis, so does the delay in threat detec...
The quality of log data is vital to the intrusion detection process. At the same time, it is very mu...
Computer security is an area of ever increasing importance. Our society relies on computerised servi...
With the continuous increase in data velocity and volume nowadays, preserving system and data securi...
In recent times complex software systems are continuously generating application and server logs for...