John Reuning 8 January 2004 Applying Information Retrieval Techniques to Event Log Analysis for Intrusion Detection

  title={John Reuning 8 January 2004 Applying Information Retrieval Techniques to Event Log Analysis for Intrusion Detection},
  author={John Reuning},
This paper explores the application of probabilistic information retrieval theories to the field of log analysis and host-based intrusion detection. Strong similarities exist between intrusion detection and information retrieval. Using information retrieval techniques may yield significant improvements to the performance of intrusion detection systems. This paper provides a brief review of current relevant research in intrusion detection and log analysis, introduces information retrieval… CONTINUE READING

From This Paper

Topics from this paper.


Publications citing this paper.
Showing 1-9 of 9 extracted citations

Fast entropy based alert detection in super computer logs

2010 International Conference on Dependable Systems and Networks Workshops (DSN-W) • 2010
View 4 Excerpts
Highly Influenced

Filtering Security Alerts for the Analysis of a Production SaaS Cloud

2014 IEEE/ACM 7th International Conference on Utility and Cloud Computing • 2014
View 2 Excerpts

A next generation entropy based framework for alert detection in system logs

12th IFIP/IEEE International Symposium on Integrated Network Management (IM 2011) and Workshops • 2011

An Evaluation of Entropy Based Approaches to Alert Detection in High Performance Cluster Logs

2010 Seventh International Conference on the Quantitative Evaluation of Systems • 2010
View 3 Excerpts

Alert Detection in System Logs

2008 Eighth IEEE International Conference on Data Mining • 2008
View 1 Excerpt

Bad Words: Finding Faults in Spirit's Syslogs

2008 Eighth IEEE International Symposium on Cluster Computing and the Grid (CCGRID) • 2008
View 1 Excerpt


Publications referenced by this paper.
Showing 1-10 of 11 references

Intrusion Detection: Mimicry Attacks on Hostbased Intrusion Detection Systems.

Wagner, David, Paolo Soto
Proceedings of the 9th ACM conference on Computer and Communications Security, • 2002

An Introduction to Intrusion Detection Systems.

Innella, Paul, Oba McMillan
December 6, • 2001

Intrusion Detection via Static Analysis

IEEE Symposium on Security and Privacy • 2001

Probabilistic Networks with Undirected Links for Anomaly Detection.

Ye, Nong
Proceedings of the 2000 IEEE Workshop on Information Assurance and Security, • 2000

Readings in Information Retrieval

Sparck Jones, Karen, Peter Willett, eds

Similar Papers

Loading similar papers…