研究人员开发了NLLog,一种将系统日志转换为人类可读句子以增强安全异常检测的新型管道。该方法使用确定性重写过程、TF-IDF加权和树集成分类,在Hadoop分布式文件系统和Blue Gene/L语料库上的性能优于基线方法。NLLog在适合安全运营中心的延迟下保持较低的误报率,而消融实验证实了其有效性,并强调了最佳部署的语料库依赖性要求。 AI
影响 通过提供来自系统日志的可解释异常检测,提高了安全运营中心的效率。
排序理由 这是一篇详细介绍日志分析新方法的学术论文。[lever_c_demoted from research: ic=1 ai=1.0]
AI 生成摘要 · Google Gemini · 来自 2 个来源。 我们如何撰写摘要 →
arXiv:2606.04957v1 Announce Type: cross Abstract: System-generated logs underpin security monitoring, yet their rigid template-based format hinders both automated analysis and human comprehension. We present NLLog (Natural-Language Log), a lightweight pipeline that deterministica…
System-generated logs underpin security monitoring, yet their rigid template-based format hinders both automated analysis and human comprehension. We present NLLog (Natural-Language Log), a lightweight pipeline that deterministically rewrites parsed templates into WHO-WHAT-SEVERI…