Overview
- Contains a comprehensive presentation of novel methods to parse, process and analyze log data
- Provides insights into the inner mechanisms of novel machine learning approaches
- Presents step-by-step examples to make the material easily accessible
- Examples throughout the book are supported by Open-Source software
Access this book
Tax calculation will be finalised at checkout
Other ways to access
Table of contents (9 chapters)
Keywords
About this book
Detailed examples throughout this book allow the reader to better understand and apply the introduced techniques with open source software. Step-by-step instructions help to get familiar with the concepts and to better comprehend their inner mechanisms. A log test data set is available as free download and enables the reader to get the system up and running in no time.
This book is designed for researchers working in the field of cyber security, and specifically system monitoring, anomaly detection and intrusion detection. The content of this book will be particularly useful for advanced-level students studying computer science, computer technology, and information systems. Forward-thinking practitioners, who would benefit from becoming familiar with the advanced anomaly detection methods, will also be interested in this book.
Authors and Affiliations
About the authors
Markus Wurzenberger is a scientist and project manager at the Austrian Institute of Technology (AIT), located in Vienna, Austria. His main research interests are log data analysis with focus on anomaly detection and cyber threat intelligence (CTI). This includes the development of (i) novel machine learning that allow online processing of large amounts of log data to enable attack detection in real time, and (ii) artificial intelligence (AI) methods and concepts for extracting threat information from anomalies to automatically generate actionable andshareable CTI. Besides the involvement in several national and international research projects, Markus is one of the key researchers working on AIT's anomaly detection project AECID (Automatic Event Correlation for Incident Detection). Among the most prominent solutions developed within this project, Markus and his team created AMiner, a software component for log analysis, which implements several anomaly detection algorithms and is included as package in the official Debian distribution. In 2016, Markus enrolled for his PhD studies in computer science at the Vienna University of Technology, with focus on anomaly detection in computer log data. The subject of his PhD aligns with several national and international research projects AIT is involved in. In 2015 Markus obtained his Master's Degree in Technical Mathematics at the Vienna University of Technology. Since 2014 he is a full-time researcher at AIT in the area of cyber security.
Max Landauer finished his Bachelor’s Degree in Business Informatics at the Vienna University of Technology in 2016. In 2017, he joined the Austrian Institute of Technology (AIT), where he carried out his Master’s Thesis on clustering and time-series analysis of system log data. He started his PhD studies as a cooperative project between the Vienna University of Technology and the Austrian Institute of Technology in 2018. For his dissertation, Max is working on an automatic threat intelligence mining approach that extracts actionable CTI from raw log data. The goal of this research is to transform threat information shared by different organizations into abstract alert patterns that allow detection and classification of similar attacks. Moreover, Max is a maintainer of the logdata-anomaly-miner (AMiner), an Open-Source agent for parsing and analyzing all kinds of system logs, that is developed at AIT and available in the Debian distribution. He is also contributing to multiple other tools thatare part of AECID (Automatic Event Correlation for Incident Detection), a framework for all kinds of efficient and scalable log data analysis techniques such as parser generation and log clustering. Max has multiple years of experience with nationally and internationally funded projects in numerous areas, including machine learning, artificial intelligence, cyber-physical systems, and digital service chains. He is currently employed as a Junior Scientist in the center for Digital Safety and Security at the Austrian Institute of Technology. His main research interests are log data analysis, anomaly detection, and cyber threat intelligence.
Bibliographic Information
Book Title: Smart Log Data Analytics
Book Subtitle: Techniques for Advanced Security Analysis
Authors: Florian Skopik, Markus Wurzenberger, Max Landauer
DOI: https://doi.org/10.1007/978-3-030-74450-2
Publisher: Springer Cham
eBook Packages: Computer Science, Computer Science (R0)
Copyright Information: Springer Nature Switzerland AG 2021
Hardcover ISBN: 978-3-030-74449-6Published: 29 August 2021
Softcover ISBN: 978-3-030-74452-6Published: 30 August 2022
eBook ISBN: 978-3-030-74450-2Published: 28 August 2021
Edition Number: 1
Number of Pages: XV, 208
Number of Illustrations: 29 b/w illustrations, 36 illustrations in colour
Topics: Systems and Data Security, Machine Learning, Principles and Models of Security, Data Mining and Knowledge Discovery, Pattern Recognition