Overview
Computer security breaches are already a major problem in using computers. The most basic defense against it is to monitor and audit the computer logs. Comptuer logs, however, have a huge amount of textual data. It is, therefore, almost impossible to inspect them manually using current systems. We propose a log visualization system called "Tudumi". Tudumi consists of several functions which assist system administrators to perform such tasks manually. These functions are information visualization, log summarization and reflecting known rules into the viusualization method. Tudumi makes it easier to detect anomalous user activities, such as intrusion attempts, from a huge amount of computer logs.
Publications
-
Tetsuji TAKADA, Hideki KOIKE:
Tudumi: Information Visualization System for Monitoring and Auditing Computer Logs
Proceedings of 6th International Conference on Information Visualization (IV'02), IEEE CS Press, pp.560-576, July 2002.
Related links