Framework for Visualizing Browsing Patterns Captured in Computer Logs Using Data Mining Techniques

摘要

An Intrusion Detection System (IDS) is used for monitoring computer security breaches by monitoring and analyzing the data recorded in log files. However, it is difficult to manually investigate the vast amounts of textual information captured in these logs. In this paper, we propose a framework for an IDS using an Information Visualization (IV) approach, which will aid the IDS administrator in effective and efficient decision-making. The proposed framework works by recording events in different logs and uses a log summarizing mechanism to limit the size of the logs. Each record or event in the log is visualized as a pixel on the screen, where each pixel can be selected to retrieve more information. A prototype of the IDS App for a simple file portal system has been developed to demonstrate the functional capabilities of the proposed framework.