Identifying evidence of attacks by analyzing log text

摘要

Log text is encoded into a low dimensional feature vector. A temporal predictive model is constructed based on the low dimensional feature vector. The temporal predictive model is used to calculate probabilities of the occurrence of security incidents based on signature names from the log text encoded in the low dimensional feature vector. A preventative security action is automatically taken in response to the calculated probability of the occurrence of a specific security incident exceeding a given threshold.