A High Throughput Distributed Log Stream Processing System for Network Security Analysis

被引：0

作者：

Zhao, Jingfen ^{[1
]}

Zhang, Peng ^{[1
]}

Sun, Yong ^{[1
]}

Liu, Qingyun ^{[1
]}

Tan, Guolin ^{[1
]}

Li, Zhengmin ^{[2
]}

机构：

[1] Chinese Acad Sci, Inst Informat Engn, Natl Engn Lab Informat Secur Technol, Beijing, Peoples R China

[2] Chinese Acad Sci, Inst Informat Engn, Natl Comp Network Emergency Response & Coordinat, Beijing, Peoples R China

来源：

2017 IEEE 9TH INTERNATIONAL CONFERENCE ON COMMUNICATION SOFTWARE AND NETWORKS (ICCSN) | 2017年

基金：

中国国家自然科学基金;

关键词：

log stream; security analysis; big data; scalability;

D O I：

暂无

中图分类号：

TP31 [计算机软件];

学科分类号：

081202 ; 0835 ;

摘要：

Computer-system logs often contain high volumes of interesting, useful information, and are an important data source for network security analysis. In this paper, we propose a distributed log stream processing system consisting of three main parts: log collection module, log transmission module and log statistics module. The system uses several open source technologies, not only supports multi-source heterogeneous log collection, but also provides near-real-time online statistics for log stream and offline statistics for massive log. In addition, we adopt a layered architecture in the log collection module, and accomplish a reliable Kafka consumer to get higher scalability as well as reliability. Using log entries generated by the network security platform as data source to do experiment, demonstrates that the proposed system is an effective and practical log stream processing system.

引用

页码：1092 / 1096

页数：5

共 50 条

[1] Towards automated analysis of connections network in distributed stream processing system
Gorawski, Marcin
Marks, Pawel
DATABASE SYSTEMS FOR ADVANCED APPLICATIONS, 2008, 4947 : 670 - 677
[2] Distributed stream processing analysis in high availability context
Gorawski, Marcin
Marks, Pawel
ARES 2007: SECOND INTERNATIONAL CONFERENCE ON AVAILABILITY, RELIABILITY AND SECURITY, PROCEEDINGS, 2007, : 61 - +
[3] SepJoin: A Distributed Stream Join System with Low Latency and High Throughput
Wang, Qihang
Zuo, Decheng
Zhang, Zhan
Chen, Siyuan
Liu, Tianming
2022 IEEE 28TH INTERNATIONAL CONFERENCE ON PARALLEL AND DISTRIBUTED SYSTEMS, ICPADS, 2022, : 633 - 640
[4] Sys-log Classifier for Complex Event Processing System in Network Security
Jayan, Keerthi
Rajan, Archana K.
2014 INTERNATIONAL CONFERENCE ON ADVANCES IN COMPUTING, COMMUNICATIONS AND INFORMATICS (ICACCI), 2014, : 2031 - 2035
[5] High-Throughput Stream Processing with Actors
Rinaldi, Luca
Torquati, Massimo
Mencagli, Gabriele
Danelutto, Marco
PROCEEDINGS OF THE 10TH ACM SIGPLAN INTERNATIONAL WORKSHOP ON PROGRAMMING BASED ON ACTORS, AGENTS, AND DECENTRALIZED CONTROL, AGERE 2020, 2020, : 1 - 10
[6] A Generic High Throughput Architecture for Stream Processing
Rousopoulos, Christos
Karandeinos, Ektoras
Chrysos, Grigorios
Dollas, Apostolos
Pnevmatikatos, Dionisios N.
2017 27TH INTERNATIONAL CONFERENCE ON FIELD PROGRAMMABLE LOGIC AND APPLICATIONS (FPL), 2017,
[7] Modeling Data Stream Intensity in Distributed Stream Processing System
Gorawski, Marcin
Marks, Pawel
Gorawski, Michal
COMPUTER NETWORKS, CN 2013, 2013, 370 : 372 - 383
[8] Anomaly Detection on Real-time Security Log using Stream Processing
Limprasert, Wasit
Jantana, Patcharapon
Liangsiri, Avirut
2022 17TH INTERNATIONAL JOINT SYMPOSIUM ON ARTIFICIAL INTELLIGENCE AND NATURAL LANGUAGE PROCESSING (ISAI-NLP 2022) / 3RD INTERNATIONAL CONFERENCE ON ARTIFICIAL INTELLIGENCE AND INTERNET OF THINGS (AIOT 2022), 2022,
[9] Massive Distributed and Parallel Log Analysis For Organizational Security
Shu, Xiaokui
Smiy, John
Yao, Danfeng
Lin, Heshan
2013 IEEE GLOBECOM WORKSHOPS (GC WKSHPS), 2013, : 194 - 199
[10] Data staging for efficient high throughput stream processing
Koehn, Thaddeus
Athanas, Peter
PARALLEL COMPUTING, 2019, 90

← 1 2 3 4 5 →