With the development of data mining learning algorithms, such as One-class SVM, Fuzzy Clustering, K-means, Apriori and so on, they are more and more widely used in the field of security log analysis. For example, the combination of time series algorithm and association algorithm can be used to mine frequent item sets in transaction databases, and then generate association rules to discover the intrinsic relationship of security logs and find out the potential attack patterns of hackers. The combination of dimensionality reduction algorithm and clustering algorithm can speed up the distinction between normal log data and abnormal log data, and improve the efficiency. This paper discusses the latest security log analysis methods based on different data mining algorithms at home and abroad, lists the contribution and role of each research method for security analysis, and compares the advantages and disadvantages of the combination of different data mining algorithms for security analysis. According to the current demand of network security research, this paper puts forward the improvement direction of combining data mining algorithm with security log in the future.
|Title of host publication||Proceedings of the 2019 International Conference on Big Data Engineering|
|Publication status||Published - 2019|
|MoE publication type||A4 Article in a conference publication|
|Event||International Conference on Big Data Engineering - Hong Kong, Hong Kong|
Duration: 11 Jun 2019 → 13 Jun 2019
|Conference||International Conference on Big Data Engineering|
|Period||11/06/2019 → 13/06/2019|