The Use of Template Miners and Encryption in Log Message Compression

Presently, almost every computer software produces many log messages based on events and activities during the usage of the software. These files contain valuable runtime information that can be used in a variety of applications such as anomaly detection, error prediction, template mining, and so on. Usually, the generated log messages are raw, which means they have an unstructured format. This indicates that these messages have to be parsed before data mining models can be applied. After parsing, template miners can be applied on the data to retrieve the events occurring in the log file. These events are made from two parts, the template, which is the fixed part and is the same for all instances of the same event type, and the parameter part, which varies for all the instances. To decrease the size of the log messages, we use the mined templates to build a dictionary for the events, and only store the dictionary, the event ID, and the parameter list. We use six template miners to acquire the templates namely IPLoM, LenMa, LogMine, Spell, Drain, and MoLFI. In this paper, we evaluate the compression capacity of our dictionary method with the use of these algorithms. Since parameters could be sensitive information, we also encrypt the files after compression and measure the changes in file size. We also examine the speed of the log miner algorithms. Based on our experiments, LenMa has the best compression rate with an average of 67.4%; however, because of its high runtime, we would suggest the combination of our dictionary method with IPLoM and FFX, since it is the fastest of all methods, and it has a 57.7% compression rate.

Download Full-text

An Efficient Analytical Approach to Visualize Text-Based Event Logs for Semiconductor Equipment

Applied Sciences ◽

10.3390/app11135944 ◽

2021 ◽

Vol 11 (13) ◽

pp. 5944

Author(s):

Gunwoo Lee ◽

Jongpil Jeong

Keyword(s):

Complex System ◽

Analytical Approach ◽

System Behavior ◽

File Size ◽

Log Files ◽

Event Logs ◽

Hard Disk Space ◽

Long Time ◽

Log File ◽

Runtime Information

Semiconductor equipment consists of a complex system in which numerous components are organically connected and controlled by many controllers. EventLog records all the information available during system processes. Because the EventLog records system runtime information so developers and engineers can understand system behavior and identify possible problems, it is essential for engineers to troubleshoot and maintain it. However, because the EventLog is text-based, complex to view, and stores a large quantity of information, the file size is very large. For long processes, the log file comprises several files, and engineers must look through many files, which makes it difficult to find the cause of the problem and therefore, a long time is required for the analysis. In addition, if the file size of the EventLog becomes large, the EventLog cannot be saved for a prolonged period because it uses a large amount of hard disk space on the CTC computer. In this paper, we propose a method to reduce the size of existing text-based log files. Our proposed method saves and visualizes text-based EventLogs in DB, making it easier to approach problems than the existing text-based analysis. We will confirm the possibility and propose a method that makes it easier for engineers to analyze log files.

Download Full-text

Development of Secured Log Management System Over Blockchain Technology

Research Anthology on Blockchain Technology in Business, Healthcare, Education, and Government ◽

10.4018/978-1-7998-5351-0.ch013 ◽

2021 ◽

pp. 230-235

Author(s):

Sagar Shankar Rajebhosale ◽

Mohan Chandrabhan Nikam

Keyword(s):

Data Storage ◽

Complete Solution ◽

Extended Period ◽

Vital Role ◽

Security And Privacy ◽

Sensitive Information ◽

Blockchain Technology ◽

Log Files ◽

Log Management ◽

Log File

A log is a record of events that happens within an organization containing systems and networks. These logs are very important for any organization, because a log file will able to record all user activities. Due to this, log files play a vital role and contain sensitive information, and therefore security should be a high priority. It is very important to the proper functioning of any organization, to securely maintain log records over an extended period of time. So, management and maintenance of logs is a very difficult task. However, deploying such a system for high security and privacy of log records may be overhead for an organization and require additional costs. Many techniques have been designed for security of log records. The alternative solution for maintaining log records is using Blockchain technology. A blockchain will provide security of the log files. Log files over a Blockchain environment leads to challenges with a decentralized storage of log files. This article proposes a secured log management over Blockchain and the use of cryptographic algorithms for dealing the issues to access a data storage. This proposed technology may be one complete solution to the secure log management problem.

Download Full-text

New Algorithm to Reduce File Size and Bandwidth of Hashed Digital Signature for Image Steganography Using LSB

Advanced Materials Research ◽

10.4028/www.scientific.net/amr.980.194 ◽

2014 ◽

Vol 980 ◽

pp. 194-197

Author(s):

Erfaneh Noroozi ◽

Salwani Bt Mohd Daud ◽

Ali Sabouhi ◽

Mohammad Reza Salehnamadi

Keyword(s):

Digital Signature ◽

Image Steganography ◽

Sensitive Information ◽

Multi Agent Systems ◽

File Size ◽

Agent Systems ◽

Private Key ◽

Simple Implementation ◽

Multi Agent ◽

Original File

In computer cryptography, digital signature is one of the best cryptography systems. Public-private keys are used to pass sensitive information however it can also be used to provide authentication on the particulars of a sender. Proposed algorithm is a new design and simple implementation mechanism for producing a digital signature. Some applications such as multi agent systems transferred data with small size and capacity. The new scheme minimizes the size of original file and gives us a dynamic and smaller hashed message output. In this algorithm load the original files then hashed the message and encode it with the private key of sender. Finally modify the established code into a unique digital signature at Base 16. We concentrate on designing and implementation of functions of algorithm.

Download Full-text

Aird: A computation-oriented mass spectrometry data format enables higher compression ratio and less decoding time

10.1101/2020.10.14.338921 ◽

2020 ◽

Author(s):

Miaoshan Lu ◽

Shaowei An ◽

Ruimin Wang ◽

Jinyin Wang ◽

Changbin Yu

Keyword(s):

Mass Spectrometry ◽

Lossless Compression ◽

Mass Spectrometry Data ◽

Compression Rate ◽

File Size ◽

Data Format ◽

Compression Algorithms ◽

Link Type ◽

Processing Algorithms ◽

Data Independence

ABSTRACTWith the precision of mass spectrometer going higher and the emergence of data independence acquisition (DIA), the file size is increasing rapidly. Beyond the widely-used open format mzML (Deutsch 2008), near-lossless or lossless compression algorithms and formats have emerged. The data precision is often related to the instrument and subsequent processing algorithms. Unlike storage-oriented formats, which focusing more on lossless compression and compression rate, computation-oriented formats focus as much on decoding speed and disk read strategy as compression rate. Here we describe “Aird", an opensource and computation-oriented format with controllable precision, flexible indexing strategies and high compression rate. Aird uses JavaScript Object Notation (JSON) for metadata storage, multiple indexing, and reordered storage strategies for higher speed of data randomly reading. Aird also provides a novel compressor called Zlib-Diff-PforDelta (ZDPD) for m/z data compression. Compared with Zlib only, m/z data size is about 65% lower in Aird, and merely takes 33% decoding time.AvailabilityAird SDK is written in Java, which allow scholars to access mass spectrometry data efficiently. It is available at https://github.com/Propro-Studio/Aird-SDK AirdPro can convert vendor files into Aird files, which is available at https://github.com/Propro-Studio/AirdPro

Download Full-text

OFFDTAN: A New Approach of Offline Dynamic Taint Analysis for Binaries

Security and Communication Networks ◽

10.1155/2018/7693861 ◽

2018 ◽

Vol 2018 ◽

pp. 1-13 ◽

Cited By ~ 1

Author(s):

Xiajing Wang ◽

Rui Ma ◽

Bowen Dou ◽

Zefeng Jian ◽

Hongzhou Chen

Keyword(s):

Virtual Machine ◽

Information Acquisition ◽

Sensitive Information ◽

Dynamic Information ◽

Taint Analysis ◽

Performance Bottlenecks ◽

New Approach ◽

Offline Analysis ◽

Runtime Information

Dynamic taint analysis is a powerful technique for tracking the flow of sensitive information. Different approaches have been proposed to accelerate this process in an online or offline manner. Unfortunately, most of these approaches still have performance bottlenecks and thus reduce analytical efficiency. To address this limitation, we present OFFDTAN, a new approach of offline dynamic taint analysis for binaries. OFFDTAN can be described in terms of four stages: dynamic information acquisition, vulnerability modeling, offline analysis, and backtrace analysis. It first records program runtime information and models the stack buffer overflow vulnerabilities and controlled jump vulnerabilities. Then it performs offline analysis and backtrace analysis to locate vulnerabilities. We implement OFFDTAN on the basis of QEMU virtual machine and apply it to off-the-shelf applications. In order to illustrate how our approach works, we first employ a case study. Furthermore, six applications have been verified so as to evaluate our approach. Experimental results demonstrate that our approach is correct and effective. Compared with other offline analysis tools, OFFDTAN has much lower application runtime overhead.

Download Full-text

Tenant-Oriented Monitoring for Customized Security Services in the Cloud

Symmetry ◽

10.3390/sym11020252 ◽

2019 ◽

Vol 11 (2) ◽

pp. 252 ◽

Cited By ~ 3

Author(s):

Huaizhe Zhou ◽

Haihe Ba ◽

Yongjun Wang ◽

Zhiying Wang ◽

Jun Ma ◽

...

Keyword(s):

Virtual Machines ◽

Service Providers ◽

Security Analysis ◽

Security Requirements ◽

Security And Privacy ◽

Sensitive Information ◽

Cloud Environment ◽

Security Issues ◽

Security Services ◽

Runtime Information

The dramatic proliferation of cloud computing makes it an attractive target for malicious attacks. Increasing solutions resort to virtual machine introspection (VMI) to deal with security issues in the cloud environment. However, the existing works are not feasible to support tenants to customize individual security services based on their security requirements flexibly. Additionally, adoption of VMI-based security solutions makes tenants at the risk of exposing sensitive information to attackers. To alleviate the security and privacy anxieties of tenants, we present SECLOUD, a framework for monitoring VMs in the cloud for security analysis in this paper. By extending VMI techniques, SECLOUD provides remote tenants or their authorized security service providers with flexible interfaces for monitoring runtime information of guest virtual machines (VMs) in a non-intrusive manner. The proposed framework enhances effectiveness of monitoring by taking advantages of architectural symmetry of cloud environment. Moreover, we harden our framework with a privacy-preserving capacity for tenants. The flexibility and effectiveness of SECLOUD is demonstrated through a prototype implementation based on Xen hypervisor, which results in acceptable performance overhead.

Download Full-text

Identification Method of Content Changes of Information Contained Inside Files

Journal of Konbin ◽

10.1515/jok-2017-0067 ◽

2017 ◽

Vol 44 (1) ◽

pp. 117-190

Author(s):

Artur Szleszyński

Keyword(s):

Hash Function ◽

Sensitive Information ◽

File Size ◽

Identification Method ◽

Potential Benefits ◽

Change Identification

Abstract The thesis shows the use of message hash function for integrity attribute change identification in sensitive information asset. Changes introduced to file content may suggest confidentiality attribute violation. It has been verified in what way random changes introduced into file content affect function. The minor number of bytes changed in comparison to file size that was assumed, derives from potential benefits for the attacker. Large number of changes in the file may suggest the situation of encrypting it. Such an action leads to accessibility attribute violation

Download Full-text

Software pattern recognition applied to nanodiffraction patterns from a STEM instrument

Proceedings, annual meeting, Electron Microscopy Society of America ◽

10.1017/s042482010014484x ◽

1986 ◽

Vol 44 ◽

pp. 694-695

Author(s):

G.Y. Fan ◽

J.M. Cowley

Keyword(s):

Image Processing ◽

Pattern Recognition ◽

Computer Software ◽

Processing System ◽

Light Level ◽

Host Computer ◽

Low Light ◽

Image Processing System ◽

Recent Developments ◽

On Line

In recent developments, the ASU HB5 has been modified so that the timing, positioning, and scanning of the finely focused electron probe can be entirely controlled by a host computer. This made the asynchronized handshake possible between the HB5 STEM and the image processing system which consists of host computer (PDP 11/34), DeAnza image processor (IP 5000) which is interfaced with a low-light level TV camera, array processor (AP 400) and various peripheral devices. This greatly facilitates the pattern recognition technique initiated by Monosmith and Cowley. Software called NANHB5 is under development which, instead of employing a set of photo-diodes to detect strong spots on a TV screen, uses various software techniques including on-line fast Fourier transform (FFT) to recognize patterns of greater complexity, taking advantage of the sophistication of our image processing system and the flexibility of computer software.

Download Full-text

Computer-Assisted High-Re Solution TEM

Proceedings, annual meeting, Electron Microscopy Society of America ◽

10.1017/s0424820100179567 ◽

1990 ◽

Vol 48 (1) ◽

pp. 162-163

Author(s):

F.A. Ponce ◽

H. Hikashi

Keyword(s):

Signal To Noise Ratio ◽

Accurate Determination ◽

Computer Software ◽

Video Camera ◽

Image Contrast ◽

Objective Lens ◽

Computer Assisted ◽

Optical Parameters ◽

Astigmatism Correction

The determination of the atomic positions from HRTEM micrographs is only possible if the optical parameters are known to a certain accuracy, and reliable through-focus series are available to match the experimental images with calculated images of possible atomic models. The main limitation in interpreting images at the atomic level is the knowledge of the optical parameters such as beam alignment, astigmatism correction and defocus value. Under ordinary conditions, the uncertainty in these values is sufficiently large to prevent the accurate determination of the atomic positions. Therefore, in order to achieve the resolution power of the microscope (under 0.2nm) it is necessary to take extraordinary measures. The use of on line computers has been proposed [e.g.: 2-5] and used with certain amount of success.We have built a system that can perform operations in the range of one frame stored and analyzed per second. A schematic diagram of the system is shown in figure 1. A JEOL 4000EX microscope equipped with an external computer interface is directly linked to a SUN-3 computer. All electrical parameters in the microscope can be changed via this interface by the use of a set of commands. The image is received from a video camera. A commercial image processor improves the signal-to-noise ratio by recursively averaging with a time constant, usually set at 0.25 sec. The computer software is based on a multi-window system and is entirely mouse-driven. All operations can be performed by clicking the mouse on the appropiate windows and buttons. This capability leads to extreme friendliness, ease of operation, and high operator speeds. Image analysis can be done in various ways. Here, we have measured the image contrast and used it to optimize certain parameters. The system is designed to have instant access to: (a) x- and y- alignment coils, (b) x- and y- astigmatism correction coils, and (c) objective lens current. The algorithm is shown in figure 2. Figure 3 shows an example taken from a thin CdTe crystal. The image contrast is displayed for changing objective lens current (defocus value). The display is calibrated in angstroms. Images are stored on the disk and are accessible by clicking the data points in the graph. Some of the frame-store images are displayed in Fig. 4.

Download Full-text

Word Prompt Programs

American Journal of Speech-Language Pathology ◽

10.1044/1058-0360.0603.57 ◽

1997 ◽

Vol 6 (3) ◽

pp. 57-65 ◽

Cited By ~ 5

Author(s):

Lisa A. Wood ◽

Joan L. Rankin ◽

David R. Beukelman

Keyword(s):

Learning Disabilities ◽

Current Literature ◽

Word Processing ◽

Computer Software ◽

Written Language ◽

Written Communication ◽

Speech Language Pathologists ◽

Basic Word ◽

The Matrix ◽

Language Needs

Word prompt programs are computer software programs or program features that are used in addition to basic word processing. These programs provide word lists from which a user selects a desired word and inserts it into a line of text. This software is used to support individuals with severe speech, physical, and learning disabilities. This tutorial describes the features of a variety of word prompt programs and reviews the current literature on the use of these programs by people with oral and written language needs. In addition, a matrix that identifies the features contained in eight sample word prompt programs is provided. The descriptions of features and the matrix are designed to assist speech-language pathologists and teachers in evaluating and selecting word prompt programs to support their clients' oral and written communication.

Download Full-text