Conference ProceedingsOPEN ACCESS

LogBug: Generating Adversarial System Logs in Real Time

International Conference on Information and Knowledge Management, Proceedings (2020) 2229-2232
DOI: 10.1145/3340531.3412165
8Citations
Citations of this article
5Readers
Mendeley users who have this article in their library.
Get full text

Abstract

Log parsers first convert large-scale and unstructured system logs into structured data, and then cluster them into groups for anomaly detection and monitoring. However, the security vulnerabilities of the log parsers have not been unveiled yet. In this paper, to our best knowledge, we take the first step to propose a novel real-time black-box attack framework LogBug in which attackers slightly modify the logs to deviate the analysis result (i.e., evading the anomaly detection) without knowing the learning model and parameters of the log parser. We have empirically evaluated LogBug on five emerging log parsers using system logs collected from five different systems. The results demonstrate that LogBug can greatly reduce the accuracy of log parsers with minor perturbations in real time.

Author supplied keywords

Cite

CITATION STYLE

APA

Sun, J., Liu, B., & Hong, Y. (2020). LogBug: Generating Adversarial System Logs in Real Time. In International Conference on Information and Knowledge Management, Proceedings (pp. 2229–2232). Association for Computing Machinery. https://doi.org/10.1145/3340531.3412165

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free