Abstract | ||
---|---|---|
Log parsers first convert large-scale and unstructured system logs into structured data, and then cluster them into groups for anomaly detection and monitoring. However, the security vulnerabilities of the log parsers have not been unveiled yet. In this paper, to our best knowledge, we take the first step to propose a novel real-time black-box attack framework LogBug in which attackers slightly modify the logs to deviate the analysis result (i.e., evading the anomaly detection) without knowing the learning model and parameters of the log parser. We have empirically evaluated LogBug on five emerging log parsers using system logs collected from five different systems. The results demonstrate that LogBug can greatly reduce the accuracy of log parsers with minor perturbations in real time.
|
Year | DOI | Venue |
---|---|---|
2020 | 10.1145/3340531.3412165 | CIKM '20: The 29th ACM International Conference on Information and Knowledge Management
Virtual Event
Ireland
October, 2020 |
DocType | ISBN | Citations |
Conference | 978-1-4503-6859-9 | 1 |
PageRank | References | Authors |
0.35 | 0 | 3 |
Name | Order | Citations | PageRank |
---|---|---|---|
Jingyu Sun | 1 | 1 | 0.35 |
Bingyu Liu | 2 | 2 | 4.08 |
Yuan Hong | 3 | 184 | 18.71 |