• 제목/요약/키워드: Microsoft Windows Log

검색결과 2건 처리시간 0.019초

A Model for Illegal File Access Tracking Using Windows Logs and Elastic Stack

  • Kim, Jisun;Jo, Eulhan;Lee, Sungwon;Cho, Taenam
    • Journal of Information Processing Systems
    • /
    • 제17권4호
    • /
    • pp.772-786
    • /
    • 2021

  • The process of tracking suspicious behavior manually on a system and gathering evidence are labor-intensive, variable, and experience-dependent. The system logs are the most important sources for evidences in this process. However, in the Microsoft Windows operating system, the action events are irregular and the log structure is difficult to audit. In this paper, we propose a model that overcomes these problems and efficiently analyzes Microsoft Windows logs. The proposed model extracts lists of both common and key events from the Microsoft Windows logs to determine detailed actions. In addition, we show an approach based on the proposed model applied to track illegal file access. The proposed approach employs three-step tracking templates using Elastic Stack as well as key-event, common-event lists and identify event lists, which enables visualization of the data for analysis. Using the three-step model, analysts can adjust the depth of their analysis.

  • https://doi.org/10.3745/JIPS.03.0162 인용 PDF KSCI

CGHscape: A Software Framework for the Detection and Visualization of Copy Number Alterations

  • Jeong, Yong-Bok;Kim, Tae-Min;Chung, Yeun-Jun
    • Genomics & Informatics
    • /
    • 제6권3호
    • /
    • pp.126-129
    • /
    • 2008

  • The robust identification and comprehensive profiling of copy number alterations (CNAs) is highly challenging. The amount of data obtained from high-throughput technologies such as array-based comparative genomic hybridization is often too large and it is required to develop a comprehensive and versatile tool for the detection and visualization of CNAs in a genome-wide scale. With this respective, we introduce a software framework, CGHscape that was originally developed to explore the CNAs for the study of copy number variation (CNV) or tumor biology. As a standalone program, CGHscape can be easily installed and run in Microsoft Windows platform. With a user-friendly interface, CGHscape provides a method for data smoothing to cope with the intrinsic noise of array data and CNA detection based on SW-ARRAY algorithm. The analysis results can be demonstrated as log2 plots for individual chromosomes or genomic distribution of identified CNAs. With extended applicability, CGHscape can be used for the initial screening and visualization of CNAs facilitating the cataloguing and characterizing chromosomal alterations of a cohort of samples.

  • https://doi.org/10.5808/GI.2008.6.3.126 인용 PDF KSCI