Scalable Log Analysis and Intrusion Detection System
In order to identify potential threats in a data center, operators or administrators need to manually review and analyze a variety of log files, such as access logs and message logs. This approach does not scale well with hundreds or thousands of computers. The longer it takes to perform log analysis, the more damages an attack can cause. Therefore, we propose LIFE, an intrusion detection system, which automatically analyzes log files using various analytical methods, such as statistical analysis, data mining or machine learning algorithms. Moreover, LIFE needs to scale with the growth of log data in the data center.