Yunliang Jiang,Jiangang Yang,Liang Tang,Yong Liu,Xiaoming Zhao,Xiulan Hao

DOI: https://doi.org/10.1007/978-3-662-48247-6_23

2015-01-01

Abstract:Because of the popularity of mobile phone and the development of mobile network, mobile data is growing explosively. Mobile data mining is more and more of attention. But single node-based data mining platform has been unable to store and analysis the massive data. According to cloud computing technology, we preset a distributed data mining framework based on Hadoop. Then, we present the implementation of this system framework and process mobile internet access log on the Hadoop cluster. Comparative tests will show that this distributed system framework is significantly efficient for processing huge scale dataset.

Xiuqin Lin,Peng Wang,Bin Wu

DOI: https://doi.org/10.1109/icbnmt.2013.6823956

2013-11-01

Abstract:Log is the main source of the system operation status, user behavior analysis etc. Log analysis system needs not only the massive and stable data processing ability but also the adaptation to a variety of scenarios under the requirement of efficiency, which can't be achieved from standalone analysis tools or even single cloud computing framework. We present a unified cloud platform for batch log data analysis with the combination of Hadoop and Spark. Hadoop provides a distributed file system and off-line batch computing framework, while the computing pattern in Spark is based on distributed memory. The joint of Hadoop, Spark and the data warehouse and analysis tools of Hive and Shark makes it possible to provide a unified cloud platform with batch analysis and in-memory computing capacity in order to process log in a high available, stable and efficient way.

Dunhong Yao,Yu Chen

DOI: https://doi.org/10.32604/JIHPP.2020.010223

2020-01-01

Abstract:With the rapid development of the Internet, many enterprises have launched their network platforms. When users browse, search, and click the products of these platforms, most platforms will keep records of these network behaviors, these records are often heterogeneous, and it is called log data. To effectively to analyze and manage these heterogeneous log data, so that enterprises can grasp the behavior characteristics of their platform users in time, to realize targeted recommendation of users, increase the sales volume of enterprises’ products, and accelerate the development of enterprises. Firstly, we follow the process of big data collection, storage, analysis, and visualization to design the system, then, we adopt HDFS storage technology, Yarn resource management technology, and gink load balancing technology to build a Hadoop cluster to process the log data, and adopt MapReduce processing technology and data warehouse hive technology analyze the log data to obtain the results. Finally, the obtained results are displayed visually, and a log data analysis system is successfully constructed. It has been proved by practice that the system effectively realizes the collection, analysis and visualization of log data, and can accurately realize the recommendation of products by enterprises. The system is stable and effective.

Jiuyuan Huo,Jian Weng,Hong Qu

DOI: https://doi.org/10.1145/3318265.3318281

2019-03-08

Abstract:Log analysis is an important method to reflect the running status and user behavior of the network system, and is also an important way to ensure network security. In view of the fact that the storage or calculation of log data by a single host can not meet the requirements of large-scale data analysis, this paper proposes a clustering method of big data based on Map/Reduce distributed computing framework for Web logs. The experiments are taken on the Hadoop platform. The relations and rules that exist in the logs are examined and analyzed to obtain the potential information. This method can enable efficient storage, management, and mining analysis for the large-scale Web logs.

Tang Jingwen,Chen Weimin,Zhang Min,Peng Kaikang,Lai Chaohao,Fu Kai

DOI: https://doi.org/10.1109/ICDSCA56264.2022.9988620

2022-01-01

Abstract:In view of the low computational efficiency of traditional log data analysis technology in processing large amounts of data, this paper proposes a set of log data analysis solutions based on big data technology. A parallel log analysis tool is designed on the Hadoop open source framework, and the anomaly detection of log data is implemented using the MapReduce model. Through experimental demonstration, when analyzing massive log data, the use of big data technology can significantly improve the execution efficiency of anomaly detection.

Yueguo Chen,Xiongpai Qin,Haoqiong Bian,Jun Chen,Zhaoan Dong,Xiaoyong Du,Yanjie Gao,Dehai Liu,Jiaheng Lu,Huijie Zhang

DOI: https://doi.org/10.1007/978-3-319-13021-7_12

2014-01-01

Abstract:Hadoop is now the de facto standard for storing and processing big data, not only for unstructured data but also for some structured data. As a result, providing SQL analysis functionality to the big data resided in HDFS becomes more and more important. Hive is a pioneer system that support SQL-like analysis to the data in HDFS. However, the performance of Hive is not satisfactory for many applications. This leads to the quick emergence of dozens of SQL-on-Hadoop systems that try to support interactive SQL query processing to the data stored in HDFS. This paper firstly gives a brief technical review on recent efforts of SQL-on-Hadoop systems. Then we test and compare the performance of five representative SQL-on-Hadoop systems, based on some queries selected or derived from the TPC-DS benchmark. According to the results, we show that such systems can benefit more from the applications of many parallel query processing techniques that have been widely studied in the traditional MPP analytical databases.

Jia Zhanpei,Shen Chao,Yi Xiao,Chen Yufei,Yu Tianwen,Guan Xiaohong

DOI: https://doi.org/10.1109/coase.2017.8256257

2017-01-01

CASE

Abstract:Log data are important audit basis to record routine events occurring on computer or network system, which are also critical data source for detecting system anomalies. By analyzing the data from multi-source logs, it is helpful to detect abnormal system behaviors and discover intruder attacks in real time. In this paper, a Spark-based log data security platform is designed and built to analyze the large-scale log data and detect abnormal network behaviors. By integrating data mining, machine learning, and statistical analysis technologies, our proposed framework can quickly analyze large-scale multi-source log data and accurately discriminate the abnormal behaviors. Furthermore, the association analysis is applied to detect abnormal behaviors or potential threats in the system. Under a real-world network environment, extensive experiments are conducted to evaluate the system performance, which can achieve a fast and accurate detection for abnormal network behaviors, and significantly improve the accuracies under various types of network attack scenarios.

Jianwen Wei,Yusu Zhao,Kaida Jiang,Rui Xie,Yaohui Jin

DOI: https://doi.org/10.1109/CSC.2011.6138547

2011-01-01

Abstract:Network monitoring data provides insights into the network operation status. With increasingly sophisticated ways of probing, sampling and recording network activities, the huge amount of monitoring data brings both an opportunity and a challenge for network data analysis. We aim to build a scalable platform, named Analysis Farm, for analyzing network logs. Analysis Farm's targets include fast log aggregation and agile log query. To achieve these goals, storage scalability, computation scalability and query agility should be addressed. The cloud computing and NoSQL technologies meet our needs by providing manageable on-demand hardware resources and novel data storage models. We choose OpenStack, an open-source cloud tool set, for resource provisioning, and MongoDB, a RDBMS-like document-oriented NoSQL system, for log storage and analysis. By combining scalability at both OpenStack and MongoDB, we build Analysis Farm capable of storage scale-out, computation scale-out and agile query. The Analysis Farm prototype in use, consisting of 10 MongoDB servers, aggregates about 3 million log records in a 10-minute interval and handle ad hoc query effectively in the log database accumulated with more than 400 million records per day. In this paper, we describe Analysis Farm's background, targets, architecture and some experimental results. We believe Analysis Farm will benefit those who work on big-log-style data analysis.

Jinglun Li,Shengfei Shi,Hongzhi Wang

DOI: https://doi.org/10.1007/978-981-10-2053-7_46

2016-01-01

Abstract:Hadoop is a distributed data processing platform supporting MapReduce parallel computing framework. In order to deal with general problems, there is always a need of accelerating Hadoop under certain circumstance such as Hive jobs. By outputting current time to logs at specially selected points, we traced the workflow of a typical MapReduce job generated by Hive and making time statistics for every phase of the job. Using different data quantities, we compared the proportion of each phase and located the bottleneck points of Hadoop. We make two major optimization advices: (1) focus on using combine and optimizing Net Work and Disk IO when dealing with big jobs having a large number of intermediate results; (2) optimizing map function and Disk IO when dealing with short jobs.

Xiongpai Qin,Yueguo Chen,Jun Chen,Shuai Li,Jiesi Liu,Huijie Zhang

DOI: https://doi.org/10.1109/BigDataCongress.2017.68

2017-01-01

Abstract:Hadoop is now the de facto standard for storing and processing big data, not only for unstructured data but also for some structured data. As a result, providing SQL analysis functionality to the big data resided in HDFS becomes more and more important. Hive is a pioneer system that supports SQL-like analysis to the data in HDFS. However, the performance of the early-version of Hive is not satisfactory. This leads to the quick emergence of dozens of SQL-on-Hadoop systems that try to support interactive SQL query processing to the data stored in HDFS. This paper firstly gives a brief technical review on recent efforts of SQL-on-Hadoop systems. Then we test and compare the performance of three representative SQL-on-Hadoop systems, based on the TPC-H benchmark. According to the results, we show that such systems can benefit more from applications of many parallel query processing techniques that have been widely studied in the traditional massively parallel processing databases.

CHEN Wen-bo,ZHANG Xiu-juan,LI Lin,TANG Jun

DOI: https://doi.org/10.3969/j.issn.1001-7445.2011.z1.067

2011-01-01

Abstract:On the issue of defending Flooding-attack,the paper established a distributed system of log analysis based on Hadoop.By the analysis of the number of each IP requests from access logs,we can get the unusual IP that has frequent requests and detect the source of attacks effectively,providing a realistic basis for solving the problem of flood attacks.Through experiments,we not only have verified that the distributed system has a huge advantage of timeliness compared with the single machine system,but also built two distributed systems whose slaves were made up of virtual machines with the base of different file systems,to which performance was compared in detail.

Aibo SONG,Yutong WAN,Huan GONG,Yingying XUE

DOI: https://doi.org/10.3778/j.issn.1002-8331.1601-0357

2016-01-01

Abstract:The OLAP(Online Analytical Processing) system built on warehouse is the most popular tool to analyze large-scale multidimensional data. With the development of information technology, data volume grows rapidly and data structure becomes more and more complicated, so the performance of OLAP system has dropped severely, failing to meet daily data analysis needs. This paper proposes new methods to store large-scale multidimensional data and perform aggre-gation query with Hadoop, a parallel computing system. The paper implements a new column-store format HCFile(HDFS column file), and proposals a new storage solution based on it. This project can improve the efficiency of aggregation, with a good scalability. Meanwhile, this paper leverages the hierarchy schema to build dimension hierarchy index, and uses MapReduce to perform efficiency aggregation query. Through comparison experiments with Hive, it proves that the proposed storage solution and aggregation query can effectively improve the efficiency of large-scale multidimensional data analysis.

Yuxia Xie,Kai Yang,Pan Luo

DOI: https://doi.org/10.1109/access.2021.3076897

IF: 3.9

2021-01-01

IEEE Access

Abstract:The Hadoop platform provides a powerful software framework for distributed storage and processing of massive amounts of data. It is at the heart of big data processing and has found numerous applications in diverse areas, ranging from environmental monitoring to security analysis. To facilitate the storage and processing of big data, a Hadoop platform typically runs on a cluster of servers and may scale up to process big data over thousands of hardware nodes. However, the growing scale and complexity of the Hadoop platform also make it increasingly challenging to manage and operate. In this paper, we present a framework called LogM that leverages not only the deep learning model, but also the knowledge graph technology for failure prediction and analysis of the Hadoop cluster. In particular, we first develop a CAB net ( C onvolutional Neural Network (CNN) with a ttention-based B i-directional Long Short Term Memory (Bi-LSTM)) architecture to effectively learn the temporal dynamics from the sequential log data, which allows us to predict system failures. We then adopt a knowledge graph approach for failure analysis and diagnosis. Extensive experiments have been carried out to assess the performance of the proposed approach. It is seen that LogM is highly effective in predicting and diagnosing system failures.

WANG Zhen-yu,GUO Li

DOI: https://doi.org/10.3969/j.issn.1007-130x.2011.04.022

2011-01-01

Abstract:Search engine user behaviors analysis is a focus of network information retrieval.It is a method of analyzing the user's behaviors through clicks to mine useful information to improve search engine's efficiency and retrieval services.In face of easy expansion and programming bottlenecks in traditional parallel computation models,a massive log data processing model based on Hadoop is given,which improves scalability and easy programming through Hadoop Distributed File System and MapReduce.Moreover,the experiment of analyzing 22 million query logs of the Sogou search engine in one month is carried out based on this model.The analysis result is instructive and meaningful to mastering the user's behaviors,evaluating and improving the searching and sorting algorithms.

Yahong Han,Feng Lin,Yi Chai,Kaiming Qie,Shuo Li,Yuanyuan Wang,Cheng Zhang,Minyi Guo

2023-01-01

Abstract:To achieve real-time anomaly detection in system logs, this paper presents a distributed processing method for large scale logs based on spark, flume, kafka, zookeeper and so on. The method utilizes Spark Streaming to enable parallel log parsing. Additionally, a novel anomaly detection model is proposed, which integrates multiple log features for improved detection accuracy. Experimental results on the HDFS (Hadoop Log File System) dataset demonstrate the method’s efficiency and effectiveness in processing massive log data.

Jakrarin Therdphapiyanak,Krerk Piromsopa

DOI: https://doi.org/10.1145/2448556.2448559

2013-01-01

Abstract:In this paper, we apply Hadoop for large-scale log analysis. Our main objective is to efficiently detect an abnormal traffic from high volume data. Due to the high volume of data traffics, the size of traffic logs is usually exceed the capacity of a standalone IDS. Thus, it is practically impossible to perform useful analysis with these data. In most cases, an analysis is usually done when an attack occurred for digital forensics. We proposed applying K-Means algorithm to cluster high volume log data. The resulted clusters are useful in classifying minority as possible intruders. In addition, we proposed IP address summarization method to capture the characteristic of each cluster. Our implementation allows high volume data traffics to be analyzed with a distributed analysis system using K-Means algorithm and data mining. The eventual result is to reduce a chance of being attacked. The prominent points of our implementation are anomaly detection with large file sizes and the distributed processing. However, this paper is just a preliminary study. There exist several opportunities for optimization. Nonetheless, our implementation can point out anomaly. The K-Means Algorithm can provide a new knowledge useful for enhancing security of the system.

PP Anjali,A Binu

DOI: https://doi.org/10.48550/arXiv.1312.5469

2013-12-19

Distributed, Parallel, and Cluster Computing

Abstract:Big data analysis has become much popular in the present day scenario and the manipulation of big data has gained the keen attention of researchers in the field of data analytics. Analysis of big data is currently considered as an integral part of many computational and statistical departments. As a result, novel approaches in data analysis are evolving on a daily basis. Thousands of transaction requests are handled and processed everyday by different websites associated with e-commerce, e-banking, e-shopping carts etc. The network traffic and weblog analysis comes to play a crucial role in such situations where Hadoop can be suggested as an efficient solution for processing the Netflow data collected from switches as well as website access-logs during fixed intervals.

yutaka koshiba,wuhui chen,yuichi yamada,takazumi tanaka,incheon paik

DOI: https://doi.org/10.1109/ICAwST.2015.7314042

2015-01-01

Abstract:Understanding characteristics of network traffic in a Hadoop cluster is a key to check existing problems in order to improve them for better performance of MapReduce operations. However, current works is focusing on analyzing MapReduce performance within one single data center, but network traffic in a geo-distributed data centers environment has not been well-studied yet. In this paper, we study the network traffic characteristics in geo-distributed data centers and identify some interesting results. We first construct geo-distributed data centers by adding latency among data center clusters with 18 data nodes. Then we collect traffic log data by running MapReduce applications on the geo-distributed data centers. Finally, by analyzing the log data, we found some interesting results for our future research.

Galip Aydin,Ibrahim Riza Hallac

DOI: https://doi.org/10.48550/arXiv.1802.03589

2018-02-10

Distributed, Parallel, and Cluster Computing

Abstract:In this paper we describe our work on designing a web based, distributed data analysis system based on the popular MapReduce framework deployed on a small cloud; developed specifically for analyzing web server logs. The log analysis system consists of several cluster nodes, it splits the large log files on a distributed file system and quickly processes them using MapReduce programming model. The cluster is created using an open source cloud infrastructure, which allows us to easily expand the computational power by adding new nodes. This gives us the ability to automatically resize the cluster according to the data analysis requirements. We implemented MapReduce programs for basic log analysis needs like frequency analysis, error detection, busy hour detection etc. as well as more complex analyses which require running several jobs. The system can automatically identify and analyze several web server log types such as Apache, IIS, Squid etc. We use open source projects for creating the cloud infrastructure and running MapReduce jobs.

Haijie Ding,Yuehui Jin,Yidong Cui,Tan Yang

DOI: https://doi.org/10.1109/ccis.2012.6664268

2012-10-01

Abstract:As traditional network measurement systems store data in relational databases, the storage capacity and computing resource are limited, besides, the extendibility and elasticity are low. The centralized storage scheme will not meet the needs of big data analysis as the data is growing rapidly and continuously. In this paper, we adopt Hadoop and HBase—open source Cloud Computing Frameworks to store network measurement data of non-realtime and realtime applications. The distributed storage scheme is designed to meet the performance demands of storage capacity and computing resource for the mass data.