{"ID":2833049,"CreatedAt":"2026-06-01T04:54:23.091178241Z","UpdatedAt":"2026-06-01T04:54:23.091178241Z","DeletedAt":null,"paper_url":"https://arxiv.org/abs/2512.04908","arxiv_id":"2512.04908","title":"Logic-Driven Cybersecurity: A Novel Framework for System Log Anomaly Detection using Answer Set Programming","abstract":"This study explores the application of Answer Set Programming (ASP) for detecting anomalies in system logs, addressing the challenges posed by evolving cyber threats. We propose a novel framework that leverages ASP's declarative nature and logical reasoning capabilities to encode complex security rules as logical predicates. Our ASP-based system was applied to a real-world Linux system log dataset, demonstrating its effectiveness in identifying various anomalies such as potential brute-force attacks, privilege escalations, frequent network connections from specific IPs, and various system-level issues. Key findings highlight ASP's strengths in handling structured log data, rule flexibility, and event correlation. The approach shows promise in providing explainable alerts from real-world data. This research contributes to computer forensics by demonstrating a logic-based paradigm for log analysis on a practical dataset, opening avenues for more nuanced and adaptive cyber intelligence systems.","short_abstract":"This study explores the application of Answer Set Programming (ASP) for detecting anomalies in system logs, addressing the challenges posed by evolving cyber threats. We propose a novel framework that leverages ASP's declarative nature and logical reasoning capabilities to encode complex security rules as logical predi...","url_abs":"https://arxiv.org/abs/2512.04908","url_pdf":"https://arxiv.org/pdf/2512.04908v1","authors":"[\"Fang Li\",\"Fei Zuo\",\"Gopal Gupta\"]","published":"2025-12-04T15:37:32Z","proceeding":"cs.CR","tasks":"[\"cs.CR\",\"cs.LO\"]","methods":"[]","has_code":false}