Mining known attack patterns from security-related events

Mining known attack patterns from security-related events

Managed Security Services (MSS) have become an essential asset for companies to have in order to protect their infrastructure from hacking attempts such as unauthorized behaviour, denial of service (DoS), malware propagation, and anomalies. A proliferation of attacks has determined the need for inst...

Full description

Bibliographic Details
Main Authors: Nicandro Scarabeo, Benjamin C.M. Fung, Rashid H. Khokhar
Format: Article
Language:English
Published: PeerJ Inc. 2015-10-01
Series:PeerJ Computer Science
Subjects:
Security
Data mining
Text-mining
Correlation
Semantic
Log events
Online Access:https://peerj.com/articles/cs-25.pdf
id doaj-8266a2abc1c14500a99e2bcfa7ce2882
record_format Article
spelling doaj-8266a2abc1c14500a99e2bcfa7ce28822020-11-25T00:59:18ZengPeerJ Inc.PeerJ Computer Science2376-59922015-10-011e2510.7717/peerj-cs.25Mining known attack patterns from security-related eventsNicandro Scarabeo0Benjamin C.M. Fung1Rashid H. Khokhar2Department of Electrical and Information Engineering, University of Cassino and Southern Lazio, Cassino, ItalySchool of Information Studies, McGill University, Montreal, QC, CanadaConcordia Institute for Information Systems Engineering (CIISE), Concordia University, Montreal, QC, CanadaManaged Security Services (MSS) have become an essential asset for companies to have in order to protect their infrastructure from hacking attempts such as unauthorized behaviour, denial of service (DoS), malware propagation, and anomalies. A proliferation of attacks has determined the need for installing more network probes and collecting more security-related events in order to assure the best coverage, necessary for generating incident responses. The increase in volume of data to analyse has created a demand for specific tools that automatically correlate events and gather them in pre-defined scenarios of attacks. Motivated by Above Security, a specialized company in the sector, and by National Research Council Canada (NRC), we propose a new data mining system that employs text mining techniques to dynamically relate security-related events in order to reduce analysis time, increase the quality of the reports, and automatically build correlated scenarios.https://peerj.com/articles/cs-25.pdfSecurityData miningText-miningCorrelationSemanticLog events
collection DOAJ
language English
format Article
sources DOAJ
author Nicandro Scarabeo
Benjamin C.M. Fung
Rashid H. Khokhar
spellingShingle Nicandro Scarabeo
Benjamin C.M. Fung
Rashid H. Khokhar
Mining known attack patterns from security-related events
PeerJ Computer Science
Security
Data mining
Text-mining
Correlation
Semantic
Log events
author_facet Nicandro Scarabeo
Benjamin C.M. Fung
Rashid H. Khokhar
author_sort Nicandro Scarabeo
title Mining known attack patterns from security-related events
title_short Mining known attack patterns from security-related events
title_full Mining known attack patterns from security-related events
title_fullStr Mining known attack patterns from security-related events
title_full_unstemmed Mining known attack patterns from security-related events
title_sort mining known attack patterns from security-related events
publisher PeerJ Inc.
series PeerJ Computer Science
issn 2376-5992
publishDate 2015-10-01
description Managed Security Services (MSS) have become an essential asset for companies to have in order to protect their infrastructure from hacking attempts such as unauthorized behaviour, denial of service (DoS), malware propagation, and anomalies. A proliferation of attacks has determined the need for installing more network probes and collecting more security-related events in order to assure the best coverage, necessary for generating incident responses. The increase in volume of data to analyse has created a demand for specific tools that automatically correlate events and gather them in pre-defined scenarios of attacks. Motivated by Above Security, a specialized company in the sector, and by National Research Council Canada (NRC), we propose a new data mining system that employs text mining techniques to dynamically relate security-related events in order to reduce analysis time, increase the quality of the reports, and automatically build correlated scenarios.
topic Security
Data mining
Text-mining
Correlation
Semantic
Log events
url https://peerj.com/articles/cs-25.pdf
work_keys_str_mv AT nicandroscarabeo miningknownattackpatternsfromsecurityrelatedevents
AT benjamincmfung miningknownattackpatternsfromsecurityrelatedevents
AT rashidhkhokhar miningknownattackpatternsfromsecurityrelatedevents
_version_ 1725218112771457024

Similar Items