A Proposal for Information Systems Security Monitoring Based on Large Datasets

被引:3
作者
Hai Van Pham [1 ]
Moore, Philip [2 ]
机构
[1] Hanoi Univ Sci & Technol, Sch Informat Technol & Commun, Hanoi, Vietnam
[2] Lanzhou Univ, Sch Informat Sci & Engn, Lanzhou, Gansu, Peoples R China
来源
INTERNATIONAL JOURNAL OF DISTRIBUTED SYSTEMS AND TECHNOLOGIES | 2018年 / 9卷 / 02期
关键词
Monitoring Security Model; Network Security; Security of Information System; Self-Organizing Maps; Supervised Training;
D O I
10.4018/IJDST.2018040102
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
This article describes how the objective of recent advances in soft computing and machine learning models is the resolution of issues related to security monitoring for information systems. Most current techniques and models face significant limitations, in the monitoring of information systems. To address these limitations, the authors propose a new model designed to detect potential security breaches at an early stage using logging data. The proposed model uses unsupervised training techniques with a rule-based system to analyse data file logs. The proposed approach has been evaluated using a case study based on the learning of data file logs to determine the effectiveness of the proposed approach. Experimental results show that the proposed approach performs well, the results demonstrate that the proposed approach performs better than other conventional security methods in the identification of the correct decisions related to potential security in information systems.
引用
收藏
页码:16 / 26
页数:11
相关论文
共 16 条
[1]   Log Analysis of Cyber Security Training Exercises [J].
Abbott, Robert G. ;
McClain, Jonathan ;
Anderson, Benjamin ;
Nauer, Kevin ;
Silva, Austin ;
Forsythe, Chris .
6TH INTERNATIONAL CONFERENCE ON APPLIED HUMAN FACTORS AND ERGONOMICS (AHFE 2015) AND THE AFFILIATED CONFERENCES, AHFE 2015, 2015, 3 :5088-5094
[2]   Insider threat Detection using Log analysis and Event Correlation [J].
Ambre, Amruta ;
Shekokar, Narendra .
INTERNATIONAL CONFERENCE ON ADVANCED COMPUTING TECHNOLOGIES AND APPLICATIONS (ICACTA), 2015, 45 :436-445
[3]   A structured methodology for deploying log management in WANs [J].
Anastopoulos, Vasileios ;
Katsikas, Sokratis .
JOURNAL OF INFORMATION SECURITY AND APPLICATIONS, 2017, 34 :120-132
[4]   Web log data warehousing and mining for intelligent web caching [J].
Bonchi, F ;
Giannotti, F ;
Gozzi, C ;
Manco, G ;
Nanni, M ;
Pedreschi, D ;
Renso, C ;
Ruggieri, S .
DATA & KNOWLEDGE ENGINEERING, 2001, 39 (02) :165-189
[5]   Formal methods for web security [J].
Bugliesi, Michele ;
Calzavara, Stefano ;
Focardi, Riccardo .
JOURNAL OF LOGICAL AND ALGEBRAIC METHODS IN PROGRAMMING, 2017, 87 :110-126
[6]   Turning log files into a security asset [J].
Casey, Donal .
Network Security, 2008, 2008 (02) :4-7
[7]   The changing definition and image of hackers in popular discourse [J].
Chandler, A .
INTERNATIONAL JOURNAL OF THE SOCIOLOGY OF LAW, 1996, 24 (02) :229-251
[8]   Investigation into the formation of information security influence: Network analysis of an emerging organisation [J].
Dang-Phan, Duy ;
Pittayachawan, Siddhi ;
Bruno, Vince .
COMPUTERS & SECURITY, 2017, 70 :111-123
[9]   The importance of log files in security incident prevention [J].
Forte, Dario .
Netw. Secur., 2009, 7 (18-20) :18-20
[10]   Online anomaly detection using dimensionality reduction techniques for HTTP log analysis [J].
Juvonen, Antti ;
Sipola, Tuomo ;
Hamalainen, Timo .
COMPUTER NETWORKS, 2015, 91 :46-56
12