System-Auditing, Data Analysis and Characteristics of Cyber Attacks for Big Data Systems

被引：2

作者：

Huang, Liangyi ^{[1
]}

Hall, Sophia ^{[2
]}

Shao, Fei ^{[2
]}

Nihar, Arafath ^{[2
]}

Chaudhary, Vipin ^{[2
]}

Wu, Yinghui ^{[2
]}

French, Roger ^{[2
]}

Xiao, Xusheng ^{[1
]}

机构：

[1] Arizona State Univ, Tempe, AZ 85281 USA

[2] Case Western Reserve Univ, Cleveland, OH USA

来源：

PROCEEDINGS OF THE 31ST ACM INTERNATIONAL CONFERENCE ON INFORMATION AND KNOWLEDGE MANAGEMENT, CIKM 2022 | 2022年

基金：

美国国家科学基金会;

关键词：

system auditing; big data systems; cyber attack investigation;

D O I：

10.1145/3511808.3557185

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

Using big data, distributed computing systems such as Apache Hadoop requires processing massive amount of data to support business and research applications. Thus, it is critical to ensure the cyber security of such systems. To better defend from advanced cyber attacks that pose threats to even well-protected enterprises, system-auditing based techniques have been adopted for monitoring system activities and assisting attack investigation. In this demo, we are building a system that collects system auditing logs from a big data system and performs data analysis to understand how system auditing can be used more effectively to assist attack investigation on big systems. We also built a demo application that detects unexpected file deletion and presents root causes for the deletion.

引用

页码：4872 / 4876

页数：5