A Principled Approach to Enriching Security-related Data for Running Processes through Statistics and Natural Language Processing

被引：0

作者：

Boros, Tiberiu ^{[1
]}

Cotaie, Andrei ^{[1
]}

Vikramjeet, Kumar ^{[2
]}

Malik, Vivek ^{[2
]}

Park, Lauren ^{[2
]}

Pachis, Nick ^{[2
]}

机构：

[1] Adobe Syst, Bucharest, Romania

[2] Adobe Syst, San Jose, CA USA

来源：

PROCEEDINGS OF THE 6TH INTERNATIONAL CONFERENCE ON INTERNET OF THINGS, BIG DATA AND SECURITY (IOTBDS) | 2021年

关键词：

Infrastructure; Machine Learning; Statistical Approach; Natural Language Processing; Labeling; Tagging; Security; Process; Process Metadata; Enriching Data; Hubble Stack; Risk Based Anomaly Detection;

D O I：

10.5220/0010381401400147

中图分类号：

TP301 [理论、方法];

学科分类号：

081202 ;

摘要：

We propose a principled method of enriching security related information for running processes. Our methodology applies to large organizational infrastructures, where information is properly collected and stored. The data we use is based on the Hubble Stack (an open-source project), but any alternative solution that provides the same type of information will suffice. Using statistical and natural language processing (NLP) methods we enrich our data with tags and we provide an analysis on how these tags can be used in Machine Learning approaches for anomaly detection.

引用

页码：140 / 147

页数：8

共 16 条

[1] Agrawal R., 1994, VLDB 1994, V1215, P487
[2] [Anonymous], 2018, P 2018 ACM AS C, DOI DOI 10.1145/3196494.3196511
[3] Anumol E.T., 2014, Intelligent Computing, Communication and Devices, P231
[4] Improving SIEM alert metadata aggregation with a novel kill-chain based classification model
Bryant, Blake D.
Saiedian, Hossein
[J]. COMPUTERS & SECURITY, 2020, 94
[5] Das S, 2020, 2020 IEEE SYMPOSIUM SERIES ON COMPUTATIONAL INTELLIGENCE (SSCI), P829, DOI [10.1109/ssci47803.2020.9308268, 10.1109/SSCI47803.2020.9308268]
[6] Feng C, 2017, 2017 IEEE INTERNATIONAL CONFERENCE ON INTELLIGENCE AND SECURITY INFORMATICS (ISI), P173, DOI 10.1109/ISI.2017.8004902
[7] The rise of machine learning for detection and classification of malware: Research developments, trends and challenges
Gibert, Daniel
Mateu, Carles
Planes, Jordi
[J]. JOURNAL OF NETWORK AND COMPUTER APPLICATIONS, 2020, 153 (153)
[8] Gomathi S., 2020, 2020 12th International Conference on Computational Intelligence and Communication Networks (CICN), P356, DOI 10.1109/CICN49253.2020.9242574
[9] Semi-supervised machine learning approach for DDoS detection
Idhammad, Mohamed
Afdel, Karim
Belouch, Mustapha
[J]. APPLIED INTELLIGENCE, 2018, 48 (10) : 3193 - 3208
[10] A machine learning-based FinTech cyber threat attribution framework using high-level indicators of compromise
Noor, Umara
Anwar, Zahid
Amjad, Tehmina
Choo, Kim-Kwang Raymond
[J]. FUTURE GENERATION COMPUTER SYSTEMS-THE INTERNATIONAL JOURNAL OF ESCIENCE, 2019, 96 : 227 - 242

← 1 2 →