Insider Threat Detection Using Log Analysis and Event Correlation



Download 0,58 Mb.
Pdf ko'rish
bet1/10
Sana01.07.2022
Hajmi0,58 Mb.
#725554
  1   2   3   4   5   6   7   8   9   10
Bog'liq
ambre2015


 Procedia Computer Science 45 ( 2015 ) 436 – 445 
1877-0509 © 2015 Published by Elsevier B.V. This is an open access article under the CC BY-NC-ND license 
(
http://creativecommons.org/licenses/by-nc-nd/4.0/
).
Peer-review under responsibility of scientific committee of International Conference on Advanced Computing Technologies and 
Applications (ICACTA-2015).
doi: 10.1016/j.procs.2015.03.175 
ScienceDirect
Available online at 
www.sciencedirect.com
International Conference on Advanced Computing Technologies and Applications (ICACTA-
2015) 
Insider threat Detection using Log analysis and Event Correlation 
Amruta Ambre , Narendra Shekokar 
Deparment of Computer engineering,D.j sanghvi college of engineering,amruta.ambre@yahoo.co.in,Mumbai 400069,India 
Deparment of Computer engineering,D.j sanghvi college of engineering,narendra.shekokare@disce.ac.in,Mumbai ,India 
 
Abstract 
Insider threat is one of the most dangerous security threat, and a much more complex issue. These insiders can be a former or a 
disgruntled employee or any business associate that has or had an authorised access to information for any particular 
organization. They have control and security measures. Hence continuous monitoring is essential to track each and every activity 
within the network. Log management is a strong technique which includes both Log analysis with event correlation which 
provides the root cause of any attack and network can be protected from security violations. Though intrusion detection is 
complex process, while checking the ability to detect intrusive behaviour within the internal environment, it has to take care of 
suppressing the false alarm rate. Some strong approach is required on the basis of which decisions can be taken fast. This paper 
proposes a probabilistic approach which illustrates the frequency of occurrence of event in percentage while still considering the 
false alarm rate at an acceptable level. 
© 2015 The Authors. Published by Elsevier B.V. 
Peer-review under responsibility of scientific committee of International Conference on Advanced Computing Technologies and 
Applications (ICACTA-2015). 
Keywords:
Security, log analysis, event correlation, Bayesian detection rate, false alarm rate 

Download 0,58 Mb.

Do'stlaringiz bilan baham:
  1   2   3   4   5   6   7   8   9   10



Ma'lumotlar bazasi mualliflik huquqi bilan himoyalangan ©hozir.org 2024
ma'muriyatiga murojaat qiling
kiriting | ro'yxatdan o'tish
    Bosh sahifa
юртда тантана
Боғда битган
Бугун юртда
Эшитганлар жилманглар
Эшитмадим деманглар
битган бодомлар
Yangiariq tumani
qitish marakazi
Raqamli texnologiyalar
ilishida muhokamadan
tasdiqqa tavsiya
tavsiya etilgan
iqtisodiyot kafedrasi
steiermarkischen landesregierung
asarlaringizni yuboring
o'zingizning asarlaringizni
Iltimos faqat
faqat o'zingizning
steierm rkischen
landesregierung fachabteilung
rkischen landesregierung
hamshira loyihasi
loyihasi mavsum
faolyatining oqibatlari
asosiy adabiyotlar
fakulteti ahborot
ahborot havfsizligi
havfsizligi kafedrasi
fanidan bo’yicha
fakulteti iqtisodiyot
boshqaruv fakulteti
chiqarishda boshqaruv
ishlab chiqarishda
iqtisodiyot fakultet
multiservis tarmoqlari
fanidan asosiy
Uzbek fanidan
mavzulari potok
asosidagi multiservis
'aliyyil a'ziym
billahil 'aliyyil
illaa billahil
quvvata illaa
falah' deganida
Kompyuter savodxonligi
bo’yicha mustaqil
'alal falah'
Hayya 'alal
'alas soloh
Hayya 'alas
mavsum boyicha

yuklab olish