Quotation Kurniawan, Kabul. 2018. Semantic Query Federation for Scalable Security Log Analysis. Lecture Notes in Computer Science (LNCS). 294-303.


RIS


BibTeX

Abstract

The digitalization of business processes increasingly exposes organizations to sophisticated cyber-security threats. To contain attacks and minimize their impact, it is essential to detect them early. To this end, it is necessary to analyze a wide range of log files that potentially provide clues about malicious activity. However, these logs are typically voluminous, heterogeneous, difficult to interpret, and stored in disparate locations, which makes it difficult to analyze them. Current approaches to analyze security logs mainly focus on regular expressions and statistical indicators and do not directly provide actionable insight to security analysts. To address these limitations, we propose a distributed approach that enables semantic querying of dispersed log sources in large-scale infrastructures. To automatically integrate and reason about security log information, we will leverage linked data technologies and state-of-the-art federated query processing systems. In this proposal, we discuss the research problem, methodology, approach and evaluation plan for scalable federated semantic security log analysis.

Tags

Press 'enter' for creating the tag

Publication's profile

Status of publication Published
Affiliation External
Type of publication Journal article
Journal Lecture Notes in Computer Science (LNCS)
WU-Journal-Rating new STRAT-C
Language English
Title Semantic Query Federation for Scalable Security Log Analysis
Year 2018
Page from 294
Page to 303
Reviewed? Y
URL http://link.springer.com/content/pdf/10.1007/978-3-319-98192-5_48
DOI http://dx.doi.org/10.1007/978-3-319-98192-5_48
Open Access N

Associations

People
Kurniawan, Kabul (Details)
Organization
Institute for Data, Process and Knowledge Management (AE Polleres) (Details)
Research areas (Ă–STAT Classification 'Statistik Austria')
1109 Information and data processing (Details)
1925 Knowledge management (Details)
2953 Data security and data privacy (Details)
Google Scholar: Search