Log analysis is an efficiency way to detect threats by scrutinizing the events recorded by the operating systems and devices. However, it is more and more difficult to discover threats accurately due to the massive amount of logs and their various formats. Focusing on this problem, the authors propose a method for potential threats mining based on the correlation analysis of multi‐type logs. Firstly, they extract 12 features, including behavior‐related, attribute‐related and measurable features, from multi‐type logs based on the characteristics of known and potential attacks. They also propose normalization method to deal with these heterogeneous features. Secondly, focusing on solving the problem that analyzing a single type of log can onl...
Efficiently managing and analyzing cloud logs is a difficult and expensive task due the growth in si...
Log data adapted for intrusion detection is a little explored research issue despite its importance ...
For effective security incidence response on the network, a reputable approach must be in place at b...
A computer system generates logs to record all relevant operational data about the system and all op...
Intrusion detection is an important part of networkedsystems security protection. Although commercia...
Currently, the use of information technologies is growing very fast in private or public companies....
In recent years due to rapid growth of information technology and easy access to computers, digital ...
In this paper, we propose a new approach for increasingly accuracy and precision detection/preventio...
AbstractInsider threat is one of the most dangerous security threat, and a much more complex issue. ...
The sheer number of different attack vectors and large amount of data produced by computer systems m...
In this paper, we propose a new approach for increasingly accuracy and precision detection/preventio...
Digital crimes are increasing exponentially and people with possession of even a simple digital devi...
The diploma thesis deals with the problem of efficient processing of log records and their subsequen...
Log data, produced from every computer system and program, are widely used as source of valuable inf...
Data intensive computing research and technology developments offer the potential of providing signi...
Efficiently managing and analyzing cloud logs is a difficult and expensive task due the growth in si...
Log data adapted for intrusion detection is a little explored research issue despite its importance ...
For effective security incidence response on the network, a reputable approach must be in place at b...
A computer system generates logs to record all relevant operational data about the system and all op...
Intrusion detection is an important part of networkedsystems security protection. Although commercia...
Currently, the use of information technologies is growing very fast in private or public companies....
In recent years due to rapid growth of information technology and easy access to computers, digital ...
In this paper, we propose a new approach for increasingly accuracy and precision detection/preventio...
AbstractInsider threat is one of the most dangerous security threat, and a much more complex issue. ...
The sheer number of different attack vectors and large amount of data produced by computer systems m...
In this paper, we propose a new approach for increasingly accuracy and precision detection/preventio...
Digital crimes are increasing exponentially and people with possession of even a simple digital devi...
The diploma thesis deals with the problem of efficient processing of log records and their subsequen...
Log data, produced from every computer system and program, are widely used as source of valuable inf...
Data intensive computing research and technology developments offer the potential of providing signi...
Efficiently managing and analyzing cloud logs is a difficult and expensive task due the growth in si...
Log data adapted for intrusion detection is a little explored research issue despite its importance ...
For effective security incidence response on the network, a reputable approach must be in place at b...