Log-Based Malicious Activity Detection Using Machine and Deep Learning
作者: Katarzyna A. Tarnowska , Araav Patel
DOI: 10.1007/978-3-030-62582-5_23
关键词:
摘要: This chapter describes the application of intelligent computational techniques to problem malicious activity detection. It is proposed embed machine and deep learning models for detection into framework a log-based decision support system (DSS) information security administrators. expected that such solution will enable organizational-wide protection informational assets, by providing accurate comprehensive real-time insights violations policies. In this work, we present experiments results on database systems’ log analysis using traditional (ML) methods (DL) synthetic dataset simulating user in hypothetical company.
springer.com
sci-hub.st 参考文章(48)
Charissa Ann Ronao, Sung-Bae Cho, Random Forests with Weighted Voting for Anomalous Query Access Detection in Relational Databases Artificial Intelligence and Soft Computing. pp. 36- 48 ,(2015) , 10.1007/978-3-319-19369-4_4
Angelos D. Keromytis, Krysta Svore, Salvatore Stolfo, Katherine Heller, One Class Support Vector Machines for Detecting Anomalous Windows Registry Accesses Workshop on Data Mining for Computer Security (DMSEC), Melbourne, FL, November 19, 2003. pp. 2- 9 ,(2003) , 10.7916/D84B39Q0
Adrian Spalka, Jan Lehnhardt, A comprehensive approach to anomaly detection in relational databases Lecture Notes in Computer Science. pp. 207- 221 ,(2005) , 10.1007/11535706_16
Yehuda Vardi, Martin Theusan, Alan F. Karr, Wen-Hua Ju, William DuMouchel, Matthias Schonlau, Computer Intrusion: Detecting Masquerades Statistical Science. ,vol. 16, pp. 58- 74 ,(2001) , 10.1214/SS/998929476
Ting-Fang Yen, Alina Oprea, Kaan Onarlioglu, Todd Leetham, William Robertson, Ari Juels, Engin Kirda, Beehive: large-scale log analysis for detecting suspicious activity in enterprise networks annual computer security applications conference. pp. 199- 208 ,(2013) , 10.1145/2523649.2523670
Joshua Glasser, Brian Lindauer, Bridging the Gap: A Pragmatic Approach to Generating Insider Threat Data ieee symposium on security and privacy. pp. 98- 104 ,(2013) , 10.1109/SPW.2013.37
Mohammad Saiful Islam, Mehmet Kuzu, Murat Kantarcioglu, A Dynamic Approach to Detect Anomalous Queries on Relational Databases conference on data and application security and privacy. pp. 245- 252 ,(2015) , 10.1145/2699026.2699120
John Dwyer, Traian Marius Truta, Finding anomalies in windows event logs using standard deviation collaborative computing. pp. 563- 570 ,(2013) , 10.4108/ICST.COLLABORATECOM.2013.254136
Dipankar Dasgupta, Immuno-inspired autonomic system for cyber defense Information Security Technical Report. ,vol. 12, pp. 235- 241 ,(2007) , 10.1016/J.ISTR.2007.10.002
Wei Xu, Ling Huang, Armando Fox, David Patterson, Michael I Jordan, None, Detecting large-scale system problems by mining console logs symposium on operating systems principles. pp. 117- 132 ,(2009) , 10.1145/1629575.1629587