Towards a systematic process-aware behavioral analysis for security

Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

8 Citations (Scopus)
211 Downloads (Pure)

Abstract

Nowadays, security is a key concern for organizations. An increasingly popular solution to enhance security in organizational settings is the adoption of anomaly detection systems. These systems raise an alert when an abnormal behavior is detected, upon which proper measures have to be taken. A well-known drawback of these solutions is that the underlying detection engine is a black box, i.e., the behavioral profiles used for detections are encoded in some mathematical model that is challenging to understand for human analysts or, in some cases, is not even accessible. Therefore, anomaly detection systems often fail in supporting analysts in understanding what is happening in the system and how to respond to detected security threats. In this work, we investigate the use of process analysis techniques to build behavioral models understandable by human analysts. We also delineate a systematic methodology for process-aware behaviors analysis and discuss the findings obtained by applying such a methodology to a real-world event log.

Original languageEnglish
Title of host publicationProceedings of the 15th International Joint Conference on e-Business and Telecommunications
EditorsAngel Serrano Sanchez de Leon, Paulo Novais, Sebastiano Battiato, Panagiotis Sarigiannidis, Mohammad S. Obaidat, Christian Callegari, Marten van Sinderen, Pascal Lorenz
Place of PublicationSetúbal
PublisherSciTePress Digital Library
Pages460-469
Number of pages10
ISBN (Electronic)978-989-758-319-3
DOIs
Publication statusPublished - 1 Jan 2018
Event15th International Joint Conference on e-Business and Telecommunications, ICETE 2018 - Porto, Portugal
Duration: 26 Jul 201828 Jul 2018

Conference

Conference15th International Joint Conference on e-Business and Telecommunications, ICETE 2018
Country/TerritoryPortugal
CityPorto
Period26/07/1828/07/18

Funding

This work is partially supported by ITEA3 through the APPSTACLE project (15017) and by ECSEL through the SECREDAS project.

Keywords

  • Behavior Analysis
  • Process Mining

Fingerprint

Dive into the research topics of 'Towards a systematic process-aware behavioral analysis for security'. Together they form a unique fingerprint.

Cite this