Samenvatting
Nowadays, security is a key concern for organizations. An increasingly popular solution to enhance security in organizational settings is the adoption of anomaly detection systems. These systems raise an alert when an abnormal behavior is detected, upon which proper measures have to be taken. A well-known drawback of these solutions is that the underlying detection engine is a black box, i.e., the behavioral profiles used for detections are encoded in some mathematical model that is challenging to understand for human analysts or, in some cases, is not even accessible. Therefore, anomaly detection systems often fail in supporting analysts in understanding what is happening in the system and how to respond to detected security threats. In this work, we investigate the use of process analysis techniques to build behavioral models understandable by human analysts. We also delineate a systematic methodology for process-aware behaviors analysis and discuss the findings obtained by applying such a methodology to a real-world event log.
Originele taal-2 | Engels |
---|---|
Titel | Proceedings of the 15th International Joint Conference on e-Business and Telecommunications |
Redacteuren | Angel Serrano Sanchez de Leon, Paulo Novais, Sebastiano Battiato, Panagiotis Sarigiannidis, Mohammad S. Obaidat, Christian Callegari, Marten van Sinderen, Pascal Lorenz |
Plaats van productie | Setúbal |
Uitgeverij | SciTePress Digital Library |
Pagina's | 460-469 |
Aantal pagina's | 10 |
ISBN van elektronische versie | 978-989-758-319-3 |
DOI's | |
Status | Gepubliceerd - 1 jan. 2018 |
Evenement | 15th International Joint Conference on e-Business and Telecommunications, ICETE 2018 - Porto, Portugal Duur: 26 jul. 2018 → 28 jul. 2018 |
Congres
Congres | 15th International Joint Conference on e-Business and Telecommunications, ICETE 2018 |
---|---|
Land/Regio | Portugal |
Stad | Porto |
Periode | 26/07/18 → 28/07/18 |
Financiering
This work is partially supported by ITEA3 through the APPSTACLE project (15017) and by ECSEL through the SECREDAS project.