Towards a systematic process-aware behavioral analysis for security

Onderzoeksoutput: Hoofdstuk in Boek/Rapport/CongresprocedureConferentiebijdrageAcademicpeer review

8 Citaten (Scopus)
206 Downloads (Pure)

Samenvatting

Nowadays, security is a key concern for organizations. An increasingly popular solution to enhance security in organizational settings is the adoption of anomaly detection systems. These systems raise an alert when an abnormal behavior is detected, upon which proper measures have to be taken. A well-known drawback of these solutions is that the underlying detection engine is a black box, i.e., the behavioral profiles used for detections are encoded in some mathematical model that is challenging to understand for human analysts or, in some cases, is not even accessible. Therefore, anomaly detection systems often fail in supporting analysts in understanding what is happening in the system and how to respond to detected security threats. In this work, we investigate the use of process analysis techniques to build behavioral models understandable by human analysts. We also delineate a systematic methodology for process-aware behaviors analysis and discuss the findings obtained by applying such a methodology to a real-world event log.

Originele taal-2Engels
TitelProceedings of the 15th International Joint Conference on e-Business and Telecommunications
RedacteurenAngel Serrano Sanchez de Leon, Paulo Novais, Sebastiano Battiato, Panagiotis Sarigiannidis, Mohammad S. Obaidat, Christian Callegari, Marten van Sinderen, Pascal Lorenz
Plaats van productieSetúbal
UitgeverijSciTePress Digital Library
Pagina's460-469
Aantal pagina's10
ISBN van elektronische versie978-989-758-319-3
DOI's
StatusGepubliceerd - 1 jan. 2018
Evenement15th International Joint Conference on e-Business and Telecommunications, ICETE 2018 - Porto, Portugal
Duur: 26 jul. 201828 jul. 2018

Congres

Congres15th International Joint Conference on e-Business and Telecommunications, ICETE 2018
Land/RegioPortugal
StadPorto
Periode26/07/1828/07/18

Financiering

This work is partially supported by ITEA3 through the APPSTACLE project (15017) and by ECSEL through the SECREDAS project.

Vingerafdruk

Duik in de onderzoeksthema's van 'Towards a systematic process-aware behavioral analysis for security'. Samen vormen ze een unieke vingerafdruk.

Citeer dit