18
views
0
recommends
+1 Recommend
1 collections
    0
    shares
      • Record: found
      • Abstract: found
      • Article: found
      Is Open Access

      Mining known attack patterns from security-related events

      research-article

      Read this article at

      ScienceOpenPublisher
      Bookmark
          There is no author summary for this article yet. Authors can add summaries to their articles on ScienceOpen to make them more accessible to a non-specialist audience.

          Abstract

          Managed Security Services (MSS) have become an essential asset for companies to have in order to protect their infrastructure from hacking attempts such as unauthorized behaviour, denial of service (DoS), malware propagation, and anomalies. A proliferation of attacks has determined the need for installing more network probes and collecting more security-related events in order to assure the best coverage, necessary for generating incident responses. The increase in volume of data to analyse has created a demand for specific tools that automatically correlate events and gather them in pre-defined scenarios of attacks. Motivated by Above Security, a specialized company in the sector, and by National Research Council Canada (NRC), we propose a new data mining system that employs text mining techniques to dynamically relate security-related events in order to reduce analysis time, increase the quality of the reports, and automatically build correlated scenarios.

          Most cited references22

          • Record: found
          • Abstract: not found
          • Article: not found

          A STATISTICAL INTERPRETATION OF TERM SPECIFICITY AND ITS APPLICATION IN RETRIEVAL

            Bookmark
            • Record: found
            • Abstract: not found
            • Article: not found

            Mining e-mail content for author identification forensics

              Bookmark
              • Record: found
              • Abstract: not found
              • Article: not found

              Key word-in-context index for technical literature (kwic index)

              H. P. Luhn (1960)
                Bookmark

                Author and article information

                Contributors
                Journal
                peerj-cs
                PeerJ Computer Science
                PeerJ Comput. Sci.
                PeerJ Inc. (San Francisco, USA )
                2376-5992
                7 October 2015
                : 1
                : e25
                Affiliations
                [1 ]Department of Electrical and Information Engineering, University of Cassino and Southern Lazio , Cassino, Italy
                [2 ]Above Security, Inc. , Blainville, Quebec, Canada
                [3 ]School of Information Studies, McGill University , Montreal, QC, Canada
                [4 ]Concordia Institute for Information Systems Engineering (CIISE), Concordia University , Montreal, QC, Canada
                Article
                cs-25
                10.7717/peerj-cs.25
                f81bd39e-bc40-4d46-8dcf-097fc8c47671
                © 2015 Scarabeo et al.

                This is an open access article distributed under the terms of the Creative Commons Attribution License, which permits unrestricted use, distribution, reproduction and adaptation in any medium and for any purpose provided that it is properly attributed. For attribution, the original author(s), title, publication source (PeerJ Computer Science) and either DOI or URL of the article must be cited.

                This is an open access article distributed under the terms of the Creative Commons Attribution License, which permits unrestricted use, distribution, reproduction and adaptation in any medium and for any purpose provided that it is properly attributed. For attribution, the original author(s), title, publication source (PeerJ Computer Science) and either DOI or URL of the article must be cited.

                History
                : 12 May 2015
                : 14 September 2015
                Funding
                Funded by: National Research Council Canada (NRC)
                Funded by: Industrial Research Assistance Program
                Funded by: NSERC Discovery Grants
                Award ID: 356065-2013
                Funded by: Canada Research Chair Program
                Award ID: 950-230623
                Above Security has supported the paper in terms of human resources and provided us with simile-real-life materials for experimentation. The paper is also supported in part by the National Research Council Canada (NRC) Industrial Research Assistance Program, NSERC Discovery Grants (356065-2013), and Canada Research Chair Program (950-230623). The funders had no role in study design, data collection and analysis, decision to publish, or preparation of the manuscript.
                Categories
                Computer Networks and Communications
                Data Mining and Machine Learning
                Security and Privacy

                Computer science
                Security,Data mining,Text-mining,Correlation,Semantic,Log events,Security operation center,Managed security services

                Comments

                Comment on this article