A Visualization Method Based on Graph Database in Security Logs Analysis

被引:2
|
作者
Tang, Xinyu [1 ,2 ]
Ma, Chunguang [1 ]
Yu, Min [2 ,3 ]
Liu, Chao [2 ]
机构
[1] Harbin Engn Univ, Coll Comp Sci & Technol, Harbin, Heilongjiang, Peoples R China
[2] Chinese Acad Sci, Inst Informat Engn, Beijing, Peoples R China
[3] Univ Chinese Acad Sci, Sch Cyber Secur, Beijing, Peoples R China
来源
2017 6TH INTERNATIONAL CONFERENCE ON ADVANCED MATERIALS AND COMPUTER SCIENCE (ICAMCS 2017) | 2017年
基金
中国国家自然科学基金;
关键词
Network Forensics; Log Analysis; Association rule mining; Graph Database;
D O I
10.23977/icamcs.2017.1012
中图分类号
TH [机械、仪表工业];
学科分类号
0802 ;
摘要
Network security logs can provide evidence for forensic investigators. However, the network logs are facing the problems of high repetition rate, high false alarm rate, uniform format and so on, which make it difficult for forensic researchers to find useful information. In this paper, the association rules mining algorithm is used to analyze the network security logs, so as to eliminate the redundant data and to find the implied association between the logs data. Then the graph database is used to visualize the log information. Forensic analysts can obtain effective evidence by observing the graph database, which can improve the efficiency of the forensic analysts to discover the sensitive event information.
引用
收藏
页码:82 / 89
页数:8
相关论文
共 50 条
  • [21] A Heuristic Method of Attack Graph Analysis for Network Security Hardening
    Zhao Chao
    Wang Huiqiang
    Guo Fangfang
    Zhou Mo
    Zhang Yushu
    [J]. 2014 INTERNATIONAL CONFERENCE ON CYBER-ENABLED DISTRIBUTED COMPUTING AND KNOWLEDGE DISCOVERY (CYBERC), 2014, : 43 - 47
  • [22] Visualization of security event logs across multiple networks and its application to a CSOC
    Song, Boyeon
    Choi, Jangwon
    Choi, Sang-Soo
    Song, Jungsuk
    [J]. CLUSTER COMPUTING-THE JOURNAL OF NETWORKS SOFTWARE TOOLS AND APPLICATIONS, 2019, 22 (Suppl 1): : 1861 - 1872
  • [23] A Graph-Based Approach for Analysis of Software Security
    Lunkeit, Armin
    [J]. RISK ASSESSMENT AND RISK-DRIVEN TESTING, RISK 2013, 2014, 8418 : 68 - 79
  • [24] Taming the logs - Vocabularies for semantic security analysis
    Ekelhart, Andreas
    Kiesling, Elmar
    Kurniawan, Kabul
    [J]. PROCEEDINGS OF THE 14TH INTERNATIONAL CONFERENCE ON SEMANTIC SYSTEMS, 2018, 137 : 109 - 119
  • [25] Visualization of security event logs across multiple networks and its application to a CSOC
    Boyeon Song
    Jangwon Choi
    Sang-Soo Choi
    Jungsuk Song
    [J]. Cluster Computing, 2019, 22 : 1861 - 1872
  • [26] Language-based Security Analysis of Database Applications
    Halder, Raju
    [J]. 2015 THIRD INTERNATIONAL CONFERENCE ON COMPUTER, COMMUNICATION, CONTROL AND INFORMATION TECHNOLOGY (C3IT), 2015,
  • [27] A Graph Based Security Description Method of Driving Behavior Characteristics
    Qi, Hang
    Zhao, Xiao-Hua
    Wu, Yi-Ping
    Liu, Chang
    [J]. CICTP 2020: TRANSPORTATION EVOLUTION IMPACTING FUTURE MOBILITY, 2020, : 4254 - 4265
  • [28] A Quantitative Method for Evaluating Network Security Based on Attack Graph
    Zheng, Yukun
    Lv, Kun
    Hu, Changzhen
    [J]. NETWORK AND SYSTEM SECURITY, 2017, 10394 : 349 - 358
  • [29] HUGE GRAPH VISUALIZATION AND ANALYSIS
    Kolomeychenko, Maxim
    Chepovskiy, Andrey
    [J]. BIZNES INFORMATIKA-BUSINESS INFORMATICS, 2014, 30 (04): : 7 - 16
  • [30] Research on the Implementation Method of Database Security in Management Information System Based on Big Data Analysis
    Chen, Qunlin
    [J]. 2020 INTERNATIONAL CONFERENCE ON ENERGY, ENVIRONMENT AND BIOENGINEERING (ICEEB 2020), 2020, 185
12345