Causal Connections Mining Within Security Event Logs

被引:1
|
作者
Khan, Saad [1 ]
Parkinson, Simon [1 ]
机构
[1] Univ Huddersfield, Huddersfield, W Yorkshire, England
来源
K-CAP 2017: PROCEEDINGS OF THE KNOWLEDGE CAPTURE CONFERENCE | 2017年
关键词
Knowledge extraction; Automated; Association; Causal;
D O I
10.1145/3148011.3154476
中图分类号
TP18 [人工智能理论];
学科分类号
081104 ; 0812 ; 0835 ; 1405 ;
摘要
Performing both security vulnerability assessment and configuration processes are heavily reliant on expert knowledge. This requirement often results in many systems being left insecure due to a lack of analysis expertise and access to specialist resources. It has long been known that a system's event log provides historical information depicting potential security threats, as well as recording configuration activities. In this paper, a novel technique is developed that can process security event logs on a computer that has been assessed and configured by a security professional, and autonomously establish causality amongst event log entries to learn performed configuration tasks. This extracted knowledge can then be exploited by non-professionals to plan steps that can improve the security of a previously unseen system.
引用
收藏
页数:4
相关论文
共 50 条
  • [41] Process Mining Reloaded: Event Structures as a Unified Representation of Process Models and Event Logs
    Dumas, Marlon
    Garcia-Banuelos, Luciano
    [J]. APPLICATION AND THEORY OF PETRI NETS AND CONCURRENCY, 2015, 9115 : 33 - 48
  • [42] Deciphering event logs in SharePoint Server: A methodology based on Process Mining
    Arias Chaves, Michael
    Rojas Cordoba, Eric
    [J]. PROCEEDINGS OF THE 2014 XL LATIN AMERICAN COMPUTING CONFERENCE (CLEI), 2014,
  • [43] Process mining using BPMN: relating event logs and process models
    Kalenkova, Anna A.
    van der Aalst, Wil M. P.
    Lomazova, Irina A.
    Rubin, Vladimir A.
    [J]. SOFTWARE AND SYSTEMS MODELING, 2017, 16 (04): : 1019 - 1048
  • [44] Inferring the Repetitive Behaviour from Event Logs for Process Mining Discovery
    Tapia-Flores, Tonatiuh
    Lopez-Mellado, Ernesto
    [J]. MINING INTELLIGENCE AND KNOWLEDGE EXPLORATION (MIKE 2016), 2017, 10089 : 164 - 173
  • [45] Event logs generated fromsimulation of different scenarios and analysed with process mining
    Nedopetalski, Felipe
    Jeske de Freitas, Joslaine Cristina
    [J]. REVISTA BRASILEIRA DE COMPUTACAO APLICADA, 2021, 13 (02): : 73 - 82
  • [46] Mining workflow processes from distributed workflow enactment event logs
    Kim, Kwanghoon Pio
    [J]. KNOWLEDGE MANAGEMENT & E-LEARNING-AN INTERNATIONAL JOURNAL, 2012, 4 (04) : 528 - 553
  • [47] Mining process models from event logs in distributed bioinformatics workflows
    Xing, Jianchuan
    Li, Zhishu
    Cheng, Yanhong
    Yin, Feng
    Li, Baolin
    Chen, Li
    [J]. PROCEEDINGS OF THE FIRST INTERNATIONAL SYMPOSIUM ON DATA, PRIVACY, AND E-COMMERCE, 2007, : 8 - +
  • [48] Privacy-Preserving Process Mining Differential Privacy for Event Logs
    Mannhardt, Felix
    Koschmider, Agnes
    Baracaldo, Nathalie
    Weidlich, Matthias
    Michael, Judith
    [J]. BUSINESS & INFORMATION SYSTEMS ENGINEERING, 2019, 61 (05) : 595 - 614
  • [49] Mining Resource Community and Resource Role Network From Event Logs
    Ye, Jianhong
    Li, Zhiwu
    Yi, Ke
    Al-Ahmari, Abdulrahman
    [J]. IEEE ACCESS, 2018, 6 : 77685 - 77694
  • [50] Process Mining of Programmable Logic Controllers: Input/Output Event Logs
    Theis, Julian
    Mokhtarian, Ilia
    Darabi, Houshang
    [J]. 2019 IEEE 15TH INTERNATIONAL CONFERENCE ON AUTOMATION SCIENCE AND ENGINEERING (CASE), 2019, : 216 - 221
12345