Exploratory security analytics for anomaly detection. Issue 56 (February 2016)
- Record Type:
- Journal Article
- Title:
- Exploratory security analytics for anomaly detection. Issue 56 (February 2016)
- Main Title:
- Exploratory security analytics for anomaly detection
- Authors:
- Pierazzi, Fabio
Casolari, Sara
Colajanni, Michele
Marchetti, Mirco - Abstract:
- Abstract: The huge number of alerts generated by network-based defense systems prevents detailed manual inspections of security events. Existing proposals for automatic alerts analysis work well in relatively stable and homogeneous environments, but in modern networks, that are characterized by extremely complex and dynamic behaviors, understanding which approaches can be effective requires exploratory data analysis and descriptive modeling. We propose a novel framework for automatically investigating temporal trends and patterns of security alerts with the goal of understanding whether and which anomaly detection approaches can be adopted for identifying relevant security events. Several examples referring to a real large network show that, despite the high intrinsic dynamism of the system, the proposed framework is able to extract relevant descriptive statistics that allow to determine the effectiveness of popular anomaly detection approaches on different alerts groups.
- Is Part Of:
- Computers & security. Issue 56(2016)
- Journal:
- Computers & security
- Issue:
- Issue 56(2016)
- Issue Display:
- Volume 56, Issue 56 (2016)
- Year:
- 2016
- Volume:
- 56
- Issue:
- 56
- Issue Sort Value:
- 2016-0056-0056-0000
- Page Start:
- 28
- Page End:
- 49
- Publication Date:
- 2016-02
- Subjects:
- Security analytics -- Network alerts -- Temporal characterization -- Time series analysis -- Anomaly detection
Computer security -- Periodicals
Electronic data processing departments -- Security measures -- Periodicals
005.805 - Journal URLs:
- http://www.sciencedirect.com/science/journal/01674048 ↗
http://www.elsevier.com/journals ↗ - DOI:
- 10.1016/j.cose.2015.10.003 ↗
- Languages:
- English
- ISSNs:
- 0167-4048
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 3394.781000
British Library DSC - BLDSS-3PM
British Library HMNTS - ELD Digital store - Ingest File:
- 14482.xml