Journal ArticleDOI
Big Data Analytics for Security
Alvaro A. Cardenas,Pratyusa K. Manadhata,Sreeranga P. Rajan +2 more
- Vol. 11, Iss: 6, pp 74-76
TLDR
Big data is changing the landscape of security tools for network monitoring, security information and event management, and forensics; however, in the eternal arms race of attack and defense, security researchers must keep exploring novel ways to mitigate and contain sophisticated attackers.Abstract:
Big data is changing the landscape of security tools for network monitoring, security information and event management, and forensics; however, in the eternal arms race of attack and defense, security researchers must keep exploring novel ways to mitigate and contain sophisticated attackers.read more
Citations
More filters
Journal ArticleDOI
Big data analytics and big data science: a survey
TL;DR: Diverse new approaches, methods, frameworks and systems are proposed for data collection, storage, transport, processing and analysis in the selected papers in a systematic and extensive review of journal publications about big data from 2011 to 2015.
Proceedings ArticleDOI
Detecting Malicious Domains via Graph Inference
TL;DR: This paper introduces a system to detect malicious domains accessed by an enterprise's hosts from the enterprise’s HTTP proxy logs by model the detection problem as a graph inference problem and achieves high detection rates with low false positive rates.
Journal ArticleDOI
A Framework for Attack-Resilient Industrial Control Systems: Attack Detection and Controller Reconfiguration
Kaveh Paridari,Niamh O'Mahony,Alie El-Din Mady,Rohan Chabukswar,Menouer Boubekeur,Henrik Sandberg +5 more
TL;DR: A novel cyber–physical security framework for ICSs is proposed, which incorporates an analytics tool for attack detection and executes a reliable estimation-based attack-resilient control policy, whenever an attack is detected.
Journal ArticleDOI
A Cloud Computing Based Network Monitoring and Threat Detection System for Critical Infrastructures
TL;DR: Empirical data indicates that the proposed network monitoring and threat detection system can efficiently monitor network activities, find abnormal behaviors, and detect network threats to protect critical infrastructure systems.
Proceedings ArticleDOI
Big Data Analytics: Security and privacy challenges
TL;DR: The benefits of Big Data Analytics are highlighted and then the challenges of security and privacy in big data environments are reviewed and some available protection techniques are presented and some possible tracks are proposed that enable security and Privacy in a malicious big data context.
References
More filters
Proceedings ArticleDOI
Beehive: large-scale log analysis for detecting suspicious activity in enterprise networks
Ting-Fang Yen,Alina Oprea,Kaan Onarlioglu,Todd Leetham,William Robertson,Ari Juels,Engin Kirda +6 more
TL;DR: A novel system, Beehive, that attacks the problem of automatically mining and extracting knowledge from the dirty log data produced by a wide variety of security products in a large enterprise, and is able to identify malicious events and policy violations which would otherwise go undetected.
Proceedings ArticleDOI
Toward a standard benchmark for computer security research: the worldwide intelligence network environment (WINE)
Tudor Dumitras,Darren Shou +1 more
TL;DR: The unique characteristics of the WINE data are reviewed, why rigorous benchmarking will provide fresh insights on the security arms race is discussed, and a research agenda for this area is proposed.
Proceedings ArticleDOI
BotCloud: Detecting botnets using MapReduce
TL;DR: This paper proposes a distributed computing framework that leverages a host dependency model and an adapted PageRank algorithm and reports experimental results from an open-source based Hadoop cluster and highlights the performance benefits when using real network traces from an Internet operator.
Journal Article
Using Large Scale Distributed Computing to Unveil Advanced Persistent Threats
Paul Giura,Wei Wang +1 more
TL;DR: This paper proposes a model of the APT detection problem as well as a methodology to implement it on a generic organization network and shows that this approach is feasible to process very large data sets and is flexible enough to accommodate any context processing algorithm, even to detect sophisticated attacks such as APT.