2018
DOI: 10.1016/j.eswa.2018.07.006
|View full text |Cite
|
Sign up to set email alerts
|

Eliciting and utilising knowledge for security event log analysis: An association rule mining and automated planning approach

Abstract: Vulnerability assessment and security configuration activities are heavily reliant on expert knowledge. This requirement often results in many systems being left insecure due to a lack of analysis expertise and access to specialist resources. It has long been known that a system's event logs provide historical information depicting potential security breaches, as well as recording configuration activities. However, identifying and utilising knowledge within the event logs is challenging for the non-expert. In … Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
1
1
1

Citation Types

0
19
0

Year Published

2019
2019
2024
2024

Publication Types

Select...
5
2

Relationship

0
7

Authors

Journals

citations
Cited by 29 publications
(19 citation statements)
references
References 37 publications
0
19
0
Order By: Relevance
“…In this section, we apply the TSARM-UDP algorithm to the public stock dataset to mine time-series association rules. Furthermore, a performance comparison is done of the TSARM-UDP algorithm with other temporal algorithms presented in [ 35 , 36 ] and FPgrowth [ 22 ]. The mining results are shown in Figure 4 and Figure 5 .…”
Section: Simulation Experimentsmentioning
confidence: 99%
“…In this section, we apply the TSARM-UDP algorithm to the public stock dataset to mine time-series association rules. Furthermore, a performance comparison is done of the TSARM-UDP algorithm with other temporal algorithms presented in [ 35 , 36 ] and FPgrowth [ 22 ]. The mining results are shown in Figure 4 and Figure 5 .…”
Section: Simulation Experimentsmentioning
confidence: 99%
“…The sequence or episode rules have been successfully applied to a wide variety of applications. For instance, they have been used to quickly identify unused spectrum bands that allow opportunistic access by radios seeking spectrum, alleviating the problem of constantly increasing demand for communication bandwidth (Heydari & Tajer, 2019), to improve system security through the analysis of event logs with historical information of potential security breaches (Khan & Parkinson, 2018), to predict the traffic congestion level (Wen, Zhang, Sun, Wang, & Xu, 2019), and so on.…”
Section: Considering Time As An Implied Component In the Mining Processmentioning
confidence: 99%
“…However, the algorithm can only discover the temporal pattern and not association rules. In [24], Khen and Simon proposed a novel method for discovering the temporal association rules; however, the performance of the algorithm is sensitive to a parameter, namely, the temporal-association accuracy (TAA). In [25], Wen et al…”
Section: Related Workmentioning
confidence: 99%
“…We selected 1438 data from an authentic blast furnace as sample data for time-series association rule mining. To evaluate the performance of the proposed algorithm, we will compare it with the performances of the state-of-the-art algorithms [23,24] and FP-Growth.…”
Section: Algorithm Evaluationmentioning
confidence: 99%
See 1 more Smart Citation