Visible to the public Survey of Data Intensive Computing Technologies Application to to Security Log Data Management

TitleSurvey of Data Intensive Computing Technologies Application to to Security Log Data Management
Publication TypeConference Paper
Year of Publication2016
AuthorsTall, Anne, Wang, Jun, Han, Dezhi
Conference NameProceedings of the 3rd IEEE/ACM International Conference on Big Data Computing, Applications and Technologies
PublisherACM
Conference LocationNew York, NY, USA
ISBN Number978-1-4503-4617-7
KeywordsBig Data, big data security, big data security in the cloud, composability, Computational Intelligence, data intensive computing, Hadoop, Human Behavior, pubcrawl, Resiliency, security event log information management, Spark
Abstract

Data intensive computing research and technology developments offer the potential of providing significant improvements in several security log management challenges. Approaches to address the complexity, timeliness, expense, diversity, and noise issues have been identified. These improvements are motivated by the increasingly important role of analytics. Machine learning and expert systems that incorporate attack patterns are providing greater detection insights. Finding actionable indicators requires the analysis to combine security event log data with other network data such and access control lists, making the big-data problem even bigger. Automation of threat intelligence is recognized as not complete with limited adoption of standards. With limited progress in anomaly signature detection, movement towards using expert systems has been identified as the path forward. Techniques focus on matching behaviors of attackers to patterns of abnormal activity in the network. The need to stream, parse, and analyze large volumes of small, semi-structured data files can be feasibly addressed through a variety of techniques identified by researchers. This report highlights research in key areas, including protection of the data, performance of the systems and network bandwidth utilization.

URLhttp://doi.acm.org/10.1145/3006299.3006336
DOI10.1145/3006299.3006336
Citation Keytall_survey_2016