Title :
Information Security Monitoring System Based on Data Mining
Author :
Lv Guangjuan ; Xu Ruzhi ; Zu Xiangrong ; Deng Liwu
Author_Institution :
Sch. of Comput. Sci. & Technol., North China Electr. Power Univ., Beijing, China
Abstract :
Some heterogeneous security equipments such as firewalls, intrusion detection systems, and anti-virus gateways, can produce massive security events which are difficult to manage efficiently. So a log-based mining, distributed, and multi-protocol supported framework of security monitoring system is proposed. This paper describes the architecture of the information security monitoring system, and focuses on the research of the correlation analysis engine, describes the process that the detection model is built using data mining techniques. Security event correlation based on data mining analysis can automatically extract association rules, analyze alarming and found new invasion model, so it is a highly intelligent solution.
Keywords :
data mining; information systems; security of data; system monitoring; antivirus gateways; association rule extraction; correlation analysis engine; data mining techniques; firewalls; information security monitoring system; intrusion detection systems; log-based mining; multiprotocol supported framework; security event correlation; Data mining; Information security; Monitoring; data mining; security event; security monitoring;
Conference_Titel :
Information Assurance and Security, 2009. IAS '09. Fifth International Conference on
Conference_Location :
Xi´an
Print_ISBN :
978-0-7695-3744-3
DOI :
10.1109/IAS.2009.325
