• DocumentCode
    1827342
  • Title

    Information Security Monitoring System Based on Data Mining

  • Author

    Lv Guangjuan ; Xu Ruzhi ; Zu Xiangrong ; Deng Liwu

  • Author_Institution
    Sch. of Comput. Sci. & Technol., North China Electr. Power Univ., Beijing, China
  • Volume
    1
  • fYear
    2009
  • fDate
    18-20 Aug. 2009
  • Firstpage
    472
  • Lastpage
    475
  • Abstract
    Some heterogeneous security equipments such as firewalls, intrusion detection systems, and anti-virus gateways, can produce massive security events which are difficult to manage efficiently. So a log-based mining, distributed, and multi-protocol supported framework of security monitoring system is proposed. This paper describes the architecture of the information security monitoring system, and focuses on the research of the correlation analysis engine, describes the process that the detection model is built using data mining techniques. Security event correlation based on data mining analysis can automatically extract association rules, analyze alarming and found new invasion model, so it is a highly intelligent solution.
  • Keywords
    data mining; information systems; security of data; system monitoring; antivirus gateways; association rule extraction; correlation analysis engine; data mining techniques; firewalls; information security monitoring system; intrusion detection systems; log-based mining; multiprotocol supported framework; security event correlation; Data mining; Information security; Monitoring; data mining; security event; security monitoring;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Information Assurance and Security, 2009. IAS '09. Fifth International Conference on
  • Conference_Location
    Xi´an
  • Print_ISBN
    978-0-7695-3744-3
  • Type

    conf

  • DOI
    10.1109/IAS.2009.325
  • Filename
    5284291
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=1827342