• DocumentCode
    2809647
  • Title

    Collaborative Approach to Automatic Classification of Heterogeneous Information Security

  • Author

    Benali, Fatiha ; Ubeda, S. ; Legrand, Véronique

  • Author_Institution
    INSA-Lyon, Lyon
  • fYear
    2008
  • fDate
    25-31 Aug. 2008
  • Firstpage
    294
  • Lastpage
    299
  • Abstract
    The messages generated by the security devices represent the necessary data for the detection of the malicious activities in an information system. The heterogeneity of the devices and the lack of a standard for the security messages make the automatic processing of the messages difficult. The messages are short, use a very wide vocabulary and have different formats. We propose in this article the collaboration between classifiers to increase the accuracy of the classification. We apply the text categorization technics for the automatic classification of security log files messages, in categories defined by an ontology. We develop an extraction module for the message attributes to reduce the vocabulary size. Then we apply two training algorithms: the k-nearest neighbour algorithm and the naive Bayes, on two corpus of security log messages. Finally we propose to collaborate the classifiers to produce a single classifier with better accuracy.
  • Keywords
    Bayes methods; classification; groupware; message passing; ontologies (artificial intelligence); security of data; text analysis; vocabulary; automatic classification; collaborative approach; extraction module; heterogeneous information security; information system; k-nearest neighbour algorithm; malicious activity; naive Bayes; ontology; security devices; security log files messages; security log messages; security messages; text categorization technics; training algorithms; vocabulary size; Collaboration; Data security; Engines; Information analysis; Information security; Information systems; Monitoring; Ontologies; Probes; Vocabulary; Automatic Classification; Heterogeneous Probes; Intrusion Detection; Ontology; Security Messages; Text Categorization;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Emerging Security Information, Systems and Technologies, 2008. SECURWARE '08. Second International Conference on
  • Conference_Location
    Cap Esterel
  • Print_ISBN
    978-0-7695-3329-2
  • Electronic_ISBN
    978-0-7695-3329-2
  • Type

    conf

  • DOI
    10.1109/SECURWARE.2008.53
  • Filename
    4622597
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2809647