{"title":"面向大数据网络安全分析的架构驱动适应方法","authors":"Faheem Ullah, M. Babar","doi":"10.1109/ICSA.2019.00013","DOIUrl":null,"url":null,"abstract":"Big Data Cyber Security Analytics (BDCA) systems leverage big data technologies (e.g., Hadoop and Spark) for collecting, storing, and analyzing large volume of security event data to detect cyber-attacks. Accuracy and response time are the two most important quality concerns for BDCA systems. However, the frequent changes in the operating environment of a BDCA system (such as quality and quantity of security event data) significantly impact these qualities. In this paper, we first study the impact of such environmental changes. We then present ADABTics, an architecture-driven adaptation approach that (re)composes the system at runtime with a set of components to ensure optimal accuracy and response time. We finally evaluate our approach both in a single node and multinode settings using a Hadoop-based BDCA system and different adaptation scenarios. Our evaluation shows that on average ADABTics improves BDCA's accuracy and response time by 6.06% and 23.7% respectively.","PeriodicalId":426352,"journal":{"name":"2019 IEEE International Conference on Software Architecture (ICSA)","volume":"139 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2019-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":"{\"title\":\"An Architecture-Driven Adaptation Approach for Big Data Cyber Security Analytics\",\"authors\":\"Faheem Ullah, M. Babar\",\"doi\":\"10.1109/ICSA.2019.00013\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Big Data Cyber Security Analytics (BDCA) systems leverage big data technologies (e.g., Hadoop and Spark) for collecting, storing, and analyzing large volume of security event data to detect cyber-attacks. Accuracy and response time are the two most important quality concerns for BDCA systems. However, the frequent changes in the operating environment of a BDCA system (such as quality and quantity of security event data) significantly impact these qualities. In this paper, we first study the impact of such environmental changes. We then present ADABTics, an architecture-driven adaptation approach that (re)composes the system at runtime with a set of components to ensure optimal accuracy and response time. We finally evaluate our approach both in a single node and multinode settings using a Hadoop-based BDCA system and different adaptation scenarios. Our evaluation shows that on average ADABTics improves BDCA's accuracy and response time by 6.06% and 23.7% respectively.\",\"PeriodicalId\":426352,\"journal\":{\"name\":\"2019 IEEE International Conference on Software Architecture (ICSA)\",\"volume\":\"139 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2019-03-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"3\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2019 IEEE International Conference on Software Architecture (ICSA)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICSA.2019.00013\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2019 IEEE International Conference on Software Architecture (ICSA)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICSA.2019.00013","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
An Architecture-Driven Adaptation Approach for Big Data Cyber Security Analytics
Big Data Cyber Security Analytics (BDCA) systems leverage big data technologies (e.g., Hadoop and Spark) for collecting, storing, and analyzing large volume of security event data to detect cyber-attacks. Accuracy and response time are the two most important quality concerns for BDCA systems. However, the frequent changes in the operating environment of a BDCA system (such as quality and quantity of security event data) significantly impact these qualities. In this paper, we first study the impact of such environmental changes. We then present ADABTics, an architecture-driven adaptation approach that (re)composes the system at runtime with a set of components to ensure optimal accuracy and response time. We finally evaluate our approach both in a single node and multinode settings using a Hadoop-based BDCA system and different adaptation scenarios. Our evaluation shows that on average ADABTics improves BDCA's accuracy and response time by 6.06% and 23.7% respectively.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
