{"title":"SIEM与LSA技术的威胁识别","authors":"Pavarit Dairinram, Damras Wongsawang, Pagaporn Pengsart","doi":"10.1109/ICON.2013.6781951","DOIUrl":null,"url":null,"abstract":"Security in the heterogeneous and complex network is very challenged for administrators. They need to handle with a lot of devices, and perform the task of protection and prevention plan for securing the network from the threats. The Security Information and Event Management (SIEM) is one of the most common tools that helps administrators to deal with current situation. It helps to manage and identify the threats. Moreover, it will initiate a proper an action to protect the network against the right threats and also generate a report for the administrators. However, the amount of threats is increasing rapidly, and the variation of threats is also another issue for identifying. The Latent Semantic Analysis (LSA) was proposed in this paper to help alleviate these problems. It would improve the performance by reducing the unnecessary noise in a huge data generated from devices. It is also used to detect a similar threat pattern relying on similarity between threats and events/logs. The experiments showed that LSA approach can help eliminating not significant data used in the threat identifying process without degradation of the accuracy.","PeriodicalId":219583,"journal":{"name":"2013 19th IEEE International Conference on Networks (ICON)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2013-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"7","resultStr":"{\"title\":\"SIEM with LSA technique for Threat identification\",\"authors\":\"Pavarit Dairinram, Damras Wongsawang, Pagaporn Pengsart\",\"doi\":\"10.1109/ICON.2013.6781951\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Security in the heterogeneous and complex network is very challenged for administrators. They need to handle with a lot of devices, and perform the task of protection and prevention plan for securing the network from the threats. The Security Information and Event Management (SIEM) is one of the most common tools that helps administrators to deal with current situation. It helps to manage and identify the threats. Moreover, it will initiate a proper an action to protect the network against the right threats and also generate a report for the administrators. However, the amount of threats is increasing rapidly, and the variation of threats is also another issue for identifying. The Latent Semantic Analysis (LSA) was proposed in this paper to help alleviate these problems. It would improve the performance by reducing the unnecessary noise in a huge data generated from devices. It is also used to detect a similar threat pattern relying on similarity between threats and events/logs. The experiments showed that LSA approach can help eliminating not significant data used in the threat identifying process without degradation of the accuracy.\",\"PeriodicalId\":219583,\"journal\":{\"name\":\"2013 19th IEEE International Conference on Networks (ICON)\",\"volume\":\"1 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2013-12-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"7\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2013 19th IEEE International Conference on Networks (ICON)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICON.2013.6781951\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2013 19th IEEE International Conference on Networks (ICON)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICON.2013.6781951","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Security in the heterogeneous and complex network is very challenged for administrators. They need to handle with a lot of devices, and perform the task of protection and prevention plan for securing the network from the threats. The Security Information and Event Management (SIEM) is one of the most common tools that helps administrators to deal with current situation. It helps to manage and identify the threats. Moreover, it will initiate a proper an action to protect the network against the right threats and also generate a report for the administrators. However, the amount of threats is increasing rapidly, and the variation of threats is also another issue for identifying. The Latent Semantic Analysis (LSA) was proposed in this paper to help alleviate these problems. It would improve the performance by reducing the unnecessary noise in a huge data generated from devices. It is also used to detect a similar threat pattern relying on similarity between threats and events/logs. The experiments showed that LSA approach can help eliminating not significant data used in the threat identifying process without degradation of the accuracy.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
