Abstract
References
- 1. Jansen, B. J., Spink, A., & Taksai, I. (2009). Handbook of research on web log analysis. London: Information Science Reference.
- 2. T.C. Resm Gazete. Retrieved from https://www.resmigazete.gov.tr/eskiler/2007/11/20071130-6.htm, Aralık, 2019.
- 3. Miller, D. (2011). Security information and event management (SIEM) implementation. McGraw-Hill.
- 4. AlSabbagh, B., & Kowalski, S. (2016, August). A Framework and Prototype for A Socio-Technical Security Information and Event Management System (ST-SIEM). In 2016 European Intelligence and Security Informatics Conference (EISIC) (pp. 192-195). IEEE.
- 5. Deliang, C., Xing, L., & Qianli, Z. (2016, May). A comparative study on user characteristics of fixed and wireless network based on DHCP. In 2016 IEEE Information Technology, Networking, Electronic and Automation Control Conference (pp. 327-330). IEEE.
- 6. Schleburg, M., Christiansen, L., Thornhill, N. F., & Fay, A. (2013). A combined analysis of plant connectivity and alarm logs to reduce the number of alerts in an automation system. Journal of process control, 23(6), 839-851.
- 7. Ambre, A., & Shekokar, N. (2015). Insider threat detection using log analysis and event correlation. Procedia Computer Science, 45, 436-445.
- 8. Li, T., & Yan, L. (2017, June). Siem based on big data analysis. In International Conference on Cloud Computing and Security (pp. 167-175). Springer, Cham.
Abstract
Log files keep activity records of each process performed have an important place in terms of security. Systems that provide infrastructure for applications such as network security mainly work on log management. Recently, when the security mechanisms of popular applications are examined, it has been observed that they aim to strengthen their infrastructures with machine learning (ML) methods, but in some respects, they have shortcomings. In this study, we aim to develop an alarm and security reporting system using ML methods. Our study differs from the others since it considers five separate feature (IP reputation, web reputation, malware destination access, botnet) and includes them into ML model.
References
- 1. Jansen, B. J., Spink, A., & Taksai, I. (2009). Handbook of research on web log analysis. London: Information Science Reference.
- 2. T.C. Resm Gazete. Retrieved from https://www.resmigazete.gov.tr/eskiler/2007/11/20071130-6.htm, Aralık, 2019.
- 3. Miller, D. (2011). Security information and event management (SIEM) implementation. McGraw-Hill.
- 4. AlSabbagh, B., & Kowalski, S. (2016, August). A Framework and Prototype for A Socio-Technical Security Information and Event Management System (ST-SIEM). In 2016 European Intelligence and Security Informatics Conference (EISIC) (pp. 192-195). IEEE.
- 5. Deliang, C., Xing, L., & Qianli, Z. (2016, May). A comparative study on user characteristics of fixed and wireless network based on DHCP. In 2016 IEEE Information Technology, Networking, Electronic and Automation Control Conference (pp. 327-330). IEEE.
- 6. Schleburg, M., Christiansen, L., Thornhill, N. F., & Fay, A. (2013). A combined analysis of plant connectivity and alarm logs to reduce the number of alerts in an automation system. Journal of process control, 23(6), 839-851.
- 7. Ambre, A., & Shekokar, N. (2015). Insider threat detection using log analysis and event correlation. Procedia Computer Science, 45, 436-445.
- 8. Li, T., & Yan, L. (2017, June). Siem based on big data analysis. In International Conference on Cloud Computing and Security (pp. 167-175). Springer, Cham.
Details
| Primary Language | English |
|---|---|
| Subjects | Engineering |
| Journal Section | Research Articles |
| Authors | |
| Publication Date | April 22, 2020 |
| Acceptance Date | March 30, 2020 |
| Published in Issue | Year 2020 Volume: 2 Issue: 1 |
This work is licensed under a Creative Commons Attribution 4.0 International License