Towards a Systematic Process-aware Behavioral Analysis for Security

Laura Genga, Nicola Zannone

2018

Abstract

Nowadays, security is a key concern for organizations. An increasingly popular solution to enhance security in organizational settings is the adoption of anomaly detection systems. These systems raise an alert when an abnormal behavior is detected, upon which proper measures have to be taken. A well-known drawback of these solutions is that the underlying detection engine is a black box, i.e., the behavioral profiles used for detections are encoded in some mathematical model that is challenging to understand for human analysts or, in some cases, is not even accessible. Therefore, anomaly detection systems often fail in supporting analysts in understanding what is happening in the system and how to respond to detected security threats. In this work, we investigate the use of process analysis techniques to build behavioral models understandable by human analysts. We also delineate a systematic methodology for process-aware behaviors analysis and discuss the findings obtained by applying such a methodology to a real-world event log.

Download


Paper Citation


in Harvard Style

Genga L. and Zannone N. (2018). Towards a Systematic Process-aware Behavioral Analysis for Security.In Proceedings of the 15th International Joint Conference on e-Business and Telecommunications - Volume 2: BASS, ISBN 978-989-758-319-3, pages 460-469. DOI: 10.5220/0006944604600469


in Bibtex Style

@conference{bass18,
author={Laura Genga and Nicola Zannone},
title={Towards a Systematic Process-aware Behavioral Analysis for Security},
booktitle={Proceedings of the 15th International Joint Conference on e-Business and Telecommunications - Volume 2: BASS,},
year={2018},
pages={460-469},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0006944604600469},
isbn={978-989-758-319-3},
}


in EndNote Style

TY - CONF

JO - Proceedings of the 15th International Joint Conference on e-Business and Telecommunications - Volume 2: BASS,
TI - Towards a Systematic Process-aware Behavioral Analysis for Security
SN - 978-989-758-319-3
AU - Genga L.
AU - Zannone N.
PY - 2018
SP - 460
EP - 469
DO - 10.5220/0006944604600469