Title :
Designing a fast log-tracing scheme for targeted attack prevention
Author :
Suzuki, Takuya ; Ikeda, Koki ; Kietkaroon, Pichaya ; Murayama, Junichi ; Hamada, Takahiro ; Murata, Yuichi
Author_Institution :
Sch. of Inf. & Telecommun. Eng., Tokai Univ., Tokai, Japan
Abstract :
In this paper, we design a fast log-tracing scheme for preventing targeted attacks to enterprise information networks. In these attacks, confidential data leak through application gateways. In order to detect such leakage, a network management server collects multiple logs. Then a gateway traces them to check whether the forwarding data is confidential or not. In the conventional basic scheme, this check will require long processing time if log volume becomes large. In our proposed scheme, at first, multiple logs are preprocessed offline to form a black list. A gateway checks a file to be forwarded online using this black list. The evaluation results show that the tracing time can be shortened to one severalth by means of our proposed scheme.
Keywords :
business data processing; internetworking; security of data; system monitoring; application gateways; confidential data; data leakage; enterprise information networks; log-tracing scheme; network management server; targeted attack prevention; File servers; Internet; Logic gates; Malware; Servers; SIEM; enterprise information network; information leakage; log analysis; targeted attack;
Conference_Titel :
Information and Telecommunication Technologies (APSITT), 2015 10th Asia-Pacific Symposium on
Conference_Location :
Colombo
DOI :
10.1109/APSITT.2015.7217111
