• DocumentCode
    599393
  • Title

    Semantic hedgehog for log analysis

  • Author

    Wiley, Jeffrey J. ; Coyle, F.P.

  • Author_Institution
    Lyle Sch. of Eng., Southern Methodist Univ., Dallas, TX, USA
  • fYear
    2012
  • fDate
    10-12 Dec. 2012
  • Firstpage
    748
  • Lastpage
    752
  • Abstract
    Computer system log analysis should proactively support information security decisions of all types. These security decisions will likely include whether to update configurations, close ports, block access, patch systems, maneuver the system elements, or to do nothing because the risk is acceptable. In a world with Big Data, and a heterogeneous, distributed enterprise, log analysis can be difficult at best. There is so much data from a multitude of logs (e.g. event, application, and security) within the enterprise. On top of that, enterprises have varying configurations based on hardware, software, current patch level, and operating systems. Logs must track all of this data on all of these devices. The authors suggest that semantic technologies hold one key to providing a capability for proactive, and more meaningful, log analysis.
  • Keywords
    business data processing; data analysis; security of data; Big Data; block access decision; close port decision; computer system log analysis; distributed enterprise; information security decision; patch system decision; semantic hedgehog; semantic technology; update configuration decision; Correlation; Engines; Security; proactive defense; semantic web; syslog; triples;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Internet Technology And Secured Transactions, 2012 International Conference for
  • Conference_Location
    London
  • Print_ISBN
    978-1-4673-5325-0
  • Type

    conf

  • Filename
    6470918