Extracting Attack Manifestations to Determine Log Data Requirements for Intrusion Detection

2005 ◽  
Author(s):  
E.L. Barse ◽  
E. Jonsson
Keyword(s):  
Intrusion Detection ◽  
Log Data ◽  
Data Requirements

Data Requirements for Process Learning

2013 ◽  
Vol 3 (1) ◽  
pp. 1-18 ◽  
Author(s):  
Johny Ghattas ◽  
Mor Peleg ◽  
Pnina Soffer ◽  
Yaron Denekamp
Keyword(s):  
Learning Process ◽  
Process Model ◽  
Process Management ◽  
Process Performance ◽  
Log Data ◽  
Clinical Process ◽  
Effective Learning ◽  
Process Learning ◽  
Data Requirements ◽  
Learning Data

Process flexibility and adaptability is essential in environments where the processes are prompt to changes and variations. Process learning is a possible approach for automatically discovering from process log data those process paths that yielded good outcomes and suggesting appropriate process model modifications to enhance future process performance in such environments. The authors discuss and establish the data requirements for process learning, applicable to clinical process management. Their discussion extends a previously established learning process model (LPM) by providing a formal set of data requirements which enables the authors to accomplish effective learning. Learning data requirements are illustrated by walking through the application of the LPM framework to a clinical process.

Importance of a Versatile Logging Tool for Behavioural Biometrics and Continuous Authentication Research

2017 ◽  
pp. 282-305
Author(s):  
Soumik Mondal ◽  
Patrick Bours ◽  
Lasse Johansen ◽  
Robin Stenvi ◽  
Magnus Øverbø
Keyword(s):  
Operating System ◽  
Intrusion Detection ◽  
High Precision ◽  
Sensitive Data ◽  
Log Data ◽  
Design And Implementation ◽  
Continuous Authentication ◽  
Behavioural Biometrics ◽  
Logging Tool

We present the design and implementation of a Windows operating system based logging tool, which can capture the keystroke, mouse, software interaction and hardware usage simultaneously and continuously. Log data can be stored locally or transmitted in a secure manner to a server. Filter drivers are used to log with high precision. Privacy of the users and confidentiality of sensitive data have been taken into account throughout the development of the tool. Our behaviour logging software is mainly designed for behavioural biometrics research, but its scope could also be beneficial to proactive forensics and intrusion detection. We show the validity of the tool in a study of keyboard and mouse data uses for continuous authentication.

Guidance for Selecting Data Collection Mechanisms for Intrusion Detection

2015 ◽  
pp. 340-370
Author(s):  
Ulf Larson ◽  
Erland Jonsson ◽  
Stefan Lindskog
Keyword(s):  
Data Collection ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
Log Data ◽  
Detailed Explanation ◽  
Generic Data ◽  
Efficient Data ◽  
Efficient Data Collection

This chapter aims at providing a clear and concise picture of data collection for intrusion detection. It provides a detailed explanation of generic data collection mechanism components and the interaction with the environment, from initial triggering to output of log data records. Taxonomies of mechanism characteristics and deployment considerations are provided and discussed. Furthermore, guidelines and hints for mechanism selection and deployment are provided. Finally, this chapter presents a set of strategies for determining what data to collect, and it also discusses some of the challenges in the field. An appendix providing a classification of 50 studied mechanisms is also provided. This chapter aims at assisting intrusion detection system developers, designers, and operators in selecting mechanisms for resource-efficient data collection.

scholarly journals Klasifikasi Data Log Intrusion Detection Sistem (Ids) Dengan Decision Tree C4.5

2019 ◽  
Vol 1 (2) ◽  
pp. 143-153
Author(s):  
Thifal Baraas ◽  
Akbar Juliansyah ◽  
Ahmad Ashril Rizal
Keyword(s):  
Data Mining ◽  
Intrusion Detection ◽  
Decision Tree ◽  
Detection System ◽  
The Internet ◽  
Log Data ◽  
Internet Users ◽  
C4.5 Algorithm ◽  
Decision Tree Method ◽  
Data Log

Abstrak Browsing atau kegiatan menjelajahi internet menjadi salah satu aktivitas yang sering dilakukan pada zaman kini. Baik anak-anak hingga orang dewasa menjadi pengguna internet. Akan tetapi para pengguna internet tidak mengetahui jika internet juga bisa menjadi ancaman terutama adanya serangan-serangan yang menyerang sistem keamanan jaringan. Untuk mendeteksi adanya aktivitas yang mencurigakan yang melalui jaringan dibutuhkan bantuan dari IDS (Intrusion Detection Sistem). Ketika terjadi banyak serangan yang masuk, IDS tidak bisa menanganinya secara akurat, hal ini mengakibatkan aktivitas normal di dalam jaringan bisa dianggap sebagai serangan dari hacker atau sebaliknya. Data mining adalah prses yang digunakan untuk menemukan hubungan dari data-data untuk mendapatkan sebuah kesimpulan dari data tersebut. Algoritma C4.5 merupakan salah satu algoritma yang digunakan untuk membuat pohon keputusan. Metode pohon keputusan mengubah fakta yang sangat besar menjadi pohon keputusan yang merepresentasikan aturan. Aturan dapat dengan mudah dipahami dengan bahasa alami. Dengan mengklasifikasi data log IDS dengan algoritma C4.5 dapat mengurangi terjadinya kesalahan IDS dalam menentukan aktivitas yang termasuk serangan atau bukan. Hasil penelitian menunjukkan data log IDS dapat diklasifikasikan dengan algoritma C4.5 dengan tingkat akurasi model adalah 96.371% yang membuktikan bahwa model ini dapat digunakan dalam menentukan aktivitas yang termasuk serangan atau bukan. Abstract Browsing or surfing the internet is one of the activities that are often done today. Both children and adults become internet users. However, internet users do not know the internet can also be a threat, especially the attacks that attack the network security system. To detect suspicious activity through the network, assistance from IDS (Intrusion Detection System) is needed. When there are many incoming attacks, IDS cannot handle it accurately, this results in normal activities on the network can be considered as an attack from hackers or vice versa. Data mining is a process used to find relationships from data to get a conclusion from that data. C4.5 algorithm is one algorithm used to make a decision tree. The decision tree method converts very large facts into decision trees that represent rules. Rules can be easily understood with natural language. By classifying the IDS log data with the C4.5 algorithm it can reduce the occurrence of IDS errors in determining which activities are included or not. The results showed the IDS log data can be classified with the C4.5 algorithm with a 96.371% accuracy rate of the model which proves that this model can be used in determining activities that are included as attacks or not.

A Structured Approach to Selecting Data Collection Mechanisms for Intrusion Detection

2011 ◽  
pp. 1-39
Author(s):  
Ulf E. Larson ◽  
Erland Jonsson ◽  
Stefan Lindskog
Keyword(s):  
Data Collection ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
Log Data ◽  
Detailed Explanation ◽  
Generic Data ◽  
Efficient Data ◽  
Structured Approach ◽  
Efficient Data Collection

This chapter aims at providing a clear and concise picture of data collection for intrusion detection. It provides a detailed explanation of generic data collection mechanism components and the interaction with the environment, from initial triggering to output of log data records. Taxonomies of mechanism characteristics and deployment considerations are provided and discussed. Furthermore, guidelines and hints for mechanism selection and deployment are provided. The guidelines are aimed to assist intrusion detection system developers, designers, and operators in selecting mechanisms for resource efficient data collection.

Postmarketing Surveillance Based on Electronic Patient Records: The IPCI Project

1999 ◽  
Vol 38 (04/05) ◽  
pp. 339-344 ◽  
Author(s):  
J. van der Lei ◽  
B. M. Th. Mosseveld ◽  
M. A. M. van Wijk ◽  
P. D. van der Linden ◽  
M. C. J. M. Sturkenboom ◽  
...  
Keyword(s):  
General Practitioner ◽  
General Practitioners ◽  
Validation Studies ◽  
Resource Planning ◽  
Routine Practice ◽  
Patient Records ◽  
Postmarketing Surveillance ◽  
Electronic Patient Records ◽  
Use Of Data ◽  
Data Requirements

AbstractResearchers claim that data in electronic patient records can be used for a variety of purposes including individual patient care, management, and resource planning for scientific research. Our objective in the project Integrated Primary Care Information (IPCI) was to assess whether the electronic patient records of Dutch general practitioners contain sufficient data to perform studies in the area of postmarketing surveillance studies. We determined the data requirements for postmarketing surveil-lance studies, implemented additional software in the electronic patient records of the general practitioner, developed an organization to monitor the use of data, and performed validation studies to test the quality of the data. Analysis of the data requirements showed that additional software had to be installed to collect data that is not recorded in routine practice. To avoid having to obtain informed consent from each enrolled patient, we developed IPCI as a semianonymous system: both patients and participating general practitioners are anonymous for the researchers. Under specific circumstances, the researcher can contact indirectly (through a trusted third party) the physician that made the data available. Only the treating general practitioner is able to decode the identity of his patients. A Board of Supervisors predominantly consisting of participating general practitioners monitors the use of data. Validation studies show the data can be used for postmarketing surveillance. With additional software to collect data not normally recorded in routine practice, data from electronic patient record of general practitioners can be used for postmarketing surveillance.

ANALISA POTENSI MINYAK DAN GAS BUMI DENGAN ATRIBUT SEISMIK PADA BATUAN KARBONAT LAPANGAN *ZEFARA* CEKUNGAN SUMATRA SELATAN

KURVATEK ◽  
2017 ◽  
Vol 1 (2) ◽  
pp. 21-31
Author(s):  
Fatimah Miharno
Keyword(s):  
Instantaneous Frequency ◽  
Carbonate Reservoir ◽  
Control Analysis ◽  
High Porosity ◽  
Hydrocarbon Accumulation ◽  
Seismic Attribute ◽  
Data Set ◽  
Log Data ◽  
Low Amplitude ◽  
Rms Amplitude

ABSTRACT*Zefara* Field formation Baturaja on South Sumatra Basin is a reservoir carbonate and prospective gas. Data used in this research were 3D seismik data, well logs, and geological information. According to geological report known that hidrocarbon traps in research area were limestone lithological layer as stratigraphical trap and faulted anticline as structural trap. The study restricted in effort to make a hydrocarbon accumulation and a potential carbonate reservoir area maps with seismic attribute. All of the data used in this study are 3D seismic data set, well-log data and check-shot data. The result of the analysis are compared to the result derived from log data calculation as a control analysis. Hydrocarbon prospect area generated from seismic attribute and are divided into three compartments. The seismic attribute analysis using RMS amplitude method and instantaneous frequency is very effective to determine hydrocarbon accumulation in *Zefara* field, because low amplitude from Baturaja reservoir. Low amplitude hints low AI, determined high porosity and high hydrocarbon contact (HC).  Keyword: Baturaja Formation, RMS amplitude seismic attribute, instantaneous frequency seismic attribute

Sign in / Sign up

Export Citation Format

Share Document