Publication Type:

Conference Paper

Source:

Fourth International Conference on Advances in Computing and Communications (ICACC), 2014, IEEE (2014)

ISBN:

9781479943647

URL:

ieeexplore.ieee.org/xpls/abs_all.jsp?arnumber=6906021

Keywords:

CEP, Esper, Network security, Risk taxonomy, Sys log

Abstract:

Network security refers to any activity designed to protect the network. These activities intend to protect the usability, reliability, and safety of network and data. Effective network security targets a variety of threats and stops them from entering or spreading on network. In network security, Complex Event Processing (CEP) system can be used for correlating events across different security devices and applications for complicated attack detection and response. The events will be recorded in sys log files. There will be millions of events generated by each security device. Hence, the CEP engine has to process massive amount of logs. We describe a method for pre-processing the vast input to extract relevant data, the CEP engine shall be concerned about. The CEP engine which we used in this system is ESPER. The sys log is preprocessed based on risk taxonomy. Risk taxonomy is built in a hierarchical structure with respect to the attacks the CEP is looking for.

Cite this Research Publication

K. Jayan and Rajan, A. K., “Preprocessor for Complex Event Processing System in Network Security”, in Fourth International Conference on Advances in Computing and Communications (ICACC), 2014, 2014.

207
PROGRAMS
OFFERED
5
AMRITA
CAMPUSES
15
CONSTITUENT
SCHOOLS
A
GRADE BY
NAAC, MHRD
9th
RANK(INDIA):
NIRF 2017
150+
INTERNATIONAL
PARTNERS