Publication Type:

Conference Paper

Source:

International Conference on Advances in Computing, Communications and Informatics ICACCI, 2014 , IEEE, Noida (2014)

ISBN:

9781479930784

URL:

http://ieeexplore.ieee.org/xpls/abs_all.jsp?arnumber=6968471&tag=1

Keywords:

Complex Event Processing, Log data, Network security, Security attacks, Security devices, SVM

Abstract:

Internet is growing very rapidly; so is its security issues. There are a wide variety of attacks possible in networked machines. DOS attack, buffer overflow attack, cross site attack, DNS exploit attack are a few to name. Without security measures and controls in place, network and data might be subjected to attacks. The commonly deployed security devices are firewall, IDS, IPS, anti-virus etc. Potential number of threats is still pervading which are formulated as attacks by combining many unnoticed primitive events. The best solution is to install a Complex Event Processing (CEP) system which can analyze multiple devices to infer attack patterns. Log information of network devices is the best choice for analysis. In a large network, there will be millions of events logged. Correlated analysis of this huge volume of log is the main challenge in Complex Event Processing (CEP) system. We describe a method to reduce the input to the Complex Event Processing (CEP) system, using Support Vector Machine (SVM) classifier. Our experiment shows that the input size can be considerably reduce using the classifier. Hence improves the working of Complex Event Processing (CEP) system.

Cite this Research Publication

K. Jayan and Rajan, A. K., “Sys-log classifier for Complex Event Processing system in network security”, in International Conference on Advances in Computing, Communications and Informatics ICACCI, 2014 , Noida, 2014.

207
PROGRAMS
OFFERED
5
AMRITA
CAMPUSES
15
CONSTITUENT
SCHOOLS
A
GRADE BY
NAAC, MHRD
9th
RANK(INDIA):
NIRF 2017
150+
INTERNATIONAL
PARTNERS