PAPERS
To return to the "Published Papers" main page, click here.
THE EIGHTH INTERNATIONAL CONFERENCE ON FORENSIC COMPUTER SCIENCE - ICoFCS 2013
Print ISBN 978-85-65069-09-9, pages 27-32
DOI: 10.5769/C2013004 and http://dx.doi.org/10.5769/C2013004
Analyzing Targeted Attacks using Hadoop applied to Forensic Investigation
By Parth Bhatt and Edgar Toshiro Yano
To download this paper, click here.
Print ISBN 978-85-65069-09-9, pages 27-32
DOI: 10.5769/C2013004 and http://dx.doi.org/10.5769/C2013004
Analyzing Targeted Attacks using Hadoop applied to Forensic Investigation
By Parth Bhatt and Edgar Toshiro Yano
To download this paper, click here.
ABSTRACT
Conventional intrusion detection and prevention technologies are mostly based to work on traditional methodologies to detect malicious events while, mining on a midsized log data. In recent years, we have seen the evolution of sophisticated targeted attacks by well trained adversaries exhibiting multiyear intrusions; therefore existing security toolsets have become insufficient for analysing intrusions performed by these adversaries with necessary speeds and agility. Dealing with such sophisticated attacks requires working with huge volume of multiyear security log data. Big Data technologies, such as Hadoop, enable the analysis of large and unstructured data sources, therefore , In this paper we propose our framework based on Hadoop for dealing with Intrusions performed by Targeted threat adversaries, using concept of
KEYWORDS
Targeted threats; Hadoop; intrusion kill chain.
Conventional intrusion detection and prevention technologies are mostly based to work on traditional methodologies to detect malicious events while, mining on a midsized log data. In recent years, we have seen the evolution of sophisticated targeted attacks by well trained adversaries exhibiting multiyear intrusions; therefore existing security toolsets have become insufficient for analysing intrusions performed by these adversaries with necessary speeds and agility. Dealing with such sophisticated attacks requires working with huge volume of multiyear security log data. Big Data technologies, such as Hadoop, enable the analysis of large and unstructured data sources, therefore , In this paper we propose our framework based on Hadoop for dealing with Intrusions performed by Targeted threat adversaries, using concept of
KEYWORDS
Targeted threats; Hadoop; intrusion kill chain.
