| IEICE Technical Committee Submission System Conference Paper's Information |
Online Proceedings [Sign in] Tech. Rep. Archives |
| Go Top Page | Go Previous | [Japanese] / [English] |
| Paper Abstract and Keywords | ||
| Presentation | 2015-03-03 15:15 A Pluggable and Programmable Flamework for Analyzing Security Logs Yu Tsuda, Takashi Tomine, Masaki Kamizono, Masashi Eto, Daisuke Inoue (NICT)  ICSS2014-68 |
|
| Abstract | (in Japanese) | (See Japanese page) |
| (in English) | SIEM (Security Information and Event Management) systems can unify a lot of security logs from various security appliances. The systems encourage users to analyze security logs, to visualize them and to create incident reports. Therefore, they enable security operators to respond to security incidents. On the other hands, the SIEM systems discourage users to implement novel algorisms for analyzing security logs because almost all SIEM systems don't have customizable features on the core. In addition, even if the users try to implement their own log-analysis engines, it will not be easy. In this paper, we propose a software framework which supports users to implement own log-analysis engines, which can analyze various security logs. Our framework has basic functions for implementing log-analysis engines. And, the engines consist of some log-analysis plugins, which are selected by users. Then, users can implement log-analysis engines written in DSL (Domain Specific Language). Furthermore, our framework is highly customizable since users can implement new log-analysis plugins by themselves with the convention for implementing plugins. | |
| Keyword | (in Japanese) | (See Japanese page) |
| (in English) | Countermeasure of Cyber Attacks / Log Analysis / SIEM / / / / / | |
| Reference Info. | IEICE Tech. Rep., vol. 114, no. 489, ICSS2014-68, pp. 31-36, March 2015. | |
| Paper # | ICSS2014-68 | |
| Date of Issue | 2015-02-24 (ICSS) | |
| ISSN | Print edition: ISSN 0913-5685 Online edition: ISSN 2432-6380 | |
| Copyright and reproduction |
All rights are reserved and no part of this publication may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopy, recording, or any information storage and retrieval system, without permission in writing from the publisher. Notwithstanding, instructors are permitted to photocopy isolated articles for noncommercial classroom use without fee. (License No.: 10GA0019/12GB0052/13GB0056/17GB0034/18GB0034) | |
| Download PDF | ICSS2014-68 |
|
| Conference Information | |
| Committee | ICSS |
| Conference Date | 2015-03-03 - 2015-03-04 |
| Place (in Japanese) | (See Japanese page) |
| Place (in English) | Meio Univiersity |
| Topics (in Japanese) | (See Japanese page) |
| Topics (in English) | Communication Security, etc. |
| Paper Information | |
| Registration To | ICSS |
| Conference Code | 2015-03-ICSS |
| Language | Japanese |
| Title (in Japanese) | (See Japanese page) |
| Sub Title (in Japanese) | (See Japanese page) |
| Title (in English) | A Pluggable and Programmable Flamework for Analyzing Security Logs |
| Sub Title (in English) | |
| Keyword(1) | Countermeasure of Cyber Attacks |
| Keyword(2) | Log Analysis |
| Keyword(3) | SIEM |
| Keyword(4) | |
| Keyword(5) | |
| Keyword(6) | |
| Keyword(7) | |
| Keyword(8) | |
| 1st Author's Name | Yu Tsuda |
| 1st Author's Affiliation | National Institute of Information and Communications Technology (NICT) |
| 2nd Author's Name | Takashi Tomine |
| 2nd Author's Affiliation | National Institute of Information and Communications Technology (NICT) |
| 3rd Author's Name | Masaki Kamizono |
| 3rd Author's Affiliation | National Institute of Information and Communications Technology (NICT) |
| 4th Author's Name | Masashi Eto |
| 4th Author's Affiliation | National Institute of Information and Communications Technology (NICT) |
| 5th Author's Name | Daisuke Inoue |
| 5th Author's Affiliation | National Institute of Information and Communications Technology (NICT) |
| 6th Author's Name | |
| 6th Author's Affiliation | () |
| 7th Author's Name | |
| 7th Author's Affiliation | () |
| 8th Author's Name | |
| 8th Author's Affiliation | () |
| 9th Author's Name | |
| 9th Author's Affiliation | () |
| 10th Author's Name | |
| 10th Author's Affiliation | () |
| 11th Author's Name | |
| 11th Author's Affiliation | () |
| 12th Author's Name | |
| 12th Author's Affiliation | () |
| 13th Author's Name | |
| 13th Author's Affiliation | () |
| 14th Author's Name | |
| 14th Author's Affiliation | () |
| 15th Author's Name | |
| 15th Author's Affiliation | () |
| 16th Author's Name | |
| 16th Author's Affiliation | () |
| 17th Author's Name | |
| 17th Author's Affiliation | () |
| 18th Author's Name | |
| 18th Author's Affiliation | () |
| Speaker | Author-1 |
| Date Time | 2015-03-03 15:15:00 |
| Presentation Time | 25 minutes |
| Registration for | ICSS |
| Paper # | ICSS2014-68 |
| Volume (vol) | vol.114 |
| Number (no) | no.489 |
| Page | pp.31-36 |
| #Pages | 6 |
| Date of Issue | 2015-02-24 (ICSS) |
[Return to Top Page]