Log Analysis in Cyber Threat Detection

Thumbnail Image
Date
2020-01-01
Authors
Awotipe, Oluwaseun
Major Professor
Jacobson Douglas
Advisor
Committee Member
Journal Title
Journal ISSN
Volume Title
Publisher
Authors
Research Projects
Organizational Units
Journal Issue
Is Version Of
Versions
Series
Department
Electrical and Computer Engineering
Abstract

Many organizations have good and well-trained staff that run networks that is well-designed with nicely structured procedures and security policies. However, they are still experiencing threatening situations consistently, as result of some worker's defect or unfavorable circumstances and malicious intent. Hackers are consistently creating new complex way of breaching corporate information systems, and organizations need to protect their data, networks and systems in more reliable and effective ways, the most accurate, potent and effective tools in good security portfolio include incident and audit logs generated by networked devices. However, some organizations comprehend what sort of devices to screen and monitor, what data to catch, or how to appropriately assess the data. Also, a few people have the assets and resources required to keep steady over work.

This paper will walk you through the basic premise of log analysis - why it is important, what it can tell you and how to do it. I will talk about the five essential elements of a successful log analysis process, its application to monitoring performance, in continuous process monitoring and security (threat hunting and detection) with commercially available solutions, and open with a lot of rules with Source Solutions and compliance laws

Comments
Description
Keywords
Citation
DOI
Source
Copyright
Wed Jan 01 00:00:00 UTC 2020