Publication: SIEM with LSA technique for Threat identification
Issued Date
2013-01-01
Resource Type
ISSN
15566463
Other identifier(s)
2-s2.0-84899449149
Rights
Mahidol University
Rights Holder(s)
SCOPUS
Bibliographic Citation
IEEE International Conference on Networks, ICON. (2013)
Suggested Citation
Pavarit Dairinram, Damras Wongsawang, Pagaporn Pengsart SIEM with LSA technique for Threat identification. IEEE International Conference on Networks, ICON. (2013). doi:10.1109/ICON.2013.6781951 Retrieved from: https://repository.li.mahidol.ac.th/handle/123456789/31654
Research Projects
Organizational Units
Authors
Journal Issue
Thesis
Title
SIEM with LSA technique for Threat identification
Other Contributor(s)
Abstract
Security in the heterogeneous and complex network is very challenged for administrators. They need to handle with a lot of devices, and perform the task of protection and prevention plan for securing the network from the threats. The Security Information and Event Management (SIEM) is one of the most common tools that helps administrators to deal with current situation. It helps to manage and identify the threats. Moreover, it will initiate a proper an action to protect the network against the right threats and also generate a report for the administrators. However, the amount of threats is increasing rapidly, and the variation of threats is also another issue for identifying. The Latent Semantic Analysis (LSA) was proposed in this paper to help alleviate these problems. It would improve the performance by reducing the unnecessary noise in a huge data generated from devices. It is also used to detect a similar threat pattern relying on similarity between threats and events/logs. The experiments showed that LSA approach can help eliminating not significant data used in the threat identifying process without degradation of the accuracy. © 2013 IEEE.