Spelling suggestions: "subject:"2security analytics"" "subject:"2security dialytics""
1 |
Analyzing Small Businesses' Adoption of Big Data Security AnalyticsMathias, Henry 01 January 2019 (has links)
Despite the increased cost of data breaches due to advanced, persistent threats from malicious sources, the adoption of big data security analytics among U.S. small businesses has been slow. Anchored in a diffusion of innovation theory, the purpose of this correlational study was to examine ways to increase the adoption of big data security analytics among small businesses in the United States by examining the relationship between small business leaders' perceptions of big data security analytics and their adoption. The research questions were developed to determine how to increase the adoption of big data security analytics, which can be measured as a function of the user's perceived attributes of innovation represented by the independent variables: relative advantage, compatibility, complexity, observability, and trialability. The study included a cross-sectional survey distributed online to a convenience sample of 165 small businesses. Pearson correlations and multiple linear regression were used to statistically understand relationships between variables. There were no significant positive correlations between relative advantage, compatibility, and the dependent variable adoption; however, there were significant negative correlations between complexity, trialability, and the adoption. There was also a significant positive correlation between observability and the adoption. The implications for positive social change include an increase in knowledge, skill sets, and jobs for employees and increased confidentiality, integrity, and availability of systems and data for small businesses. Social benefits include improved decision making for small businesses and increased secure transactions between systems by detecting and eliminating advanced, persistent threats.
|
2 |
Architecture and design requirements forEnterprise Security Monitoring Platform : Addressing security monitoring challenges in the financial services industryWierzbieniec, Gabriel January 2018 (has links)
Security Monitoring Platform (SMP) represents multiple detective controls applied inthe enterprise to protect against cyberattacks. Building SMP is a challenging task, as itconsists of multiple systems that require integration. This paper introduces a framework thatcompiles various aspects of Security Monitoring and presents respective requirements sets.SMP framework provides guidance for establishing a risk-based detection platform,augmented with automation, threat intelligence and analytics capabilities. It provides morebroad view on the problem of Security Monitoring in the enterprise context and can assist inthe platform creation. The proposed solution has been built using Design Science ResearchMethodology and contains of twenty requirements for building SMP. Expert evaluation andcomparison with similar frameworks show potential value in holistic approach to the problem,as well as indicate the need for further research.
|
3 |
Security Analytics: Using Deep Learning to Detect Cyber AttacksLambert, Glenn M, II 01 January 2017 (has links)
Security attacks are becoming more prevalent as cyber attackers exploit system vulnerabilities for financial gain. The resulting loss of revenue and reputation can have deleterious effects on governments and businesses alike. Signature recognition and anomaly detection are the most common security detection techniques in use today. These techniques provide a strong defense. However, they fall short of detecting complicated or sophisticated attacks. Recent literature suggests using security analytics to differentiate between normal and malicious user activities.
The goal of this research is to develop a repeatable process to detect cyber attacks that is fast, accurate, comprehensive, and scalable. A model was developed and evaluated using several production log files provided by the University of North Florida Information Technology Security department. This model uses security analytics to complement existing security controls to detect suspicious user activity occurring in real time by applying machine learning algorithms to multiple heterogeneous server-side log files. The process is linearly scalable and comprehensive; as such it can be applied to any enterprise environment. The process is composed of three steps. The first step is data collection and transformation which involves identifying the source log files and selecting a feature set from those files. The resulting feature set is then transformed into a time series dataset using a sliding time window representation. Each instance of the dataset is labeled as green, yellow, or red using three different unsupervised learning
methods, one of which is Partitioning around Medoids (PAM). The final step uses Deep Learning to train and evaluate the model that will be used for detecting abnormal or suspicious activities. Experiments using datasets of varying sizes of time granularity resulted in a very high accuracy and performance. The time required to train and test the model was surprisingly fast even for large datasets. This is the first research paper that develops a model to detect cyber attacks using security analytics; hence this research builds a foundation on which to expand upon for future research in this subject area.
|
Page generated in 0.0364 seconds