Abstract
Performing both security vulnerability assessment and configuration processes are heavily reliant on expert knowledge. This requirement often results in many systems being left insecure due to a lack of analysis expertise and access to specialist resources. It has long been known that a system's event log provides historical information depicting potential security threats, as well as recording configuration activities. In this paper, a novel technique is developed that can process security event logs on a computer that has been assessed and configured by a security professional, and autonomously establish causality amongst event log entries to learn performed configuration tasks. This extracted knowledge can then be exploited by non-professionals to plan steps that can improve the security of a previously unseen system
| Original language | English |
|---|---|
| Title of host publication | Proceedings of the 9th International Conference on Knowledge Capture (K-CAP), (Austin, TX: 4-6 December 2017) |
| Publisher | Association for Computing Machinery (ACM) |
| Number of pages | 4 |
| ISBN (Electronic) | 9781450355537 |
| DOIs | |
| Publication status | Published - 4 Dec 2017 |
| Event | 9th International Conference on Knowledge Capture - Hilton Garden Inn Convention Center, Austin, United States Duration: 4 Dec 2017 → 6 Dec 2017 Conference number: 9 https://k-cap2017.org/ (Link to Conference Website) |
Conference
| Conference | 9th International Conference on Knowledge Capture |
|---|---|
| Abbreviated title | K-CAP 2017 |
| Country/Territory | United States |
| City | Austin |
| Period | 4/12/17 → 6/12/17 |
| Internet address |
|
