Wang et al., 2018 - Google Patents
Research on operating data analysis for enterprise intranet information security risk assessmentWang et al., 2018
- Document ID
- 13744699434108173004
- Author
- Wang H
- Li J
- Liu D
- Publication year
- Publication venue
- 2018 12th IEEE International Conference on Anti-counterfeiting, Security, and Identification (ASID)
External Links
Snippet
Operating data analysis means to analyze the operating system logs, user operation logs, various types of alarms and security relevant configurations, etc. The purpose is to find whether there is an attack event, suspicious behaviors or improper configurations. It is an …
- 238000007405 data analysis 0 title abstract description 12
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/552—Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/554—Detecting local intrusion or implementing counter-measures involving event detection and direct action
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/34—User authentication involving the use of external additional devices, e.g. dongles or smart cards
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/316—User authentication by observing the pattern of computer usage, e.g. typical user behaviour
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2101—Auditing as a secondary aspect
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
- G06F21/645—Protecting data integrity, e.g. using checksums, certificates or signatures using a third party
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Alladi et al. | Industrial control systems: Cyberattack trends and countermeasures | |
| CN104283889B (en) | APT attack detectings and early warning system inside electric system based on the network architecture | |
| US10579797B2 (en) | Program integrity monitoring and contingency management system and method | |
| Johansen | Digital forensics and incident response | |
| Bollinger et al. | Crafting the InfoSec playbook: security monitoring and incident response master plan | |
| Atieh | Assuring the optimum security level for network, physical and cloud infrastructure | |
| Krishnamoorthi et al. | Active Directory Holds the Keys to your Kingdom, but is it Secure | |
| Miloslavskaya et al. | Taxonomy for unsecure big data processing in security operations centers | |
| Manral et al. | Establishing forensics capabilities in the presence of superuser insider threats | |
| Cook et al. | Managing incident response in the industrial internet of things | |
| Harsch et al. | Assuming a state of compromise: A best practise approach for SMEs on incident response management | |
| CN107516039B (en) | Security protection method and device for virtualized system | |
| He et al. | Malware incident response (IR) informed by cyber threat intelligence (CTI) | |
| Schneider et al. | Cyber security maintenance for SCADA systems | |
| Wang et al. | Research on operating data analysis for enterprise intranet information security risk assessment | |
| Kapiton et al. | Automated setup system security configuration of network equipment. | |
| LaPadula | State of the art in anomaly detection and reaction | |
| Miloslavskaya et al. | Taxonomy for unsecure digital information processing | |
| Kasmawi et al. | Vulnerability analysis using OWASP ZAP on higher education websites | |
| Stawowski | Dilemmas of a Security Architect: How to Protect Critical Systems without Disrupting Continuity of Their Services. | |
| CN112583848A (en) | Remote security log analysis system | |
| Sreelekshmi et al. | Unveiling Windows Security: Detecting Security Breaches Using Windows Event Logs | |
| Pritz | Shell activity logging and auditing in exercise environments of security Lectures using OSS | |
| Wilbert et al. | Comparison of File Integrity Monitoring (FIM) techniques for small business networks | |
| Ruha | Cybersecurity of computer networks |