Abstract: As more and more Internet-based attacks arise, organizations are responding by deploying an assortment of security products that generate situational intelligence in the form of logs. These logs often contain high volumes of interesting and useful information about activities in the network, and are among the first data sources that information security specialists consult when they suspect that an attack has taken place. However, security products often come from a patchwork of vendors, and are inconsistently installed and administered. They generate logs whose formats differ widely and that are often incomplete, mutually contradictory, and very large in volume. Hence, although this collected information is useful, it is often dirty.
Publication Year: 2013
Publication Date: 2013-12-09
Language: en
Type: article
Indexed In: ['crossref']
Access and Citation
Cited By Count: 245
AI Researcher Chatbot
Get quick answers to your questions about the article from our AI researcher chatbot