To give you the best possible experience, this site uses cookies. Review our Privacy Policy and Terms of Service to learn more. Got it!
Artwork

Business Podcasting Education Higher Education Science Social Sciences Tech InfoSec Security Video CERIAS Purdue Information Sfs Research Technology Privacy Policy Seminar
Content provided by CERIAS. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by CERIAS or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.

Similar to CERIAS Security Seminar Podcast

Player FM - Podcast App
Go offline with the Player FM app!
Get it on App Store Get it on Google Play

CERIAS Security Seminar Podcast « »
Ting-Fang Yen, "Beehive: Large-Scale Log Analysis for Detecting Suspicious Activity in Enterprise Networks"

 
Play
Playing
Share
 

MP4Episode home

Archived series ("Inactive feed" status)

When? This feed was archived on January 12, 2017 15:24 (7+ y ago). Last successful fetch was on September 14, 2016 19:32 (7+ y ago)

Why? Inactive feed status. Our servers were unable to retrieve a valid podcast feed for a sustained period.

What now? You might be able to find a more up-to-date version using the search function. This series will no longer be checked for updates. If you believe this to be in error, please check if the publisher's feed link below is valid and contact support to request the feed be restored or if you have any other concerns about this.

Manage episode 38478734 series 39330
Content provided by CERIAS. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by CERIAS or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.
As more and more Internet-based attacks arise, organizations are responding by deploying an assortment of security products that generate situational intelligence in the form of logs. These logs often contain high volumes of interesting and useful information about activities in the network, and are among the first data sources that information security specialists consult when they suspect that an attack has taken place. However, security products often come from a patchwork of vendors, and are inconsistently installed and administered. They generate logs whose formats differ widely and that are often incomplete, mutually contradictory, and very large in volume. Hence, although this collected information is useful, it is often dirty. We present a novel system, Beehive, that attacks the problem of automatically mining and extracting knowledge from the dirty log data produced by a wide variety of security products in a large enterprise. We improve on signature-based approaches to detecting security incidents and instead identify suspicious host behaviors that Beehive reports as potential security incidents. These incidents can then be further analyzed by incident response teams to determine whether a policy violation or attack has occurred. We have evaluated Beehive on the log data collected in a large enterprise, EMC, over a period of two weeks. We compare the incidents identified by Beehive against enterprise Security Operations Center reports, antivirus software alerts, and feedback from enterprise security specialists. We show that Beehive is able to identify malicious events and policy violations which would otherwise go undetected.
  continue reading

322 episodes

#Business #Podcasting Education #Higher Education #Science #Social Sciences #Tech #InfoSec #Security #Video #CERIAS #Purdue #Information #Sfs #Research #Technology #Privacy #Policy #Seminar
Artwork

Ting-Fang Yen, "Beehive: Large-Scale Log Analysis for Detecting Suspicious Activity in Enterprise Networks"

CERIAS Security Seminar Podcast

21 subscribers

published

Play Playing
iconShare
 
MP4Episode home

Archived series ("Inactive feed" status)

When? This feed was archived on January 12, 2017 15:24 (7+ y ago). Last successful fetch was on September 14, 2016 19:32 (7+ y ago)

Why? Inactive feed status. Our servers were unable to retrieve a valid podcast feed for a sustained period.

What now? You might be able to find a more up-to-date version using the search function. This series will no longer be checked for updates. If you believe this to be in error, please check if the publisher's feed link below is valid and contact support to request the feed be restored or if you have any other concerns about this.

Manage episode 38478734 series 39330
Content provided by CERIAS. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by CERIAS or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.
As more and more Internet-based attacks arise, organizations are responding by deploying an assortment of security products that generate situational intelligence in the form of logs. These logs often contain high volumes of interesting and useful information about activities in the network, and are among the first data sources that information security specialists consult when they suspect that an attack has taken place. However, security products often come from a patchwork of vendors, and are inconsistently installed and administered. They generate logs whose formats differ widely and that are often incomplete, mutually contradictory, and very large in volume. Hence, although this collected information is useful, it is often dirty. We present a novel system, Beehive, that attacks the problem of automatically mining and extracting knowledge from the dirty log data produced by a wide variety of security products in a large enterprise. We improve on signature-based approaches to detecting security incidents and instead identify suspicious host behaviors that Beehive reports as potential security incidents. These incidents can then be further analyzed by incident response teams to determine whether a policy violation or attack has occurred. We have evaluated Beehive on the log data collected in a large enterprise, EMC, over a period of two weeks. We compare the incidents identified by Beehive against enterprise Security Operations Center reports, antivirus software alerts, and feedback from enterprise security specialists. We show that Beehive is able to identify malicious events and policy violations which would otherwise go undetected.
  continue reading

322 episodes

#Business #Podcasting Education #Higher Education #Science #Social Sciences #Tech #InfoSec #Security #Video #CERIAS #Purdue #Information #Sfs #Research #Technology #Privacy #Policy #Seminar

All episodes

×
 
Loading …

Welcome to Player FM!

Player FM is scanning the web for high-quality podcasts for you to enjoy right now. It's the best podcast app and works on Android, iPhone, and the web. Signup to sync subscriptions across devices.

 

Similar to CERIAS Security Seminar Podcast

Listen to 500+ topics
Player FM - Podcast App
Go offline with the Player FM app!
Get it on App Store Get it on Google Play

Quick Reference Guide

Top Podcasts
The Bill Simmons Podcast
PTI
First Take
Marketplace
Comedy of the Week
The Bugle
How Did This Get Made?
Doug Loves Movies
Planet Money
TED Talks Daily
NBC Nightly News with Lester Holt
The World This Hour
Daily Boost Motivation and Coaching
Radiolab
Science Friday
This American Life
Criminal
Sword and Scale
In The Dark
Player FM logo
Help/FAQ | Upgrade | Advertise
Arts|Business|Comedy|Economics|Entertainment|News|Politics|Religion
Science|Soccer|Sports|Storytelling|Technology|True Crime
Copyright 2024 | Sitemap | Privacy Policy | Terms of Service | | Copyright
Episode being played series thumbnail
icon icon
Speed
Series settings
1x
1x
Volume
100%
icon
icon icon
/

View Player FM in...
Player FM
Browser
Chrome
Safari
Firefox