Detection of Cybersecurity Events Based on Entropy AnalysisShow others and affiliations
2022 (English)In: CEUR Workshop Proceedings / [ed] Khikmetov A., Daineko Y., Ipalakova M., Technical University of Aachen , 2022Conference paper, Published paper (Refereed)
Abstract [en]
As a rule, modern approaches to protecting against cyberattacks do not guarantee the impossibility of compromising applications and operating systems. Therefore, detection and identification of vulnerabilities, and actions to avoid or mitigate their impact on businesses and cybersecurity processes are critical for the operation of information systems and the information security management system. To identify a possible attack vector, as a rule, the following methods could be applied: either those that allow detecting abuses or that allow detecting anomalies. This paper investigates the possibility of identifying the alleged attack vector based on the entropy analysis of cybersecurity events. The research results presented in the paper allow us to determine the required width of the sliding window and confirm that such entropy analysis detects exceeding security thresholds and anomalies in the operation of operating systems and applications and, accordingly, probable attack vectors. © 2022 Copyright for this paper by its authors. Use permitted under Creative Commons License Attribution 4.0 International (CC BY 4.0).
Place, publisher, year, edition, pages
Technical University of Aachen , 2022.
Series
CEUR Workshop Proceedings, E-ISSN 1613-0073 ; 3382
Keywords [en]
anomaly, cybersecurity event, Entropy, event log, information security, intrusion detection, Cybersecurity, Information management, Attack vector, Cyber security, Cyber-attacks, Detection and identifications, Entropy analysis, Event logs, Event-based, Intrusion-Detection
National Category
Computer Systems Computer Sciences
Identifiers
URN: urn:nbn:se:bth-24800Scopus ID: 2-s2.0-85159363701OAI: oai:DiVA.org:bth-24800DiVA, id: diva2:1766100
Conference
7th International Conference on Digital Technologies in Education, Science and Industry, DTESI 2022, Almaty, 20 October through 21 October 2022
2023-06-122023-06-122023-06-12Bibliographically approved