Semantic integration and monitoring of file system activity

Kabul Kurniawan, Andreas Ekelhart, Elmar Kiesling, Agnes Fröschl, Fajar Ekaputra

Publikation: Beitrag in Buch/KonferenzbandBeitrag in Konferenzband

Abstract

File access activity information is an important source for identifying unauthorized data transmissions. In this paper, we present a semantic approach for the monitoring of file system activity in the context of information security. We thereby tackle limitations of existing monitoring approaches in terms of semantic integration, contextualization, and cross-system interoperability. In particular, we present a vocabulary for file activity logs and outline an architecture for log file collection, extraction, linking, and storage. We demonstrate the applicability of this approach by means of an application scenario. Finally, we show how analysts can inspect the life-cycle of files in a context-rich manner by means of SPARQL queries and a graph visualization of the results.

OriginalspracheEnglisch
Titel des SammelwerksPosters and Demos at SEMANTiCS 2019
Untertitel des SammelwerksProceedings of the Posters and Demo Track of the 15th International Conference on Semantic Systems (SEMPDS 2019)
Herausgeber*innenMehwish Alam, Ricardo Usbeck, Tassilo Pellegrini, Harald Sack, York Sure-Vetter
ErscheinungsortAachen
VerlagCEUR WS
PublikationsstatusVeröffentlicht - 2019
Extern publiziertJa
Veranstaltung15th International Conference on Semantic Systems, SEMPDS 2019 - Karlsruhe, Deutschland
Dauer: 9 Sep. 201912 Sep. 2019

Publikationsreihe

NameCEUR Workshop Proceedings
Herausgeber (Verlag)CEUR-WS
Band2451
ISSN (Print)1613-0073

Konferenz

Konferenz15th International Conference on Semantic Systems, SEMPDS 2019
Land/GebietDeutschland
OrtKarlsruhe
Zeitraum9/09/1912/09/19

Bibliographische Notiz

Publisher Copyright:
Copyright © 2019 for this paper by its authors. Use permitted under Creative Commons License Attribution 4.0 International (CC BY 4.0).

Dieses zitieren