Semantic integration and monitoring of file system activity

Kabul Kurniawan, Andreas Ekelhart, Elmar Kiesling, Agnes Fröschl, Fajar Ekaputra

Publikation: Beitrag in Buch/KonferenzbandBeitrag in Konferenzband


File access activity information is an important source for identifying unauthorized data transmissions. In this paper, we present a semantic approach for the monitoring of file system activity in the context of information security. We thereby tackle limitations of existing monitoring approaches in terms of semantic integration, contextualization, and cross-system interoperability. In particular, we present a vocabulary for file activity logs and outline an architecture for log file collection, extraction, linking, and storage. We demonstrate the applicability of this approach by means of an application scenario. Finally, we show how analysts can inspect the life-cycle of files in a context-rich manner by means of SPARQL queries and a graph visualization of the results.

Titel des SammelwerksPosters and Demos at SEMANTiCS 2019
Untertitel des SammelwerksProceedings of the Posters and Demo Track of the 15th International Conference on Semantic Systems (SEMPDS 2019)
Herausgeber*innenMehwish Alam, Ricardo Usbeck, Tassilo Pellegrini, Harald Sack, York Sure-Vetter
VerlagCEUR Workshop Proceedings
PublikationsstatusVeröffentlicht - 2019
Extern publiziertJa
Veranstaltung15th International Conference on Semantic Systems, SEMPDS 2019 - Karlsruhe, Deutschland
Dauer: 9 Sept. 201912 Sept. 2019


ReiheCEUR Workshop Proceedings


Konferenz15th International Conference on Semantic Systems, SEMPDS 2019

Bibliographische Notiz

Publisher Copyright:
Copyright © 2019 for this paper by its authors. Use permitted under Creative Commons License Attribution 4.0 International (CC BY 4.0).