Semantic integration and monitoring of file system activity

Kabul Kurniawan, Andreas Ekelhart, Elmar Kiesling, Agnes Fröschl, Fajar Ekaputra

Publication: Chapter in book/Conference proceedingContribution to conference proceedings

Abstract

File access activity information is an important source for identifying unauthorized data transmissions. In this paper, we present a semantic approach for the monitoring of file system activity in the context of information security. We thereby tackle limitations of existing monitoring approaches in terms of semantic integration, contextualization, and cross-system interoperability. In particular, we present a vocabulary for file activity logs and outline an architecture for log file collection, extraction, linking, and storage. We demonstrate the applicability of this approach by means of an application scenario. Finally, we show how analysts can inspect the life-cycle of files in a context-rich manner by means of SPARQL queries and a graph visualization of the results.

Original languageEnglish
Title of host publicationPosters and Demos at SEMANTiCS 2019
Subtitle of host publicationProceedings of the Posters and Demo Track of the 15th International Conference on Semantic Systems (SEMPDS 2019)
EditorsMehwish Alam, Ricardo Usbeck, Tassilo Pellegrini, Harald Sack, York Sure-Vetter
Place of PublicationAachen
PublisherCEUR Workshop Proceedings
Publication statusPublished - 2019
Externally publishedYes
Event15th International Conference on Semantic Systems, SEMPDS 2019 - Karlsruhe, Germany
Duration: 9 Sept 201912 Sept 2019

Publication series

SeriesCEUR Workshop Proceedings
Volume2451
ISSN1613-0073

Conference

Conference15th International Conference on Semantic Systems, SEMPDS 2019
Country/TerritoryGermany
CityKarlsruhe
Period9/09/1912/09/19

Bibliographical note

Publisher Copyright:
Copyright © 2019 for this paper by its authors. Use permitted under Creative Commons License Attribution 4.0 International (CC BY 4.0).

Cite this