Abstract
File access activity information is an important source for identifying unauthorized data transmissions. In this paper, we present a semantic approach for the monitoring of file system activity in the context of information security. We thereby tackle limitations of existing monitoring approaches in terms of semantic integration, contextualization, and cross-system interoperability. In particular, we present a vocabulary for file activity logs and outline an architecture for log file collection, extraction, linking, and storage. We demonstrate the applicability of this approach by means of an application scenario. Finally, we show how analysts can inspect the life-cycle of files in a context-rich manner by means of SPARQL queries and a graph visualization of the results.
Original language | English |
---|---|
Title of host publication | Posters and Demos at SEMANTiCS 2019 |
Subtitle of host publication | Proceedings of the Posters and Demo Track of the 15th International Conference on Semantic Systems (SEMPDS 2019) |
Editors | Mehwish Alam, Ricardo Usbeck, Tassilo Pellegrini, Harald Sack, York Sure-Vetter |
Place of Publication | Aachen |
Publisher | CEUR Workshop Proceedings |
Publication status | Published - 2019 |
Externally published | Yes |
Event | 15th International Conference on Semantic Systems, SEMPDS 2019 - Karlsruhe, Germany Duration: 9 Sept 2019 → 12 Sept 2019 |
Publication series
Series | CEUR Workshop Proceedings |
---|---|
Volume | 2451 |
ISSN | 1613-0073 |
Conference
Conference | 15th International Conference on Semantic Systems, SEMPDS 2019 |
---|---|
Country/Territory | Germany |
City | Karlsruhe |
Period | 9/09/19 → 12/09/19 |
Bibliographical note
Publisher Copyright:Copyright © 2019 for this paper by its authors. Use permitted under Creative Commons License Attribution 4.0 International (CC BY 4.0).