TY - JOUR UR - https://doi.org/10.7717/peerj-cs.25 DO - 10.7717/peerj-cs.25 TI - Mining known attack patterns from security-related events AU - Scarabeo,Nicandro AU - Fung,Benjamin C.M. AU - Khokhar,Rashid H. A2 - Ventura,Sebastian DA - 2015/10/07 PY - 2015 KW - Security KW - Data mining KW - Text-mining KW - Correlation KW - Semantic KW - Log events KW - Security operation center KW - Managed security services AB - Managed Security Services (MSS) have become an essential asset for companies to have in order to protect their infrastructure from hacking attempts such as unauthorized behaviour, denial of service (DoS), malware propagation, and anomalies. A proliferation of attacks has determined the need for installing more network probes and collecting more security-related events in order to assure the best coverage, necessary for generating incident responses. The increase in volume of data to analyse has created a demand for specific tools that automatically correlate events and gather them in pre-defined scenarios of attacks. Motivated by Above Security, a specialized company in the sector, and by National Research Council Canada (NRC), we propose a new data mining system that employs text mining techniques to dynamically relate security-related events in order to reduce analysis time, increase the quality of the reports, and automatically build correlated scenarios. VL - 1 SP - e25 T2 - PeerJ Computer Science JO - PeerJ Computer Science J2 - PeerJ Computer Science SN - 2376-5992 ER -