This site has been permanently archived. This is a static copy provided by the University of Southampton.

TY - GEN ID - cogprints6693 UR - http://cogprints.org/6693/ A1 - Saraydaryan, Jacques A1 - Benali, Fatiha A1 - Ubeda, St�phane Y1 - 2009/08// N2 - Cyber criminality activities are changing and becoming more and more professional. With the growth of financial flows through the Internet and the Information System (IS), new kinds of thread arise involving complex scenarios spread within multiple IS components. The IS information modeling and Behavioral Analysis are becoming new solutions to normalize the IS information and counter these new threads. This paper presents a framework which details the principal and necessary steps for monitoring an IS. We present the architecture of the framework, i.e. an ontology of activities carried out within an IS to model security information and User Behavioral analysis. The results of the performed experiments on real data show that the modeling is effective to reduce the amount of events by 91%. The User Behavioral Analysis on uniform modeled data is also effective, detecting more than 80% of legitimate actions of attack scenarios. PB - International Journal of Computer Science Issues, IJCSI KW - Security Information KW - Heterogeneity KW - Intrusion Detection KW - Behavioral Analysis KW - Ontology TI - Comprehensive Security Framework for Global Threats Analysis AV - public ER -