Skip to Main content Skip to Navigation
Conference papers

Recent Trends in Statistical Analysis of Event Logs for Network-Wide Intrusion Detection

Corentin Larroche 1, 2, 3 Johan Mazel 4 Stéphan Clémençon 1, 2, 3
1 IDS - Département Images, Données, Signal
2 S2A - Signal, Statistique et Apprentissage
LTCI - Laboratoire Traitement et Communication de l'Information
3 IP Paris - Institut Polytechnique de Paris
4 ANSSI - Agence nationale de la sécurité des systèmes d'information
Abstract : Event logs are information-rich and complex data that keep track of the activity taking place in a computer network, and can therefore contain traces of malicious activity when an intrusion happens. However, such traces are scarce and buried under considerable volumes of unrelated information, making the use of event logs for intrusion detection a challenging research topic. We review some recent contributions to that area of research, focusing on the application of statistical analysis to various types of event logs collected over a computer network. Emphasis is put on the formalism used to translate the data into a collection of mathematical objects suited to statistical modelling.
Keywords : Event logs Intrusion detection Anomaly detection
Document type :
Conference papers
Complete list of metadatas
https://hal.telecom-paris.fr/hal-03123038
Contributor : Corentin Larroche <>
Submitted on : Wednesday, January 27, 2021 - 2:37:51 PM
Last modification on : Monday, February 15, 2021 - 5:04:35 PM

File

Vignette du document
paper.pdf
Files produced by the author(s)

Identifiers

  • HAL Id : hal-03123038, version 1

Collections

INSTITUT-TELECOM | IDS | LTCI | S2A | IP_PARIS

Citation

Corentin Larroche, Johan Mazel, Stéphan Clémençon. Recent Trends in Statistical Analysis of Event Logs for Network-Wide Intrusion Detection. Conference on Artificial Intelligence for Defense (CAID), Dec 2020, Rennes, France. ⟨hal-03123038⟩

Export

BibTeX TEI DC DCterms EndNote

Share

Metrics

Record views

57

Files downloads

23