IDEAS home Printed from https://ideas.repec.org/a/igg/jisp00/v16y2022i1p1-10.html
   My bibliography  Save this article

Real-Time Cyber Analytics Data Collection Framework

Author

Listed:
  • Herbert Maosa

    (London Metropolitan University, UK)

  • Karim Ouazzane

    (London Metropolitan University, UK)

  • Viktor Sowinski-Mydlarz

    (London Metropolitan University, UK)

Abstract

In cyber security, it is critical that event data is collected in as near real time as possible to enable early detection and response to threats. Performing analytics from event logs stored in databases slows down the response time due to the time cost of database insertion and retrieval operations. The authors present a data collection framework that minimizes the need for long-term storage. Events are buffered in memory, up to a configurable threshold, before being streamed in real time using live streaming technologies. The framework deploys virtualized data collecting agents that ingest data from multiple sources including threat intelligence. The framework enables the correlation of events from various sources, improving detection precision. The authors have tested the framework in a real time, machine-learning-based threat detection system. The results show a time gain of 300 milliseconds in transmission time from event capture to analytics system, compared with storage-based collection frameworks. Threat detection was measured at 95%, which is comparable to the benchmark snort IDS.

Suggested Citation

  • Herbert Maosa & Karim Ouazzane & Viktor Sowinski-Mydlarz, 2022. "Real-Time Cyber Analytics Data Collection Framework," International Journal of Information Security and Privacy (IJISP), IGI Global, vol. 16(1), pages 1-10, January.
  • Handle: RePEc:igg:jisp00:v:16:y:2022:i:1:p:1-10
    as

    Download full text from publisher

    File URL: http://services.igi-global.com/resolvedoi/resolve.aspx?doi=10.4018/IJISP.311465
    Download Restriction: no
    ---><---

    More about this item

    Statistics

    Access and download statistics

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:igg:jisp00:v:16:y:2022:i:1:p:1-10. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    We have no bibliographic references for this item. You can help adding them by using this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Journal Editor (email available below). General contact details of provider: https://www.igi-global.com .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.