A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2021; you can also visit the original URL.
The file type is application/pdf
.
SEAL: Storage-efficient Causality Analysis on Enterprise Logs with Query-friendly Compression
2021
USENIX Security Symposium
Causality analysis automates attack forensic and facilitates behavioral detection by associating causally related but temporally distant system events. Despite its proven usefulness, the analysis suffers from the innate big data challenge to store and process a colossal amount of system events that are constantly collected from hundreds of thousands of end-hosts in a realistic network. In addition, the effectiveness of the analysis to discover security breaches relies on the assumption that
dblp:conf/uss/FeiL000J21
fatcat:kkwr2kl7ojdtnbug2yeegjnhha