Big Data Analytics Architecture for Cybersecurity Applications

  • Roberto Omar Andrade Escuela Politécnica Nacional
  • Luis Tello-Oquendo Universidad Nacional de Chimborazo
  • Susana Cadena-Vela Universidad Central del Ecuador
  • Patricia Jimbo-Santana Universidad Central del Ecuador
  • Juan Zaldumbide Escuela Politécnica Nacional
  • Diana Yacchirema Escuela Politécnica Nacional
Keywords: Big data, cyber operations, cybersecurity

Abstract

The technological and social changes in the  cur- rent information age pose new challenges for security analysts. Novel strategies and security solutions are sought to improve security operations concerning the detection and analysis of security threats and attacks. Security analysts address security challenges by analyzing large amounts of data from server logs, communication equipment, security solutions, and blogs related to information security in different structured and unstructured formats. In this paper, we examine the application of big data to support some security activities and conceptual models to generate knowledge that can be used for the decision making or automation of security response action. Concretely, we present a massive data processing methodology and introduce  a  big data architecture devised for cybersecurity applications. This architecture identifies anomalous behavior patterns and trends to anticipate cybersecurity attacks characterized as relatively random, spontaneous, and out of the ordinary.

Published
2021-01-01
Section
Research Articles for the Regular Issue