Big Data Analytics Architecture for Cybersecurity Applications
Abstract
The technological and social changes in the cur- rent information age pose new challenges for security analysts. Novel strategies and security solutions are sought to improve security operations concerning the detection and analysis of security threats and attacks. Security analysts address security challenges by analyzing large amounts of data from server logs, communication equipment, security solutions, and blogs related to information security in different structured and unstructured formats. In this paper, we examine the application of big data to support some security activities and conceptual models to generate knowledge that can be used for the decision making or automation of security response action. Concretely, we present a massive data processing methodology and introduce a big data architecture devised for cybersecurity applications. This architecture identifies anomalous behavior patterns and trends to anticipate cybersecurity attacks characterized as relatively random, spontaneous, and out of the ordinary.
By participating as Author (s) in LAJC, non-exclusive copyright is transferred to the National Polytechnic School, represented by the Department of Informatics and Computer Sciences, to publish the material submitted by the Author (s) on institutional websites, or print materials from the institution.
The National Polytechnic School and the Department of Informatics and Computer Sciences, ensure that the material will not be released, nor will be used internally for profit through paid subscriptions. The material sent will be used only for academic and scientific purposes.