System-Auditing, Data Analysis and Characteristics of Cyber Attacks for Big Data Systems

Liangyi Huang; Sophia Hall; Fei Shao; Arafath Nihar; Vipin Chaudhary; Yinghui Wu; Roger French; Xusheng Xiao

doi:10.1145/3511808.3557185

System-Auditing, Data Analysis and Characteristics of Cyber Attacks for Big Data Systems

Liangyi Huang, Sophia Hall, Fei Shao, Arafath Nihar, Vipin Chaudhary, Yinghui Wu, Roger French, Xusheng Xiao

Engineering, Ira A. Fulton Schools of (IAFSE)

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

2 Scopus citations

Abstract

Using big data, distributed computing systems such as Apache Hadoop requires processing massive amount of data to support business and research applications. Thus, it is critical to ensure the cyber security of such systems. To better defend from advanced cyber attacks that pose threats to even well-protected enterprises, system-auditing based techniques have been adopted for monitoring system activities and assisting attack investigation. In this demo, we are building a system that collects system auditing logs from a big data system and performs data analysis to understand how system auditing can be used more effectively to assist attack investigation on big systems. We also built a demo application that detects unexpected file deletion and presents root causes for the deletion.

Original language	English (US)
Title of host publication	CIKM 2022 - Proceedings of the 31st ACM International Conference on Information and Knowledge Management
Publisher	Association for Computing Machinery
Pages	4872-4876
Number of pages	5
ISBN (Electronic)	9781450392365
DOIs	https://doi.org/10.1145/3511808.3557185
State	Published - Oct 17 2022
Event	31st ACM International Conference on Information and Knowledge Management, CIKM 2022 - Atlanta, United States Duration: Oct 17 2022 → Oct 21 2022

Publication series

Name	International Conference on Information and Knowledge Management, Proceedings
ISSN (Print)	2155-0751

Conference

Conference	31st ACM International Conference on Information and Knowledge Management, CIKM 2022
Country/Territory	United States
City	Atlanta
Period	10/17/22 → 10/21/22

Keywords

big data systems
cyber attack investigation
system auditing

ASJC Scopus subject areas

General Business, Management and Accounting
General Decision Sciences

Access to Document

10.1145/3511808.3557185

Cite this

Huang, L., Hall, S., Shao, F., Nihar, A., Chaudhary, V., Wu, Y., French, R., & Xiao, X. (2022). System-Auditing, Data Analysis and Characteristics of Cyber Attacks for Big Data Systems. In CIKM 2022 - Proceedings of the 31st ACM International Conference on Information and Knowledge Management (pp. 4872-4876). (International Conference on Information and Knowledge Management, Proceedings). Association for Computing Machinery. https://doi.org/10.1145/3511808.3557185

System-Auditing, Data Analysis and Characteristics of Cyber Attacks for Big Data Systems. / Huang, Liangyi; Hall, Sophia; Shao, Fei et al.
CIKM 2022 - Proceedings of the 31st ACM International Conference on Information and Knowledge Management. Association for Computing Machinery, 2022. p. 4872-4876 (International Conference on Information and Knowledge Management, Proceedings).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Huang, L, Hall, S, Shao, F, Nihar, A, Chaudhary, V, Wu, Y, French, R & Xiao, X 2022, System-Auditing, Data Analysis and Characteristics of Cyber Attacks for Big Data Systems. in CIKM 2022 - Proceedings of the 31st ACM International Conference on Information and Knowledge Management. International Conference on Information and Knowledge Management, Proceedings, Association for Computing Machinery, pp. 4872-4876, 31st ACM International Conference on Information and Knowledge Management, CIKM 2022, Atlanta, United States, 10/17/22. https://doi.org/10.1145/3511808.3557185

Huang L, Hall S, Shao F, Nihar A, Chaudhary V, Wu Y et al. System-Auditing, Data Analysis and Characteristics of Cyber Attacks for Big Data Systems. In CIKM 2022 - Proceedings of the 31st ACM International Conference on Information and Knowledge Management. Association for Computing Machinery. 2022. p. 4872-4876. (International Conference on Information and Knowledge Management, Proceedings). doi: 10.1145/3511808.3557185

Huang, Liangyi ; Hall, Sophia ; Shao, Fei et al. / System-Auditing, Data Analysis and Characteristics of Cyber Attacks for Big Data Systems. CIKM 2022 - Proceedings of the 31st ACM International Conference on Information and Knowledge Management. Association for Computing Machinery, 2022. pp. 4872-4876 (International Conference on Information and Knowledge Management, Proceedings).

@inproceedings{828ac6cf54e94c33aa1fbabf8785d038,

title = "System-Auditing, Data Analysis and Characteristics of Cyber Attacks for Big Data Systems",

abstract = "Using big data, distributed computing systems such as Apache Hadoop requires processing massive amount of data to support business and research applications. Thus, it is critical to ensure the cyber security of such systems. To better defend from advanced cyber attacks that pose threats to even well-protected enterprises, system-auditing based techniques have been adopted for monitoring system activities and assisting attack investigation. In this demo, we are building a system that collects system auditing logs from a big data system and performs data analysis to understand how system auditing can be used more effectively to assist attack investigation on big systems. We also built a demo application that detects unexpected file deletion and presents root causes for the deletion.",

keywords = "big data systems, cyber attack investigation, system auditing",

author = "Liangyi Huang and Sophia Hall and Fei Shao and Arafath Nihar and Vipin Chaudhary and Yinghui Wu and Roger French and Xusheng Xiao",

note = "Publisher Copyright: {\textcopyright} 2022 ACM.; 31st ACM International Conference on Information and Knowledge Management, CIKM 2022 ; Conference date: 17-10-2022 Through 21-10-2022",

year = "2022",

month = oct,

day = "17",

doi = "10.1145/3511808.3557185",

language = "English (US)",

series = "International Conference on Information and Knowledge Management, Proceedings",

publisher = "Association for Computing Machinery",

pages = "4872--4876",

booktitle = "CIKM 2022 - Proceedings of the 31st ACM International Conference on Information and Knowledge Management",

}

TY - GEN

T1 - System-Auditing, Data Analysis and Characteristics of Cyber Attacks for Big Data Systems

AU - Huang, Liangyi

AU - Hall, Sophia

AU - Shao, Fei

AU - Nihar, Arafath

AU - Chaudhary, Vipin

AU - Wu, Yinghui

AU - French, Roger

AU - Xiao, Xusheng

PY - 2022/10/17

Y1 - 2022/10/17

N2 - Using big data, distributed computing systems such as Apache Hadoop requires processing massive amount of data to support business and research applications. Thus, it is critical to ensure the cyber security of such systems. To better defend from advanced cyber attacks that pose threats to even well-protected enterprises, system-auditing based techniques have been adopted for monitoring system activities and assisting attack investigation. In this demo, we are building a system that collects system auditing logs from a big data system and performs data analysis to understand how system auditing can be used more effectively to assist attack investigation on big systems. We also built a demo application that detects unexpected file deletion and presents root causes for the deletion.

AB - Using big data, distributed computing systems such as Apache Hadoop requires processing massive amount of data to support business and research applications. Thus, it is critical to ensure the cyber security of such systems. To better defend from advanced cyber attacks that pose threats to even well-protected enterprises, system-auditing based techniques have been adopted for monitoring system activities and assisting attack investigation. In this demo, we are building a system that collects system auditing logs from a big data system and performs data analysis to understand how system auditing can be used more effectively to assist attack investigation on big systems. We also built a demo application that detects unexpected file deletion and presents root causes for the deletion.

KW - big data systems

KW - cyber attack investigation

KW - system auditing

UR - http://www.scopus.com/inward/record.url?scp=85140844243&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85140844243&partnerID=8YFLogxK

U2 - 10.1145/3511808.3557185

DO - 10.1145/3511808.3557185

M3 - Conference contribution

AN - SCOPUS:85140844243

T3 - International Conference on Information and Knowledge Management, Proceedings

SP - 4872

EP - 4876

BT - CIKM 2022 - Proceedings of the 31st ACM International Conference on Information and Knowledge Management

PB - Association for Computing Machinery

T2 - 31st ACM International Conference on Information and Knowledge Management, CIKM 2022

Y2 - 17 October 2022 through 21 October 2022

ER -

System-Auditing, Data Analysis and Characteristics of Cyber Attacks for Big Data Systems

Abstract

Publication series

Conference

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this