Challenges in IT Security Processes and Solution Approaches with Process Mining

Aynesh Sundararaj, Silvia Knittl, Jens Grossklags

Publikation: Beitrag in Buch/Bericht/KonferenzbandKonferenzbeitragBegutachtung

Abstract

Process mining is a rapidly developing field of data science currently focusing on business processes. The approach involves many techniques that may contribute to cyber security analysis as well. In particular, the measurement of deviations from a defined process is a central topic in process mining, and could find application in the context of IT security. In this paper, we present a solution approach for IT security with process mining, which is based on experiments that we conducted on an Identity and Access Management (IAM) scenario. We have designed and implemented an appropriate lifelike environment and use cases to demonstrate both the suitability and limitations of process mining for cyber security processes. While process mining can detect deviations from cyber processes very well, not all deviations are relevant for security. Thus, more research on how to incorporate threat analysis into process mining will be necessary in the future.

OriginalspracheEnglisch
TitelSecurity and Trust Management - 16th International Workshop, STM 2020, Proceedings
Redakteure/-innenKostantinos Markantonakis, Marinella Petrocchi
Herausgeber (Verlag)Springer Science and Business Media Deutschland GmbH
Seiten123-138
Seitenumfang16
ISBN (Print)9783030598167
DOIs
PublikationsstatusVeröffentlicht - 2020
Veranstaltung16th International Workshop on Security and Trust Management, STM 2020, held in conjunction with the 25th European Symposium on Research in Computer Security, ESORICS 2020 - Guildford, Großbritannien/Vereinigtes Königreich
Dauer: 17 Sept. 202018 Sept. 2020

Publikationsreihe

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Band12386 LNCS
ISSN (Print)0302-9743
ISSN (elektronisch)1611-3349

Konferenz

Konferenz16th International Workshop on Security and Trust Management, STM 2020, held in conjunction with the 25th European Symposium on Research in Computer Security, ESORICS 2020
Land/GebietGroßbritannien/Vereinigtes Königreich
OrtGuildford
Zeitraum17/09/2018/09/20

Fingerprint

Untersuchen Sie die Forschungsthemen von „Challenges in IT Security Processes and Solution Approaches with Process Mining“. Zusammen bilden sie einen einzigartigen Fingerprint.

Dieses zitieren