Security Data Collection and Data Analytics in the Internet: A Survey

Loading...
Thumbnail Image

Access rights

openAccess

URL

Journal Title

Journal ISSN

Volume Title

A2 Katsausartikkeli tieteellisessä aikakauslehdessä

Date

2019-01-01

Major/Subject

Mcode

Degree programme

Language

en

Pages

Series

IEEE Communications Surveys and Tutorials

Abstract

Attacks over the Internet are becoming more and more complex and sophisticated. How to detect security threats and measure the security of the Internet arises a significant research topic. For detecting the Internet attacks and measuring its security, collecting different categories of data and employing methods of data analytics are essential. However, the literature still lacks a thorough review on security-related data collection and analytics on the Internet. Therefore, it becomes a necessity to review the current state of the art in order to gain a deep insight on what categories of data should be collected and which methods should be used to detect the Internet attacks and to measure its security. In this paper, we survey existing studies about security-related data collection and analytics for the purpose of measuring the Internet security. We first divide the data related to network security measurement into four categories: 1) packet-level data; 2) flow-level data; 3) connection-level data; and 4) host-level data. For each category of data, we provide a specific classification and discuss its advantages and disadvantages with regard to the Internet security threat detection. We also propose several additional requirements for security-related data analytics in order to make the analytics flexible and scalable. Based on the usage of data categories and the types of data analytic methods, we review current detection methods for distributed denial of service flooding and worm attacks by applying the proposed requirements to evaluate their performance. Finally, based on the completed review, a list of open issues is outlined and future research directions are identified.

Description

OA-julkaisu. Tuo IEEE:n tietokannasta, kun julkaistu.

Keywords

Computer crime, Data analysis, data analytics, Data collection, data collection, DDoS flooding attacks, Grippers, Internet, Protocols, security measurement., Security-related data, worm attacks

Other note

Citation

Jing, X, Yan, Z & Pedrycz, W 2019, ' Security Data Collection and Data Analytics in the Internet : A Survey ', IEEE Communications Surveys and Tutorials, vol. 21, no. 1, 8428412, pp. 586 - 618 . https://doi.org/10.1109/COMST.2018.2863942