SlideShare a Scribd company logo

Using process mining and model driven engineering to enhance security of web information systems

Download as PPTX, PDF
S.Mostafa Sayyedi
S.Mostafa Sayyedi

Using Process Mining and Model Driven Engineering to Enhance Security of Web Information Systems.

Software
1 of 40
Provider: Mr. S.Mostafa Sayyedi Using Process Mining and Model Driven Engineering to Enhance Security of Web Information Systems Lesson: Special Topics Professor: Mr. Zamani May 2018
Abstract In this Paper, We Propose a Method Based on Process Mining and Model Driven Engineering to Improve the Security of Web Information Systems. Page: 1 Abstrac t
Simona Bernardi Centro Universitario de la Defensa Zaragoza, Spain Forest Company Raul Piraces Alastuey Universidad de Zaragoza Zaragoza, Spain Raquel Trillo-Lado Universidad de Zaragoza Zaragoza, Spain 2017 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW) Page: 2 About the Article
Page: 3 According to the Security Reports by Symantec, the Number of Attacks to Web Information Systems in 2015 is the Double as in 2014. Introduction
Page: 4 According to the Security Reports by Symantec, the Number of Attacks to Web Information Systems in 2015 is the Double as in 2014. Introduction
Page: 5 According to the Security Reports by Symantec, the Number of Attacks to Web Information Systems in 2015 is the Double as in 2014. Introduction
Page: 6 According to the Security Reports by Symantec, the Number of Attacks to Web Information Systems in 2015 is the Double as in 2014. Introduction
Page: 7 Web Information Systems are Usually Composed of Two Main Components: Front-end Backend Introduction
Contents II RelatedWork III IV Getting a Normative Model Method Overview Page: 8
VI Identification andAnalysis of Deviations VII … Acknowledgment Conclusion VLog Processing Page: 9
SIEM Preventive Approaches Establish Rules in Security Information and Event Management (SIEM) Systems to Reduce or Remove the Success Conditions of Cyberattacks Page: 10 II. Related Work The Proposed Method is Based on the Process Mining Discipline Which Provides Techniques for Process Discovery, i.e., Deriving Process Models from Logs, Conformance Checking, i.e., Checking the Alignment of an Existing/Derived Process Model and Logs, and Process Enhancement, i.e.
Three Types of Process Mining II. Related Work What is Process Mining? Techniques Allow for Extracting Information from Event Logs. Page: 11
Process Mining Tools Can Ingest information Once Prepared in This Simple II. Related Work What is Process Mining? Example: Page: 12
III. Method Overview Page:
1 2 3 4 5 Step1 Specification of the System Behavior by Means of the Unified Modeling Language (UML) Step2 Automatic Generation of a Formal Model from the UML-Based Specification that We Call Normative Model. Step3 Control and Monitoring of the Web Information System to Get Data Logs that Represent its Operative (or Real) Behavior. Step4 Pre-processing of the Logs of the System to Get Event Logs, Which Can be Analyzed Using Process Mining Techniques. Step5 Identification of Deviations Between the Normative Model and the Operative Behavior by Means of Different Process Mining Techniques. III. Method Overview Page: 14 The Proposed Method Consists of Five Main Phases or Steps:
Overview of the Proposed Method III. Method Overview Page: 15
SID BiD is a Web Information System Developed with Java Technologies Available at http://sid.cps.unizar.es/BiD/ III. Method Overview Case Study: Page: 16
BDI research group website: http://bdi.si.ehu.es/bdi/ III. Method Overview Case Study: Page: 17
OEG Research Group Website: http://mayor2.dia.fi.upm.es/oeg-upm/ III. Method Overview Case Study: Page: 18
IV. Getting a Normative Model Page: 19
Each Action Represents an HTTP Request from the User: BiD System Main Functionalities IV. Getting a Normative Model Page: 20
SID BiD UML Activity Diagram: BiD System Behavioral View (Partial) IV. Getting a Normative Model Page: 21
Describe Petri Net Model Page: 22
Describe Petri Net Model: IV. Getting a Normative Model Page: 23 Shop Card Reader System
The Petri Net Model has been Automatically Generated from the Activity Diagram by Using the DICE Simulation Tool Petri Net Normative Model IV. Getting a Normative Model Page: 24
V. Log Processing Page: 25
Apply Process Mining Techniques an Event in an Event Log Must Refer to: A case A Case is a Particular Execution of a Process, Thus Each Event Refers to a Trace (or Sequence) of Related Events Associated to the Execution of a Process. An activity An Activity is an Action or Task to be Performed in a Process (as a Process is a Set of Coordinated Activities or Actions to Achieve a Particular Goal). A Timestamp A Timestamp is a Mark Indicating When the Event Happened Other Information Other Specific Data or Information Related to the Execution of the Activity 01 02 03 04 Process Mining V. Log Processing Page: 26
Real Behaviour of System: 1) The Work Sessions of the Users. This Work Sessions are Studied to Analyze How a Particular User Interacts With the System in a Work Session. 2) The Use Cases Executed by a User. This Parameter is Used to Analyze How a Particular User Interacts With the System in a Work Session When She Wants to Achieve the Goals Associated to a Particular Use Case. V. Log Processing Page: 27
Two Entries Belong to the Same User Session if and Only if: IP They Come from the Same IP Address Time The Time Elapsed Between the Two Entries is Less than a Certain Threshold (in Our Case We Considered 30 minutes) User They Have Been Performed by the Same User if the Studied Web Application Allows Different Users Browser They Come from the Same Browser V. Log Processing Page: 28
Heuristic to Identify the Use Case Performed by a User (HUseCase) 2 1) Updating the Code (the Implementation) of the Web Information Systems in Order to Include the Use Case Identifier Being Executed in the Logs of the Web Server 2) Tagging the Logs Entries With Use Case Identifiers Two Possible Strategies for Heuristic: V. Log Processing Page: 29
Two Options Were Evaluated to Tag the Log Entries With an Appropriate Case Use Identifier:1) Tagging Based on the Entry Web Pages (or URL) of the Use Cases Tagging Based on the Entry Web Pages of the Use V. Log Processing Page: 30
Two Options Were Evaluated to Tag the Log Entries With an Appropriate Case Use Identifier:2) Tagging Based on the Longest Path of Consecutive Activity Events of a User Tagging Based on the Longest Path of V. Log Processing Page: 31
VI. Identification and Analysis of Deviations Page: 32
A. Identification of Deviations Anomalous Trace VI. Identification and Analysis of Deviations: Page: 33
B. Attack Detection and Process Enhancement Fuzzy Model from Filtered Logs (Partial Delivery) VI. Identification and Analysis of Deviations: Page: 34
http://www.website.com Process Mining and MDE In this Work, a Method Based on Process Mining and Model Driven Engineering has been Proposed in Order to Improve the Security of Web Information Systems. Java Enterprise Edition Despite the Fact that the Experimental Results have been Obtained by Considering a Particular Technology to Build Web Information Systems (in Particular, JEE), the Proposed Approach is Technology Independent ZABBIX Our First Next Goal is Incorporating a Security Information and Event Management System (SIEM), Such as Zabbix8, to Monitor the Activity of the SID BiD System Page: 35 VII. Conclusion
Acknowledgment Page: 36
Acknowledgment Page: 37 This Work has been Partially Funded by the Following Projects: “Desarrollo de tecnicas de detecci ´ on de ciber- ´ ataques en sistemas de informacion mediante miner ´ ´ıa deprocesos” (UZCUD2016-TEC-06), “Infraestructuras cr´ıticas resistentes a ciber-ataques: Aplicando la miner´ıa de procesos y el diseno software orientado a la seguridad” [CyCriSec- ˜ TIN2014-58457-R], and “Developing Data-Intensive Cloud Applications with Iterative Quality Enhancements” [DICEH2020-644869]
Question And Answer
THANK YOU! F o r Yo u r A t t e n t i o n

Recommended

A self adaptive learning approach for optimum path evaluation of process for ...
A self adaptive learning approach for optimum path evaluation of process for ...A self adaptive learning approach for optimum path evaluation of process for ...
A self adaptive learning approach for optimum path evaluation of process for ...
Alexander Decker
 
BE CS,IS FINAL YEAR PROJECT LIST FOR ACADEMIC YEAR 2019-2020
BE CS,IS FINAL YEAR PROJECT LIST FOR ACADEMIC YEAR 2019-2020BE CS,IS FINAL YEAR PROJECT LIST FOR ACADEMIC YEAR 2019-2020
BE CS,IS FINAL YEAR PROJECT LIST FOR ACADEMIC YEAR 2019-2020
IGEEKS TECHNOLOGIES
 
Cis 349 Inspiring Innovation--tutorialrank.com
Cis 349 Inspiring Innovation--tutorialrank.comCis 349 Inspiring Innovation--tutorialrank.com
Cis 349 Inspiring Innovation--tutorialrank.com
PrescottLunt371
 
CIS 349 Education Organization / snaptutorial.com
CIS 349 Education Organization / snaptutorial.comCIS 349 Education Organization / snaptutorial.com
CIS 349 Education Organization / snaptutorial.com
McdonaldRyan37
 
Iisrt bhanupriya ng (cs)
Iisrt bhanupriya ng (cs)Iisrt bhanupriya ng (cs)
Iisrt bhanupriya ng (cs)
IISRT
 
Applicability of Network Logs for Securing Computer Systems
Applicability of Network Logs for Securing Computer SystemsApplicability of Network Logs for Securing Computer Systems
Applicability of Network Logs for Securing Computer Systems
IDES Editor
 
Cis 349 Exceptional Education-snaptutorial.com
Cis 349 Exceptional Education-snaptutorial.comCis 349 Exceptional Education-snaptutorial.com
Cis 349 Exceptional Education-snaptutorial.com
robertleses8
 
Cis 349 Education Specialist-snaptutorial.com
Cis 349 Education Specialist-snaptutorial.comCis 349 Education Specialist-snaptutorial.com
Cis 349 Education Specialist-snaptutorial.com
robertlesew95
 

Recommended

A self adaptive learning approach for optimum path evaluation of process for ...
A self adaptive learning approach for optimum path evaluation of process for ...A self adaptive learning approach for optimum path evaluation of process for ...
A self adaptive learning approach for optimum path evaluation of process for ...
Alexander Decker
 
BE CS,IS FINAL YEAR PROJECT LIST FOR ACADEMIC YEAR 2019-2020
BE CS,IS FINAL YEAR PROJECT LIST FOR ACADEMIC YEAR 2019-2020BE CS,IS FINAL YEAR PROJECT LIST FOR ACADEMIC YEAR 2019-2020
BE CS,IS FINAL YEAR PROJECT LIST FOR ACADEMIC YEAR 2019-2020
IGEEKS TECHNOLOGIES
 
Cis 349 Inspiring Innovation--tutorialrank.com
Cis 349 Inspiring Innovation--tutorialrank.comCis 349 Inspiring Innovation--tutorialrank.com
Cis 349 Inspiring Innovation--tutorialrank.com
PrescottLunt371
 
CIS 349 Education Organization / snaptutorial.com
CIS 349 Education Organization / snaptutorial.comCIS 349 Education Organization / snaptutorial.com
CIS 349 Education Organization / snaptutorial.com
McdonaldRyan37
 
Iisrt bhanupriya ng (cs)
Iisrt bhanupriya ng (cs)Iisrt bhanupriya ng (cs)
Iisrt bhanupriya ng (cs)
IISRT
 
Applicability of Network Logs for Securing Computer Systems
Applicability of Network Logs for Securing Computer SystemsApplicability of Network Logs for Securing Computer Systems
Applicability of Network Logs for Securing Computer Systems
IDES Editor
 
Cis 349 Exceptional Education-snaptutorial.com
Cis 349 Exceptional Education-snaptutorial.comCis 349 Exceptional Education-snaptutorial.com
Cis 349 Exceptional Education-snaptutorial.com
robertleses8
 
Cis 349 Education Specialist-snaptutorial.com
Cis 349 Education Specialist-snaptutorial.comCis 349 Education Specialist-snaptutorial.com
Cis 349 Education Specialist-snaptutorial.com
robertlesew95
 
CIS 349 RANK Inspiring Innovation--cis349rank.com
CIS 349 RANK Inspiring Innovation--cis349rank.comCIS 349 RANK Inspiring Innovation--cis349rank.com
CIS 349 RANK Inspiring Innovation--cis349rank.com
KeatonJennings91
 
CIS 349 RANK Lessons in Excellence--cis349rank.com
CIS 349 RANK Lessons in Excellence--cis349rank.comCIS 349 RANK Lessons in Excellence--cis349rank.com
CIS 349 RANK Lessons in Excellence--cis349rank.com
RoelofMerwe139
 
CIS 349 Imagine Your Future/newtonhelp.com   
CIS 349 Imagine Your Future/newtonhelp.com   CIS 349 Imagine Your Future/newtonhelp.com   
CIS 349 Imagine Your Future/newtonhelp.com   
bellflower46
 
Big Data Security Analytic Solution using Splunk
Big Data Security Analytic Solution using SplunkBig Data Security Analytic Solution using Splunk
Big Data Security Analytic Solution using Splunk
IJERA Editor
 
CIS 349 Enhance teaching / snaptutorial.com
CIS 349 Enhance teaching / snaptutorial.com CIS 349 Enhance teaching / snaptutorial.com
CIS 349 Enhance teaching / snaptutorial.com
donaldzs55
 
Cis 349 Effective Communication-snaptutorial.com
Cis 349 Effective Communication-snaptutorial.comCis 349 Effective Communication-snaptutorial.com
Cis 349 Effective Communication-snaptutorial.com
jhonklinz9
 
Cis 349 Teaching Effectively--tutorialrank.com
Cis 349 Teaching Effectively--tutorialrank.comCis 349 Teaching Effectively--tutorialrank.com
Cis 349 Teaching Effectively--tutorialrank.com
Soaps82
 
CIS 349 Effective Communication/tutorialrank.com
CIS 349 Effective Communication/tutorialrank.com CIS 349 Effective Communication/tutorialrank.com
CIS 349 Effective Communication/tutorialrank.com
jonhson185
 
A self adaptive learning approach for optimum path evaluation of process for ...
A self adaptive learning approach for optimum path evaluation of process for ...A self adaptive learning approach for optimum path evaluation of process for ...
A self adaptive learning approach for optimum path evaluation of process for ...
Alexander Decker
 
a novel technique to pre-process web log data using sql server management studio
a novel technique to pre-process web log data using sql server management studioa novel technique to pre-process web log data using sql server management studio
a novel technique to pre-process web log data using sql server management studio
INFOGAIN PUBLICATION
 
Events Classification in Log Audit
Events Classification in Log Audit Events Classification in Log Audit
Events Classification in Log Audit
IJNSA Journal
 
A Novel Method for Data Cleaning and User- Session Identification for Web Mining
A Novel Method for Data Cleaning and User- Session Identification for Web MiningA Novel Method for Data Cleaning and User- Session Identification for Web Mining
A Novel Method for Data Cleaning and User- Session Identification for Web Mining
IJMER
 
Applying web mining application for user behavior understanding
Applying web mining application for user behavior understandingApplying web mining application for user behavior understanding
Applying web mining application for user behavior understanding
Zakaria Zubi
 
IRJET- A Detailed Analysis on Windows Event Log Viewer for Faster Root Ca...
IRJET- A Detailed Analysis on Windows Event Log Viewer for Faster Root Ca...IRJET- A Detailed Analysis on Windows Event Log Viewer for Faster Root Ca...
IRJET- A Detailed Analysis on Windows Event Log Viewer for Faster Root Ca...
IRJET Journal
 
IDENTIFY NAVIGATIONAL PATTERNS OF WEB USERS
IDENTIFY NAVIGATIONAL PATTERNS OF WEB USERS IDENTIFY NAVIGATIONAL PATTERNS OF WEB USERS
IDENTIFY NAVIGATIONAL PATTERNS OF WEB USERS
ijcax
 
IDENTIFY NAVIGATIONAL PATTERNS OF WEB USERS
IDENTIFY NAVIGATIONAL PATTERNS OF WEB USERS IDENTIFY NAVIGATIONAL PATTERNS OF WEB USERS
IDENTIFY NAVIGATIONAL PATTERNS OF WEB USERS
ijcax
 
IDENTIFY NAVIGATIONAL PATTERNS OF WEB USERS
IDENTIFY NAVIGATIONAL PATTERNS OF WEB USERS IDENTIFY NAVIGATIONAL PATTERNS OF WEB USERS
IDENTIFY NAVIGATIONAL PATTERNS OF WEB USERS
ijcax
 
V1_I2_2012_Paper3.doc
V1_I2_2012_Paper3.docV1_I2_2012_Paper3.doc
V1_I2_2012_Paper3.doc
praveena06
 
Improvement of Software Maintenance and Reliability using Data Mining Techniques
Improvement of Software Maintenance and Reliability using Data Mining TechniquesImprovement of Software Maintenance and Reliability using Data Mining Techniques
Improvement of Software Maintenance and Reliability using Data Mining Techniques
ijdmtaiir
 
Decision Making Framework in e-Business Cloud Environment Using Software Metr...
Decision Making Framework in e-Business Cloud Environment Using Software Metr...Decision Making Framework in e-Business Cloud Environment Using Software Metr...
Decision Making Framework in e-Business Cloud Environment Using Software Metr...
ijitjournal
 
A web application detecting dos attack using mca and tam
A web application detecting dos attack using mca and tamA web application detecting dos attack using mca and tam
A web application detecting dos attack using mca and tam
eSAT Journals
 
A Novel Framework on Web Usage Mining
A Novel Framework on Web Usage MiningA Novel Framework on Web Usage Mining
A Novel Framework on Web Usage Mining
IRJET Journal
 

More Related Content

What's hot

Big Data Security Analytic Solution using Splunk
Big Data Security Analytic Solution using SplunkBig Data Security Analytic Solution using Splunk
Big Data Security Analytic Solution using Splunk
IJERA Editor
 

What's hot (8)

CIS 349 RANK Inspiring Innovation--cis349rank.com
CIS 349 RANK Inspiring Innovation--cis349rank.comCIS 349 RANK Inspiring Innovation--cis349rank.com
CIS 349 RANK Inspiring Innovation--cis349rank.com
 
CIS 349 RANK Lessons in Excellence--cis349rank.com
CIS 349 RANK Lessons in Excellence--cis349rank.comCIS 349 RANK Lessons in Excellence--cis349rank.com
CIS 349 RANK Lessons in Excellence--cis349rank.com
 
CIS 349 Imagine Your Future/newtonhelp.com   
CIS 349 Imagine Your Future/newtonhelp.com   CIS 349 Imagine Your Future/newtonhelp.com   
CIS 349 Imagine Your Future/newtonhelp.com   
 
Big Data Security Analytic Solution using Splunk
Big Data Security Analytic Solution using SplunkBig Data Security Analytic Solution using Splunk
Big Data Security Analytic Solution using Splunk
 
CIS 349 Enhance teaching / snaptutorial.com
CIS 349 Enhance teaching / snaptutorial.com CIS 349 Enhance teaching / snaptutorial.com
CIS 349 Enhance teaching / snaptutorial.com
 
Cis 349 Effective Communication-snaptutorial.com
Cis 349 Effective Communication-snaptutorial.comCis 349 Effective Communication-snaptutorial.com
Cis 349 Effective Communication-snaptutorial.com
 
Cis 349 Teaching Effectively--tutorialrank.com
Cis 349 Teaching Effectively--tutorialrank.comCis 349 Teaching Effectively--tutorialrank.com
Cis 349 Teaching Effectively--tutorialrank.com
 
CIS 349 Effective Communication/tutorialrank.com
CIS 349 Effective Communication/tutorialrank.com CIS 349 Effective Communication/tutorialrank.com
CIS 349 Effective Communication/tutorialrank.com
 

Similar to Using process mining and model driven engineering to enhance security of web information systems

a novel technique to pre-process web log data using sql server management studio
a novel technique to pre-process web log data using sql server management studioa novel technique to pre-process web log data using sql server management studio
a novel technique to pre-process web log data using sql server management studio
INFOGAIN PUBLICATION
 
Events Classification in Log Audit
Events Classification in Log Audit Events Classification in Log Audit
Events Classification in Log Audit
IJNSA Journal
 
Applying web mining application for user behavior understanding
Applying web mining application for user behavior understandingApplying web mining application for user behavior understanding
Applying web mining application for user behavior understanding
Zakaria Zubi
 
IDENTIFY NAVIGATIONAL PATTERNS OF WEB USERS
IDENTIFY NAVIGATIONAL PATTERNS OF WEB USERS IDENTIFY NAVIGATIONAL PATTERNS OF WEB USERS
IDENTIFY NAVIGATIONAL PATTERNS OF WEB USERS
ijcax
 
IDENTIFY NAVIGATIONAL PATTERNS OF WEB USERS
IDENTIFY NAVIGATIONAL PATTERNS OF WEB USERS IDENTIFY NAVIGATIONAL PATTERNS OF WEB USERS
IDENTIFY NAVIGATIONAL PATTERNS OF WEB USERS
ijcax
 
IDENTIFY NAVIGATIONAL PATTERNS OF WEB USERS
IDENTIFY NAVIGATIONAL PATTERNS OF WEB USERS IDENTIFY NAVIGATIONAL PATTERNS OF WEB USERS
IDENTIFY NAVIGATIONAL PATTERNS OF WEB USERS
ijcax
 
V1_I2_2012_Paper3.doc
V1_I2_2012_Paper3.docV1_I2_2012_Paper3.doc
V1_I2_2012_Paper3.doc
praveena06
 
Improvement of Software Maintenance and Reliability using Data Mining Techniques
Improvement of Software Maintenance and Reliability using Data Mining TechniquesImprovement of Software Maintenance and Reliability using Data Mining Techniques
Improvement of Software Maintenance and Reliability using Data Mining Techniques
ijdmtaiir
 
Decision Making Framework in e-Business Cloud Environment Using Software Metr...
Decision Making Framework in e-Business Cloud Environment Using Software Metr...Decision Making Framework in e-Business Cloud Environment Using Software Metr...
Decision Making Framework in e-Business Cloud Environment Using Software Metr...
ijitjournal
 
A web application detecting dos attack using mca and tam
A web application detecting dos attack using mca and tamA web application detecting dos attack using mca and tam
A web application detecting dos attack using mca and tam
eSAT Journals
 
applyingwebminingapplicationforuserbehaviorunderstanding-131215105223-phpapp0...
applyingwebminingapplicationforuserbehaviorunderstanding-131215105223-phpapp0...applyingwebminingapplicationforuserbehaviorunderstanding-131215105223-phpapp0...
applyingwebminingapplicationforuserbehaviorunderstanding-131215105223-phpapp0...
Zakaria Zubi
 
Business Process Analytics: From Insights to Predictions
Business Process Analytics: From Insights to PredictionsBusiness Process Analytics: From Insights to Predictions
Business Process Analytics: From Insights to Predictions
Marlon Dumas
 

Similar to Using process mining and model driven engineering to enhance security of web information systems (20)

A self adaptive learning approach for optimum path evaluation of process for ...
A self adaptive learning approach for optimum path evaluation of process for ...A self adaptive learning approach for optimum path evaluation of process for ...
A self adaptive learning approach for optimum path evaluation of process for ...
 
a novel technique to pre-process web log data using sql server management studio
a novel technique to pre-process web log data using sql server management studioa novel technique to pre-process web log data using sql server management studio
a novel technique to pre-process web log data using sql server management studio
 
Events Classification in Log Audit
Events Classification in Log Audit Events Classification in Log Audit
Events Classification in Log Audit
 
A Novel Method for Data Cleaning and User- Session Identification for Web Mining
A Novel Method for Data Cleaning and User- Session Identification for Web MiningA Novel Method for Data Cleaning and User- Session Identification for Web Mining
A Novel Method for Data Cleaning and User- Session Identification for Web Mining
 
Applying web mining application for user behavior understanding
Applying web mining application for user behavior understandingApplying web mining application for user behavior understanding
Applying web mining application for user behavior understanding
 
IRJET- A Detailed Analysis on Windows Event Log Viewer for Faster Root Ca...
IRJET- A Detailed Analysis on Windows Event Log Viewer for Faster Root Ca...IRJET- A Detailed Analysis on Windows Event Log Viewer for Faster Root Ca...
IRJET- A Detailed Analysis on Windows Event Log Viewer for Faster Root Ca...
 
IDENTIFY NAVIGATIONAL PATTERNS OF WEB USERS
IDENTIFY NAVIGATIONAL PATTERNS OF WEB USERS IDENTIFY NAVIGATIONAL PATTERNS OF WEB USERS
IDENTIFY NAVIGATIONAL PATTERNS OF WEB USERS
 
IDENTIFY NAVIGATIONAL PATTERNS OF WEB USERS
IDENTIFY NAVIGATIONAL PATTERNS OF WEB USERS IDENTIFY NAVIGATIONAL PATTERNS OF WEB USERS
IDENTIFY NAVIGATIONAL PATTERNS OF WEB USERS
 
IDENTIFY NAVIGATIONAL PATTERNS OF WEB USERS
IDENTIFY NAVIGATIONAL PATTERNS OF WEB USERS IDENTIFY NAVIGATIONAL PATTERNS OF WEB USERS
IDENTIFY NAVIGATIONAL PATTERNS OF WEB USERS
 
V1_I2_2012_Paper3.doc
V1_I2_2012_Paper3.docV1_I2_2012_Paper3.doc
V1_I2_2012_Paper3.doc
 
Improvement of Software Maintenance and Reliability using Data Mining Techniques
Improvement of Software Maintenance and Reliability using Data Mining TechniquesImprovement of Software Maintenance and Reliability using Data Mining Techniques
Improvement of Software Maintenance and Reliability using Data Mining Techniques
 
Decision Making Framework in e-Business Cloud Environment Using Software Metr...
Decision Making Framework in e-Business Cloud Environment Using Software Metr...Decision Making Framework in e-Business Cloud Environment Using Software Metr...
Decision Making Framework in e-Business Cloud Environment Using Software Metr...
 
A web application detecting dos attack using mca and tam
A web application detecting dos attack using mca and tamA web application detecting dos attack using mca and tam
A web application detecting dos attack using mca and tam
 
A Novel Framework on Web Usage Mining
A Novel Framework on Web Usage MiningA Novel Framework on Web Usage Mining
A Novel Framework on Web Usage Mining
 
applyingwebminingapplicationforuserbehaviorunderstanding-131215105223-phpapp0...
applyingwebminingapplicationforuserbehaviorunderstanding-131215105223-phpapp0...applyingwebminingapplicationforuserbehaviorunderstanding-131215105223-phpapp0...
applyingwebminingapplicationforuserbehaviorunderstanding-131215105223-phpapp0...
 
FAST PHRASE SEARCH FOR ENCRYPTED CLOUD STORAGE.pptx
FAST PHRASE SEARCH FOR ENCRYPTED CLOUD STORAGE.pptxFAST PHRASE SEARCH FOR ENCRYPTED CLOUD STORAGE.pptx
FAST PHRASE SEARCH FOR ENCRYPTED CLOUD STORAGE.pptx
 
Web Data mining-A Research area in Web usage mining
Web Data mining-A Research area in Web usage miningWeb Data mining-A Research area in Web usage mining
Web Data mining-A Research area in Web usage mining
 
Self-Protecting Technology for Web Applications
Self-Protecting Technology for Web ApplicationsSelf-Protecting Technology for Web Applications
Self-Protecting Technology for Web Applications
 
G03503036044
G03503036044G03503036044
G03503036044
 
Business Process Analytics: From Insights to Predictions
Business Process Analytics: From Insights to PredictionsBusiness Process Analytics: From Insights to Predictions
Business Process Analytics: From Insights to Predictions
 

More from S.Mostafa Sayyedi

More from S.Mostafa Sayyedi (7)

Fog Computing and the Internet of Things
Fog Computing and the Internet of ThingsFog Computing and the Internet of Things
Fog Computing and the Internet of Things
 
Clustering in Data Mining
Clustering in Data MiningClustering in Data Mining
Clustering in Data Mining
 
Spectre and Meltdown
Spectre and MeltdownSpectre and Meltdown
Spectre and Meltdown
 
Introducing various linux distributions for various purposes
Introducing various linux distributions for various purposesIntroducing various linux distributions for various purposes
Introducing various linux distributions for various purposes
 
Scrum doc
Scrum docScrum doc
Scrum doc
 
Scrum Presentation
Scrum PresentationScrum Presentation
Scrum Presentation
 
Steganography in Open Source Enviroment
Steganography in Open Source EnviromentSteganography in Open Source Enviroment
Steganography in Open Source Enviroment
 

Recently uploaded

Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS LiveVip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Call Girls In Delhi Whatsup 9873940964 Enjoy Unlimited Pleasure
 
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
panagenda
 
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Alberto González Trastoy
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
Delhi Call girls
 
CALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female service
CALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female serviceCALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female service
CALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female service
anilsa9823
 
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
harshavardhanraghave
 
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
anilsa9823
 

Recently uploaded (20)

Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS LiveVip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
 
Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVOptimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTV
 
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfLearn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
 
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
 
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AISyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
 
Hand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptxHand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptx
 
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
 
5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf
 
Right Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsRight Money Management App For Your Financial Goals
Right Money Management App For Your Financial Goals
 
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
 
CALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female service
CALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female serviceCALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female service
CALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female service
 
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
 
Microsoft AI Transformation Partner Playbook.pdf
Microsoft AI Transformation Partner Playbook.pdfMicrosoft AI Transformation Partner Playbook.pdf
Microsoft AI Transformation Partner Playbook.pdf
 
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerHow To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
 
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
 
A Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxA Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docx
 
Diamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with PrecisionDiamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with Precision
 
Software Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsSoftware Quality Assurance Interview Questions
Software Quality Assurance Interview Questions
 
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
 

Using process mining and model driven engineering to enhance security of web information systems

  • 1. Provider: Mr. S.Mostafa Sayyedi Using Process Mining and Model Driven Engineering to Enhance Security of Web Information Systems Lesson: Special Topics Professor: Mr. Zamani May 2018
  • 2. Abstract In this Paper, We Propose a Method Based on Process Mining and Model Driven Engineering to Improve the Security of Web Information Systems. Page: 1 Abstrac t
  • 3. Simona Bernardi Centro Universitario de la Defensa Zaragoza, Spain Forest Company Raul Piraces Alastuey Universidad de Zaragoza Zaragoza, Spain Raquel Trillo-Lado Universidad de Zaragoza Zaragoza, Spain 2017 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW) Page: 2 About the Article
  • 4. Page: 3 According to the Security Reports by Symantec, the Number of Attacks to Web Information Systems in 2015 is the Double as in 2014. Introduction
  • 5. Page: 4 According to the Security Reports by Symantec, the Number of Attacks to Web Information Systems in 2015 is the Double as in 2014. Introduction
  • 6. Page: 5 According to the Security Reports by Symantec, the Number of Attacks to Web Information Systems in 2015 is the Double as in 2014. Introduction
  • 7. Page: 6 According to the Security Reports by Symantec, the Number of Attacks to Web Information Systems in 2015 is the Double as in 2014. Introduction
  • 8. Page: 7 Web Information Systems are Usually Composed of Two Main Components: Front-end Backend Introduction
  • 9. Contents II RelatedWork III IV Getting a Normative Model Method Overview Page: 8
  • 10. VI Identification andAnalysis of Deviations VII … Acknowledgment Conclusion VLog Processing Page: 9
  • 11. SIEM Preventive Approaches Establish Rules in Security Information and Event Management (SIEM) Systems to Reduce or Remove the Success Conditions of Cyberattacks Page: 10 II. Related Work The Proposed Method is Based on the Process Mining Discipline Which Provides Techniques for Process Discovery, i.e., Deriving Process Models from Logs, Conformance Checking, i.e., Checking the Alignment of an Existing/Derived Process Model and Logs, and Process Enhancement, i.e.
  • 12. Three Types of Process Mining II. Related Work What is Process Mining? Techniques Allow for Extracting Information from Event Logs. Page: 11
  • 13. Process Mining Tools Can Ingest information Once Prepared in This Simple II. Related Work What is Process Mining? Example: Page: 12
  • 15. 1 2 3 4 5 Step1 Specification of the System Behavior by Means of the Unified Modeling Language (UML) Step2 Automatic Generation of a Formal Model from the UML-Based Specification that We Call Normative Model. Step3 Control and Monitoring of the Web Information System to Get Data Logs that Represent its Operative (or Real) Behavior. Step4 Pre-processing of the Logs of the System to Get Event Logs, Which Can be Analyzed Using Process Mining Techniques. Step5 Identification of Deviations Between the Normative Model and the Operative Behavior by Means of Different Process Mining Techniques. III. Method Overview Page: 14 The Proposed Method Consists of Five Main Phases or Steps:
  • 16. Overview of the Proposed Method III. Method Overview Page: 15
  • 17. SID BiD is a Web Information System Developed with Java Technologies Available at http://sid.cps.unizar.es/BiD/ III. Method Overview Case Study: Page: 16
  • 18. BDI research group website: http://bdi.si.ehu.es/bdi/ III. Method Overview Case Study: Page: 17
  • 19. OEG Research Group Website: http://mayor2.dia.fi.upm.es/oeg-upm/ III. Method Overview Case Study: Page: 18
  • 20. IV. Getting a Normative Model Page: 19
  • 21. Each Action Represents an HTTP Request from the User: BiD System Main Functionalities IV. Getting a Normative Model Page: 20
  • 22. SID BiD UML Activity Diagram: BiD System Behavioral View (Partial) IV. Getting a Normative Model Page: 21
  • 24. Describe Petri Net Model: IV. Getting a Normative Model Page: 23 Shop Card Reader System
  • 25. The Petri Net Model has been Automatically Generated from the Activity Diagram by Using the DICE Simulation Tool Petri Net Normative Model IV. Getting a Normative Model Page: 24
  • 27. Apply Process Mining Techniques an Event in an Event Log Must Refer to: A case A Case is a Particular Execution of a Process, Thus Each Event Refers to a Trace (or Sequence) of Related Events Associated to the Execution of a Process. An activity An Activity is an Action or Task to be Performed in a Process (as a Process is a Set of Coordinated Activities or Actions to Achieve a Particular Goal). A Timestamp A Timestamp is a Mark Indicating When the Event Happened Other Information Other Specific Data or Information Related to the Execution of the Activity 01 02 03 04 Process Mining V. Log Processing Page: 26
  • 28. Real Behaviour of System: 1) The Work Sessions of the Users. This Work Sessions are Studied to Analyze How a Particular User Interacts With the System in a Work Session. 2) The Use Cases Executed by a User. This Parameter is Used to Analyze How a Particular User Interacts With the System in a Work Session When She Wants to Achieve the Goals Associated to a Particular Use Case. V. Log Processing Page: 27
  • 29. Two Entries Belong to the Same User Session if and Only if: IP They Come from the Same IP Address Time The Time Elapsed Between the Two Entries is Less than a Certain Threshold (in Our Case We Considered 30 minutes) User They Have Been Performed by the Same User if the Studied Web Application Allows Different Users Browser They Come from the Same Browser V. Log Processing Page: 28
  • 30. Heuristic to Identify the Use Case Performed by a User (HUseCase) 2 1) Updating the Code (the Implementation) of the Web Information Systems in Order to Include the Use Case Identifier Being Executed in the Logs of the Web Server 2) Tagging the Logs Entries With Use Case Identifiers Two Possible Strategies for Heuristic: V. Log Processing Page: 29
  • 31. Two Options Were Evaluated to Tag the Log Entries With an Appropriate Case Use Identifier:1) Tagging Based on the Entry Web Pages (or URL) of the Use Cases Tagging Based on the Entry Web Pages of the Use V. Log Processing Page: 30
  • 32. Two Options Were Evaluated to Tag the Log Entries With an Appropriate Case Use Identifier:2) Tagging Based on the Longest Path of Consecutive Activity Events of a User Tagging Based on the Longest Path of V. Log Processing Page: 31
  • 33. VI. Identification and Analysis of Deviations Page: 32
  • 34. A. Identification of Deviations Anomalous Trace VI. Identification and Analysis of Deviations: Page: 33
  • 35. B. Attack Detection and Process Enhancement Fuzzy Model from Filtered Logs (Partial Delivery) VI. Identification and Analysis of Deviations: Page: 34
  • 36. http://www.website.com Process Mining and MDE In this Work, a Method Based on Process Mining and Model Driven Engineering has been Proposed in Order to Improve the Security of Web Information Systems. Java Enterprise Edition Despite the Fact that the Experimental Results have been Obtained by Considering a Particular Technology to Build Web Information Systems (in Particular, JEE), the Proposed Approach is Technology Independent ZABBIX Our First Next Goal is Incorporating a Security Information and Event Management System (SIEM), Such as Zabbix8, to Monitor the Activity of the SID BiD System Page: 35 VII. Conclusion
  • 38. Acknowledgment Page: 37 This Work has been Partially Funded by the Following Projects: “Desarrollo de tecnicas de detecci ´ on de ciber- ´ ataques en sistemas de informacion mediante miner ´ ´ıa deprocesos” (UZCUD2016-TEC-06), “Infraestructuras cr´ıticas resistentes a ciber-ataques: Aplicando la miner´ıa de procesos y el diseno software orientado a la seguridad” [CyCriSec- ˜ TIN2014-58457-R], and “Developing Data-Intensive Cloud Applications with Iterative Quality Enhancements” [DICEH2020-644869]
  • 40. THANK YOU! F o r Yo u r A t t e n t i o n