Use of Security Logs for Data Leak Detection: A Systematic Literature Review

Security logs are widely used to monitor data, networks, and computer activities. By analyzing them, security experts can pick out anomalies that reveal the presence of cyber attacks or information leaks and stop them quickly before serious damage occurs. This paper presents a systematic literature...

Full description

Saved in:
Bibliographic Details
Published in:Security and communication networks 2021-03, Vol.2021, p.1-29
Main Authors: Ávila, Ricardo, Khoury, Raphaël, Khoury, Richard, Petrillo, Fábio
Format: Article
Language:English
Subjects:
Algorithms
Anomalies
Cybersecurity
Datasets
General Data Protection Regulation
Keywords
Leak detection
Leaks
Literature reviews
Online data bases
Search engines
Search strategies
Systematic review
Citations: Items that this one cites
Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Security logs are widely used to monitor data, networks, and computer activities. By analyzing them, security experts can pick out anomalies that reveal the presence of cyber attacks or information leaks and stop them quickly before serious damage occurs. This paper presents a systematic literature review on the use of security logs for data leak detection. Our findings are fourfold: (i) we propose a new classification of information leaks, which uses the GDPR principles; (ii) we identify the twenty most widely used publicly available datasets in threat detection; (iii) we describe twenty types of attacks present in public datasets; and (iv) we describe thirty algorithms used for data leak detection. The selected papers point to many opportunities that can be investigated by researchers interested in contributing to this area of research.
ISSN:1939-0114
1939-0122
DOI:10.1155/2021/6615899