ABSTRACT
The name Big Data for Security and Intelligence is a method of analysis that focuses on huge data (ranging from petabytes to zettabytes) that includes all sources (such as log files, IP addresses, and emails). Various companies use big data technology for security and intelligence in order to identify suspicious tasks, threats, and security tasks. They are able to use this information to combat cyber-attacks. One of the limitations of big data security is the inability to cover both current and past data in order to be able to uncover identified threats, anomalies, and fraud to keep the n/wsafe from attacks. A number of organizations are addressing rising problems like APTs, attacks, and fraud by focusing on them. More is better than less! The easier it will be to determine. Nevertheless, organizations which utilize big data techniques make sure that privacy and security issues have been resolved before putting their data to use. Because there are so many different types of data stored in so many different systems, the infrastructure needed to analyze big data should be able to handle and support more advanced analytics like statistics and data mining. The one side of the coin is the collection and storing of lots of information; the other side is protecting massive amounts of information from uncertified access, which is very difficult. Big data is commonly used extensively in the improvement of security and the facilitation of law enforcement. Big data analytics are used by the US National Security Agency (NSA) to foil terrorist plots, while other agencies use big data to identify and handle cyber-attacks. Credit card companies use big data analytics tools to detect fraud transactions, while police departments use big data methods to track down criminals and forecast illegal activity. Big data is being used in amazing ways in today's information world, but security and privacy are the primary concerns when it comes to protecting massive amounts of data. Real-time data collection, standardization, and analysis used to analyze and enhance a company's overall security is referred to as Security Intelligence. The security intelligence nature entails the formation of software assets and personnel with the goal of uncovering actionable and useful insights that help the organization mitigate threats and reduce risks. To identify security incidents and the behaviors of attackers, today's analysts use machine learning and big data analysis. They also use this cutting-edge technology to automate identification and security events analysis and to extract security intelligence from event logs generated on a network. This chapter will discuss how Big Data analytics can help out in the world of security intelligence, what the appropriate infrastructure needs to be in order to make it useful, how it is more efficient than more traditional approaches, and what it would look like if we built an analytic engine specifically for security intelligence.
