Abstract
Data analysis may be a dificult task, especially for nonexpert users, as it requires deep understanding of the investigated domain and the particular context. In this demo we present REACT, a system that hooks to the analysis UI and provides the users with personalized recommendations of analysis actions. By matching the current user session to previous sessions of analysts working with the same or other data sets, REACT is able to identify the potentially best next analysis actions in the given user context. Unlike previous work that mainly focused on individual components of the analysis work, REACT provides a holistic approach that captures a wider range of analysis action types by utilizing novel notions of similarity in terms of the individual actions, the analyzed data and the entire analysis workow. We demonstrate the functionality of REACT, as well as its effectiveness through a digital forensics scenario where users are challenged to detect cyber attacks in real life data achieved from honeypot servers.
Original language | English |
---|---|
Title of host publication | SIGMOD 2016 - Proceedings of the 2016 International Conference on Management of Data |
Publisher | Association for Computing Machinery |
Pages | 2137-2140 |
Number of pages | 4 |
ISBN (Electronic) | 9781450335317 |
DOIs | |
State | Published - 26 Jun 2016 |
Externally published | Yes |
Event | 2016 ACM SIGMOD International Conference on Management of Data, SIGMOD 2016 - San Francisco, United States Duration: 26 Jun 2016 → 1 Jul 2016 |
Publication series
Name | Proceedings of the ACM SIGMOD International Conference on Management of Data |
---|---|
Volume | 26-June-2016 |
ISSN (Print) | 0730-8078 |
Conference
Conference | 2016 ACM SIGMOD International Conference on Management of Data, SIGMOD 2016 |
---|---|
Country/Territory | United States |
City | San Francisco |
Period | 26/06/16 → 1/07/16 |
Bibliographical note
Funding Information:We thank Daniel Deutch and Amir Gilad for their insightful comments. This work has been partially funded by the European Research Council under the FP7, ERC grant MoDaS, agreement 291071 and by a grant from the Blavatnik Interdisciplinary Cyber Research Center.
Funding
We thank Daniel Deutch and Amir Gilad for their insightful comments. This work has been partially funded by the European Research Council under the FP7, ERC grant MoDaS, agreement 291071 and by a grant from the Blavatnik Interdisciplinary Cyber Research Center.
Funders | Funder number |
---|---|
Blavatnik Interdisciplinary Cyber Research Center | |
European Commission | 291071 |
Seventh Framework Programme |