BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//Date iCal//NONSGML kigkonsult.se iCalcreator 2.20.2//
METHOD:PUBLISH
X-WR-CALNAME;VALUE=TEXT:Eventi DIAG
BEGIN:VTIMEZONE
TZID:Europe/Paris
BEGIN:STANDARD
DTSTART:20191027T030000
TZOFFSETFROM:+0200
TZOFFSETTO:+0100
TZNAME:CET
END:STANDARD
BEGIN:DAYLIGHT
DTSTART:20190331T020000
TZOFFSETFROM:+0100
TZOFFSETTO:+0200
RDATE:20200329T020000
TZNAME:CEST
END:DAYLIGHT
END:VTIMEZONE
BEGIN:VEVENT
UID:calendar.18877.field_data.0@glad.uniroma1.it
DTSTAMP:20260405T091300Z
CREATED:20191011T092202Z
DESCRIPTION:In the past\, malware used to integrate multiple malicious func
 tions inside the one executable. So that if there are lots of suspicious f
 unctions inside an executable\, the antivirus will say it was a malware wi
 th high confidence. In order to reduce the attention of anti-virus\, hacke
 rs separate malicious functions to different processes\, such as divide th
 e work in Dropper\, Decryptor\, Injector\, etc. Using a file or a process 
 as the unit to view system security\, there will a lot of malicious behavi
 or be ignore. The system proposed in this paper based on event correlation
  and machine learning classification to understand the behavior of the pro
 cess on a more comprehensive view and figure out the malicious behavior. T
 he automated analysis of the event log just cost 5 minutes per endpoint ev
 ery day. Then\, the F1-score of binary classification is 99%\, and the F1-
 score of multiclass classification with malware type is 82%.
DTSTART;TZID=Europe/Paris:20191015T103000
DTEND;TZID=Europe/Paris:20191015T103000
LAST-MODIFIED:20191011T121353Z
LOCATION:B203
SUMMARY:Design and Implementation of an Automated Event Log Analysis System
   based on Event Correlation and Machine Learning - Prof. Chu-Sing Yang
URL;TYPE=URI:http://glad.uniroma1.it/node/18877
END:VEVENT
END:VCALENDAR