DeYoung, Mark E.Marchany, Randolph C.Tront, Joseph G.2017-04-182017-04-182017-01-04http://hdl.handle.net/10919/77421Data-driven network security and information security efforts have decades long history. The deluge of logged events from network mid-points and end-points coupled with unprecedented temporal depth in data retention are driving an emerging market for automated cognitive security products. Historically, new technologies like this are delivered as non-contextualized black boxes. We frame network security data analytics within the context of intelligence activities and products and go on to propose network security data analytics as a framework to develop and evaluate cognitive security products that can satisfy operational needs. Finally, we discuss functional design requirements, limiting factors, and initial observations.application/pdfenCreative Commons Attribution-NonCommercial-NoDerivs 3.0 United StatesNetwork SecurityData Analytics ArchitectureLogged EventsReport0000-0002-6435-1980